Mageia Linux Distribution - Security Advisories - Page 110 - Result...

What Are You Looking For?

Popular Tags

Contribute

Mageia Linux Distribution - Page 110

Mageia Large Esm H200

Mageia 2021-0216: openjpeg2 security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

There is a flaw in the opj2_compress program in openjpeg2. An attacker who is able to submit a large number of image files to be processed in a directory by opj2_compress, could trigger a heap out-of-bounds write due to an integer overflow, which is caused by the large number of image files. The greatest threat posed by this flaw is to confidentiality, integrity, and availability. This flaw affects the opj2_compress utility but is not in the openjpeg2 library. Therefore, the attack vector is local to the opj2_compress utility and would require an attacker to convince a user to open a directory with an extremely large number of files using opj2_compress, or a script to be feeding such arbitrary, untrusted files to opj2_compress (CVE-2021-29338). References:

Mageia Large Esm H200

Mageia 2021-0212: avahi security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Avoid infinite loop by handling HUP event in client_work. (CVE-2021-3468) References: - https://bugs.mageia.org/show_bug.cgi?id=28901 - https://lists.opensuse.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. document.getElementById('cloak76d98ff14448d2552640b20b75cc6488').innerHTML = ''; var prefix = 'ma' + 'il' + 'to'; var path = 'hr' + 'ef' + '='; var addy76d98ff14448d2552640b20b75cc6488 = 'security-announce' + '@'; addy76d98ff14448d2552640b20b75cc6488 = addy76d98ff14448d2552640b20b75cc6488 + 'lists' + '.' + 'opensuse' + '.' + 'org'; var addy_text76d98ff14448d2552640b20b75cc6488 = 'security-announce' + '@' + 'lists' + '.' + 'opensuse' + '.' + 'org';document.getElementById('cloak76d98ff14448d2552640b20b75cc6488').innerHTML += ''+addy_text76d98ff14448d2552640b20b75cc6488+''; /message/VCPLDL2TVAMUG4CYPGSPUHQ3KJXENCPN/

Mageia Large Esm H200

Mageia 2021-0209: nagios security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files (CVE-2020-13977).

Mageia Large Esm H200

Mageia 2021-0208: messagelib security update

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g. an IMAP server) causes KMail to upload the decrypted content of the message to the remote server. This is not easily noticeable by the user because KMail does not display the decrypted content.

News

Advisories

HOWTOs

Features

Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories
Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy