Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base


Mageia 2020-0067: webkit2 security update>

Updated webkit2 packages fix security vulnerabilities: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835, CVE-2019-8844, CVE-2019-8846). Continue Reading — Mageia 2020-0067: webkit2 security update>


Mageia 2020-0066: php security update>

Updated php packages fix security vulnerabilities: Two buffer overflows in string and mbstring handling have been found (CVE-2020-7059, CVE-2020-7060). Continue Reading — Mageia 2020-0066: php security update>


Mageia 2020-0065: virtualbox security update>

This update provides the upstream 6.0.16 and fixes the following security vulnerabilities: An easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to Continue Reading — Mageia 2020-0065: virtualbox security update>


Mageia 2020-0061: libbsd security update>

It was discovered that libbsd incorrectly handled certain strings, due to an out-of-bounds read during a comparison for a symbol name from the string table (strtab) in nlist.c. An attacker could possibly use this issue to access sensitive information (… Continue Reading — Mageia 2020-0061:...


Mageia 2020-0060: ansible security update>

A flaw was found in the solaris_zone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the ‘ps’ bare command on the remote machine. An attacker could … ...


Mageia 2020-0059: python-reportlab security update>

A code injection vulnerability in python-reportlab allows an attacker to execute code while parsing a color attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable to this flaw and allow remote code executi… Continue Reading — Mageia 2020-0059: python-reportlab security...


Mageia 2020-0058: samba security update>

The implementation of ACL inheritance in the Samba AD DC was not complete, and so absent a ‘full-sync’ replication, ACLs could get out of sync between domain controllers (CVE-2019-14902). When processing untrusted string input Samba can read past the … Continue Reading — Mageia 2020-0058:...


Mageia 2020-0057: fontforge security update>

FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c (CVE-2020-5395) FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c (CVE-2020-5496) Continue Reading — Mageia 2020-0057: fontforge security update>


Get every new post delivered to your Inbox

Join other followers

Page 995 of 2989