SciLinux: SLSA-2021-3295-1 Important: libsndfile on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution (CVE-2021-3246) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 libsndfile-1.0.25-12.el7_9.1.i686.rpm libsndfile-1.0.25-12.el7_9.1.x86_64.rpm libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm li [More...]

SciLinux: SLSA-2021-3338-1 Low: hivex on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 hivex-1.3.10-6.12.el7_9.i686.rpm hivex-1.3.10-6.12.el7_9.x86_64.rpm hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm hivex-debuginfo-1.3.10-6.12.el7_9.x86_64 [More...]

SciLinux: SLSA-2021-3296-1 Important: libX11 on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

libX11: missing request length checks (CVE-2021-31535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 libX11-1.6.7-4.el7_9.i686.rpm libX11-1.6.7-4.el7_9.x86_64.rpm libX11-debuginfo-1.6.7-4.el7_9.i686.rpm libX11-debuginfo-1.6.7-4.el7_9.x86_64.rpm libX11-devel-1.6.7-4.el7_9.i686. [More...]

SciLinux: SLSA-2021-3234-1 Important: compat-exiv2-023 on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE7 --- SL7 x86_64 - compat-exiv2-023-0.23-2.el7_9.i686.rpm - compat-exiv2-023-0.23-2.el7_9.x86_64.rpm - compat-exiv2-023-debuginfo-0.23-2.el7_9.i686.rpm - compat- [More...]

SciLinux: SLSA-2021-3233-1 Important: compat-exiv2-026 on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE7 --- SL7 x86_64 - compat-exiv2-026-0.26-3.el7_9.i686.rpm - compat-exiv2-026-0.26-3.el7_9.x86_64.rpm - compat-exiv2-026-debuginfo-0.26-3.el7_9.i686.rpm - compat-e [More...]

SciLinux: SLSA-2021-3154-1 Important: firefox on x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Firefox to version 78.13.0 ESR. * Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980) * Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984) * Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986) * Mozilla: Memory corruption as a result of in [More...]

SciLinux: SLSA-2021-3160-1 Important: thunderbird on x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Thunderbird to version 78.13.0. * Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980) * Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984) * Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986) * Mozilla: Memory corruption as a result of in [More...]