Mageia 2022-0201: postgresql security update
The updated postgresql packages fix a security vulnerability: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox (CVE-2022-1552).
The updated postgresql packages fix a security vulnerability: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox (CVE-2022-1552).
Nokogiri did not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a 'String' by calling '#to_s' or equivalent.
This update provides ffmpeg version 4.3.4, which fixes several security vulnerabilities and other bugs which were corrected upstream. References: - https://bugs.mageia.org/show_bug.cgi?id=30444
Updated nvidia-current packages fix security vulnerabilities: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead
Updated nvidia390 packages fix security vulnerabilities: NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer, where an unprivileged regular user on the network can cause an out-of-bounds write through a specially crafted shader, which may lead
Remote arbitrary code execution related to dsi_stream_receive(). (CVE-2021-31439) Remote arbitrary code execution related to parse_entries(). (CVE-2022-23121) Remote arbitrary code execution related to copyapplfile().
This kernel-linus update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem
This kernel update is based on upstream 5.15.41 and fixes at least the following security issues: A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel BPF subsystem
Updated microcodes for Intel processors, fixing various functional issues, and at least the following security issues: Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to