Updated dia package fixes security vulnerability: An endless loop on filenames with invalid encoding (CVE-2019-19451). References: Continue Reading — Mageia 2020-0022: dia security update>
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
Updated mediawiki packages fix security vulnerability: MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklist protection mechanism by starting with an arbitrary title, establishing a non-resolvable redirect for the associated page, an… Continue Reading — Mageia 2020-0021: mediawiki security update>
The updated packages fix security vulnerabilities: When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not… Continue Reading...
Updated jss packages fix security vulnerability: A flaw was found in the “Leaf and Chain” OCSP policy implementation in JSS CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not … Continue Reading — Mageia 2020-0018: jss...
**PHP version 7.3.13** (18 Dec 2019) **Bcmath:** * Fixed bug php#78878 (Buffer underflow in bc_shift_addsub). (**CVE-2019-11046**). (cmb) **Core:** * Fixed bug php#78862 (link() silently truncates after a null byte on Windows). (**CVE-2019-11044**). (c… Continue Reading — Fedora 31: php FEDORA-2019-a54a622670>
Update to new upstream version 3.0.13, which includes a fix for CVE-2019-19783 and other minor fixes. Release notes: https://www.cyrusimap.org/imap/download/release-notes/3.0/x/3.0.13.html Continue Reading — Fedora 31: cyrus-imapd FEDORA-2019-ad23a4522d>