Find the information you need for your favorite open source distribution .
xterm: crash when processing combining characters (CVE-2021-27135) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 xterm-295-3.el7_9.1.x86_64.rpm xterm-debuginfo-295-3.el7_9.1.x86_64.rpm - Scientific Linux Development Team
flatpak: sandbox escape via spawn portal (CVE-2021-21261) SL7 x86_64 flatpak-1.0.9-10.el7_9.x86_64.rpm flatpak-debuginfo-1.0.9-10.el7_9.x86_64.rpm flatpak-libs-1.0.9-10.el7_9.x86_64.rpm flatpak-builder-1.0.0-10.el7_9.x86_64.rpm flatpak-devel-1.0.9-10.el7_9.x86_64.rpm - Scientific Linux Development Team
kernel: use-after-free in fs/block_dev.c (CVE-2020-15436) * kernel: Nfsd failure to clear umask after processing an open or create (CVE-2020-35513) Bug Fix(es): * double free issue in filelayout_alloc_commit_info * Regression: Plantronics Device SHS2355-11 PTT button does not work after update to 7.7 * Openstack network node reports unregister_netdevice: waiting for qr- 3cec0c92-9a to bec [More...]
This update upgrades Thunderbird to version 78.7.0. * Mozilla: Cross-origin information leakage via redirected PDF requests (CVE-2021-23953) * Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements (CVE-2021-23954) * Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 (CVE-2021-23964) * Mozilla: IMAP Response Injection when using STAR [More...]
This update upgrades Firefox to version 78.7.0 ESR. * Mozilla: Cross-origin information leakage via redirected PDF requests (CVE-2021-23953) * Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements (CVE-2021-23954) * Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 (CVE-2021-23964) * Mozilla: HTTPS pages could have been intercepted [More...]
sudo: Heap buffer overflow in argument parsing (CVE-2021-3156) SL7 x86_64 sudo-1.8.23-10.el7_9.1.x86_64.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm sudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm sudo-devel-1.8.23-10.el7_9.1.i686.rpm sudo-devel-1.8.23-10.el7_9.1.x86_64.rpm - Scientific Linux Development Team
XStream: remote code execution due to insecure XML deserialization when relying on blocklists (CVE-2020-26217) SL7 noarch xstream-1.3.1-12.el7_9.noarch.rpm xstream-javadoc-1.3.1-12.el7_9.noarch.rpm - Scientific Linux Development Team
This update upgrades Thunderbird to version 78.6.1. * Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044) SL7 x86_64 thunderbird-78.6.1-1.el7_9.x86_64.rpm thunderbird-debuginfo-78.6.1-1.el7_9.x86_64.rpm - Scientific Linux Development Team
This update upgrades Firefox to version 78.6.1 ESR. * Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044) SL7 x86_64 firefox-78.6.1-1.el7_9.x86_64.rpm firefox-debuginfo-78.6.1-1.el7_9.x86_64.rpm firefox-78.6.1-1.el7_9.i686.rpm - Scientific Linux Development Team
