Mageia 2020-0319: postgresql-jdbc security update
XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692). References: - https://bugs.mageia.org/show_bug.cgi?id=27017 - https://access.redhat.com/errata/RHSA-2020:3176
Mageia 2020-0318: firefox security update
WebRTC used the memory address of a class instance as a connection identifier. Unfortunately, this value is often transmitted to the peer, which allows bypassing ASLR (CVE-2020-6514). Crafted media files could lead to a race in texture caches, resulting in a
Mageia 2020-0317: webkit2 security update
Updated webkit2 packages fix security vulnerabilities: The webkit2 package has been updated to version 2.28.3, fixing several security issues and other bugs.
Mageia 2020-0316: znc security update
The znc package has been updated to version 1.8.1, containing several bugfixes and enhancements. See the upstream change logs for details. References: - https://bugs.mageia.org/show_bug.cgi?id=26886
Mageia 2020-0315: mumble security update
Updated mumble package fixes security vulnerability: OCB2 is known to be broken under certain conditions: https://eprint.iacr.org/2019/311
Mageia 2020-0314: glib-networking security update
The updated packages fix a security vulnerability: In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected
Mageia 2020-0313: php-phpmailer security update
Fix insufficient output escaping bug in file attachment names (CVE-2020-13625). References: - https://bugs.mageia.org/show_bug.cgi?id=26760
Mageia 2020-0312: redis security update
An integer overflow in the getnum function in lua_struct.c CVE-2020-14147 References: - https://bugs.mageia.org/show_bug.cgi?id=26978
Mageia 2020-0311: virtualbox security update
Multiple security vulnerabilites in virtualbox allow unauthorized access to critical data or takeover of Oracle VM VirtualBox. See CVE references for details. References:
