Mageia 2022-0103: nodejs-tar security update
Untrusted tar file to symlink into an arbitrary location allowing file overwrites. (CVE-2021-37712) Arbitrary file creation/overwrite and arbitrary code execution. (CVE-2021-37701)
Mageia 2022-0102: ruby security update
Command injection in ruby bundler. (CVE-2021-43809) References: - https://bugs.mageia.org/show_bug.cgi?id=30162 - https://blog.sonarsource.com/securing-developer-tools-package-managers
Mageia 2022-0101: kernel-linus security update
This kernel-linus update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially
Mageia 2022-0100: kernel security update
This kernel update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially
Mageia 2022-0099: chromium-browser-stable security update
The chromium-browser-stable package has been updated to the 99.0.4844.51 version that fixes multiples security vulnerabilities. References: - https://bugs.mageia.org/show_bug.cgi?id=29988
Mageia 2022-0098: gnutls security update
Null pointer dereference in MD_UPDATE. (CVE-2021-4209) References: - https://bugs.mageia.org/show_bug.cgi?id=30112 - https://lists.suse.com/pipermail/sle-security-updates/2022-March/010333.html
Mageia 2022-0097: thunderbird security update
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash (CVE-2022-26381). When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification (CVE-2022-26383).
Mageia 2022-0096: shapelib security update
Double-free vulnerability in contrib/shpsort.c. (CVE-2022-0699) References: - https://bugs.mageia.org/show_bug.cgi?id=30114 - https://lists.opensuse.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/6B3VSER4WPCPULJGLJVI75SE2NKX4RQH/
Mageia 2022-0095: kernel-linus security update
This kernel-linus update is based on upstream 5.15.26 and fixes at least the following security issues: A vulnerability in the Linux kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files,
