Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) SL7 x86_64 thunderbird-78.5.1-1.el7_9.x86_64.rpm thunderbird-debuginfo-78.5.1-1.el7_9.x86_64.rpm - Scientific Linux Development Team
xorg-x11-server: Out-of-bounds access in XkbSetMap function (CVE-2020-14360) * xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege escalation vulnerability (CVE-2020-25712) * xorg-x11-server: Leak of uninitialized heap memory from the X server to clients in AllocatePixmap of dix/pixmap.c (CVE-2020-14347) SL7 x86_64 xorg-x11-server-Xephyr-1.20.4-15.el7_9.x86_64.rpm [More...]
libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452) SL7 x86_64 libexif-0.6.22-2.el7_9.i686.rpm libexif-0.6.22-2.el7_9.x86_64.rpm libexif-debuginfo-0.6.22-2.el7_9.i686.rpm libexif-debuginfo-0.6.22-2.el7_9.x86_64.rpm libexif-devel-0.6.22-2.el7_9.i686.rpm libexif-devel-0.6.22-2.el7_9.x86_64.rpm libexif-doc-0.6.22-2.el7_9.x86_64.r [More...]
This update upgrades Thunderbird to version 78.5.0. * Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code (CVE-2020-26951) * Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 (CVE-2020-26968) * Mozilla: Variable time processing of cross-origin images during drawImage calls (CVE-2020-16012) * Mozilla: Fullscreen could be enable [More...]
This update upgrades Thunderbird to version 78.4.3. * Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950) SL6 x86_64 thunderbird-78.4.3-1.el6_10.x86_64.rpm thunderbird-debuginfo-78.4.3-1.el6_10.x86_64.rpm i386 thunderbird-78.4.3-1.el6_10.i686.rpm - Scientific Linux Development Team
Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950) SL6 x86_64 firefox-78.4.1-1.el6_10.x86_64.rpm firefox-debuginfo-78.4.1-1.el6_10.x86_64.rpm i386 firefox-78.4.1-1.el6_10.i686.rpm - Scientific Linux Development Team
dovecot: Resource exhaustion via deeply nested MIME parts (CVE-2020-12100) * dovecot: Out of bound reads in dovecot NTLM implementation (CVE-2020-12673) * dovecot: Crash due to assert in RPA implementation (CVE-2020-12674) SL7 x86_64 dovecot-2.2.36-6.el7_8.1.i686.rpm dovecot-2.2.36-6.el7_8.1.x86_64.rpm dovecot-debuginfo-2.2.36-6.el7_8.1.i686.rpm dovecot-debuginfo-2.2.36-6. [More...]
chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659) SL6 x86_64 thunderbird-68.11.0-1.el6_10.x86_64.rpm thunderbird-d [More...]
chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659) SL7 x86_64 thunderbird-68.11.0-1.el7_8.x86_64.rpm thunderbird-de [More...]
postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692) SL6 noarch postgresql-jdbc-8.4.704-4.el6_10.noarch.rpm - Scientific Linux Development Team
postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692) SL7 noarch postgresql-jdbc-9.2.1002-8.el7_8.noarch.rpm postgresql-jdbc-javadoc-9.2.1002-8.el7_8.noarch.rpm - Scientific Linux Development Team
chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659) SL7 x86_64 firefox-68.11.0-1.el7_8.x86_64.rpm firefox-debuginfo- [More...]
kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757) * kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653) * kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654) * kernel: use-after-free caused by a malicious U [More...]
grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713) * grub2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow (CVE-2020-14308) * grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow (CVE-2020-14309) * grub2: Integer overflow read_se [More...]
