Scientific Linux Linux Distribution - Security Advisories - Results...

Scientific Linux Distribution

Find the information you need for your favorite open source distribution .

SciLinux: SLSA-2022-7002-1 Moderate: java-1.8.0-openjdk on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624 [More...]

SciLinux: SLSA-2022-7069-1 Important: firefox on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Firefox to version 102.4.0 ESR. * Mozilla: Same-origin policy violation could have leaked cross-origin URLs (CVE-2022-42927) * Mozilla: Memory Corruption in JS Engine (CVE-2022-42928) * Mozilla: Denial of Service via window.print (CVE-2022-42929) * Mozilla: Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4 (CVE-2022-42932) For more details about the securit [More...]

SciLinux: SLSA-2022-7008-1 Moderate: java-11-openjdk on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-202 [More...]

SciLinux: SLSA-2022-6997-1 Important: firefox on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Firefox to version 102.3.0 ESR. * expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 firefox-102.3.0-7.el7_9.x86_64.rpm firefox-debuginfo-102.3.0-7.el7_9.x86_64.rpm firefox [More...]

SciLinux: SLSA-2022-6998-1 Important: thunderbird on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Thunderbird to version 102.3.0. * expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 thunderbird-102.3.0-4.el7_9.x86_64.rpm thunderbird-debuginfo-102.3.0-4.el7_9.x86_64.rpm - [More...]

SciLinux: SLSA-2022-6834-1 Important: expat on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 expat-2.1.0-15.el7_9.i686.rpm expat-2.1.0-15.el7_9.x86_64.rpm expat-debuginfo-2.1.0-15.el7_9.i686.rpm expat-debuginfo-2.1.0-15.el7_9.x86_ [More...]

SciLinux: SLSA-2022-6815-1 Important: squid on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

squid: buffer-over-read in SSPI and SMB authentication (CVE-2022-41318) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 squid-3.5.20-17.el7_9.8.x86_64.rpm squid-debuginfo-3.5.20-17.el7_9.8.x86_64.rpm squid-migration-script-3.5.20-17.el7_9.8.x86_64.rpm squid-sysvinit [More...]

SciLinux: SLSA-2022-6765-1 Important: bind on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

bind: memory leak in ECDSA DNSSEC verification code (CVE-2022-38177) * bind: memory leaks in EdDSA DNSSEC verification code (CVE-2022-38178) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 bind-debuginfo-9.11.4-26.P2.el7_9.10.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.10.x [More...]

SciLinux: SLSA-2022-6710-1 Important: thunderbird on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Thunderbird to version 102.3.0. * Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag (CVE-2022-3033) * Mozilla: Bypassing FeaturePolicy restrictions on transient pages (CVE-2022-40959) * Mozilla: Data-race when parsing non-UTF-8 URLs in threads (CVE-2022-40960) * Mozilla: Memory safety bugs fixed in Firefox 105 a [More...]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.