Archive for February 1st, 2020

7 results.

Fedora 30: mingw-openjpeg2 FEDORA-2020-6c8804daaa

Feb01
by Ike on February 1, 2020 at 9:29 pm
Posted In: Uncategorized

This update fixes CVE-2020-6851.

 Comment 

Fedora 30: e2fsprogs FEDORA-2020-01ed02451f

Feb01
by Ike on February 1, 2020 at 9:18 pm
Posted In: Uncategorized

Fix a potential out of bounds write when checking a maliciously corrupted file system. This is probably not exploitable on 64-bit platforms, but may be exploitable on 32-bit binaries depending on how the compiler lays out the stack variables. (Addresses CVE-2019-5188) A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck. (Addresses

 Comment 

Fedora 30: openjpeg2 FEDORA-2020-6c8804daaa

Feb01
by Ike on February 1, 2020 at 9:14 pm
Posted In: Uncategorized

This update fixes CVE-2020-6851.

 Comment 

Fedora 31: java-1.8.0-openjdk FEDORA-2020-202cb87e26

Feb01
by Ike on February 1, 2020 at 8:53 pm
Posted In: Uncategorized

January 2020 CPU security update. See http://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-January/010979.html https://openjdk.java.net/groups/vulnerability/advisories/2020-01-14

 Comment 

Debian: DSA-4615-1: spamassassin security update

Feb01
by Ike on February 1, 2020 at 3:39 pm
Posted In: Uncategorized

Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios.

 Comment 

Debian: DSA-4614-1: sudo security update

Feb01
by Ike on February 1, 2020 at 8:15 am
Posted In: Uncategorized

Joe Vennix discovered a stack-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users, triggerable when configured with the “pwfeedback” option enabled. An unprivileged user can take advantage of this flaw to obtain

 Comment 

Debian: DSA-4613-1: libidn2 security update

Feb01
by Ike on February 1, 2020 at 1:07 am
Posted In: Uncategorized

A heap-based buffer overflow vulnerability was discovered in the idn2_to_ascii_4i() function in libidn2, the GNU library for Internationalized Domain Names (IDNs), which could result in denial of service, or the execution of arbitrary code when processing a long

 Comment 

59 queries. 8.75 mb Memory usage. 1.827 seconds.