Actualizaciones de Seguridad

MGAA-2024-0228 - Updated kde-pdf-servicemenu packages fix bug

Mageia Security - 12 Noviembre, 2024 - 20:53

Publication date: 12 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description The current version is not working; this update fixes the issue. References

https://bugs.mageia.org/show_bug.cgi?id=33564

SRPMS 9/core

kde-pdf-servicemenu-2.3-1.1.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2024-0227 - Updated mariadb packages fix many crashes

Mageia Security - 12 Noviembre, 2024 - 20:53

Publication date: 12 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description A new release of MariaDB fixes many crashes, e.g. in InnoDB, optimizer and galera. For details see the changelog. References

SRPMS 9/core

mariadb-10.11.10-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0354 - Updated quictls packages fix security vulnerability

Mageia Security - 9 Noviembre, 2024 - 06:17

Publication date: 09 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-9143 Description Invalid low-level GF(2^m) parameters can lead to an OOB memory access. (CVE-2024-9143) References

SRPMS 9/core

quictls-3.0.15-1.1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0353 - Updated htmldoc packages fix security vulnerabilities

Mageia Security - 9 Noviembre, 2024 - 06:17

Publication date: 09 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-45508 , CVE-2024-46478 Description HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node. (CVE-2024-45508) HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681. (CVE-2024-46478) References

SRPMS 9/core

htmldoc-1.9.15-3.1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0352 - Updated libheif packages fix security vulnerability

Mageia Security - 9 Noviembre, 2024 - 06:17

Publication date: 09 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-41311 Description In Libheif, insufficient checks in ImageOverlay::parse() while decoding a HEIF file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. (CVE-2024-41311) References

SRPMS 9/tainted

libheif-1.16.2-1.2.mga9.tainted

9/core

libheif-1.16.2-1.2.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0351 - Updated python-werkzeug packages fix security vulnerability

Mageia Security - 9 Noviembre, 2024 - 06:17

Publication date: 09 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-49767 Description Werkzeug is a Web Server Gateway Interface web application library. Applications using `werkzeug.formparser.MultiPartParser` corresponding to a version of Werkzeug prior to 3.0.6 to parsing `multipart/form-data` requests (e.g. all flask applications) are vulnerable to a relatively simple but effective resource exhaustion (denial of service) attack. A specifically crafted form submission request can cause the parser to allocate and block 3 to 8 times the upload size in main memory. There is no upper limit; a single upload at 1 Gbit/s can exhaust 32 GB of RAM in less than 60 seconds. Werkzeug version 3.0.6 fixes this issue. References

SRPMS 9/core

python-werkzeug-3.0.6-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0350 - Updated thunderbird packages fix security vulnerabilities

Mageia Security - 9 Noviembre, 2024 - 06:17

Publication date: 09 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-10458 , CVE-2024-10459 , CVE-2024-10460 , CVE-2024-10461 , CVE-2024-10462 , CVE-2024-10463 , CVE-2024-10464 , CVE-2024-10465 , CVE-2024-10466 , CVE-2024-10467 Description Permission leak via embed or object elements. (CVE-2024-10458) Use-after-free in layout with accessibility. (CVE-2024-10459) Confusing display of origin for external protocol handler prompt. (CVE-2024-10460) XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response. (CVE-2024-10461) Origin of permission prompt could be spoofed by long URL. (CVE-2024-10462) Cross origin video frame leak. (CVE-2024-10463) History interface could have been used to cause a Denial of Service condition in the browser. (CVE-2024-10464) Clipboard "paste" button persisted across tabs. (CVE-2024-10465) DOM push subscription message could hang Firefox. (CVE-2024-10466) Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. (CVE-2024-10467) References

SRPMS 9/core

thunderbird-128.4.0-1.mga9
thunderbird-l10n-128.4.0-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0349 - Updated nspr, nss, firefox & rust packages fix security vulnerabilities

Mageia Security - 9 Noviembre, 2024 - 06:17

Publication date: 09 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-10458 , CVE-2024-10459 , CVE-2024-10460 , CVE-2024-10461 , CVE-2024-10462 , CVE-2024-10463 , CVE-2024-10464 , CVE-2024-10465 , CVE-2024-10466 , CVE-2024-10467 Description Permission leak via embed or object elements. (CVE-2024-10458) Use-after-free in layout with accessibility. (CVE-2024-10459) Confusing display of origin for external protocol handler prompt. (CVE-2024-10460) XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response. (CVE-2024-10461) Origin of permission prompt could be spoofed by long URL. (CVE-2024-10462) Cross origin video frame leak. (CVE-2024-10463) History interface could have been used to cause a Denial of Service condition in the browser. (CVE-2024-10464) Clipboard "paste" button persisted across tabs. (CVE-2024-10465) DOM push subscription message could hang Firefox. (CVE-2024-10466) Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4. (CVE-2024-10467) References

SRPMS 9/core

nspr-4.36-1.mga9
nss-3.106.0-1.mga9
firefox-128.4.0-1.mga9
firefox-l10n-128.4.0-1.mga9
rust-1.76.0-3.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2024-0226 - Updated drumstick & kmetronome packages fix crash on kmetronome

Mageia Security - 9 Noviembre, 2024 - 06:17

Publication date: 09 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description Kmetronome (Drumstick Metronome) crashes as soon as the Play button is clicked. This update fixes the issue. References

https://bugs.mageia.org/show_bug.cgi?id=33188

SRPMS 9/core

drumstick-2.7.2-1.1.mga9
kmetronome-1.3.1-1.1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0348 - Updated ruby-webrick packages fix security vulnerability

Mageia Security - 8 Noviembre, 2024 - 23:09

Publication date: 08 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-47220 Description An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1rn" inside of a "POST /user HTTP/1.1rn" request. (CVE-2024-47220) References

SRPMS 9/core

ruby-webrick-1.7.0-3.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0347 - Updated python-urllib3 packages fix security vulnerability

Mageia Security - 8 Noviembre, 2024 - 23:09

Publication date: 08 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-37891 Description When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possible to accidentally configure the Proxy-Authorization header even though it won't have any effect as the request is not using a forwarding proxy or a tunneling proxy. In those cases, urllib3 doesn't treat the Proxy-Authorization HTTP header as one carrying authentication material and thus doesn't strip the header on cross-origin redirects. Because this is a highly unlikely scenario, we believe the severity of this vulnerability is low for almost all users. Out of an abundance of caution urllib3 will automatically strip the Proxy-Authorization header during cross-origin redirects to avoid the small chance that users are doing this on accident. Users should use urllib3's proxy support or disable automatic redirects to achieve safe processing of the Proxy-Authorization header, but we still decided to strip the header by default in order to further protect users who aren't using the correct approach. References

SRPMS 9/core

python-urllib3-1.26.20-1.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2024-0225 - Updated wireplumber & pipewire-media-session packages fix Bluetooth audio connections

Mageia Security - 7 Noviembre, 2024 - 21:17

Publication date: 07 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description This bug addresses a newer wireplumber that was missed in a previous pipewire update. After the previous update (pipewire-0.3.85-6) sometimes it could happen that some Bluetooth audio device was not correctly connected. This version update should fix the problem, among other fixes. The pipewire-media-session package, which is the other (older) companion media session manager, has also been rebuilt against the latest pipewire (0.3.85-6 aka 1.0.9) and includes an upstream patch to fix a potential DBusMessage memory leak. References

https://bugs.mageia.org/show_bug.cgi?id=33698

SRPMS 9/core

wireplumber-0.5.6-1.mga9
pipewire-media-session-0.4.2-1.1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0346 - Updated libarchive packages fix security vulnerabilities

Mageia Security - 6 Noviembre, 2024 - 20:57

Publication date: 06 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-48957 , CVE-2024-48958 Description execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. (CVE-2024-48957) execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. (CVE-2024-48958) References

SRPMS 9/core

libarchive-3.6.2-5.2.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2024-0224 - Updated grub2 packages help to do lightest installations

Mageia Security - 5 Noviembre, 2024 - 03:47

Publication date: 05 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description A minimal install with grub2 installs graphical libraries, due to the inclusion of the grub2-mkfont binary in the core package. This update splits grub2-mkfont from the core package and make it an optional requirement helping to make more light installations. References

https://bugs.mageia.org/show_bug.cgi?id=33695

SRPMS 9/core

grub2-2.06-28.4.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2024-0223 - Updated digikam packages fix crash on some 32 bit systems

Mageia Security - 5 Noviembre, 2024 - 03:47

Publication date: 05 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description Use of SSE2 instructions even if not available for the processor makes digikam crash on some 32 bit systems. These updates fixes the issue. References

SRPMS 9/core

digikam-8.4.0-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0345 - Updated kernel, kmod-xtables-addons. kmod-virtualbox, kernel-firmware & kernel-firmware-nonfree radeon-firmware packages fix security vulnerabilities

Mageia Security - 2 Noviembre, 2024 - 17:56

Publication date: 02 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-52917 , CVE-2024-47670 , CVE-2024-47671 , CVE-2024-47672 , CVE-2024-47673 , CVE-2024-47675 , CVE-2024-47678 , CVE-2024-47679 , CVE-2024-47681 , CVE-2024-47682 , CVE-2024-47683 , CVE-2024-47684 , CVE-2024-47685 , CVE-2024-47686 , CVE-2024-47688 , CVE-2024-47689 , CVE-2024-47690 , CVE-2024-47691 , CVE-2024-47692 , CVE-2024-47693 , CVE-2024-47695 , CVE-2024-47696 , CVE-2024-47697 , CVE-2024-47698 , CVE-2024-47699 , CVE-2024-47700 , CVE-2024-47701 , CVE-2024-47704 , CVE-2024-47705 , CVE-2024-47706 , CVE-2024-47707 , CVE-2024-47709 , CVE-2024-47710 , CVE-2024-47712 , CVE-2024-47713 , CVE-2024-47714 , CVE-2024-47715 , CVE-2024-47716 , CVE-2024-47718 , CVE-2024-47719 , CVE-2024-47720 , CVE-2024-47722 , CVE-2024-47723 , CVE-2024-47725 , CVE-2024-47727 , CVE-2024-47728 , CVE-2024-47730 , CVE-2024-47731 , CVE-2024-47734 , CVE-2024-47735 , CVE-2024-47737 , CVE-2024-47738 , CVE-2024-47739 , CVE-2024-47740 , CVE-2024-47741 , CVE-2024-47742 , CVE-2024-47743 , CVE-2024-47744 , CVE-2024-47745 , CVE-2024-47747 , CVE-2024-47748 , CVE-2024-47749 , CVE-2024-47750 , CVE-2024-47751 , CVE-2024-47752 , CVE-2024-47753 , CVE-2024-47754 , CVE-2024-47755 , CVE-2024-47756 , CVE-2024-47757 , CVE-2024-49850 , CVE-2024-49851 , CVE-2024-49852 , CVE-2024-49853 , CVE-2024-49855 , CVE-2024-49856 , CVE-2024-49858 , CVE-2024-49859 , CVE-2024-49860 , CVE-2024-49861 , CVE-2024-49862 , CVE-2024-49863 , CVE-2024-49864 , CVE-2024-49866 , CVE-2024-49867 , CVE-2024-49868 , CVE-2024-49870 , CVE-2024-49871 , CVE-2024-49874 , CVE-2024-49875 , CVE-2024-49877 , CVE-2024-49878 , CVE-2024-49879 , CVE-2024-49881 , CVE-2024-49882 , CVE-2024-49883 , CVE-2024-49884 , CVE-2024-49886 , CVE-2024-49889 , CVE-2024-49890 , CVE-2024-49892 , CVE-2024-49894 , CVE-2024-49895 , CVE-2024-49896 , CVE-2024-49900 , CVE-2024-49901 , CVE-2024-49902 , CVE-2024-49903 , CVE-2024-49905 , CVE-2024-49907 , CVE-2024-49912 , CVE-2024-49913 , CVE-2024-49924 , CVE-2024-49925 , CVE-2024-49927 , CVE-2024-49929 , CVE-2024-49930 , CVE-2024-49931 , CVE-2024-49933 , CVE-2024-49935 , CVE-2024-49936 , CVE-2024-49937 , CVE-2024-49938 , CVE-2024-49939 , CVE-2024-49944 , CVE-2024-49946 , CVE-2024-49947 , CVE-2024-49948 , CVE-2024-49949 , CVE-2024-49950 , CVE-2024-49951 , CVE-2024-49952 , CVE-2024-49953 , CVE-2024-49954 , CVE-2024-49955 , CVE-2024-49957 , CVE-2024-49958 , CVE-2024-49959 , CVE-2024-49960 , CVE-2024-49961 , CVE-2024-49962 , CVE-2024-49963 , CVE-2024-49965 , CVE-2024-49966 , CVE-2024-49967 , CVE-2024-49969 , CVE-2024-49973 , CVE-2024-49975 , CVE-2024-49976 , CVE-2024-49977 , CVE-2024-49978 , CVE-2024-49980 , CVE-2024-49981 , CVE-2024-49982 , CVE-2024-49983 , CVE-2024-49985 , CVE-2024-49986 , CVE-2024-49987 , CVE-2024-49988 , CVE-2024-49989 , CVE-2024-49991 , CVE-2024-49992 , CVE-2024-49993 , CVE-2024-49995 , CVE-2024-49996 , CVE-2024-49997 , CVE-2024-50000 , CVE-2024-50001 , CVE-2024-50002 , CVE-2024-50003 , CVE-2024-50005 , CVE-2024-50006 , CVE-2024-50007 , CVE-2024-50008 , CVE-2024-50012 , CVE-2024-50013 , CVE-2024-50015 , CVE-2024-50016 , CVE-2024-50019 , CVE-2024-50022 , CVE-2024-50023 , CVE-2024-50024 , CVE-2024-50026 , CVE-2024-50029 , CVE-2024-50031 , CVE-2024-50032 , CVE-2024-50033 , CVE-2024-50035 , CVE-2024-50036 , CVE-2024-50038 , CVE-2024-50039 , CVE-2024-50040 , CVE-2024-50041 , CVE-2024-50044 , CVE-2024-50045 , CVE-2024-50046 , CVE-2024-50047 , CVE-2024-50048 , CVE-2024-50049 , CVE-2024-50055 , CVE-2024-50057 , CVE-2024-50058 , CVE-2024-50059 , CVE-2024-50060 , CVE-2024-50061 , CVE-2024-50062 , CVE-2024-50063 , CVE-2024-50064 , CVE-2024-50065 , CVE-2024-50066 Description Upstream kernel version 6.6.58 fixes bugs and vulnerabilities. The kmod-virtualbox and kmod-xtables-addons packages have been updated to work with this new kernel. For information about the vulnerabilities see the links. References

SRPMS 9/core

kernel-6.6.58-2.mga9
kmod-xtables-addons-3.24-65.mga9
kmod-virtualbox-7.0.20-57.mga9
kernel-firmware-20240909-1.mga9

9/nonfree

kernel-firmware-nonfree-20240909-1.mga9.nonfree
radeon-firmware-20240909-1.mga9.nonfree

Categorías: Actualizaciones de Seguridad

MGASA-2024-0344 - Updated kernel-linus packages fix security vulnerabilities

Mageia Security - 2 Noviembre, 2024 - 17:56

Publication date: 02 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-52917 , CVE-2024-47670 , CVE-2024-47671 , CVE-2024-47672 , CVE-2024-47673 , CVE-2024-47675 , CVE-2024-47678 , CVE-2024-47679 , CVE-2024-47681 , CVE-2024-47682 , CVE-2024-47683 , CVE-2024-47684 , CVE-2024-47685 , CVE-2024-47686 , CVE-2024-47688 , CVE-2024-47689 , CVE-2024-47690 , CVE-2024-47691 , CVE-2024-47692 , CVE-2024-47693 , CVE-2024-47695 , CVE-2024-47696 , CVE-2024-47697 , CVE-2024-47698 , CVE-2024-47699 , CVE-2024-47700 , CVE-2024-47701 , CVE-2024-47704 , CVE-2024-47705 , CVE-2024-47706 , CVE-2024-47707 , CVE-2024-47709 , CVE-2024-47710 , CVE-2024-47712 , CVE-2024-47713 , CVE-2024-47714 , CVE-2024-47715 , CVE-2024-47716 , CVE-2024-47718 , CVE-2024-47719 , CVE-2024-47720 , CVE-2024-47722 , CVE-2024-47723 , CVE-2024-47725 , CVE-2024-47727 , CVE-2024-47728 , CVE-2024-47730 , CVE-2024-47731 , CVE-2024-47734 , CVE-2024-47735 , CVE-2024-47737 , CVE-2024-47738 , CVE-2024-47739 , CVE-2024-47740 , CVE-2024-47741 , CVE-2024-47742 , CVE-2024-47743 , CVE-2024-47744 , CVE-2024-47745 , CVE-2024-47747 , CVE-2024-47748 , CVE-2024-47749 , CVE-2024-47750 , CVE-2024-47751 , CVE-2024-47752 , CVE-2024-47753 , CVE-2024-47754 , CVE-2024-47755 , CVE-2024-47756 , CVE-2024-47757 , CVE-2024-49850 , CVE-2024-49851 , CVE-2024-49852 , CVE-2024-49853 , CVE-2024-49855 , CVE-2024-49856 , CVE-2024-49858 , CVE-2024-49859 , CVE-2024-49860 , CVE-2024-49861 , CVE-2024-49862 , CVE-2024-49863 , CVE-2024-49864 , CVE-2024-49866 , CVE-2024-49867 , CVE-2024-49868 , CVE-2024-49870 , CVE-2024-49871 , CVE-2024-49874 , CVE-2024-49875 , CVE-2024-49877 , CVE-2024-49878 , CVE-2024-49879 , CVE-2024-49881 , CVE-2024-49882 , CVE-2024-49883 , CVE-2024-49884 , CVE-2024-49886 , CVE-2024-49889 , CVE-2024-49890 , CVE-2024-49892 , CVE-2024-49894 , CVE-2024-49895 , CVE-2024-49896 , CVE-2024-49900 , CVE-2024-49901 , CVE-2024-49902 , CVE-2024-49903 , CVE-2024-49905 , CVE-2024-49907 , CVE-2024-49912 , CVE-2024-49913 , CVE-2024-49924 , CVE-2024-49925 , CVE-2024-49927 , CVE-2024-49929 , CVE-2024-49930 , CVE-2024-49931 , CVE-2024-49933 , CVE-2024-49935 , CVE-2024-49936 , CVE-2024-49937 , CVE-2024-49938 , CVE-2024-49939 , CVE-2024-49944 , CVE-2024-49946 , CVE-2024-49947 , CVE-2024-49948 , CVE-2024-49949 , CVE-2024-49950 , CVE-2024-49951 , CVE-2024-49952 , CVE-2024-49953 , CVE-2024-49954 , CVE-2024-49955 , CVE-2024-49957 , CVE-2024-49958 , CVE-2024-49959 , CVE-2024-49960 , CVE-2024-49961 , CVE-2024-49962 , CVE-2024-49963 , CVE-2024-49965 , CVE-2024-49966 , CVE-2024-49967 , CVE-2024-49969 , CVE-2024-49973 , CVE-2024-49975 , CVE-2024-49976 , CVE-2024-49977 , CVE-2024-49978 , CVE-2024-49980 , CVE-2024-49981 , CVE-2024-49982 , CVE-2024-49983 , CVE-2024-49985 , CVE-2024-49986 , CVE-2024-49987 , CVE-2024-49988 , CVE-2024-49989 , CVE-2024-49991 , CVE-2024-49992 , CVE-2024-49993 , CVE-2024-49995 , CVE-2024-49996 , CVE-2024-49997 , CVE-2024-50000 , CVE-2024-50001 , CVE-2024-50002 , CVE-2024-50003 , CVE-2024-50005 , CVE-2024-50006 , CVE-2024-50007 , CVE-2024-50008 , CVE-2024-50012 , CVE-2024-50013 , CVE-2024-50015 , CVE-2024-50016 , CVE-2024-50019 , CVE-2024-50022 , CVE-2024-50023 , CVE-2024-50024 , CVE-2024-50026 , CVE-2024-50029 , CVE-2024-50031 , CVE-2024-50032 , CVE-2024-50033 , CVE-2024-50035 , CVE-2024-50036 , CVE-2024-50038 , CVE-2024-50039 , CVE-2024-50040 , CVE-2024-50041 , CVE-2024-50044 , CVE-2024-50045 , CVE-2024-50046 , CVE-2024-50047 , CVE-2024-50048 , CVE-2024-50049 , CVE-2024-50055 , CVE-2024-50057 , CVE-2024-50058 , CVE-2024-50059 , CVE-2024-50060 , CVE-2024-50061 , CVE-2024-50062 , CVE-2024-50063 , CVE-2024-50064 , CVE-2024-50065 , CVE-2024-50066 Description Vanilla upstream kernel version 6.6.58 fixes bugs and vulnerabilities. For information about the vulnerabilities see the links. References

SRPMS 9/core

kernel-linus-6.6.58-2.mga9

Categorías: Actualizaciones de Seguridad

MGAA-2024-0222 - Updated mesa mesa packages fix bugs

Mageia Security - 2 Noviembre, 2024 - 17:56

Publication date: 02 Nov 2024
Type: bugfix
Affected Mageia releases : 9
Description This is the latest bugfix release for the mesa 24.2.x branch, that improves stability further. References

SRPMS 9/core

mesa-24.2.5-1.mga9

9/tainted

mesa-24.2.5-1.mga9.tainted

Categorías: Actualizaciones de Seguridad

MGASA-2024-0343 - Updated buildah, podman, skopeo packages fix security vulnerabilities

Mageia Security - 1 Noviembre, 2024 - 18:26

Publication date: 01 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-1753 , CVE-2024-3727 , CVE-2023-45290 , CVE-2024-28180 , CVE-2024-28176 , CVE-2024-9341 , CVE-2024-6104 , CVE-2024-9407 Description A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time. (CVE-2024-1753) A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. (CVE-2024-3727) When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines. (CVE-2023-45290) Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3. (CVE-2024-28180) jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5. (CVE-2024-28176) A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system. (CVE-2024-9341) go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. (CVE-2024-6104) A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files. (CVE-2024-9407) References

SRPMS 9/core

buildah-1.37.4-1.mga9
podman-4.9.5-1.mga9
skopeo-1.16.1-1.mga9

Categorías: Actualizaciones de Seguridad

MGASA-2024-0342 - Updated bind packages fix security vulnerabilities

Mageia Security - 1 Noviembre, 2024 - 18:26

Publication date: 01 Nov 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-0760 , CVE-2024-1737 , CVE-2024-1975 , CVE-2024-4076 Description A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. (CVE-2024-0760) Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. (CVE-2024-1737) If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. (CVE-2024-1975) Client queries that trigger serving stale data and that also require lookups in local authoritative zone data may result in an assertion failure. (CVE-2024-4076) References

SRPMS 9/core

bind-9.18.28-1.mga9

Categorías: Actualizaciones de Seguridad

BuscaDrake 4

Navegación

Bienvenido a BlogDRAKE

Discusiones activas

Envíos recientes de blog

Nuevas discusiones

Blogs Oficiales

Planeta BlogDRAKE

Otros Blogs

Bilo y Nano