Feed aggregator
03/04 dovecot 2.3.14
Dovecot: an open source IMAP and POP3 server for Linux/UNIX-like systems
Categories: Linux
Mageia 2021-0113: jasper security update>
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components (CVE-2021-3272). A flaw was found in jasper. An out of bounds read issue was found in jp2_decode
Mageia 2021-0112: xpdf security update>
In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font (CVE-2020-25725).
Mageia 2021-0111: gnome-autoar security update>
Yi'it Can Y±lmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution (CVE-2020-36241).
Mageia 2021-0110: bind security update>
A buffer overflow vulnerability was discovered in the SPNEGO implementation affecting the GSSAPI security policy negotiation in BIND, which could result in denial of service (daemon crash), or potentially the execution of arbitrary code (CVE-2020-8625).
Mageia 2021-0109: screen security update>
Felix Weinmann reported a flaw in the handling of combining characters in screen, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence (CVE-2021-26937).
Mageia 2021-0108: openssl and compat-openssl10 security update>
Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service (CVE-2021-23840). Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer
RedHat: RHSA-2021-0733:01 Critical: java-1.7.1-ibm security update>
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
Mageia 2021-0104: nonfree firmware security update>
Updated nonfree firmwares fixees various issues, adds new / improved hardware support and fixes atleast the following security issue: An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to
Mageia 2021-0103: nonfree firmware security update>
Updated nonfree firmwares fixees various issues, adds new / improved hardware support and fixes atleast the following security issue: An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to
Mageia 2021-0102: kernel-linus security update>
This kernel-linus update is based on upstream 5.10.19 and fixes atleast the following security issues: An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant
Mageia 2021-0101: kernel security update>
This kernel update is based on upstream 5.10.19 and fixes atleast the following security issues: An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant
Mageia 2021-0100: kernel-linus security update>
This kernel-linus update is based on upstream 5.10.19 and fixes atleast the following security issues: There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y, CONFIG_BPF=y,
Mageia 2021-0099: kernel security update>
This kernel update is based on upstream 5.10.19 and fixes atleast the following security issues: There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y, CONFIG_BPF=y,
RedHat: RHSA-2021-0727:01 Important: bind security update>
An update for bind is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
SUSE: 2021:61-1 suse/sles12sp5 Security Update>
The container suse/sles12sp5 was updated. The following patches have been included in this update:
[Action required] Your RSS.app Trial has Expired - Thu Mar 04 2021
Your trial has expired. Please update your subscription plan at rss.app. - (fF9ZVc75BMvlwrfT)
03/03 NomadBSD 1.4
Categories: Linux