Mageia 2022-0372: dokuwiki security update
Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a. (CVE-2022-3123) References: - https://bugs.mageia.org/show_bug.cgi?id=30873
Mageia 2022-0371: unzip security update
Improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. (CVE-2021-4217) Conversion of a wide string to a local string that leads to a heap of
Mageia 2022-0370: mediawiki security update
HTMLUserTextField exposes existence of hidden users (CVE-2022-41765). reassignEdits doesn't update results in an IP range check on Special:Contributions (CVE-2022-41767)
Mageia 2022-0369: lighttpd security update
In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition. (CVE-2022-37797)
Mageia 2022-0368: libofx security update
The updated packages fix memory issues in libofx. (rhbz#2127755) References: - https://bugs.mageia.org/show_bug.cgi?id=30900 - https://bugzilla.redhat.com/show_bug.cgi?id=2127755
Mageia 2022-0367: python security update
The mailcap module does not add escape characters into commands discovered in the system mailcap file. (CVE-2015-20107) Allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. (CVE-2021-4189)
Mageia 2022-0366: colord security update
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it. (CVE-2021-42523)
Mageia 2022-0365: dbus security update
A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build, although we are not aware of a practical example. (CVE-2022-42010)
Mageia 2022-0364: kitty security update
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup. (CVE-2022-41322)
Mageia 2022-0363: libvncserver security update
libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup(). (CVE-2020-29260) References: - https://bugs.mageia.org/show_bug.cgi?id=30917
Mageia 2022-0362: php security update
Core Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) Fixed bug GH-9361 (Segmentation fault on script exit #9379). Fixed bug GH-9407 (LSP error in eval'd code refers to wrong class for static type).
Mageia 2022-0361: unbound security update
Non-Responsive Delegation Attack. (CVE-2022-3204) Improves performance when under load, by cutting promiscuous queries for nameserver discovery and limiting the number of times a delegation point can look in the cache for missing records.
Mageia 2022-0360: enlightenment security update
Updated enlightenment package to fix the security vulnerability, CVE-2022-37706 that would allow an user to gain root privileges. References: - https://bugs.mageia.org/show_bug.cgi?id=30868
Mageia 2022-0359: python3 security update
Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. (CVE-2020-10735)
Mageia 2022-0358: bash security update
Bash has been updated to version 5.1.16 using a patch from Fedora to fix a security issue by adding a null check in the parameter_brace_transform() function. References:
Mageia 2022-0357: chromium-browser-stable security update
The chromium-browser-stable package has been updated to the new 106 branch with the 106.0.5249.61 version, fixing many bugs and 20 vulnerabilities; it brings as well some improvements. Some of the security fixes are:
Mageia 2022-0356: golang security update
In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664) JoinPath and URL.JoinPath do not remove ../ path elements appended to a
Mageia 2022-0355: thunderbird security update
Improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly(CVE-2022-39236) Too permissive key forwarding strategy allowing impersonation (CVE-2022-39249) Trusting/verifying the user identity under the control of the homeserver
Mageia 2022-0354: nodejs security update
DNS rebinding in --inspect on macOS (CVE-2022-32212) Bypass via obs-fold mechanic (CVE-2022-32213) HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (CVE-2022-35256)
Mageia 2022-0353: libjpeg security update
The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. (CVE-2021-46822)
