Update to 3.107 Continue Reading — Fedora 32: xawtv 2020-cd5ad916e4>
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
The mount.cifs utility has a shell injection issue where one can embed shell commands via the username mount option. Those commands will be run via popen() in the context of the user calling mount (CVE-2020-14342). References: Continue Reading — Mageia 2020-0376: cifs-utils security update>
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. Such a user could be a customer inserting d… Continue...
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. (CVE-2017-18635) References: Continue Reading — Mageia 2020-0374:...
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. (CVE-2020-25219) Continue Reading — Mageia 2020-0373: libproxy security update>
The nodejs package has been updated to the latest version in the 10.x branch, which is 10.22.1 at this time. It fixes several security issues and other bugs. See the upstream changelog and advisories for details. References: Continue Reading — Mageia 2020-0372: nodejs security update>
fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of the password (CVE-2020-12755). Continue Reading — Mageia 2020-0371: kio-extras security update>
An update that solves one vulnerability and has 6 fixes is now available. Continue Reading — openSUSE: 2020:1552-1: moderate: conmon, fuse-overlayfs, libcontainers-common, podman>