Mageia Linux Distribution - Security Advisories - Page 3 - Results ...

Mageia Linux Distribution - Page 3

Mageia 2023-0098: heimdal security update


The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted. (CVE-2022-45142)

Mageia 2023-0092: protobuf security update


Parsing vulnerability for the MessageSet type in the ProtocolBuffers for protobuf-python can lead to out of memory can lead to a Denial of Service against services receiving unsanitized input. (CVE-2022-1941) A parsing issue with binary data in protobuf-java core and lite can lead to a denial of service attack with crafted input. (CVE-2022-3171)

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.