Mageia 2019-0417: filezilla security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Updated filezilla packages fix bugs and a security vulnerability: Filenames containing double-quotation marks were not escaped correctly when selected for opening/editing. Depending on the associated program, parts of the filename could be interpreted as commands.

Mageia 2019-0415: exiv2 security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The updated packages fix security vulnerabilities: An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.

Mageia 2019-0414: kernel security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update is based on upstream 5.4.6 and fixes various potential security issues related to buffer overflows, double frees, NUll pointer dereferences, improper / missing input validations and so on. It also adds other bugfixes all over the kernel.