This update for aaa_base fixes the following issues: - Allowed ping and ICMP commands without CAP_NET_RAW . - Add $HOME/.local/bin to PATH, if it exists . - Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform . - Support xz compressed kernel
This update for unrar to version 5.6.1 fixes several issues. These security issues were fixed: - CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file . - CVE-2017-12940: Prevent out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadH ...
Heap-based buffer overflow in mspack/lzxd.cmspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CHM file. Out-of-bounds access in the PDF parser A VMSF_DELTA memory corruption was discovered in unrar before 5.5.5, as used in Sophos Anti-Virus Threat Detection Engine before 3.37.2 ...
The host is missing a critical security update according to Adobe advisory, APSB11-20. The update is required to fix a denial of service vulnerability. A flaw is present in the application, which fails to avoid the memory corruption. Successful exploitation could allow remote attackers to cause a denial of service.