Mageia 2022-0108: bind security update
DNS forwarders - cache poisoning vulnerability. (CVE-2021-25220) References: - https://bugs.mageia.org/show_bug.cgi?id=30184 - https://kb.isc.org/docs/cve-2021-25220
DNS forwarders - cache poisoning vulnerability. (CVE-2021-25220) References: - https://bugs.mageia.org/show_bug.cgi?id=30184 - https://kb.isc.org/docs/cve-2021-25220
The chromium-browser-stable package has been updated to the 99.0.4844.74 version that fixes multiples security vulnerabilities. [1299422] Critical CVE-2022-0971: Use after free in Blink Layout. [1301320] High CVE-2022-0972: Use after free in Extensions.
A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An attacker could send a series of search requests, forcing the server to behave unexpectedly, and crash. (CVE-2021-4091)
SECURITY: CVE-2022-23943: mod_sed: Read/write beyond bounds. Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. Credits: Ronald Crane (Zippenhop LLC)
The {% debug %} template tag didn't properly encode the current context posing an XSS attack vector (CVE-2022-22818). Passing certain inputs to multipart forms could result in an infinite loop when parsing files resulting in a denial of service (CVE-2022-23833).
Untrusted tar file to symlink into an arbitrary location allowing file overwrites. (CVE-2021-37712) Arbitrary file creation/overwrite and arbitrary code execution. (CVE-2021-37701)
Command injection in ruby bundler. (CVE-2021-43809) References: - https://bugs.mageia.org/show_bug.cgi?id=30162 - https://www.sonarsource.com/blog/securing-developer-tools-package-managers/
This kernel-linus update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially
This kernel update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially
The chromium-browser-stable package has been updated to the 99.0.4844.51 version that fixes multiples security vulnerabilities. References: - https://bugs.mageia.org/show_bug.cgi?id=29988
Null pointer dereference in MD_UPDATE. (CVE-2021-4209) References: - https://bugs.mageia.org/show_bug.cgi?id=30112 - https://lists.suse.com/pipermail/sle-security-updates/2022-March/010333.html
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash (CVE-2022-26381). When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification (CVE-2022-26383).
Double-free vulnerability in contrib/shpsort.c. (CVE-2022-0699) References: - https://bugs.mageia.org/show_bug.cgi?id=30114 - https://lists.opensuse.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/6B3VSER4WPCPULJGLJVI75SE2NKX4RQH/
This kernel-linus update is based on upstream 5.15.26 and fixes at least the following security issues: A vulnerability in the Linux kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files,
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free (CVE-2022-26485). An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape (CVE-2022-26486).
An attacker could have caused a use-after-free by forcing a text reflow in an SVG object leading to a potentially exploitable crash (CVE-2022-26381). When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification (CVE-2022-26383).
This kernel update is based on upstream 5.15.25 and fixes at least the following security issues: A vulnerability in the Linux kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files,
Overflow in Rat.SetString in math/big can lead to uncontrolled memory consumption (CVE-2022-23772) Incorrect access control in cmd/go (CVE-2022-23773) Incorrect returned value in crypto/elliptic IsOnCurve (CVE-2022-23806) The following non-security bugs were fixed:
Less privileged Webmin users who do not have any File Manager module restrictions configured can access files with root privileges, if using the default Authentic theme (CVE-2022-0824, CVE-2022-0829). References:
Removing an XSLT parameter during processing could have lead to an exploitable use-after-free (CVE-2022-26485). An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape (CVE-2022-26486).