Mageia 2021-0255: irssi security update
The irssi packages are updated to irssi 1.2.3 to fix several issues among some security vulnerabilities: * memory handling issues * memory leaks * erroneous free * crashes / freezes
Mageia 2021-0254: wpa_supplicant, hostapd security update
The wpa_supplicant and hostapd packages are updated to fix a forging attacks that may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. (CVE-2021-30004). References: - https://bugs.mageia.org/show_bug.cgi?id=29046
Mageia 2021-0253: slurm security update
SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of a PrologSlurmctld or EpilogSlurmctld script leads to environment mishandling (CVE-2021-31215). References:
Mageia 2021-0252: exif security update
NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash. (CVE-2021-27815).
Mageia 2021-0251: rust security update
This Rust update to version 1.52.1 includes security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162. These are memory safety bugs in the Rust standard library. Because it is statically linked, affected applications will need to be rebuilt to benefit from the fixes. The actual security implications will depend on how these APIs
Mageia 2021-0250: gnuchess security update
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay functions in frontend/cmd.cc. (CVE-2021-30184).
Mageia 2021-0249: jasper security update
A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened (CVE-2021-3443).
Mageia 2021-0248: docker-containerd security update
In containerd (an industry-standard container runtime) before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other
Mageia 2021-0247: djvulibre security update
Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file. (CVE-2021-3500). Out of bounds write in function DJVU::filter_bv() via crafted djvu file. (CVE-2021-32490).
Mageia 2021-0246: python-lxml security update
An XSS vulnerability was discovered in python-lxml’s clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments, the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly
Mageia 2021-0245: python-pygments security update
In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a denial of service (CVE-2021-27291).
Mageia 2021-0244: polkit security update
A flaw was found in polkit. When a requesting process disconnects from dbus-daemon just before the call to polkit_system_bus_name_get_creds_sync starts, the process cannot get a unique uid and pid of the process and it cannot verify the privileges of the requesting process (CVE-2021-3560). References: - https://bugs.mageia.org/show_bug.cgi?id=29076 - https://access.redhat.com/errata/RHSA-2021:2238
Mageia 2021-0243: curl security update
TELNET stack contents disclosure (CVE-2021-22898). References: - https://bugs.mageia.org/show_bug.cgi?id=28971 - https://curl.se/docs/CVE-2021-22898.html
Mageia 2021-0242: thunderbird security update
The updated packages fix security vulnerabilities: Out of bounds-read when parsing a `WM_COPYDATA` message. (CVE-2021-29964) Memory safety bugs fixed in Thunderbird 78.11. (CVE-2021-29967)
Mageia 2021-0241: upx security update
The updated package fixes security vulnerabilities: A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not perfect. (CVE-2020-24119)
Mageia 2021-0240: exiv2 security update
The updated packages fix security vulnerabilities: Heap-based buffer overflow in Jp2Image::readMetadata(). (CVE-2021-3482) Heap-based buffer overflow in Exiv2::Jp2Image::doWriteMetadata.
Mageia 2021-0239: cgal security update
Updated cgal packages fix security vulnerabilities: An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability (CVE-2020-28601).
Mageia 2021-0238: cgal security update
Updated cgal packages fix security vulnerabilities: An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability (CVE-2020-28601).
Mageia 2021-0237: squid security update
Updated squid packages fix security vulnerabilities: Due to improper input validation Squid is vulnerable to an HTTP Request Smuggling attack. This problem allows a trusted client to perform HTTP Request Smuggling and access services otherwise forbidden by Squid
Mageia 2021-0236: firefox security update
Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 Mozilla developers Gabriele Svelto, Anny Gakhokidze, Alexandru Michis, Christian Holler reported memory safety bugs present in Firefox 88 and Firefox ESR 78.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. (CVE-2021-29967). This update also fixes:
