Updated qt4 packages fix security vulnerability: A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp (CVE-2018-19872). Continue Reading — Mageia 2019-0161: qt4 security update
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
Updated tcpreplay package fixes security vulnerabilities: An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcp… Continue Reading — Mageia 2019-0158: tcpreplay security...
Updated mxml packages fix security vulnerabilities: An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the ” Continue Reading — Mageia 2019-0159: mxml security update
A vulnerability was found in the svgsalamander library. If the library is being used in a web application for processing user supplied SVG files then the app is vulnerable to SSRF (CVE-2017-5617). References: Continue Reading — Mageia 2019-0160: svgsalamander security update
The updated packages fix security vulnerabilities: A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a d… Continue Reading — Mageia 2019-0162: clamav security update
Updated cronie packages fix security vulnerabilities: Cronie before 1.5.3 allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked (CVE-2019-9704). Continue Reading — Mageia 2019-0157: cronie security update
Updated openssh packages fix security vulnerabilities: Due to missing character encoding in the progress display, the object name can be used to manipulate the client output, for example to employ ANSI codes to hide additional files being transferred … Continue Reading — Mageia 2019-0156: openssh...
Updated bash package fixes security vulnerability: A vulnerability in which shell did not prevent user BASH_CMDS, allowing the user to execute any command with the permissions of the shell (CVE-2019-9924). Continue Reading — Mageia 2019-0163: bash security update