Updated python-cryptography packages fix security vulnerability

The OpenSSL backend prior to 1.0.2 made extensive use of assertions to check response codes where our tests could not trigger a failure. However, when Python is run with -O these asserts are optimized away. If a user ran Python with this flag and got an invalid response code this could result in...

Updated libsndfile packages fix security vulnerability

Due to a heap overflow in libsndfile, a specially crafted AIFF header can manage index values in order to use memcpy to overwrite memory the heap CVE-2015-7805...

Updated python-m2crypto packages fix security vulnerability

A bug was found in pbkdf2 function of m2crypto package, such that when given a 74 byte result, a buffer overflow occurs leading to crash of the application rhbz1271165...

Updated python-pygments packages fix security vulnerability

An unsafe use of string concatenation in a shell string occurs in FontManager. If the developer allows the attacker to choose the font and outputs an image, the attacker can execute any shell command on the remote system. The name variable injected comes from the constructor of FontManager, which...

Updated tigervnc packages fix security vulnerabilities

Updated tigervnc packages fix security vulnerabilities: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way TigerVNC handled screen sizes. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code on the clien...

Updated libxml2 packages fix security vulnerabilities

Updated libxml2 packages fix security vulnerabilities: In libxml2 before 2.9.3, one case where when dealing with entities expansion, it failed to exit, leading to a denial of service CVE-2015-5312. In libxml2 before 2.9.3, it was possible to hit a negative offset in the name indexing used to...

Updated uglify-js packages fix security vulnerability

The UglifyJS node module has a problem where the combination of De Morgan's Law and non-boolean values can lead to a case where code is incorrectly minified, which can lead to possibly malicious minified JS code...

Updated latex2rtf packages fix security vulnerability

A format string vulnerability was found in CmdKeywords function when processing \keywords command in tex file. When the user runs latex2rtf with malicious crafted tex file, an attacker can execute arbitrary code. The variable 'keywords' in the function CmdKeywords may hold a malicious input strin...

Updated gcc packages fix security vulnerability

It was discovered that the std::randomdevice class in libstdc++ would not properly detect short reads and could return predictable values if applications used it to obtain randomness from a blocking source such as /dev/random. CVE-2015-5276...

Updated libpng/libpng12 packages fix security vulnerability

Multiple buffer overflows in the pngsetPLTE and pnggetPLTE functions in libpng before 1.6.19 allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a small bit-depth value in an IHDR aka image header chunk in a PNG image CVE-2015-8126...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 4.1.13 longterm kernel and fixes the following security issues: The virtnetprobe function in drivers/net/virtionet.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause...

Updated dovecot packages fix security vulnerability

A buffer overflow may occur when handling pop3deletedflag setting. This can lead to crashing POP3 sessions in normal use...

Updated krb5 packages fix CVE-2015-2698

Updated krb5 packages fix security vulnerabilities: In any MIT krb5 release with the patches for CVE-2015-2696 applied, an application which calls gssexportseccontext may experience memory corruption if the context was established using the IAKERB mechanism. Historically, some vulnerabilities of...

Updated mariadb packages fix security vulnerabilities

This update provides the upstream 10.0.22 maintenance release and fixes the following security issues: Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server :...

Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser-stable packages fix security vulnerabilities: The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended embedder or unintended plugin...

Updated iceape packages fix security vulnerabilities

Updated iceape packages fix security issues: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

Updated flash-player-plugin packages fix security vulnerability

Adobe Flash Player 11.2.202.548 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves a type confusion vulnerability that could lead to code execution CVE-2015-7659. This...

Updated libreoffice packages fix security vulnerability

Federico Scrinzi discovered that LibreOffice incorrectly handled documents inserted into Writer or Calc via links. If a user were tricked into opening a specially crafted document, a remote attacker could possibly obtain the contents of arbitrary files CVE-2015-4551. It was discovered that...

Updated python-curl packages fix security vulnerability

A use-after-free vulnerability was found in Curl object's HTTPPOST setopt when a Unicode value is passed as a value with a FORMBUFFERPTR. The str object created from the passed in unicode object would have its buffer used but the unicode object would be stored instead of the str object rhbz127748...

Updated putty packages fix security vulnerability

Versions of PuTTY 0.54 and 0.65 inclusive have a potentially memory-corrupting integer overflow in the handling of the ECH erase characters control sequence in the terminal emulator CVE-2015-5309...

Updated sudo packages fix security vulnerability

An unauthorized privilege escalation was found in sudoedit in sudo before 1.8.15 when a user is granted with root access to modify a particular file that could be located in a subset of directories. It seems that sudoedit does not check the full path if a wildcard is used twice e.g...

Updated kernel-linus packages fixes security vulnerability

This update of kernel-linus provides the upstream 4.1.12 longterm kernel and fixes at least the following security issue: Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device...

Updated kernel packages fixes security vulnerability

This kernel update is based on the upstream 4.1.12 longterm kernel and fixes at least the following security issue: Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that,...

Updated krb5 packages fix security vulnerabilities

Updated krb5 packages fix security vulnerabilities: In MIT krb5 1.5 and later, applications which call gssinquirecontext on a partially-established SPNEGO context can cause the GSS-API library to read from a pointer using the wrong type, generally causing a process crash. This bug may go unnotice...

Updated owncloud packages fix security vulnerabilities

Updated owncloud package fixes security vulnerabilities: The owncloud package has been updated to version 8.0.9, which fixes undisclosed security issues and other bugs...

Updated roundcubemail packages fix security vulnerability

The roundcubemail package has been updated to version 1.0.7, which fixes a XSS issue in drag-n-drop file uploads and other bugs. See the upstream release announcement for more details...

Updated libxml2 packages fix security vulnerability

A denial of service in libxml2 when parsing a specially crafted XML file if XZ support is enabled may cause applications to hang as the parsing never terminates CVE-2015-8035...

Updated sddm packages fixes security vulnerability

Pavel Avgustinov discovered that SDDM does not disable the KDE crash handler, and certain themes would allow shell access to the sddm user as a result in case of a crash CVE-2015-0856. Only SDDM users using the Breeze theme from plasma-workspace are affected...

Updated libebml packages fix security vulnerability

In EbmlMaster::Read in libebml before 1.3.3, when the parser encountered a deeply nested element with an infinite size then a following element of an upper level was not propagated correctly. Instead the element with the infinite size was added into the EBML element tree a second time resulting i...

Updated xscreensaver package fixes security vulnerability

The updated xscreensaver packages fix a security issue when used, in some cases, with dual screen and unplugging one of them...

Updated libtorrent-rasterbar packages fixes security vulnerability

The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing." Note while this CVE was reported against BitTorrent DHT Bootstrapt server, the same vulnerable code is available in...

Updated libxslt packages fix security vulnerability

A type confusion vulnerability in libxslt in xsltStylePreCompute in preproc.c can lead to a denial of service CVE-2015-7995...

Updated util-linux packages fix security vulnerability

A buffer overflow in the colcrt command in util-linux can lead to a crash when given a large input CVE-2015-5218...

Updated firefox, nspr, nss packages fix security vulnerability

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2015-4513, CVE-2015-7189, CVE-2015-7194, CVE-2015-7196,...

Updated springframework packages fix security vulnerability

Under some situations, the Spring Framework is vulnerable to a Reflected File Download RFD attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the...

Updated drupal package fixes security vulnerability

The Overlay module in Drupal core displays administrative pages as a layer over the current page using JavaScript, rather than replacing the page in the browser window. The Overlay module does not sufficiently validate URLs prior to displaying their contents, leading to an open redirect...

Updated libxml2 packages fix security vulnerabilities

Updated libxml2 packages fix security vulnerability: Crafted xml causes out of bound memory access in libxml2 due to a heap buffer-overflow in xmlParseConditionalSections in parser.c CVE-2015-7942...

Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: In MediaWiki before 1.23.11, the API failed to correctly stop adding new chunks to the upload when the reported size was exceeded, allowing a malicious user to upload add an infinite number of chunks for a single file upload CVE-2015-8001. ...

Updated openafs packages fix security vulnerabilities

Updated openafs packages fix security vulnerabilities: When constructing an Rx acknowledgment ACK packet, Andrew-derived Rx implementations do not initialize three octets of data that are padding in the C language structure and were inadvertently included in the wire protocol CVE-2015-7762...

Updated postgresql packages fix security vulnerabilities

Josh Kupershmidt discovered the pgCrypto extension could expose several bytes of server memory if the crypt function was provided a too-short salt. An attacker could use this flaw to read private data. CVE-2015-5288 Oskari Saarenmaa discovered that the json and jsonb handlers could exhaust...

Updated exfat-utils package fixes security vulnerabilities

Fix heap overflow and endless loop in exfatfsck exfat-utils is a collection of tools to work with the exFAT filesystem. Fuzzing the exfatfsck with american fuzzy lop led to the discovery of a write heap overflow and an endless loop. Especially at risk are systems that are configured to run...

Updated miniupnpc package fixes security vulnerability

An exploitable buffer overflow vulnerability exists in the XML parser functionality of the MiniUPnP library. A specially crafted XML response can lead to a buffer overflow on the stack resulting in remote code execution. An attacker can set up a server on the local network to trigger this...

Updated ntp package fixes security vulnerabilities

Yves Younan discovered that NTP incorrectly handled logfile and keyfile directives. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to enter a loop, resulting in a denial of service CVE-2015-7850. Yves Younan discovered that NTP incorrect...

Updated libpng12 package fixes security vulnerability

An out-of-bounds read in pngconverttorfc1123 in png.c in libpng 1.2.x before 1.2.54 could potentially be exploited by a crafted PNG file to leak information from an application's memory CVE-2015-7981...

Updated phpmyadmin package fixes security vulnerability

Content spoofing vulnerability when redirecting user to an external site CVE-2015-7873...

Updated iceape/sqlite3 packages fix security vulnerabilities

Updated iceape packages fix security issues. The sqlite3 package has been updated as well since the new iceape version requires the SQLITEENABLEDBSTATVTAB feature to be enabled in sqlite. This sqlite3 update also enables ICU support, fixing bug 16814 . Use-after-free vulnerability in the...

Updated virtualbox packages fix security vulnerabilities

A vulnerability in the Oracle VM VirtualBox component prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32 and 5.0.8. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash...

Updated ntp packages fixes security vulnerabilities

It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. A man-in-the-middle attacker able to intercept NTP traffic between a connecting client and an NTP server could use this flaw to force that clien...

Updated lxdm packages fix security vulnerability

When using lxdm, the X server was started without -auth, exposing it to any connections form by any local user. This update resolves the issue...

Updated chromium-browser-stable packages fix security vulnerabilities

Updated chromium-browser-stable packages fix security vulnerabilities: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim...