SciLinux: SLSA-2020-2664-1 Important: kernel on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888) SL7 x86_64 bpftool-3.10.0-1127.13.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1127.13.1.el7.x86_64.rpm kernel-3.10.0-1127.13.1.el7.x86_64.rpm kernel-debug-3.10.0-1127.13.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1127.13.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1 [More...]

SciLinux: SLSA-2020-2663-1 Moderate: ntp on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

ntp: ntpd using highly predictable transmit timestamps could result in time change or DoS (CVE-2020-13817) * ntp: DoS on client ntpd using server mode packet (CVE-2020-11868) SL7 x86_64 ntp-4.2.6p5-29.el7_8.2.x86_64.rpm ntp-debuginfo-4.2.6p5-29.el7_8.2.x86_64.rpm ntpdate-4.2.6p5-29.el7_8.2.x86_64.rpm sntp-4.2.6p5-29.el7_8.2.x86_64.rpm noarch ntp-doc-4.2.6p5-29.el7_8.2 [More...]

SciLinux: SLSA-2020-2640-1 Important: unbound on SL6.x i386/x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662) * unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663) SL6 x86_64 unbound-debuginfo-1.4.20-29.el6_10.1.i686.rpm unbound-debuginfo-1.4.20-29.el6_10.1.x86_64.rpm unbound-libs-1.4.20-29.el6_10.1.i686.rpm unbound-libs-1.4.2 [More...]

SciLinux: SLSA-2020-2642-1 Important: unbound on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

unbound: incomplete fix for CVE-2020-12662 in RHEL7 (CVE-2020-10772) SL7 x86_64 unbound-1.6.6-5.el7_8.x86_64.rpm unbound-debuginfo-1.6.6-5.el7_8.i686.rpm unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm unbound-libs-1.6.6-5.el7_8.i686.rpm unbound-libs-1.6.6-5.el7_8.x86_64.rpm unbound-devel-1.6.6-5.el7_8.i686.rpm unbound-devel-1.6.6-5.el7_8.x86_64.rpm unbound-python [More...]

SciLinux: SLSA-2020-2615-1 Important: thunderbird on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage (CVE-2020-12398) * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410) SL7 x86_64 thunderbird-68.9.0-1.el7_8.x86_64.rpm thunderbird-deb [More...]

SciLinux: SLSA-2020-2613-1 Important: thunderbird on SL6.x i386/x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage (CVE-2020-12398) * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410) SL6 x86_64 thunderbird-68.9.0-1.el6_10.x86_64.rpm thunderbird-de [More...]

SciLinux: SLSA-2020-2549-1 Moderate: libexif on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112) SL7 x86_64 libexif-0.6.21-7.el7_8.i686.rpm libexif-0.6.21-7.el7_8.x86_64.rpm libexif-debuginfo-0.6.21-7.el7_8.i686.rpm libexif-debuginfo-0.6.21-7.el7_8.x86_64.rpm libexif-devel-0.6.21-7.el7_8.i686.rpm libexif-devel-0.6.21-7.el7_8.x86_64.rpm li [More...]

SciLinux: SLSA-2020-2516-1 Moderate: libexif on SL6.x i386/x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112) SL6 x86_64 libexif-0.6.21-6.el6_10.i686.rpm libexif-0.6.21-6.el6_10.x86_64.rpm libexif-debuginfo-0.6.21-6.el6_10.i686.rpm libexif-debuginfo-0.6.21-6.el6_10.x86_64.rpm libexif-devel-0.6.21-6.el6_10.i686.rpm libexif-devel-0.6.21-6.el6_10.x86_64.rpm [More...]