Scientific Linux Distribution - Page 1.25
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
squid: Denial of Service in HTTP Digest Authentication (CVE-2023-46847) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:6805 SL7 srpm squid-7:3.5.20-17.el7_9.9.src x86_64 squid-7:3.5.20-17.el7_9.9.x86_64 - Scientific Linux Development Team
python: TLS handshake bypass (CVE-2023-40217) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:6823 SL7 srpm python3-0:3.6.8-21.el7_9.src x86_64 python3-0:3.6.8-21.el7_9.x86_64 i386 python3-libs-0:3.6.8-21.el7_9.i686 - Scientific Linux Development Team
xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:6802 SL7 srpm xorg-x11-server-0:1.20.4-24.el7_9.src x86_64 xorg-x11-server-Xephyr-0:1.20.4-24.el7_9.x86_64 i386 xorg-x11-server-devel-0:1.20.4-24.el7_9.i686 noarch xorg-x11-server-source-0:1.2 [More...]
This update upgrades Thunderbird to version 115.4.1. --- This content is derived from https://access.redhat.com/errata/RHSA-2023:6193 SL7 srpm thunderbird-0:115.4.1-1.el7_9.src x86_64 thunderbird-0:115.4.1-1.el7_9.x86_64 - Scientific Linux Development Team
OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067) * OpenJDK: certificate path validation issue during client authentication (830996 6) (CVE-2023-22081) Bug Fix(es): * A maximum signature file size property, jdk.jar.maxSignatureFileSize, was introduced in the 11.0.20 release of OpenJD K by JDK-8300596, with a default of 8 MB. This default proved to be too small for some J [More...]
OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) Bug Fix(es): * Additional validity checks in the hand ling of Zip64 files, JDK-8302483, were introduced in the 11.0.20 release of OpenJDK, causing the use of some valid zip files to now fail with an error. This release, 11.0.20.1, allows for zero-length headers and additional padding produced b [More...]
kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails (CVE-2023-3609) * kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233) * kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001) Bug Fix(es): * Low memory deadlock with md devices and external (imsm) [More...]
This update upgrades Firefox to version 115.3.1 ESR. * firefox: use-after-free in workers (CVE-2023-3600) * Mozilla: Out-of-bounds write in PathOps (CVE-20 23-5169) * Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171) * Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 1 15.3 (CVE-2023-5176) * libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE- [More...]
This update upgrades Firefox to version 115.3.1 ESR. * firefox: use-after-free in workers (CVE-2023-3600) * Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169) * Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171) * Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176) * libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE- [More...]
This update upgrades Thunderbird to version 115.3.1. * firefox: use-after-free in workers (CVE-2023-3600) * Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169) * Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171) * Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176) * libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE- [More...]
ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS (CVE-2021-40211) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 ImageMagick-6.9.10.68-7.el7_9.i686.rpm ImageMagick-6.9.10.68-7.el7_9.x86_64.rpm ImageMagick-c++-6.9.10.68-7.el7_9.i686.rpm ImageMagick-c++-6 [More...]
This update upgrades Firefox to version 102.15.1 ESR. * libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 firefox-102.15.1-1.el7_9.x86_64.rpm firefox-debuginfo-102.15.1-1.el7_9.x86_64.rpm firefox-102.15.1-1.el7_9. [More...]
open-vm-tools: SAML token signature bypass (CVE-2023-20900) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 open-vm-tools-11.0.5-3.el7_9.7.x86_64.rpm open-vm-tools-debuginfo-11.0.5-3.el7_9.7.x86_64.rpm open-vm-tools-desktop-11.0.5-3.el7_9.7.x86_64.rpm open-vm-tools- [More...]
This update upgrades Thunderbird to version 102.15.1. * libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 thunderbird-102.15.1-1.el7_9.x86_64.rpm thunderbird-debuginfo-102.15.1-1.el7_9.x86_64.rpm - Scientific Linux D [More...]
This update upgrades Firefox to version 102.15.0 ESR. * Mozilla: Memory corruption in IPC CanvasTranslator (CVE-2023-4573) * Mozilla: Memory corruption in IPC ColorPickerShownCallback (CVE-2023-4574) * Mozilla: Memory corruption in IPC FilePickerShownCallback (CVE-2023-4575) * Mozilla: Memory corruption in JIT UpdateRegExpStatics (CVE-2023-4577) * Mozilla: Memory safety bugs fixed in Firefo [More...]
This update upgrades Thunderbird to version 102.15.0. * Mozilla: Memory corruption in IPC CanvasTranslator (CVE-2023-4573) * Mozilla: Memory corruption in IPC ColorPickerShownCallback (CVE-2023-4574) * Mozilla: Memory corruption in IPC FilePickerShownCallback (CVE-2023-4575) * Mozilla: Memory corruption in JIT UpdateRegExpStatics (CVE-2023-4577) * Mozilla: Memory safety bugs fixed in Firefo [More...]
kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788) * hw: amd: Cross-Process Information Leak (CVE-2023-20593) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * nf_conntrack causing nfs to stall * Request to backport upstream commit 5e2d2cc2588b, 26a8 [More...]
cups: Information leak through Cups-Get-Document operation (CVE-2023-32360) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 cups-1.6.3-52.el7_9.x86_64.rpm cups-client-1.6.3-52.el7_9.x86_64.rpm cups-debuginfo-1.6.3-52.el7_9.i686.rpm cups-debuginfo-1.6.3-52.el7_9.x86_ [More...]
subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration (CVE-2023-3899) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 python-syspurpose-1.24.52-2.sl7_9.x86_64.rpm rhsm-gtk-1.24.52-2.sl7_9.x86_64.rpm [More...]
This update upgrades Thunderbird to version 102.14.0. * Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions (CVE-2023-4045) * Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-4047) * Mozilla: Crash in DOMParser due to out-of-memory conditions (CVE-2023-4048) * Mozilla: Fix pot [More...]
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.