Mageia 2021-0547: libvirt security update
Fix deadlock on virStoragePoolLookupByTargetPath failure (bz #1986113) (CVE-2021-3667) More CAP_SETPCAP warning fixes (bz #1924218) Handle unknown firmware.json errors
Fix deadlock on virStoragePoolLookupByTargetPath failure (bz #1986113) (CVE-2021-3667) More CAP_SETPCAP warning fixes (bz #1924218) Handle unknown firmware.json errors
Fix heap buffer overflow in flac References: - https://bugs.mageia.org/show_bug.cgi?id=29735 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/G5PZ6UA42VQVTMVACA5DATLOGJQSTNLB/
heap-based buffer overflow in find_help_tags() in src/help.c References: - https://bugs.mageia.org/show_bug.cgi?id=29730 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/DRPAI5JVZLI7WHWSBR6NWAPBQAYUQREW/
Integer overflow in mpz/inp_raw.c and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. References: - https://bugs.mageia.org/show_bug.cgi?id=29723
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash a samba server using heimdal
The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967) (CVE-2021-35565)
Update to sharpziplib 1.3.3 which contains a security fix, and rebuild of mono-tools to use the fixed version. References: - https://bugs.mageia.org/show_bug.cgi?id=29495
ALPACA: Application Layer Protocol Confusion - Analyzing and Mitigating Cracks in TLS Authentication References: - https://bugs.mageia.org/show_bug.cgi?id=29220
This kernel-linus update is based on upstream 5.15.6 and fixes atleast the following security issues: A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is
This kernel update is based on upstream 5.15.6 and fixes atleast the following security issues: A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. (CVE-2021-41771)
Advisory text to describe the update. Wrap lines at ~75 chars. Security issue in InnoDB component has been discovered and fixed (CVE-2021-35604). Additional bugs fixes too.
Multiple Heap-based Buffer Overflows Stack-based Buffer overflows and a use after free. References: - https://bugs.mageia.org/show_bug.cgi?id=29583
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input. (CVE-2021-42376)
BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously sending sdp
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both "manifests" and "layers" fields could be
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. References:
Fixes limit recursion in ri-records. (CVE-2021-3622) References: - https://bugs.mageia.org/show_bug.cgi?id=29382 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/USD4OEV6L3RPHE32V2MJ4JPFBODINWSU/