Find the information you need for your favorite open source distribution .
This update upgrades Firefox to version 102.9.0 ESR. * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751) * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176) * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752) * Mozilla: Invalid downcast in Worklets (CVE-2023-28162) * Mozilla: URL being dragged fr [More...]
kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) * kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Regression - SAS3416 card works on SL 7.7 and below, does not work on [More...]
zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field (CVE-2022-37434) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 zlib-1.2.7-21.el7_9.i686.rpm zlib-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.r [More...]
samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided (CVE-2022-38023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 libsmbclient-4.10.16-24.el7_9.i686.rpm libsmbclient-4.10.16-24.el7_9.x86_64.rpm libwbclient-4.10.16-24.el7_9.i686.rpm libwbcli [More...]
pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 pesign-0.109-11.el7_9.x86_64.rpm pesign-debuginfo-0.109-11.el7_9.x86_64.rpm - Scientific Linux Development Team
git: gitattributes parsing integer overflow (CVE-2022-23521) * git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 git-1.8.3.1-24.el7_9.x86_64.rpm git-daemon-1.8.3.1-24.el7_9.x86_64.rpm [More...]
This update upgrades Thunderbird to version 102.8.0. * Mozilla: Arbitrary memory write via PKCS 12 in NSS (CVE-2023-0767) * Mozilla: Content security policy leak in violation reports using iframes (CVE-2023-25728) * Mozilla: Screen hijack via browser fullscreen mode (CVE-2023-25730) * Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-25735) * Mozilla: Inv [More...]
This update upgrades Firefox to version 102.8.0 ESR. * Mozilla: Arbitrary memory write via PKCS 12 in NSS (CVE-2023-0767) * Mozilla: Content security policy leak in violation reports using iframes (CVE-2023-25728) * Mozilla: Screen hijack via browser fullscreen mode (CVE-2023-25730) * Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-25735) * Mozilla: Inv [More...]
xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation (CVE-2023-0494) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 tigervnc-1.8.0-24.el7_9.x86_64.rpm tigervnc-debuginfo-1.8.0-24.el7_9.x86_64.rpm tigervnc-server-1.8.0-24.el7_9.x86_64.rpm [More...]
