Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
202
security advisorylow severityopenSUSEopenSUSE: 2020:1717-1 Low Severity: Hunspell Invalid Read Issue
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for hunspell ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1717-1 Rating: low References: #1151867 Cross-References: CVE-2019-16707 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for hunspell fixes the following issues: - CVE-2019-16707: Fixed an invalid read in SuggestMgr:leftcommonsubstring (bsc#1151867). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-1717=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): hunspell-1.6.2-lp151.3.3.1 hunspell-debuginfo-1.6.2-lp151.3.3.1 hunspell-debugsource-1.6.2-lp151.3.3.1 hunspell-devel-1.6.2-lp151.3.3.1 hunspell-tools-1.6.2-lp151.3.3.1 hunspell-tools-debuginfo-1.6.2-lp151.3.3.1 libhunspell-1_6-0-1.6.2-lp151.3.3.1 libhunspell-1_6-0-debuginfo-1.6.2-lp151.3.3.1 - openSUSE Leap 15.1 (x86_64): hunspell-devel-32bit-1.6.2-lp151.3.3.1 libhunspell-1_6-0-32bit-1.6.2-lp151.3.3.1 libhunspell-1_6-0-32bit-debuginfo-1.6.2-lp151.3.3.1 References: https://www.suse.com/security/cve/CVE-2019-16707.html https://bugzilla.suse.com/1151867 -- . The latest update for openSUSE resolves a minor vulnerability in hunspell, with detailed instructions for applying the patch included.. openSUSE Security, Hunspell Update, Vulnerability Fix. . Severity: Low. LinuxSecurity.com Team
Oct 23, 2020
•Low
OpenSUSE
100
security advisoryupdatelow severitySUSE: 2020:2966-1 Low: Invalid Read Vulnerability in Hunspell Library
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for hunspell ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2966-1 Rating: low References: #1151867 Cross-References: CVE-2019-16707 Affected Products: SUSE Linux Enterprise Module for Basesystem 15-SP2 SUSE Linux Enterprise Module for Basesystem 15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for hunspell fixes the following issues: - CVE-2019-16707: Fixed an invalid read in SuggestMgr:leftcommonsubstring (bsc#1151867). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Basesystem 15-SP2: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-2966=1 - SUSE Linux Enterprise Module for Basesystem 15-SP1: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-2966=1 Package List: - SUSE Linux Enterprise Module for Basesystem 15-SP2 (aarch64 ppc64le s390x x86_64): hunspell-1.6.2-3.3.7 hunspell-debuginfo-1.6.2-3.3.7 hunspell-debugsource-1.6.2-3.3.7 hunspell-devel-1.6.2-3.3.7 hunspell-tools-1.6.2-3.3.7 hunspell-tools-debuginfo-1.6.2-3.3.7 libhunspell-1_6-0-1.6.2-3.3.7 libhunspell-1_6-0-debuginfo-1.6.2-3.3.7 - SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64): hunspell-1.6.2-3.3.7 hunspell-debuginfo-1.6.2-3.3.7 hunspell-debugsource-1.6.2-3.3.7 hunspell-devel-1.6.2-3.3.7 hunspell-tools-1.6.2-3.3.7 hunspell-tools-debuginfo-1.6.2-3.3.7 libhunspell-1_6-0-1.6.2-3.3.7 libhunspell-1_6-0-debuginfo-1.6.2-3.3.7 References: https://www.suse.com/security/cve/CVE-2019-16707.html https://bugzilla.suse.com/1151867 . A patch release resolves a vulnerability in SUSE's hunspell related to improper memory access. Apply it to enhance system safety.. SUSE Security Update, Hunspell Update, Vulnerability Fix, SUSE Advisory, Low Severity Patch. . Severity: Low. LinuxSecurity.com Team
Oct 20, 2020
•Low
SuSE
203
security advisoryupdatesoftware updateMageia 7 Security Advisory: MGASA-2019-0421 Critical Hunspell Fix
Updated hunspell packages fix security vulnerability: Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx (CVE-2019-16707). . MGASA-2019-0421 - Updated hunspell packages fix security vulnerability Publication date: 31 Dec 2019 URL: https://advisories.mageia.org/MGASA-2019-0421.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-16707 Updated hunspell packages fix security vulnerability: Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx (CVE-2019-16707). References: - https://bugs.mageia.org/show_bug.cgi?id=25963 - https://lists.fedoraproject.org/archives/list/
Dec 31, 2019
•Critical
Mageia
203
security advisorysoftware updatebug fixMageia 6: MGASA-2018-0386 Moderate: mpg123 Invalid Read Fix
The mpg123 project has fixed several bugs in the player, including an invalid read. We upgrade to the latest version which cumulates all those fixes. References: . MGASA-2018-0386 - Updated mpg123 packages fix security vulnerability Publication date: 21 Sep 2018 URL: https://advisories.mageia.org/MGASA-2018-0386.html Type: security Affected Mageia releases: 6 The mpg123 project has fixed several bugs in the player, including an invalid read. We upgrade to the latest version which cumulates all those fixes. References: - https://bugs.mageia.org/show_bug.cgi?id=23509 - http://www.mpg123.de/cgi-bin/news.cgi SRPMS: - 6/core/mpg123-1.25.10-1.mga6 . Recent upgrades to the mpg123 packages address a critical security flaw related to an invalid read problem identified in the media player. For further information, see inside.. mpg123 Security, Mageia Update, Invalid Read, Bug Resolution. . LinuxSecurity.com Team
Sep 21, 2018
Mageia
89
security advisorycritical issueFedoraFedora 26: 2017-2f30e218e7 Critical: Irssi DCC Message Vulnerability
This is an security fix for CVE-2017-9468, CVE-2017-9469.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-2f30e218e7 2017-07-07 22:40:59.827470 --------------------------------------------------------------------------------Name : irssi Product : Fedora 26 Version : 1.0.3 Release : 1.fc26 URL : https://irssi.org/ Summary : Modular text mode IRC client with Perl scripting Description : Irssi is a modular IRC client with Perl scripting. Only text-mode frontend is currently supported. The GTK/GNOME frontend is no longer being maintained. --------------------------------------------------------------------------------Update Information: This is an security fix for CVE-2017-9468, CVE-2017-9469. --------------------------------------------------------------------------------References: [ 1 ] Bug #1459456 - CVE-2017-9468 irssi: Null pointer dereference while receiving a DCC message without source nick/host https://bugzilla.redhat.com/show_bug.cgi?id=1459456 [ 2 ] Bug #1459457 - CVE-2017-9469 irssi: Invalid read when receiving certain incorrectly quoted DCC files https://bugzilla.redhat.com/show_bug.cgi?id=1459457 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade irssi' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jul 07, 2017
•Critical
Fedora
89
security advisorysecurity issueFedoraFedora 23: Important Privoxy Update Addresses Critical Invalid Reads
Patches for CVE-2016-1982,3. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-29995fbd42 2016-01-31 22:59:56.628927 -------------------------------------------------------------------------------- Name : privoxy Product : Fedora 23 Version : 3.0.23 Release : 3.fc23 URL : http://www.privoxy.org/ Summary : Privacy enhancing proxy Description : Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has application for both stand-alone systems and multi-user networks. Privoxy is based on the Internet Junkbuster. -------------------------------------------------------------------------------- Update Information: Patches for CVE-2016-1982,3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1300975 - CVE-2016-1983 privoxy: invalid read via empty host header in client request [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1300975 [ 2 ] Bug #1300974 - CVE-2016-1983 privoxy: invalid read via empty host header in client request [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1300974 [ 3 ] Bug #1300969 - CVE-2016-1982 privoxy: invalid reads in case of corrupt chunk-encoded content [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1300969 [ 4 ] Bug #1300968 - CVE-2016-1982 privoxy: invalid reads in case of corrupt chunk-encoded content [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1300968 [ 5 ] Bug #1300973 - CVE-2016-1983 privoxy: invalid read via empty host header in client request [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1300973 [ 6 ] Bug #1300967 - CVE-2016-1982 privoxy: invalid reads in case of corruptchunk-encoded content [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1300967 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update privoxy' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Feb 01, 2016
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!