Mageia Linux Distribution - Security Advisories - Page 107 - Result...

What Are You Looking For?

Popular Tags

Contribute

Mageia Linux Distribution - Page 107

Mageia Large Esm H200

Mageia 2021-0216: openjpeg2 security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There is a flaw in the opj2_compress program in openjpeg2. An attacker who is able to submit a large number of image files to be processed in a directory by opj2_compress, could trigger a heap out-of-bounds write due to an integer overflow, which is caused by the large number of image files. The greatest threat posed by this flaw is to confidentiality, integrity, and availability. This flaw affects the opj2_compress utility but is not in the openjpeg2 library. Therefore, the attack vector is local to the opj2_compress utility and would require an attacker to convince a user to open a directory with an extremely large number of files using opj2_compress, or a script to be feeding such arbitrary, untrusted files to opj2_compress (CVE-2021-29338). References:

Mageia Large Esm H200

Mageia 2021-0212: avahi security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Avoid infinite loop by handling HUP event in client_work. (CVE-2021-3468) References: - https://bugs.mageia.org/show_bug.cgi?id=28901 - https://lists.opensuse.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. document.getElementById('cloak0f19e4055d423fa5e16452b9ebd3d304').innerHTML = ''; var prefix = 'ma' + 'il' + 'to'; var path = 'hr' + 'ef' + '='; var addy0f19e4055d423fa5e16452b9ebd3d304 = 'security-announce' + '@'; addy0f19e4055d423fa5e16452b9ebd3d304 = addy0f19e4055d423fa5e16452b9ebd3d304 + 'lists' + '.' + 'opensuse' + '.' + 'org'; var addy_text0f19e4055d423fa5e16452b9ebd3d304 = 'security-announce' + '@' + 'lists' + '.' + 'opensuse' + '.' + 'org';document.getElementById('cloak0f19e4055d423fa5e16452b9ebd3d304').innerHTML += ''+addy_text0f19e4055d423fa5e16452b9ebd3d304+''; /message/VCPLDL2TVAMUG4CYPGSPUHQ3KJXENCPN/

Mageia Large Esm H200

Mageia 2021-0209: nagios security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files (CVE-2020-13977).

Mageia Large Esm H200

Mageia 2021-0208: messagelib security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g. an IMAP server) causes KMail to upload the decrypted content of the message to the remote server. This is not easily noticeable by the user because KMail does not display the decrypted content.

News

Advisories

HOWTOs

Features

ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems
ZeroLock: How to Defend Against Ransomware on Linux

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy