Fedora: libxml2 Buffer overflow vulnerability
Updated libxml2 packages that fix an overflow when parsing remote resources are now available.
Updated libxml2 packages that fix an overflow when parsing remote resources are now available.
This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.
Updated cvs packages that fix remote denial of service vulnerabilities are now available. (This is a legacy Red Hat fix, released by the Fedora Project).
An attacker could create a carefully crafted directory on a websitesuch that, if a user connects to that directory using the lftp clientand subsequently issues a ‘ls’ or ‘rels’ command, the attacker couldexecute arbitrary code on the users machine.
Phong Nguyen identified a severe bug in the way GnuPG creates anduses ElGamal keys, when those keys are used both to sign and encryptdata. This vulnerability can be used to trivially recover theprivate key.
58 queries. 8.25 mb Memory usage. 1.511 seconds.