Security Fix: systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: loader: OOB access while loading registered ROM may lead to code execution * QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c For more ...
Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fix: * qt: files placed by attacker can influence the working directory and lead to malicious code execution * qt: files placed by attacker can influence the working directory and lead to malicious code execution For more details about the security ...
The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fix: * rpm: Signature checks bypass via corrupted rpm package For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the ...
The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fix: * rpm: Signature checks bypass via corrupted rpm package For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the ...
The Qt Image Formats in an add-on module for the core Qt Gui library that provides support for additional image formats including MNG, TGA, TIFF, WBMP, and WebP. Security Fix: * libwebp: heap-based buffer overflow in PutLE16 * libwebp: use of uninitialized value in ReadSymbol * libwebp: heap-based buffer overflow in WebPDecode*Into functions * libwebp: use-after-free in EmitFancyRGB in dec/io_d ...
Security Fix: squid: DoS when processing gopher server responses For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Security Fix: squid: buffer-over-read in SSPI and SMB authentication For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Security Fix: krb5: integer overflow vulnerabilities in PAC parsing For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
Security Fix: libXpm: compression commands depend on $PATH For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.