12.05.2019 12:00 A vulnerability was found in the svgsalamander library. If the library is being used in a web application for processing user supplied SVG files then the app is vulnerable to SSRF . References:
12.05.2019 12:00 Updated mxml packages fix security vulnerabilities: An issue has been found in Mini-XML 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the ''
12.05.2019 12:00 The updated packages fix security vulnerabilities: A vulnerability in the Portable Document Format scanning functionality of Clam AntiVirus Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service
12.05.2019 12:00 Updated qt4 packages fix security vulnerability: A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp .
12.05.2019 12:00 Updated bash package fixes security vulnerability: A vulnerability in which shell did not prevent user BASH_CMDS, allowing the user to execute any command with the permissions of the shell .
12.05.2019 12:00 pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers . References:
12.05.2019 12:00 Updated openexr package fixes security vulnerabilities: It was discovered that makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact .
12.05.2019 12:00 Updated python packages fix security vulnerability: A 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead .
12.05.2019 12:00 Updated sysstat package fix security vulnerabilities: Out-of-bounds read during a memmove call inside the remap_struct function .
12.05.2019 03:02 Update to April 2019 CPU. See: http://mail.openjdk.java.net/pipermail/jdk- updates-dev/2019-April/000951.html
11.05.2019 05:31 Update to April 2019 CPU. See: http://mail.openjdk.java.net/pipermail/jdk- updates-dev/2019-April/000951.html
11.05.2019 04:02 1.6.2 when v5 client with Will message disconnects, where the Will message has as its first property one of `content-type`, `correlation-data`, `payload-format- indicator`, or `response-topic`. * Fix build for WITH_TLS=no. * Fix Will message not allowing user-property properties. * Fix broker originated messages (e.g.
10.05.2019 21:35 An update that fixes 5 vulnerabilities is now available.
10.05.2019 21:35 An update that fixes one vulnerability is now available.
10.05.2019 21:35 An update that fixes two vulnerabilities is now available.