An update that fixes 42 vulnerabilities is now available. Continue Reading — openSUSE: 2019:2587-1: important: webkit2gtk3>
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
The updated packages fix a security vulnerability: file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used. (CVE-201… Continue Reading — Mageia 2019-0352: glib2.0 security update>
Updated httpie packages fix security vulnerability: HTTPie is vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted U… Continue Reading — Mageia 2019-0351:...
Updated python-sqlalchemy packages fix security vulnerabilities: SQL Injection via the order_by parameter (CVE-2019-7164). SQL Injection via the group_by parameter (CVE-2019-7548). Continue Reading — Mageia 2019-0350: python-sqlalchemy security update>
Updated glibc packages fixes the following security issue: On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, al… Continue Reading — Mageia 2019-0349: glibc security update>
gnupg2 is updated to 2.2.18 and fix security vulnerability: Web of Trust forgeries using collisions in SHA-1 signatures (CVE-2019-14855) * Note that this change removes all SHA-1 based key signature newer than 2019-01-19 from the web-of-trust. This… Continue Reading — Mageia 2019-0348: gnupg2 security update>
Chromium-browser 78.0.3904.108 fixes security issues: Multiple flaws were found in the way Chromium 78.0.3904.87 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbit… Continue Reading — Mageia 2019-0347: chromium-browser-stable security update>