Mageia 2022-0003: gegl security update
Fix shell expansion via crafted pathname in the ImageMagick convert fallback References: - https://bugs.mageia.org/show_bug.cgi?id=29829
Fix shell expansion via crafted pathname in the ImageMagick convert fallback References: - https://bugs.mageia.org/show_bug.cgi?id=29829
Apache Log4j2 is vulnerable to a remote code execution (RCE) attack where an attacker with permission to modify the logging configuration file can construct a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI which can execute remote code. This issue is fixed by limiting JNDI data source names to the java protocol
Security vulnerabilities were identified in the open source NTFS-3G and NTFSPROGS software. These vulnerabilities may allow an attacker using a maliciously crafted NTFS-formatted image file or external storage to potentially execute arbitrary privileged code, if the attacker has either local access and the ntfs-3g binary is setuid root, or if the attacker has
stack-based buffer overflow in handle_request() in DHT.c (CVE-2021-44847) References: - https://bugs.mageia.org/show_bug.cgi?id=29821 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/S7EBS3NIRYJ7V3PTNINP3PJSVUHGZTGA/
HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818) References: - https://bugs.mageia.org/show_bug.cgi?id=29817
e2guardian did not validate TLS hostnames (CVE-2021-44273) References: - https://bugs.mageia.org/show_bug.cgi?id=29811 - https://www.openwall.com/lists/oss-security/2021/12/23/2
ReDoS vulnerability in html_preprocess_rules in ebooks/conversion/preprocess.py References: - https://bugs.mageia.org/show_bug.cgi?id=29803
HTTP Request Smuggling due to spaces in headers. The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). (CVE-2021-22959) HTTP Request Smuggling when parsing the body. The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP
Authenticate active help requests to the local help web server (CVE-2020-27225) References: - https://bugs.mageia.org/show_bug.cgi?id=29048
CryptSym: fix AES output IV (CVE-2021-3505). Fixed a context save and suspend/resume problem when public keys are loaded. Reset too large size indicators in TPM2B to avoid access beyond buffer (CVE-2021-3623)
This kernel-linus update is based on upstream 5.15.11 and fixes atleast the following security issues: Potentially malicious XEN PV backends can cause guest DoS due to unhardened frontends in the guests, even though this ought to have been prevented by
This kernel update is based on upstream 5.15.11 and fixes atleast the following security issues: Potentially malicious XEN PV backends can cause guest DoS due to unhardened frontends in the guests, even though this ought to have been prevented by
net/http: limit growth of header canonicalization cache (CVE-2021-44716) syscall: don't close fd 0 on ForkExec error (CVE-2021-44717) References: - https://bugs.mageia.org/show_bug.cgi?id=29807
Fixes out of bounds read issue in *larrv functions (CVE-2021-4048) References: - https://bugs.mageia.org/show_bug.cgi?id=29788 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/DROZM4M2QRKSD6FBO4BHSV2QMIRJQPHT/
Multiple security issues affecting ldb, samba and sssd. See references for details. References: - https://bugs.mageia.org/show_bug.cgi?id=29641
OpenPGP signature status doesn't consider additional message content. (CVE-2021-4126) Matrix chat library libolm bundled with Thunderbird vulnerable to a buffer overflow. (CVE-2021-44538)
Processing maliciously crafted web content may lead to unexpectedly unenforced Content Security Policy. (CVE-2021-30887) Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2021-30890)
Heap out-of-bound read vulnerability in rr_frm_str_internal function Heap out-of-bound read vulnerability in ldns_nsec3_salt_data function Fixed time memory compare for Openssl 0.9.8 References:
Out of bounds in php_pcre_replace_impl (CVE-2017-9118) Multiple bugs fixed. See referenced changelog for details. References: - https://bugs.mageia.org/show_bug.cgi?id=29775
Multiple security issues found in ezXML, bundled in netcdf References: - https://bugs.mageia.org/show_bug.cgi?id=29241 - https://www.debian.org/lts/security/2021/dla-2705