Advisory: ArchLinux Essential and Critical Security Patch Updates
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
The package python-cairosvg before version 2.5.1-1 is vulnerable to denial of service.
The package python-pillow before version 8.1.0-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.
The package gitlab before version 13.7.2-1 is vulnerable to multiple issues including authentication bypass, denial of service and information disclosure.
The package php before version 7.4.14-1 is vulnerable to insufficient validation.
The package mdbook before version 0.4.5-1 is vulnerable to cross-site scripting.
The package mbedtls before version 2.25.0-1 is vulnerable to private key recovery.
The package chromium before version 87.0.4280.141-1 is vulnerable to multiple issues including access restriction bypass, arbitrary code execution and insufficient validation.
The package firefox before version 84.0.2-1 is vulnerable to arbitrary code execution.
The package dovecot before version 2.3.13-1 is vulnerable to multiple issues including information disclosure and denial of service.
The package poppler before version 21.01.0-1 is vulnerable to arbitrary code execution.
The package roundcubemail before version 1.4.10-1 is vulnerable to cross-site scripting.
The package rsync before version 3.2.3-2 is vulnerable to man-in-the- middle.
The package qemu before version 5.2.0-1 is vulnerable to multiple issues including arbitrary code execution and denial of service.
The package firefox before version 84.0-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing and information disclosure.
The package openssl before version 1.1.1.i-1 is vulnerable to denial of service.
The package thunderbird before version 78.6.0-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing and information disclosure.
The package tensorflow before version 2.4.0-1 is vulnerable to multiple issues including information disclosure and denial of service.
The package openjpeg2 before version 2.4.0-1 is vulnerable to multiple issues including arbitrary code execution and denial of service.
The package lib32-gdk-pixbuf2 before version 2.42.2-1 is vulnerable to denial of service.
The package gdk-pixbuf2 before version 2.42.2-1 is vulnerable to denial of service.