Updated qemu package fixes security vulnerability

Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process CVE-2015-3209. Kurt Seifried discovered that QEMU incorrectly handl...

Updated cacti package fixes security vulnerability

Cross-site scripting XSS vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors CVE-2015-2665. SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Updated wordpress package fixes security vulnerability

The wordpress package has been updated to version 3.9.8, fixing three cross-site scripting issues CVE-2015-5732, CVE-2015-5733, CVE-2015-5734, a potential timing side-channel attack in Customizer CVe-2015-5730, an issue in Heartbeat where an attacker could lock a post from being edited...

Updated libunwind package fixes security vulnerability

An invalid DWOPbregXX opcodes can access dwarftounwregnummap one item past the end CVE-2015-3239...

Updated ghostscript package fixes security vulnerability

GhostScript is vulnerable to an integer overflow when processing a crafted PostScript file using the ps2pdf command CVE-2015-3228...

Updated lxc package fixes security vulnerability

Roman Fiedler discovered that LXC had a directory traversal flaw when creating lock files. A local attacker could exploit this flaw to create an arbitrary file as the root user CVE-2015-1331. Roman Fiedler discovered that LXC incorrectly trusted the container's proc filesystem to set up AppArmor...

Updated firefox package fixes CVE-2015-4495

Updated firefox packages fix security vulnerability: Security researcher Cody Crews reported on a way to violate the same origin policy and inject script into a non-privileged part of the built-in PDF Viewer in Firefox. This would allow an attacker to read and steal sensitive local files on the...

Updated ipython package fixes security vulnerability

JSON error responses from the IPython notebook REST API contained URL parameters and were incorrectly reported as text/html instead of application/json. The error messages included some of these URL params, resulting in a cross site scripting attack CVE-2015-4707. POST requests exposed via the...

Updated pdns package fixes security vulnerability

In MGASA-2015-0189, the pdns and pdns-recursor packages were updated to fix a denial of service issue CVE-2015-1868. The fix was incomplete. The packages have been updated again to versions 3.3.3 and 3.6.4, respectively, to completely fix this issue...

Updated moodle package fixes security vulnerabilities

In Moodle before 2.8.7, phishing is possible when redirecting to external site using referer headers in error messages CVE-2015-3272. In Moodle before 2.8.7, several web services returning user information did not clean text in text custom profile fields, leading to possible XSS CVE-2015-3274. In...

Updated php package fixes security vulnerabilities

Updated php packages fix security vulnerabilities: The php package has been updated to version 5.6.11, fixing several bugs and security issues. See the upstream Changelog for more details...

Updated remind package fixes security vulnerability

Buffer overflow in remind before 3.1.15 in the DumpSysVar function in src/var.c...

Updated icu package fixes security vulnerability

It was discovered that ICU Layout Engine was missing multiple boundary checks. These could lead to buffer overflows memory corruption. A specially crafted file could cause an application using ICU to parse untrusted font files to crash and, possibly, execute arbitrary code CVE-2015-4760...

Updated bind package fixes security vulnerability

An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit CVE-2015-5477...

Updated groovy package fixes security vulnerability

When an application has Groovy on the classpath and that it uses standard Java serialization mechanim to communicate between servers, or to store local data, it is possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications whic...

Updated python-django and python-django14 packages fix security vulnerabilities

Eric Peterson and Lin Hua Cheng discovered that a new empty record used to be created in the session storage every time a session was accessed and an unknown session key was provided in the request cookie. This could allow remote attackers to saturate the session store or cause other users' sessi...

Updated openssh package fixes security vulnerability

The OpenSSH server, when keyboard-interactive challenge response authentication is enabled and PAM is being used the default configuration in Mageia, can be tricked into allowing more password attempts than the MaxAuthTries setting would normally allow in one connection, which can aid an attacker...

Updated ansible package fixes security vulnerability

Update to 1.9.2. Fixes CVE-2015-3908 hostname and cert matching in some modules and plugins and another not yet issued CVE on chroot/jail/zone connection plugins as well as a number of bugfixes...

Updated springframework package fixes security vulnerability

In Spring Framework before 3.2.14, if DTD is not entirely disabled, inline DTD declarations can be used to perform denial of service attacks known as XML bombs. Such declarations are both well-formed and valid according to XML schema rules but when parsed can cause out of memory errors. To protec...

Updated freeradius package fixes security vulnerability

The FreeRADIUS server relies on OpenSSL to perform certificate validation, including Certificate Revocation List CRL checks. The FreeRADIUS usage of OpenSSL, in CRL application, limits the checks to leaf certificates, therefore not detecting revocation of intermediate CA certificates. An unexpire...

Updated wordpress package fixes security vulnerabilities

WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site CVE-2015-5622. WordPress versions 4.2.2 and earlier are affected by an issue where it was possible for a user with Subscriber...

Updated stunnel package fixes security vulnerability

Johan Olofsson discovered an authentication bypass vulnerability in Stunnel, a program designed to work as an universal SSL tunnel for network daemons. When Stunnel in server mode is used with the redirect option and certificate-based authentication is enabled with "verify = 2" or higher, then on...

Updated chromium-browser package fixes security vulnerabilities

Chromium-browser 44.0.2403.107 fixes several security issues: PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other...

Updated icu package fixes security vulnerabilities

The ICU Project's ICU4C library, before 55.1, contains a heap-based buffer overflow in the resolveImplicitLevels function of ubidi.c CVE-2014-8146. The ICU Project's ICU4C library, before 55.1, contains an integer overflow in the resolveImplicitLevels function of ubidi.c due to the assignment of ...

Updated icu package fixes security vulnerability

The ucnviogetConverterName function in common/ucnvio.cpp in International Components for Unicode ICU mishandles converter names with initial x- substrings, which allows remote attackers to cause a denial of service read of uninitialized memory or possibly have unspecified other impact via a craft...

Updated wesnoth packages fix security vulnerability

Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension CVE-2015-5069, CVE-2015-5070. This issue has been fixed in...

Updated expat package fixes security vulnerability

Multiple integer overflows in the XMLGetBuffer function in Expat through 2.1.0 allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted XML data CVE-2015-1283...

Updated thunderbird package fixes security vulnerabilities

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird CVE-2015-2724, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736,...

Updated wesnoth packages fix security vulnerability

Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension CVE-2015-5069, CVE-2015-5070. This issue has been fixed usi...

Updated mariadb package fixes security vulnerabilities

The mariadb package has been updated to versions 5.5.44 and 10.0.20 in Mageia 4 and Mageia 5, respectively. Both fix an issue where the client is vulnerable to a man-in-the-middle attack when using the --ssl option, where the SSL/TLS protection could be disabled CVE-2015-3152. The Mageia 4 update...

Updated java-1.8.0-openjdk package fixes security vulnerabilities

Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733. A flaw was fou...

Updated apache package fixes security vulnerabilities

The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension...

Updated libuser package fixes security vulnerabilities

Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser for example, userhelper to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate the...

Updated java-1.7.0-openjdk package fixes security vulnerabilities

Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733. A flaw was fou...

Updated php package fixes security vulnerabilities

Segfault in Phar::convertToData on invalid file CVE-2015-5589. Buffer overflow and stack smashing error in pharfixfilepath CVE-2015-5590. The php package has been updated to version 5.5.27, which fixes these issues, as well as other possible bugs and security issues, including the BACKRONYM flaw,...

Updated flash-player-plugin package fixes security vulnerabilities

Adobe Flash Player 11.2.202.491 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. Adobe is aware of reports that exploits targeting these vulnerabilities have been published publicly. This...

Updated openssl package fixes security vulnerability

During certificate verification, OpenSSL starting from version 1.0.1n and 1.0.2b will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted...

Updated bind package fixes security vulnerability

A recursive resolver that is performing DNSSEC validation can be deliberately terminated by any attacker who can cause a query to be performed against a maliciously constructed zone. This will result in a denial of service to clients who rely on that resolver CVE-2015-4620. Note that DNSSEC...

Updated openssh package fixes security vulnerability

In Portable OpenSSH before 6.9p1, when forwarding X11 connections with ForwardX11Trusted=no, connections made after ForwardX11Timeout expired could be permitted and no longer subject to XSECURITY restrictions because of an ineffective timeout check in ssh CVE-2015-5352...

Updated flash-player-plugin package fixes critical security vulnerabilities

Adobe Flash Player 11.2.202.481 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report that an exploit targeting CVE-2015-5119 has been publicly published. This updat...

Updated virtuoso-opensource package fixes security vulnerabilities

The virtuoso-opensource package has been updated to version 6.1.8 and two additional upstream patches from versions 7.1.0 and 7.2.0 with additional fixes for unspecified security issues have been added...

Updated cups-filters package fixes security vulnerability

A heap-based buffer overflow was discovered in the way the texttopdf utility of cups-filters processed print jobs with a specially crafted line size. An attacker being able to submit print jobs could exploit this flaw to crash texttopdf or, possibly, execute arbitrary code with the privileges of...

Updated filezilla package fixes security vulnerability

The filezilla package has been updated to version 3.11.0.2, fixing multiple bugs and one security issue, related to the LOGJAM TLS issue when using FTP...

Updated polkit package fixes security vulnerabilities

Local privilege escalation in polkit before 0.113 due to predictable authentication session cookie values CVE-2015-4625. Various memory corruption vulnerabilities in polkit before 0.113 in the use of the JavaScript interpreter, possibly leading to local privilege escalation CVE-2015-3256. Memory...

Updated owncloud-client package fixes security vulnerability

ownCloud Desktop Client before 1.8.2 was vulnerable against MITM attacks when used in combination with self-signed certificates CVE-2015-4456. The owncloud-client package has been updated to version 1.8.3, which fixes this issue as well as several other bugs...

Updated coreutils package fixes security vulnerability

Buffer overflows in sort related to the usage of UTF-8 characters CVE-2015-4041, CVE-2015-4042...

Updated php package fixes security vulnerability

Incorrect handling of paths with NULs CVE-2015-4598. OS command injection vulnerability in escapeshellarg CVE-2015-4642. Integer overflow in ftpgenlist resulting in heap overflow CVE-2015-4643. Segfault in phppgsqlmetadata CVE-2015-4644. PHP has been updated to version 5.5.26, which fixes multipl...

Updated libwmf package fixes security vulnerability

It was discovered that libwmf did not correctly process certain WMF Windows Metafiles containing BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges ...

Updated wireshark package fixes security vulnerability

WCCP dissector crash CVE-2015-4651. GSM DTAP dissector crash CVE-2015-4652...

Updated pcre package fixes security vulnerability

PCRE library is prone to a vulnerability which leads to Heap Overflow. During subpattern calculation of a malformed regular expression, an offset that is used as an array index is fully controlled and can be large enough so that unexpected heap memory regions are accessed CVE-2015-5073...