Find the information you need for your favorite open source distribution .
QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 qemu-img-1.5.3-175.el7_9.4.x86_64.rpm qemu-kvm-1.5.3-175.el7_9.4.x86_64.rpm qemu-kvm-common-1.5.3-175.el7_9.4.x86_64.rpm qemu-kvm-debuginfo-1.5.3-175.el7_ [More...]
389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Add new access log keywords for time spent in work queue and actual operation time --- SL7 x86_64 389-ds-base-1.3.10.2-12.el7_9.x86_64.rpm 389-ds-ba [More...]
libwebp: heap-based buffer overflow in PutLE16() (CVE-2018-25011) * libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328) * libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c (CVE-2020-36329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 [More...]
This update upgrades Thunderbird to version 78.11.0. * Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) * Mozilla: Thunderbird stored OpenPGP secret keys without master password protection (CVE-2021-29956) * Mozilla: Partial protection of inline OpenPGP message not indicated (CVE-2021-29957) For more details about the security issue(s), including the imp [More...]
This update upgrades Firefox to version 78.11.0 ESR. * Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - firefox-78.11.0-3.el7_9.i686.rpm - firefox-78.11.0-3.el7_9.x86_64.rpm - firefox-deb [More...]
glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ----- SL7 x86_64 - glib2-2.56.1-9.el7_9.i686.rpm - glib2-2.56.1-9.el7_9.x86_64.rpm - glib2-debuginfo-2.56.1-9 [More...]
slapi-nis: NULL dereference (DoS) with specially crafted Binding DN (CVE-2021-3480) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - slapi-nis-0.56.5-4.el7_9.x86_64.rpm - slapi-nis-debuginfo-0.56.5-4.el7_9.x86_64.rpm - Scientific Linux Development Team
xorg-x11-server: XChangeFeedbackControl integer underflow leads to privilege escalation (CVE-2021-3472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - xorg-x11-server-Xdmx-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-Xephyr-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-Xne [More...]
postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695) * postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other [More...]
