Mageia 2018-0422: unzip security update
Updated unzip packages fix security vulnerabilities Heap-based out-of-bounds write (CVE-2018-1000031). Heap/BSS-based buffer overflow (Bypass of CVE-2015-1315)
Updated unzip packages fix security vulnerabilities Heap-based out-of-bounds write (CVE-2018-1000031). Heap/BSS-based buffer overflow (Bypass of CVE-2015-1315)
Updated curl packages fix security vulnerabilities: Peter Wu discovered that curl incorrectly handled certain SMTP buffers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2018-0500).
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges (CVE-2018-14665).
This kernel-linus update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes atleast the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of
This kernel update is based on the upstream 4.14.78 and fixes atleast the following security issues: An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy
Updated firefox packages fix security vulnerabilities: Mozilla: Memory safety bugs fixed in Firefox ESR 60.3 (CVE-2018-12389). Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
This kernel-tmb update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes atleast the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of
It was found that the WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference (CVE-2018-12648). References:
lilypond does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks (CVE-2017-17523). References:
Remote denial of service (application crash) exploitable by miners via duplicate input (CVE-2018-17144). References: - https://bugs.mageia.org/show_bug.cgi?id=23681
Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732). Reference count overflow in dhcpd allows denial of service (CVE-2018-5733).
Flawed polkit authorization checks in blueman allowed any user with access to the D-Bus system bus to trigger certain network configuration logic in blueman without authentication (boo#1083066). References:
Ruby before 2.2.10 allows an HTTP Response Splitting attack. An attacker can inject a crafted key and value into an HTTP response for the HTTP server of WEBrick (CVE-2017-17742). Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir
Unziping a specially crafted zip file results in a computation of an invalid pointer and a crash reading an invalid address (CVE-2015-9261). References: - https://bugs.mageia.org/show_bug.cgi?id=23367
Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file (CVE-2016-5319). In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function
Updated ghostscript packages fix many bugs and security vulnerabilities: Bypassing executeonly to escape -dSAFER sandbox. (CVE-2018-17961) Saved execution stacks can leak operator arrays. (CVE-2018-18073)
The updated glib2.0 packages fix security vulnerabilities: In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference (CVE-2018-16428).
Updated rust packages fix security vulnerability The Rust Programming Language Standard Library before version 1.29.1 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in the standard library that can result in buffer overflow. This attack
The updated clamav packages fix a security vulnerability: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition on an affected device (CVE-2018-15378).
Updated 389-ds-base package fixes security vulnerabilities: a race condition on reference counter leads to DoS using persistent search (CVE-2018-10850)