Mageia 2022-0128: libtiff security update
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. (CVE-2022-0907) References:
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. (CVE-2022-0907) References:
Updated php-smarty packages to version 4 for php 8 compatibility and to fix security vulnerabilities. References: - https://bugs.mageia.org/show_bug.cgi?id=30214
On 64-bit platforms, an extremely deeply nested expression can cause regexp.Compile to cause goroutine stack exhaustion, forcing the program to exit. Note this applies to very large expressions, on the order of 2MB. (CVE-2022-24921)
An out of bounds read was found in Wavpack 5.4.0 in processing *.WAV files. This issue triggered in function WavpackPackSamples of file src/pack_utils.c, tainted variable cnt is too large, that makes pointer sptr read beyond heap bound. (CVE-2021-44269)
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. (CVE-2018-25032) Update to release 1.2.12 for additional bug fixes. See the changelog for details.
Potential authentication by-pass with multiple deferred authentication plug-ins. (CVE-2022-0547) References: - https://bugs.mageia.org/show_bug.cgi?id=30186
This kernel-linus update is based on upstream 5.15.32 and fixes at least the following security issues: An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts
This kernel update is based on upstream 5.15.32 and fixes at least the following security issues: An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts
The graphicsmagick package has been updated to version 1.3.38, fixing several security issues and other bugs. See the referenced NEWS link for details. References:
Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. (CVE-2022-0865) A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of
The chromium-browser-stable package has been updated to 99.0.4844.84 that fixes one security vulnerability and many bugs (together with 99.0.4844.82). Type Confusion in V8. Reported by anonymous on 2022-03-23 Google is aware
Containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during 'execve(2)' (CVE-2022-24769)
abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. (CVE-2021-32434) Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. (CVE-2021-32435)
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c. (CVE-2021-33293) References:
Fix potential DoS in pesign daemon References: - https://bugs.mageia.org/show_bug.cgi?id=30187 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/A4ROD5ZD5HMBROA3W3TU6T6O5TY64NN5/
Infinite loop in BN_mod_sqrt() reachable when parsing certificates. (CVE-2022-0778) References: - https://bugs.mageia.org/show_bug.cgi?id=30174
swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. (CVE-2022-24407) References: - https://bugs.mageia.org/show_bug.cgi?id=30085
It was found that sphinx could allow arbitrary files to be read by abusing a configuration option. (CVE-2020-29050) References: - https://bugs.mageia.org/show_bug.cgi?id=30076
Update to 5.62 including new features and bugfixes: Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests (bsc#1182529). - Fixed a double free with OpenSSL older than 1.1.0.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.