Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 8 articles for you...
91
security advisorydenial of servicegentooGentoo: GLSA-202208-33 Normal: Gnome Shell Denial Of Service
A vulnerability has been found in libcroco which could result in denial of service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-33 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Gnome Shell, gettext, libcroco: Multiple Vulnerabilities Date: August 21, 2022 Bugs: #722752, #755848, #769998 ID: 202208-33 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability has been found in libcroco which could result in denial of service. Background ========= GNOME Shell provides core user interface functions for the GNOME desktop, like switching to windows and launching applications. gettext contains the GNU locale utilities. libcroco is a standalone CSS2 parsing and manipulation library. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/libcroco < 0.6.13 > = 0.6.13 2 gnome-base/gnome-shell < 3.36.7 > = 3.36.7 3 sys-devel/gettext < 0.21 > = 0.21 Description ========== The cr_parser_parse_any_core function in libcroco's cr-parser.c does not limit recursion, leading to a denial of service via a stack overflow when trying to parse crafted CSS. Gnome Shell and gettext bundle libcroco in their own sources and thus are potentially vulnerable as well. Impact ===== An attacker with control over the input to the library can cause a denial of service. Workaround ========= There is no known workaround at this time. Resolution ========= All gettext users should upgrade tothe latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =sys-devel/gettext-0.21" All Gnome Shell users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =gnome-base/gnome-shell-3.36.7" All libcroco users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-libs/libcroco-0.6.13" References ========= [ 1 ] CVE-2020-12825 https://nvd.nist.gov/vuln/detail/CVE-2020-12825 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202208-33 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Aug 20, 2022
Gentoo
89
security advisoryupdatecriticalFedora 36: FEDORA-2022-ea8f4e232d Critical: golang gettext Update
Rebuild to mitigate CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang --- See https://groups.google.com/g/golang-dev/c/frczlF8OFQ0/m/4lrZh5BHDgAJ for more information about the specific vulnerabilities.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-ea8f4e232d 2022-07-30 01:52:05.591840 --------------------------------------------------------------------------------Name : golang-github-gosexy-gettext Product : Fedora 36 Version : 0.9 Release : 8.fc36 URL : https://github.com/gosexy/gettext Summary : Go bindings for GNU's gettext Description : Go bindings for GNU gettext, an internationalization and localization library for writing multilingual systems. --------------------------------------------------------------------------------Update Information: Rebuild to mitigate CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang ---See https://groups.google.com/g/golang-dev/c/frczlF8OFQ0/m/4lrZh5BHDgAJ for more information about the specific vulnerabilities. --------------------------------------------------------------------------------ChangeLog: * Tue Jul 19 2022 Maxwell G - 0.9-8 - Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-ea8f4e232d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jul 29, 2022
•Critical
Fedora
89
security advisoryupdatecriticalFedora 35: 2022-3e1ade35db Critical: Go Bindings Rebuild
Rebuild for CVE-2022-{24675,28327,29526 in golang}. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3e1ade35db 2022-07-20 01:37:55.965441 --------------------------------------------------------------------------------Name : golang-github-gosexy-gettext Product : Fedora 35 Version : 0.9 Release : 7.fc35 URL : https://github.com/gosexy/gettext Summary : Go bindings for GNU's gettext Description : Go bindings for GNU gettext, an internationalization and localization library for writing multilingual systems. --------------------------------------------------------------------------------Update Information: Rebuild for CVE-2022-{24675,28327,29526 in golang} --------------------------------------------------------------------------------ChangeLog: * Thu Jan 20 2022 Fedora Release Engineering - 0.9-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3e1ade35db' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jul 19, 2022
•Critical
Fedora
89
security advisorycriticalFedoraFedora 34: FEDORA-2021-79ce3cb64a Critical: NewsBoat Dependency Update
- Update newsboat to version 2.24. - Update gettext-rs crate to version 0.7.0. - Update gettext-sys crate to version 0.21.2. - Bump gettext-rs dependency in newsflash to 0.7.0. Also includes a rebuild of newsflash with crossbeam-deque 0.8.1 / 0.7.4 for CVE-2021-32810.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-79ce3cb64a 2021-08-18 01:09:52.133210 --------------------------------------------------------------------------------Name : newsflash Product : Fedora 34 Version : 1.4.1 Release : 2.fc34 URL : https://gitlab.com/news-flash/news_flash_gtk Summary : Modern feed reader Description : A modern feed reader designed for the GNOME desktop. NewsFlash is a program designed to complement an already existing web-based RSS reader account. It combines all the advantages of web based services like syncing across all your devices with everything you expect from a modern desktop program: Desktop notifications, fast search and filtering, tagging, handy keyboard shortcuts and having access to all your articles as long as you like. --------------------------------------------------------------------------------Update Information: - Update newsboat to version 2.24. - Update gettext-rs crate to version 0.7.0. -Update gettext-sys crate to version 0.21.2. - Bump gettext-rs dependency in newsflash to 0.7.0. Also includes a rebuild of newsflash with crossbeam-deque 0.8.1 / 0.7.4 for CVE-2021-32810. --------------------------------------------------------------------------------ChangeLog: * Sat Aug 7 2021 Fabio Valentini - 1.4.1-2 - Revert temporary gettext-rs downgrade. --------------------------------------------------------------------------------References: [ 1 ] Bug #1953294 - rust-gettext-rs-0.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1953294 [ 2 ] Bug #1974172 - newsboat-2.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1974172 [ 3 ] Bug #1983193 - rust-gettext-sys-0.21.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1983193 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-79ce3cb64a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Aug 17, 2021
•Critical
Fedora
203
security advisorymoderatesecurity issueMageia 7: 2021-0333 Moderate: libcroco Stack Consumption Issue
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption (CVE-2020-12825). References: - https://bugs.mageia.org/show_bug.cgi?id=27108 . MGASA-2021-0333 - Updated libcroco and gettext packages fix security vulnerability Publication date: 10 Jul 2021 URL: https://advisories.mageia.org/MGASA-2021-0333.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-12825 libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption (CVE-2020-12825). References: - https://bugs.mageia.org/show_bug.cgi?id=27108 - https://access.redhat.com/errata/RHSA-2020:4072 - https://gitlab.gnome.org/Archive/libcroco/-/issues/8 - https://www.cve.org/CVERecord?id=CVE-2020-12825 SRPMS: - 7/core/libcroco-0.6.13-1.2.mga7 - 7/core/gettext-0.19.8.1-4.1.mga7 . The latest versions of libcroco and gettext have resolved a significant stack overflow vulnerability on Mageia. Update today!. libcroco Security, Stack Consumption Issue, Mageia Security Update, gettext Fix. . LinuxSecurity.com Team
Jul 10, 2021
Mageia
98
security advisorysecurity updatered hatRed Hat: RHSA-2020-2846 Low Severity Gettext Security Update Released
An update for gettext is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: gettext security update Advisory ID: RHSA-2020:2846-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:2846 Issue date: 2020-07-07 CVE Names: CVE-2018-18751 ==================================================================== 1. Summary: An update for gettext is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.6) - noarch Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - noarch 3. Description: The gettext packages provide a documentation for producing multi-lingual messages in programs, set of conventions about how programs should be written, a runtime library, and a directory and file naming organization for the message catalogs. Security Fix(es): * gettext: double free in default_add_message in read-catalog.c (CVE-2018-18751) For more details about the security issue(s),including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1647043 - CVE-2018-18751 gettext: double free in default_add_message in read-catalog.c 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.6): Source: gettext-0.19.8.1-3.el7_6.src.rpm x86_64: gettext-0.19.8.1-3.el7_6.x86_64.rpm gettext-debuginfo-0.19.8.1-3.el7_6.i686.rpm gettext-debuginfo-0.19.8.1-3.el7_6.x86_64.rpm gettext-libs-0.19.8.1-3.el7_6.i686.rpm gettext-libs-0.19.8.1-3.el7_6.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.6): noarch: emacs-gettext-0.19.8.1-3.el7_6.noarch.rpm gettext-common-devel-0.19.8.1-3.el7_6.noarch.rpm x86_64: gettext-debuginfo-0.19.8.1-3.el7_6.i686.rpm gettext-debuginfo-0.19.8.1-3.el7_6.x86_64.rpm gettext-devel-0.19.8.1-3.el7_6.i686.rpm gettext-devel-0.19.8.1-3.el7_6.x86_64.rpm Red Hat Enterprise Linux Server EUS (v.7.6): Source: gettext-0.19.8.1-3.el7_6.src.rpm noarch: gettext-common-devel-0.19.8.1-3.el7_6.noarch.rpm ppc64: gettext-0.19.8.1-3.el7_6.ppc64.rpm gettext-debuginfo-0.19.8.1-3.el7_6.ppc.rpm gettext-debuginfo-0.19.8.1-3.el7_6.ppc64.rpm gettext-devel-0.19.8.1-3.el7_6.ppc.rpm gettext-devel-0.19.8.1-3.el7_6.ppc64.rpm gettext-libs-0.19.8.1-3.el7_6.ppc.rpm gettext-libs-0.19.8.1-3.el7_6.ppc64.rpm ppc64le: gettext-0.19.8.1-3.el7_6.ppc64le.rpm gettext-debuginfo-0.19.8.1-3.el7_6.ppc64le.rpm gettext-devel-0.19.8.1-3.el7_6.ppc64le.rpm gettext-libs-0.19.8.1-3.el7_6.ppc64le.rpm s390x: gettext-0.19.8.1-3.el7_6.s390x.rpm gettext-debuginfo-0.19.8.1-3.el7_6.s390.rpm gettext-debuginfo-0.19.8.1-3.el7_6.s390x.rpm gettext-devel-0.19.8.1-3.el7_6.s390.rpm gettext-devel-0.19.8.1-3.el7_6.s390x.rpm gettext-libs-0.19.8.1-3.el7_6.s390.rpm gettext-libs-0.19.8.1-3.el7_6.s390x.rpm x86_64: gettext-0.19.8.1-3.el7_6.x86_64.rpm gettext-debuginfo-0.19.8.1-3.el7_6.i686.rpm gettext-debuginfo-0.19.8.1-3.el7_6.x86_64.rpm gettext-devel-0.19.8.1-3.el7_6.i686.rpm gettext-devel-0.19.8.1-3.el7_6.x86_64.rpm gettext-libs-0.19.8.1-3.el7_6.i686.rpm gettext-libs-0.19.8.1-3.el7_6.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: gettext-0.19.8.1-3.el7_6.src.rpm aarch64: gettext-0.19.8.1-3.el7_6.aarch64.rpm gettext-debuginfo-0.19.8.1-3.el7_6.aarch64.rpm gettext-devel-0.19.8.1-3.el7_6.aarch64.rpm gettext-libs-0.19.8.1-3.el7_6.aarch64.rpm noarch: gettext-common-devel-0.19.8.1-3.el7_6.noarch.rpm ppc64le: gettext-0.19.8.1-3.el7_6.ppc64le.rpm gettext-debuginfo-0.19.8.1-3.el7_6.ppc64le.rpm gettext-devel-0.19.8.1-3.el7_6.ppc64le.rpm gettext-libs-0.19.8.1-3.el7_6.ppc64le.rpm s390x: gettext-0.19.8.1-3.el7_6.s390x.rpm gettext-debuginfo-0.19.8.1-3.el7_6.s390.rpm gettext-debuginfo-0.19.8.1-3.el7_6.s390x.rpm gettext-devel-0.19.8.1-3.el7_6.s390.rpm gettext-devel-0.19.8.1-3.el7_6.s390x.rpm gettext-libs-0.19.8.1-3.el7_6.s390.rpm gettext-libs-0.19.8.1-3.el7_6.s390x.rpm Red Hat Enterprise Linux Server Optional EUS (v.7.6): noarch: emacs-gettext-0.19.8.1-3.el7_6.noarch.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): noarch: emacs-gettext-0.19.8.1-3.el7_6.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2018-18751 https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXwRNfNzjgjWX9erEAQh++Q//Q1U911mNzDeLbtXMdrLK0/5oVZRNiSRv 1yaj9jxCnA4fJPLG4yxCHq91wxF9QY24/Sxqne2KnmRnwkues6auTIwsOC6QToPS orLClq/x1i5cZJg0t2psRzLOJxrVpSjX8FMohaEOuBg1WPeHFMq4/Fpu+S4Gca17 2GNkoo7IwG85MdbN2Jjt9i3nK77HqThQGcG+CFIl/D5GFMwy2FRvyq1av6j3BGpv jQupDjf0lgQkYYA0Cgmi790PO5u5HmxFX/nBSr5XZeh5eupYLC5ti5JAI8OMIXFP 0hIg5jyVJQjnj26ZM6FE8YnedP/pdVS0IwrZkb/PEh+EN7qKLNQtgowjQNlvf+5u Wbk/5/Eqr9XLNVqjgpZXusuezZB8aeqYdPtc+7hRo/mvFXeNgaxnUL1zHsSY56Lr cWBbamHnqk/W+R1OD+xfAo/yB998+71xf6WubQ2aVap30hbQHvCOIyeQ6EQiSzGG 73wYiVx5zt12+RFgkEqya0/bvvJeMtmKjKotrwLdBQ3MU2y07UQhX+FrSjlo2mhT x5mQNUMjomU9AwWy/lfvc0ruy6fcChLZS8SOEQ5OQTveJqERoYZRPludiQb/AUM1 mQMfSlTKAZckFOEGc8DJlCF6D5Lz+XbFBSgbB+eilCHAHnYww5iVm2b4/zX6NlZv 6Bae+AoMXMo=L6NP -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jul 07, 2020
•Low
Red Hat
98
security advisorysecurity updatesecurity issueRed Hat Enterprise Linux 7.7 RHSA-2020-2485-01 Low: Gettext Double Free
An update for gettext is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: gettext security update Advisory ID: RHSA-2020:2485-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:2485 Issue date: 2020-06-10 CVE Names: CVE-2018-18751 ==================================================================== 1. Summary: An update for gettext is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7) - noarch, x86_64 Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.7) - noarch 3. Description: The gettext packages provide a documentation for producing multi-lingual messages in programs, set of conventions about how programs should be written, a runtime library, and a directory and file naming organization for the message catalogs. Security Fix(es): * gettext: double free in default_add_message in read-catalog.c (CVE-2018-18751) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, whichincludes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1647043 - CVE-2018-18751 gettext: double free in default_add_message in read-catalog.c 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.7): Source: gettext-0.19.8.1-3.el7_7.src.rpm x86_64: gettext-0.19.8.1-3.el7_7.x86_64.rpm gettext-debuginfo-0.19.8.1-3.el7_7.i686.rpm gettext-debuginfo-0.19.8.1-3.el7_7.x86_64.rpm gettext-libs-0.19.8.1-3.el7_7.i686.rpm gettext-libs-0.19.8.1-3.el7_7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.7): noarch: emacs-gettext-0.19.8.1-3.el7_7.noarch.rpm gettext-common-devel-0.19.8.1-3.el7_7.noarch.rpm x86_64: gettext-debuginfo-0.19.8.1-3.el7_7.i686.rpm gettext-debuginfo-0.19.8.1-3.el7_7.x86_64.rpm gettext-devel-0.19.8.1-3.el7_7.i686.rpm gettext-devel-0.19.8.1-3.el7_7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v.7.7): Source: gettext-0.19.8.1-3.el7_7.src.rpm noarch: gettext-common-devel-0.19.8.1-3.el7_7.noarch.rpm ppc64: gettext-0.19.8.1-3.el7_7.ppc64.rpm gettext-debuginfo-0.19.8.1-3.el7_7.ppc.rpm gettext-debuginfo-0.19.8.1-3.el7_7.ppc64.rpm gettext-devel-0.19.8.1-3.el7_7.ppc.rpm gettext-devel-0.19.8.1-3.el7_7.ppc64.rpm gettext-libs-0.19.8.1-3.el7_7.ppc.rpm gettext-libs-0.19.8.1-3.el7_7.ppc64.rpm ppc64le: gettext-0.19.8.1-3.el7_7.ppc64le.rpm gettext-debuginfo-0.19.8.1-3.el7_7.ppc64le.rpm gettext-devel-0.19.8.1-3.el7_7.ppc64le.rpm gettext-libs-0.19.8.1-3.el7_7.ppc64le.rpm s390x: gettext-0.19.8.1-3.el7_7.s390x.rpm gettext-debuginfo-0.19.8.1-3.el7_7.s390.rpm gettext-debuginfo-0.19.8.1-3.el7_7.s390x.rpm gettext-devel-0.19.8.1-3.el7_7.s390.rpm gettext-devel-0.19.8.1-3.el7_7.s390x.rpm gettext-libs-0.19.8.1-3.el7_7.s390.rpm gettext-libs-0.19.8.1-3.el7_7.s390x.rpm x86_64: gettext-0.19.8.1-3.el7_7.x86_64.rpm gettext-debuginfo-0.19.8.1-3.el7_7.i686.rpm gettext-debuginfo-0.19.8.1-3.el7_7.x86_64.rpm gettext-devel-0.19.8.1-3.el7_7.i686.rpm gettext-devel-0.19.8.1-3.el7_7.x86_64.rpm gettext-libs-0.19.8.1-3.el7_7.i686.rpm gettext-libs-0.19.8.1-3.el7_7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.7): noarch: emacs-gettext-0.19.8.1-3.el7_7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2018-18751 https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXuECktzjgjWX9erEAQj3KBAAlJs5NKSc06cDGYbt2I4MbVEmbazL+EtB 1e0f23MnJ1ghdZRddXbuQuLi1H896OzQfub+pJS4rZdCvZgS9VWynDONFuOlcA2j FB5siOB33iD9lFTU/Y58sXLTBMBRqANczwPKZtk5Jh8aO1C3rE6EdQhcu4KLxqr0 3WrRO93+e4OhobFZyX+b4JkDAt7yfqLpKoIVTEsFh3OLTJ8cSXH6hRMiRbxgt+Wq f6Mpc+7NCZzNFXplMHXlIbWnt5h595tbhcDzwB1g6Z3ldNQdm5l5QevtAI5yR+pv GzuKzuRt+Ey//4ke40N66b+QjqhESgkys/KvbNfKtsZjs3D/0ZMRj5nQrClG4ipq NQL5ouxvaBJBSRNXKekXvMqqITofzgAW98+drpwxHLYOYDI7p3ag5eFR6yReutP6 Kep78SGETcJusnMSWiGtSsMQJWaKxHCVX+Cb8DdD33jFaoOhshOYzUhrhkTsutjE kaDn8/K6mnmGS/BEdkznlm0UG2qP3N42ZCVoadkjIygVt9ApxezaCWnfD+VjwmVv KU0RK5y1TKYyHxFg5dInxIWMzNda8nOjJ5v02kobAgZVtAk4MIh7YnuCW510MHAv XZhDhl0N/O/LuxXUslpJp6OEzYzta8EnAYL1G63gqsrV5HrsPxvQZnFdOn0mVgG/ 0up/tOC3Ov4=LH6Z -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 10, 2020
•Low
Red Hat
200
security advisorybug fixlow severityScientific Linux 7: SLSA-2020-1138-1 Low Severity Gettext Update
gettext: double free in default_add_message in read-catalog.c SL7 x86_64 gettext-libs-0.19.8.1-3.el7.i686.rpm gettext-libs-0.19.8.1-3.el7.x86_64.rpm gettext-common-devel-0.19.8.1-3.el7.noarch.rpm gettext-devel-0.19.8.1-3.el7.x86_64.rpm gettext-0.19.8.1-3.el7.x86_64.rpm gettext-devel-0.19.8.1-3.el7.i686.rpm gettext-debuginfo-0.19.8.1-3.el7.i686.rpm gettext-debu [More...]. Synopsis: Low: gettext security and bug fix update Advisory ID: SLSA-2020:1138-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2018-18751 -- * gettext: double free in default_add_message in read-catalog.c -- SL7 x86_64 gettext-libs-0.19.8.1-3.el7.i686.rpm gettext-libs-0.19.8.1-3.el7.x86_64.rpm gettext-common-devel-0.19.8.1-3.el7.noarch.rpm gettext-devel-0.19.8.1-3.el7.x86_64.rpm gettext-0.19.8.1-3.el7.x86_64.rpm gettext-devel-0.19.8.1-3.el7.i686.rpm gettext-debuginfo-0.19.8.1-3.el7.i686.rpm gettext-debuginfo-0.19.8.1-3.el7.x86_64.rpm noarch emacs-gettext-0.19.8.1-3.el7.noarch.rpm gettext-common-devel-0.19.8.1-3.el7.noarch.rpm - Scientific Linux Development Team . Minor patch release for gettext responding to a memory release problem identified on SL7.x x86_64 architectures, in accordance with advisory SLSA-2020-1138-1.. gettext update, SL7 security, bug fix, low severity. . Severity: Low. LinuxSecurity.com Team
Apr 20, 2020
•Low
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!