Mailman is a program used to help manage e-mail discussion lists. Security Fix: * mailman: arbitrary content injection via the options login page * mailman: arbitrary content injection via the private archive login page For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References sect ...
X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Mesa provides a 3D graphics API that is compatible with Open Graphics Library . It also provides hardware-accelerated drivers for many popular graphics chips. The following packages have been upgraded to a later upstream version ...
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fix: * libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Addit ...
The libexif packages provide a library for extracting extra information from image files. The following packages have been upgraded to a later upstream version: libexif . Security Fix: * libexif: out of bound write in exif-data.c * libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c * libexif: use of uninitialized memory in EXIF Makerno ...
FreeRDP is a free implementation of the Remote Desktop Protocol , released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. The following packages have been upgraded to a later upstream version: freerdp . Security Fix: * freerdp: Out of bound read in cliprdr_server_receive_capabilities * freerdp: Out of bound read/ ...
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.12.0 ESR. Security Fix: * Mozilla: Attacker-induced prompt for extension installation * Mozilla: Use-After-Free when aborting an operation For more details about the security issue, including the impact, a CVSS score, acknowledgments, and othe ...
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 68.12.0 ESR. Security Fix: * Mozilla: Attacker-induced prompt for extension installation * Mozilla: Use-After-Free when aborting an operation For more details about the security issue, including the impact, a CVSS score, acknowledgments, and othe ...
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.2.0 ESR. Security Fix: * Mozilla: Attacker-induced prompt for extension installation * Mozilla: Use-After-Free when aborting an operation * Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer * Mozilla: X-Frame-Options bypass using ...
Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: Resource exhaustion via deeply nested MIME parts * dovecot: Out of bound reads in dovecot NTLM impl ...
Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.12.0. Security Fix: * Mozilla: Attacker-induced prompt for extension installation * Mozilla: Use-After-Free when aborting an operation For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page list ...