Multiple security issues were discovered in activemq, a message broker built around Java Message Service. CVE-2017-15709

A vulnerability was discovered in mqtt-client wher unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.

An update that fixes one vulnerability is now available.

CVE-2021-3407

CVE-2021-3407

CVE-2021-3407

notes=Security fix for CVE-2020-27839, CVE-2020-25678 ceph 15.2.9 GA bugs=1892109,1900681,1901330,1906954 Note: Bodhi does not allow me to find/enter 1892109 or 1901330 in the Bugs section.

This update fixes a buffer-overrun bug related to the MNG LOOP chunk (which gets noticed even in PNG files if the -s option is used). (RHBZ#1908559). It also fixes a buffer overrun for certain invalid MNG PPLT chunk contents.

Infinite loop in SML lexer may lead to DoS. When the SMLLexer gets fed the string "exception" it seems to loop indefinitely (rhbz#1922136). References: - https://bugs.mageia.org/show_bug.cgi?id=28319

Security update for CVE-2021-26937

Update to latest upstream release 1.4.1 (#1931574)

Updated OVS to 2.15 and DPDK to 20.11

Updated OVS to 2.15 and DPDK to 20.11

- 389-ds fixes an information disclosure during unsuccessful LDAP BIND operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix - FreeIPA rebuilt to require new Dogtag and 389-ds versions

- 389-ds fixes an information disclosure during unsuccessful LDAP BIND operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix - FreeIPA rebuilt to require new Dogtag and 389-ds versions

- 389-ds fixes an information disclosure during unsuccessful LDAP BIND operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix - FreeIPA rebuilt to require new Dogtag and 389-ds versions

- 389-ds fixes an information disclosure during unsuccessful LDAP BIND operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix - FreeIPA rebuilt to require new Dogtag and 389-ds versions

jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components (CVE-2021-3272). A flaw was found in jasper. An out of bounds read issue was found in jp2_decode

In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to another char in the same Type 3 font (CVE-2020-25725).

Yi'it Can Y±lmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution (CVE-2020-36241).