Mageia Linux Distribution - Security Advisories - Page 22 - Results...

Mageia Linux Distribution - Page 22

Mageia 2023-0003: ctags security update


A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way. (CVE-2022-4515)

Mageia 2023-0001: python-gitpython security update


Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. This is only relevant when enabling the ext transport

Mageia 2022-0488: libtar security update


After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t->th_buf) . As a result, the released memory is used (use-after-free). (CVE-2021-33640)

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.