Mageia 2020-0386: flash-player-plugin security update
NULL Pointer Dereference that leads to arbitrary code execution in the context of the current user. (CVE-2020-9746) References: - https://bugs.mageia.org/show_bug.cgi?id=27432
NULL Pointer Dereference that leads to arbitrary code execution in the context of the current user. (CVE-2020-9746) References: - https://bugs.mageia.org/show_bug.cgi?id=27432
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB (CVE-2020-8927).
The TCP dissector could crash (CVE-2020-25862). The MIME Multipart dissector could crash (CVE-2020-25863). The BLIP dissector could crash (CVE-2020-25866).
A vulnerability was discovered where an attacker can cause an XSS attack through the transformation feature. If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and complete the instructions made by the attacker. (CVE-2020-26934)
This update fixes CVE-2020-15180 References: - https://bugs.mageia.org/show_bug.cgi?id=27375 - https://mariadb.com/kb/en/mariadb-10325-release-notes/
Multiple security issues were discovered in MediaWiki: SpecialUserRights could leak whether a user existed or not, multiple code paths lacked HTML sanitisation allowing for cross-site scripting and TOTP validation applied insufficient rate limiting against brute force attempts (CVE-2020-25812, CVE-2020-25813, CVE-2020-25814, CVE-2020-25815, CVE-2020-25827,
When Samba is used as a domain controller, an unauthenticated attacker on the network can gain administrator access by exploiting a netlogon protocol flaw (CVE-2020-1472). Note that Samba installations are not vulnerable unless they have the smb.conf
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure (CVE-2020-24659).
AppCache manifest poisoning due to url encoded character processing (CVE-2020-12415). Use-after-free in WebRTC VideoBroadcaster (CVE-2020-12416).