Mageia Linux Distribution - Security Advisories - Page 7

Mageia 2023-0063: apr security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. (CVE-2022-24963) References:

LinuxSecurity.com Team
02/27/2023

Mageia 2023-0062: jupyter-core security update

Arbitrary code execution when loading configuration files (CVE-2022-39286) References: - https://bugs.mageia.org/show_bug.cgi?id=31156 - https://www.debian.org/lts/security/2022/dla-3195

LinuxSecurity.com Team
02/27/2023

Mageia 2023-0061: python-twisted security update

When the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. (CVE-2022-39348)

LinuxSecurity.com Team
02/27/2023

Mageia 2023-0060: python-jupyterlab security update

Remote code execution, but requires user action to open a notebook. (CVE-2021-32797), and other bug fixes. References: - https://bugs.mageia.org/show_bug.cgi?id=30699

LinuxSecurity.com Team
02/27/2023

Mageia 2023-0059: sox security update

CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation

LinuxSecurity.com Team
02/27/2023

Mageia 2023-0058: ipython security update

Executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to. (CVE-2022-21699) References:

LinuxSecurity.com Team
02/27/2023

Mageia 2023-0057: thunderbird security update

User Interface lockup with messages combining S/MIME and OpenPGP. (CVE-2023-0616) Content security policy leak in violation reports using iframes. (CVE-2023-25728)

LinuxSecurity.com Team
02/20/2023

Mageia 2023-0056: firefox security update

An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled (CVE-2023-0767). The Content-Security-Policy-Report-Only header could allow an attacker to leak

LinuxSecurity.com Team
02/20/2023

Mageia 2023-0055: webkit2 security update

Type confusion leading to arbitrary code execution using crafted web page (CVE-2023-23529) References: - https://bugs.mageia.org/show_bug.cgi?id=31555

LinuxSecurity.com Team
02/20/2023

What Are You Looking For?

Popular Tags

Mageia Linux Distribution - Page 7

Mageia 2023-0063: apr security update

Mageia 2023-0062: jupyter-core security update

Mageia 2023-0061: python-twisted security update

Mageia 2023-0060: python-jupyterlab security update

Mageia 2023-0059: sox security update

Mageia 2023-0058: ipython security update

Mageia 2023-0057: thunderbird security update

Mageia 2023-0056: firefox security update

Mageia 2023-0055: webkit2 security update

LinuxSecurity Poll

How big a threat will ChatGPT-powered malware be to the Linux security landscape in 2023?

News

Advisories

HOWTOs

Features

Verifying Linux Server Security: What Every Admin Needs to Know

What Linux, Windows & Mac OS Users Need to Know About VPNs

Complete Guide to Vulnerability Basics

How To Get Live Updates on Critical Linux Security Advisories

Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack

About Us

Powered By