Scientific Linux Distribution - Page 3

Find the information you need for your favorite open source distribution .

SciLinux: SLSA-2023-3481-1 Moderate: emacs on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

emacs: command injection vulnerability in htmlfontify.el (CVE-2022-48339) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 emacs-24.3-23.el7_9.1.x86_64.rpm emacs-common-24.3-23.el7_9.1.x86_64.rpm emacs-debuginfo-24.3-23.el7_9.1.x86_64.rpm emacs-nox-24.3-23.el7_9.1.x8 [More...]

SciLinux: SLSA-2023-3263-1 Important: git on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (CVE-2023-25652) * git: arbitrary configuration injection when renaming or deleting a section from a configuration file (CVE-2023-29007) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and oth [More...]

SciLinux: SLSA-2023-3137-1 Important: firefox on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Firefox to version 102.11.0 ESR. * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process cras [More...]

SciLinux: SLSA-2023-3151-1 Important: thunderbird on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Thunderbird to version 102.11.0. * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process cras [More...]

SciLinux: SLSA-2023-3145-1 Important: apr-util on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 apr-util-1.5.2-6.el7_9.1.i686.rpm apr-util-1.5.2-6.el7_9.1.x86_64.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.i686.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.x86 [More...]

SciLinux: SLSA-2023-2077-1 Important: libwebp on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Mozilla: libwebp: Double-free in libwebp (CVE-2023-1999) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 libwebp-0.3.0-11.el7.i686.rpm libwebp-0.3.0-11.el7.x86_64.rpm libwebp-debuginfo-0.3.0-11.el7.i686.rpm libwebp-debuginfo-0.3.0-11.el7.x86_64.rpm libwebp-devel [More...]

SciLinux: SLSA-2023-1987-1 Moderate: kernel on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

kernel: memory corruption in usbmon driver (CVE-2022-43750) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * NFSv4.1 : state manager loop TEST_STATEID/OPEN SL7 x86_64 bpftool-3.10.0-1160.90.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.90.1.el7.x86_64.rpm kernel-3 [More...]

SciLinux: SLSA-2023-1904-1 Important: java-1.8.0-openjdk on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296 [More...]

SciLinux: SLSA-2023-1899-1 Important: java-11-openjdk on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296 [More...]

SciLinux: SLSA-2023-1806-1 Important: thunderbird on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Thunderbird to version 102.10.0. * Thunderbird: Revocation status of S/Mime recipient certificates was not checked (CVE-2023-0547) * Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of- service attack (CVE-2023-28427) * Mozilla: Fullscreen notification obscured (CVE-2023-29533) * Mozilla: Potential Memory Corruption following Garbage Collector compactio [More...]

SciLinux: SLSA-2023-1791-1 Important: firefox on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Firefox to version 102.10.0 ESR. * MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp * Mozilla: Fullscreen notification obscured (CVE-2023-29533) * Mozilla: Potential Memory Corruption following Garbage Collector compaction (CVE-2023-29535) * Mozilla: Invalid free from JavaScript code (CVE-2023-29536) * Mozilla: Memory safety bugs fixed in Firefox 112 and Firefox ESR 1 [More...]

SciLinux: SLSA-2023-1593-1 Important: httpd on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 httpd-2.4.6-98.el7_9.7.x86_64.rpm httpd-debuginfo-2.4.6-98.el7_9.7.x86_64.rpm httpd-devel-2.4.6-98.el7_9.7.x86_64.rpm httpd-tools-2.4.6-98.e [More...]

SciLinux: SLSA-2023-1594-1 Important: tigervnc and xorg-x11-server on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability (CVE-2023-1393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 tigervnc-1.8.0-25.el7_9.x86_64.rpm tigervnc-debuginfo-1.8.0-25.el7_9.x86_64.rpm tigervnc-server-1.8.0-25. [More...]

SciLinux: SLSA-2023-1401-1 Important: thunderbird on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Thunderbird to version 102.9.0. * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751) * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176) * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752) * Mozilla: Invalid downcast in Worklets (CVE-2023-28162) * Mozilla: URL being dragged fr [More...]

SciLinux: SLSA-2023-1335-1 Important: openssl on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 openssl-1.0.2k-26.el7_9.x86_64.rpm openssl-debuginfo-1.0.2k-26.el7_9.i686.rpm openssl-debuginfo-1.0.2k-26.el7_9.x86_64.rpm openssl-libs-1.0.2k- [More...]

SciLinux: SLSA-2023-1332-1 Important: nss on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 nss-3.79.0-5.el7_9.i686.rpm nss-3.79.0-5.el7_9.x86_64.rpm nss-debuginfo-3.79.0-5.el7_9.i686.rpm nss-debuginfo-3.79.0-5.el7_9.x86_64.rpm nss-sysinit-3.79.0-5.e [More...]

SciLinux: SLSA-2023-1333-1 Important: firefox on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Firefox to version 102.9.0 ESR. * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751) * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176) * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752) * Mozilla: Invalid downcast in Worklets (CVE-2023-28162) * Mozilla: URL being dragged fr [More...]

SciLinux: SLSA-2023-1091-1 Important: kernel on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) * kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Regression - SAS3416 card works on SL 7.7 and below, does not work on [More...]

SciLinux: SLSA-2023-1095-1 Moderate: zlib on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field (CVE-2022-37434) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 zlib-1.2.7-21.el7_9.i686.rpm zlib-1.2.7-21.el7_9.x86_64.rpm zlib-debuginfo-1.2.7-21.el7_9.i686.r [More...]

SciLinux: SLSA-2023-1090-1 Important: samba on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided (CVE-2022-38023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 libsmbclient-4.10.16-24.el7_9.i686.rpm libsmbclient-4.10.16-24.el7_9.x86_64.rpm libwbclient-4.10.16-24.el7_9.i686.rpm libwbcli [More...]

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo