Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
89
security advisorymoderatefedoraFedora 34: 2022-00a529a8bf Moderate: Issues with Mingw-Uriparser Free Ops
Update to 0.9.6, see https://github.com/uriparser/uriparser/blob/uriparser-0.9.6/ChangeLog for details.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-00a529a8bf 2022-01-16 00:57:03.087627 --------------------------------------------------------------------------------Name : mingw-uriparser Product : Fedora 34 Version : 0.9.6 Release : 1.fc34 URL : https://uriparser.github.io/ Summary : MinGW Windows uriparser library Description : MinGW Windows uriparser library. --------------------------------------------------------------------------------Update Information: Update to 0.9.6, see https://github.com/uriparser/uriparser/blob/uriparser-0.9.6/ChangeLog for details. --------------------------------------------------------------------------------ChangeLog: * Fri Jan 7 2022 Sandro Mani - 0.9.6-1 - Update to 0.9.6 * Thu Jul 22 2021 Fedora Release Engineering - 0.9.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Mar 24 2021 Sandro Mani - 0.9.5-1 - Update to 0.9.5 --------------------------------------------------------------------------------References: [ 1 ] Bug #2037917 - CVE-2021-46141 uriparser: Invalid free operations in uriFreeUriMembers and uriMakeOwner [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2037917 [ 2 ] Bug #2037918 - CVE-2021-46141 mingw-uriparser: uriparser: Invalid free operations in uriFreeUriMembers and uriMakeOwner [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2037918 [ 3 ] Bug #2037922 - CVE-2021-46142 uriparser: Invalid free operations in uriNormalizeSyntax. [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2037922 [ 4 ] Bug #2037923 - CVE-2021-46142 mingw-uriparser: uriparser: Invalid free operations in uriNormalizeSyntax. [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2037923 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-00a529a8bf' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 15, 2022
Fedora
200
security advisorymoderatecrashSciLinux: SLSA-2019-2079-1 Moderate: Xorg Update For SL7.x
libX11: Crash on invalid reply in XListExtensions in ListExt.c (CVE-2018-14598) * libX11: Off-by-one error in XListExtensions in ListExt.c (CVE-2018-14599) * libX11: Out of Bounds write in XListExtensions in ListExt.c (CVE-2018-14600) * libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash (CVE-2018-15857) * libxkbcommon: Endless recursion in xkbcomp/expr.c resulting [More...]. Synopsis: Moderate: Xorg security and bug fix update Advisory ID: SLSA-2019:2079-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-15856 CVE-2018-15854 CVE-2018-14600 CVE-2018-15859 CVE-2018-14599 CVE-2018-15864 CVE-2018-15862 CVE-2018-15863 CVE-2018-15857 CVE-2018-15861 CVE-2018-14598 CVE-2018-15855 CVE-2018-15853 -- Security Fix(es): * libX11: Crash on invalid reply in XListExtensions in ListExt.c (CVE-2018-14598) * libX11: Off-by-one error in XListExtensions in ListExt.c (CVE-2018-14599) * libX11: Out of Bounds write in XListExtensions in ListExt.c (CVE-2018-14600) * libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash (CVE-2018-15857) * libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash (CVE-2018-15853) * libxkbcommon: NULL pointer dereference resulting in a crash (CVE-2018-15854) * libxkbcommon: NULL pointer dereference when handling xkb_geometry (CVE-2018-15855) * libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash (CVE-2018-15856) * libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash (CVE-2018-15859) * libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash (CVE-2018-15861) * libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash (CVE-2018-15862) * libxkbcommon: NULL pointer dereference inResolveStateAndPredicate resulting in a crash (CVE-2018-15863) * libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash (CVE-2018-15864) -- SL7 x86_64 mesa-libGLw-devel-8.0.0-5.el7.x86_64.rpm mesa-libGLw-devel-8.0.0-5.el7.i686.rpm mesa-libGLw-8.0.0-5.el7.i686.rpm mesa-libGLw-8.0.0-5.el7.x86_64.rpm libxkbcommon-x11-0.7.1-3.el7.x86_64.rpm libX11-devel-1.6.7-2.el7.i686.rpm libxkbcommon-x11-0.7.1-3.el7.i686.rpm gdm-3.28.2-16.el7.i686.rpm libxkbcommon-devel-0.7.1-3.el7.i686.rpm xorg-x11-drv-wacom-0.36.1-3.el7.x86_64.rpm xorg-x11-server-Xorg-1.20.4-7.el7.x86_64.rpm libxkbcommon-0.7.1-3.el7.i686.rpm libX11-1.6.7-2.el7.x86_64.rpm xorg-x11-server-common-1.20.4-7.el7.x86_64.rpm libxkbcommon-devel-0.7.1-3.el7.x86_64.rpm libX11-1.6.7-2.el7.i686.rpm libX11-common-1.6.7-2.el7.noarch.rpm xorg-x11-drv-ati-19.0.1-2.el7.x86_64.rpm xorg-x11-server-Xephyr-1.20.4-7.el7.x86_64.rpm libxkbcommon-0.7.1-3.el7.x86_64.rpm xorg-x11-drv-vesa-2.4.0-3.el7.x86_64.rpm gdm-3.28.2-16.el7.x86_64.rpm libX11-devel-1.6.7-2.el7.x86_64.rpm gdm-pam-extensions-devel-3.28.2-16.el7.x86_64.rpm xorg-x11-drv-wacom-devel-0.36.1-3.el7.x86_64.rpm gdm-pam-extensions-devel-3.28.2-16.el7.i686.rpm xorg-x11-server-devel-1.20.4-7.el7.i686.rpm xorg-x11-server-Xvfb-1.20.4-7.el7.x86_64.rpm gdm-devel-3.28.2-16.el7.i686.rpm xorg-x11-server-Xdmx-1.20.4-7.el7.x86_64.rpm xorg-x11-server-Xwayland-1.20.4-7.el7.x86_64.rpm xorg-x11-server-Xnest-1.20.4-7.el7.x86_64.rpm xorg-x11-server-devel-1.20.4-7.el7.x86_64.rpm xorg-x11-drv-wacom-devel-0.36.1-3.el7.i686.rpm xorg-x11-server-source-1.20.4-7.el7.noarch.rpm gdm-devel-3.28.2-16.el7.x86_64.rpm libxkbcommon-x11-devel-0.7.1-3.el7.i686.rpm libxkbcommon-x11-devel-0.7.1-3.el7.x86_64.rpm gdm-debuginfo-3.28.2-16.el7.i686.rpm gdm-debuginfo-3.28.2-16.el7.x86_64.rpm libX11-debuginfo-1.6.7-2.el7.i686.rpm libX11-debuginfo-1.6.7-2.el7.x86_64.rpm libxkbcommon-debuginfo-0.7.1-3.el7.i686.rpm libxkbcommon-debuginfo-0.7.1-3.el7.x86_64.rpm xorg-x11-drv-ati-debuginfo-19.0.1-2.el7.x86_64.rpm xorg-x11-drv-vesa-debuginfo-2.4.0-3.el7.x86_64.rpm xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.x86_64.rpm xorg-x11-server-debuginfo-1.20.4-7.el7.x86_64.rpm xorg-x11-drv-wacom-debuginfo-0.36.1-3.el7.i686.rpm xorg-x11-server-debuginfo-1.20.4-7.el7.i686.rpm mesa-libGLw-debuginfo-8.0.0-5.el7.i686.rpm mesa-libGLw-debuginfo-8.0.0-5.el7.x86_64.rpm noarch libX11-common-1.6.7-2.el7.noarch.rpm xorg-x11-server-source-1.20.4-7.el7.noarch.rpm - Scientific Linux Development Team . Critical security patch released for SL7.x focusing on Xorg, resolving significant stability issues and vulnerabilities found in libX11 and libxkbcommon components.. Xorg Security Update, SL7 x86_64, libX11 Crash Fix, libxkbcommon Patch. . LinuxSecurity.com Team
Aug 26, 2019
Scientific Linux
89
security advisoryfedorabuffer overflowFedora 22: FEDORA-2015-6157 Critical: SQLite Memory Issues
Update of sqlite to latest upstream version, with spatialite-tools rebuild.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-6157 2015-04-15 23:29:34 -------------------------------------------------------------------------------- Name : sqlite Product : Fedora 22 Version : 3.8.9 Release : 1.fc22 URL : https://www.sqlite.org/index.html Summary : Library that implements an embeddable SQL database engine Description : SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Version 2 and version 3 binaries are named to permit each to be installed on a single host -------------------------------------------------------------------------------- Update Information: Update of sqlite to latest upstream version, with spatialite-tools rebuild. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1212353 - sqlite: use of uninitialized memory when parsing collation sequences in src/where.c https://bugzilla.redhat.com/show_bug.cgi?id=1212353 [ 2 ] Bug #1212356 - sqlite: invalid free() in src/vdbe.c https://bugzilla.redhat.com/show_bug.cgi?id=1212356 [ 3 ] Bug #1212357 - sqlite: stack buffer overflow in src/printf.c https://bugzilla.redhat.com/show_bug.cgi?id=1212357 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update sqlite' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys usedby the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 23, 2015
•Critical
Fedora
89
security advisoryupdatebuffer overflowFedora 21: Security Advisory for Sqlite Update - Critical Buffer Overflow
Update of sqlite to latest upstream version, with spatialite-tools rebuild.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-6324 2015-04-18 05:41:52 -------------------------------------------------------------------------------- Name : sqlite Product : Fedora 21 Version : 3.8.9 Release : 1.fc21 URL : https://www.sqlite.org/index.html Summary : Library that implements an embeddable SQL database engine Description : SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Version 2 and version 3 binaries are named to permit each to be installed on a single host -------------------------------------------------------------------------------- Update Information: Update of sqlite to latest upstream version, with spatialite-tools rebuild. -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 14 2015 Jan Stanek - 3.8.9-1 - Updated to version 3.8.9 (https://www.sqlite.org/releaselog/3_8_9.html) * Thu Feb 26 2015 Jan Stanek - 3.8.8.3-1 - Updated to version 3.8.8.3 (https://sqlite.org/releaselog/3_8_8_3.html) * Sat Feb 21 2015 Till Maas - 3.8.8-3 - Rebuilt for Fedora 23 Change https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code * Tue Feb 3 2015 Jan Stanek - 3.8.8-2 - Fixed out-of-date source URLs (rhbz#1188092) * Tue Jan 20 2015 Jan Stanek - 3.8.8-1 - Updated to version 3.8.8 (https://sqlite.org/releaselog/3_8_8.html) - Recreated patches to work on current version. * Fri Dec 12 2014 Jan Stanek - 3.8.7.4-1 - Updated to version 3.8.7.4 () * Tue Nov 25 2014 Jan Stanek - 3.8.7.2-1 - Updated to version3.8.7.2 (http://sqlite.org/releaselog/3_8_7_2.html) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1212353 - sqlite: use of uninitialized memory when parsing collation sequences in src/where.c https://bugzilla.redhat.com/show_bug.cgi?id=1212353 [ 2 ] Bug #1212356 - sqlite: invalid free() in src/vdbe.c https://bugzilla.redhat.com/show_bug.cgi?id=1212356 [ 3 ] Bug #1212357 - sqlite: stack buffer overflow in src/printf.c https://bugzilla.redhat.com/show_bug.cgi?id=1212357 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update sqlite' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Apr 22, 2015
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!