Read Time:8 Second
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in information disclosure, incorrect validation of ECDSA
signatures or denial of service.
Category Archives: Advisories
CVE-2020-23617
Read Time:9 Second
A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTML via SCRIPT element.
CVE-2020-23618
Read Time:9 Second
A reflected cross site scripting (XSS) vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page.
CVE-2020-23620
Read Time:12 Second
The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object.
CVE-2020-23621
Read Time:12 Second
The Java Remote Management Interface of all versions of SVI MS Management System was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object.
libopenmpt-0.6.3-1.el7
Read Time:1 Minute, 5 Second
FEDORA-EPEL-2022-4b9c772ddc
Packages in this update:
libopenmpt-0.6.3-1.el7
Update description:
libopenmpt 0.6.3 (2022-04-24)
Pitch / Pan Separation and Random Variation instrument properties were not resetting properly when seeking, potentially causing instruments to be played e.g. at a vastly different pan position compared to playing the module continuously.
MED: Stereo samples were not imported correctly.
zlib: Update to v1.2.12 (2022-03-27).
libopenmpt 0.6.2 (2022-03-13)
[Sec] Possible out-of-bounds write in malformed IT / XM / MPTM files using the internal LFO plugin. (r17076)
[Sec] Possible out-of-bounds read when using Amiga BLEP interpolation with extremely high-pitched notes. (r17078, r17079)
ISO-8859-1-related charsets from Amiga OS and RISC OS are now handled more accurately, thus avoiding some unwanted control characters.
MO3: Pattern indices 254 / 255 were not treated as playable patterns even if the original file was a MOD / XM.
Correctly apply ST3-style effect memory when seeking in S3M files.
Command S (S3M / IT style) effect memory was not applied when seeking.
Initial channel mute status was not reported correctly in get_channel_mute_status since libopenmpt 0.6.0.
FLAC: Update to v1.3.4 (2022-02-21).
pugixml: Update to v1.12.1 (2022-02-16).
libopenmpt-0.6.3-1.el9
Read Time:1 Minute, 5 Second
FEDORA-EPEL-2022-5d0edca089
Packages in this update:
libopenmpt-0.6.3-1.el9
Update description:
libopenmpt 0.6.3 (2022-04-24)
Pitch / Pan Separation and Random Variation instrument properties were not resetting properly when seeking, potentially causing instruments to be played e.g. at a vastly different pan position compared to playing the module continuously.
MED: Stereo samples were not imported correctly.
zlib: Update to v1.2.12 (2022-03-27).
libopenmpt 0.6.2 (2022-03-13)
[Sec] Possible out-of-bounds write in malformed IT / XM / MPTM files using the internal LFO plugin. (r17076)
[Sec] Possible out-of-bounds read when using Amiga BLEP interpolation with extremely high-pitched notes. (r17078, r17079)
ISO-8859-1-related charsets from Amiga OS and RISC OS are now handled more accurately, thus avoiding some unwanted control characters.
MO3: Pattern indices 254 / 255 were not treated as playable patterns even if the original file was a MOD / XM.
Correctly apply ST3-style effect memory when seeking in S3M files.
Command S (S3M / IT style) effect memory was not applied when seeking.
Initial channel mute status was not reported correctly in get_channel_mute_status since libopenmpt 0.6.0.
FLAC: Update to v1.3.4 (2022-02-21).
pugixml: Update to v1.12.1 (2022-02-16).
libopenmpt-0.6.3-1.el8
Read Time:1 Minute, 5 Second
FEDORA-EPEL-2022-1709e5c07f
Packages in this update:
libopenmpt-0.6.3-1.el8
Update description:
libopenmpt 0.6.3 (2022-04-24)
Pitch / Pan Separation and Random Variation instrument properties were not resetting properly when seeking, potentially causing instruments to be played e.g. at a vastly different pan position compared to playing the module continuously.
MED: Stereo samples were not imported correctly.
zlib: Update to v1.2.12 (2022-03-27).
libopenmpt 0.6.2 (2022-03-13)
[Sec] Possible out-of-bounds write in malformed IT / XM / MPTM files using the internal LFO plugin. (r17076)
[Sec] Possible out-of-bounds read when using Amiga BLEP interpolation with extremely high-pitched notes. (r17078, r17079)
ISO-8859-1-related charsets from Amiga OS and RISC OS are now handled more accurately, thus avoiding some unwanted control characters.
MO3: Pattern indices 254 / 255 were not treated as playable patterns even if the original file was a MOD / XM.
Correctly apply ST3-style effect memory when seeking in S3M files.
Command S (S3M / IT style) effect memory was not applied when seeking.
Initial channel mute status was not reported correctly in get_channel_mute_status since libopenmpt 0.6.0.
FLAC: Update to v1.3.4 (2022-02-21).
pugixml: Update to v1.12.1 (2022-02-16).
blender-2.93.8-2.fc34
Read Time:8 Second
FEDORA-2022-d9d630891d
Packages in this update:
blender-2.93.8-2.fc34
Update description:
Security fix for CVE-2022-0546 (fix RHBZ#2052008, fix RHBZ#2052010)
CVE-2021-29859
Read Time:21 Second
IBM ICP4A – User Management System Component (IBM Cloud Pak for Business Automation V21.0.3 through V21.0.3-IF008, V21.0.2 through V21.0.2-IF009, and V21.0.1 through V21.0.1-IF007) could allow a user with physical access to the system to perform unauthorized actions or obtain sensitive information due to insufficient validation and recvocation another user logouting out. IBM X-Force ID: 206081.