Thank you for reading the LinuxSecurity Linux Advisory Watch newsletter! Staying on top of the latest security advisories issued by the distro(s) you use is essential in maintaining an updated, secure Linux system. Our weekly newsletter is an easy, convenient way to track distribution security advisories - helping you keep your Linux environment safe from malware and other exploits.

Important advisories issued this week include warnings from Debian regarding multiple security issues discovered in Thunderbird which could result in the execution of arbitrary code or information disclosure, as well as a number of security issues that have now been addressed in OpenPGP support. The distro has also issued an advisory stating that the PEAR Archive_Tar package for handling tar files in PHP is prone to a directory traversal flaw due to inadequate checking of symbolic links. Continue reading to learn about other significant advisories issued this week. 

As part of our website redesign that is now in its final stages, we will be updating the format of our Linux Advisory Watch newsletter, and adding the ability for you to create a User Profile and customize it to include the latest advisories for the distros you are tracking. The new site will be live very soon - stay tuned for more updates in the coming weeks! Have a happy, healthy and secure weekend!

Yours in Open Source,

Brittany Signature 150

LinuxSecurity.com Feature Extras:

Can Linux Be Used To Offer More Security In A WFH World (On And Offline)? - Can companies bolster their remote-working operations — even offline — through swapping their current operating systems for Linux? Let’s see what conclusions we can reach.

Openwall Releases LKRG 0.9.0 with a Long List of Major Changes, Improvements & Bug Fixes Openwall recently announced the release of LKRG (Linux Kernel Runtime Guard) 0.9.0, featuring a host of major changes and improvements, as well as fixes for multiple security bugs.

  Debian: DSA-4898-1: wpa security update (Apr 22)
 

Several vulnerabilities have been discovered in wpa_supplicant and hostapd. CVE-2020-12695
  Debian: DSA-4897-1: thunderbird security update (Apr 22)
 

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. In adddition a number of security issues were addressed in the OpenPGP support.
  Debian: DSA-4895-1: firefox-esr security update (Apr 20)
 

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, privilege escalation or spoofing.
  Debian: DSA-4894-1: php-pear security update (Apr 20)
 

It was discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a directory traversal flaw due to inadequate checking of symbolic links.
  Debian: DSA-4893-1: xorg-server security update (Apr 19)
 

Jan-Niklas Sohn discovered that missing input sanitising in the XInput extension of the X.org X server may result in privilege escalation if the X server is running privileged.
  Debian: DSA-4892-1: python-bleach security update (Apr 18)
 

It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when 'svg' or 'math' are in the allowed tags, 'p' or 'br' are in allowed tags, 'style', 'title', 'noscript', 'script', 'textarea', 'noframes',
  Fedora 32: curl 2021-26a293c72b (Apr 21)
 

- fix TLS 1.3 session ticket proxy host mixup (CVE-2021-22890) - prevent automatic referer from leaking credentials (CVE-2021-22876)
  Fedora 33: firefox 2021-5ed46601f6 (Apr 21)
 

- New upstream version (88.0)
  Fedora 33: os-autoinst 2021-186bca5b58 (Apr 21)
 

This update is intended to fix two bugs in os-autoinst: a crash on exit that commonly occurs, and a problem that can occur where a dbus-broker per-UID queued data limit is exceeded if many tap tests are running simultaneously for too long.
  Fedora 33: mediawiki 2021-f4223b6684 (Apr 21)
 

https://lists.wikimedia.org/hyperkitty/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/XYBF5RSTJRMVCP7QBYK7643W75A3KCIY/
  Fedora 33: rpm-ostree 2021-eadfc56b95 (Apr 21)
 

New upstream release: https://github.com/coreos/rpm-ostree/releases/tag/v2021.4 Includes fix for CVE-2021-3445 (https://bugzilla.redhat.com/show_bug.cgi?id=1932079).
  Fedora 33: mingw-binutils 2021-9bd201dd4d (Apr 21)
 

Backport patch for CVE-2021-3487.
  Fedora 32: mingw-binutils 2021-d23d016509 (Apr 20)
 

Backport patch for CVE-2021-3487.
  Fedora 34: xorg-x11-server 2021-112d542766 (Apr 19)
 

xserver 1.20.11 Security fix for CVE-2021-3472 / ZDI-CAN-1259
  Fedora 34: xorg-x11-server-Xwayland 2021-0e2981e013 (Apr 19)
 

xwayland 21.1.1 - Security fix for CVE-2021-3472 / ZDI-CAN-1259
  Fedora 32: mingw-python3 2021-1769a23935 (Apr 19)
 

Update to python-3.8.9.
  Fedora 32: leptonica 2021-977ebc82da (Apr 19)
 

Update to leptonica-1.80.0, see http://leptonica.org/source/version-notes.html for details.
  Fedora 32: mingw-leptonica 2021-977ebc82da (Apr 19)
 

Update to leptonica-1.80.0, see http://leptonica.org/source/version-notes.html for details.
  Fedora 32: CImg 2021-bc6585e31a (Apr 19)
 

new version
  Fedora 32: gmic 2021-bc6585e31a (Apr 19)
 

new version
  Fedora 32: nodejs 2021-d934acdb42 (Apr 19)
 

https://nodejs.org/en/blog/vulnerability/april-2021-security-releases/
  Fedora 33: mingw-glib2 2021-5c81cb03d0 (Apr 19)
 

This update backports a fix for CVE-2021-28153.
  Fedora 33: mingw-leptonica 2021-f5f2803fff (Apr 19)
 

Update to leptonica-1.80.0, see http://leptonica.org/source/version-notes.html for details.
  Fedora 33: leptonica 2021-f5f2803fff (Apr 19)
 

Update to leptonica-1.80.0, see http://leptonica.org/source/version-notes.html for details.
  Fedora 33: seamonkey 2021-d1551cdb15 (Apr 19)
 

Appled all the changes from the upstream 2.53.7.1 update. Fixed tab opening in background and tab choosing on a tab close.
  Fedora 33: CImg 2021-ca1151e997 (Apr 19)
 

new version
  Fedora 33: gmic 2021-ca1151e997 (Apr 19)
 

new version
  Fedora 33: nodejs 2021-c11da301be (Apr 19)
 

https://nodejs.org/en/blog/vulnerability/april-2021-security-releases/
  Fedora 32: ruby 2021-0ea39d8eb3 (Apr 17)
 

Upgrade to Ruby 2.7.3.
  Fedora 33: ruby 2021-6385a09efc (Apr 17)
 

Upgrade to Ruby 2.7.3.
  Fedora 32: kernel-tools 2021-21360476b6 (Apr 16)
 

The 5.11.14 stable kernel update contains a number of important fixes across the tree.
  Fedora 32: kernel-headers 2021-21360476b6 (Apr 16)
 

The 5.11.14 stable kernel update contains a number of important fixes across the tree.
  Fedora 32: gnuchess 2021-a58cb9bc7a (Apr 16)
 

Patch for CVE-2021-30184.
  Fedora 32: singularity 2021-2e174e8a96 (Apr 16)
 

Upgrade to upstream security release 3.7.3
  Fedora 33: kernel-tools 2021-1c170a7c7c (Apr 16)
 

The 5.11.14 stable kernel update contains a number of important fixes across the tree.
  Fedora 33: kernel-headers 2021-1c170a7c7c (Apr 16)
 

The 5.11.14 stable kernel update contains a number of important fixes across the tree.
  Fedora 33: xorg-x11-server 2021-139f3fc21c (Apr 16)
 

xserver 1.20.11 Security fix for CVE-2021-3472 / ZDI-CAN-1259
  Fedora 33: gnuchess 2021-2c714d311f (Apr 16)
 

Patch for CVE-2021-30184.
  Fedora 33: batik 2021-33a1b73e48 (Apr 16)
 

Enforce minimal build as jython is orphaned
  Fedora 33: singularity 2021-601ee898f7 (Apr 16)
 

Upgrade to upstream security release 3.7.3
  Fedora 32: seamonkey 2021-4b0a8b8629 (Apr 15)
 

Appled all the changes from the upstream 2.53.7.1 update. Fixed tab opening in background and tab choosing on a tab close. ---- Fix updating and support of legacy javascript extensions. ---- Update to 2.53.7 Enable support for module scripts. (To turn it off, toggle "dom.moduleScripts.enabled" in about:config). For sending mail, now "Thunderbird" is advertised in User-Agent header instead
  Fedora 32: libpano13 2021-596fc11138 (Apr 15)
 

Upstream release, security fix for CVE-2021-20307
  Fedora 33: python3.8 2021-2ab6f060d9 (Apr 15)
 

This is the ninth maintenance release of Python 3.8. [Changelog]( thon.org/release/3.8.9/whatsnew/changelog.html#python-3-8-9). Contains a security fix for CVE-2021-3426.
  Fedora 33: libpano13 2021-67cbea4608 (Apr 15)
 

Upstream release, security fix for CVE-2021-20307
  RedHat: RHSA-2021-1342:01 Moderate: Ansible security update (2.9.20) (Apr 22)
 

An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
  RedHat: RHSA-2021-1343:01 Moderate: Ansible security update (2.9.20) (Apr 22)
 

An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
  RedHat: RHSA-2021-1338:01 Moderate: Release of OpenShift Serverless 1.14.0 (Apr 22)
 

Release of OpenShift Serverless 1.14.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
  RedHat: RHSA-2021-1339:01 Moderate: Release of OpenShift Serverless Client (Apr 22)
 

Release of OpenShift Serverless Client kn 1.14.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
  RedHat: RHSA-2021-1322:01 Important: Red Hat OpenShift Service Mesh 1.1.13 (Apr 22)
 

An update for servicemesh and servicemesh-proxy is now available for OpenShift Service Mesh 1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1324:01 Important: Red Hat OpenShift Service Mesh 2.0.3 (Apr 22)
 

An update for servicemesh-proxy is now available for OpenShift Service Mesh 2.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1313:01 Moderate: Satellite 6.9 Release (Apr 21)
 

An update is now available for Red Hat Satellite 6.9 for RHEL 7. 2. Relevant releases/architectures: Red Hat Satellite 6.9 - noarch, x86_64 Red Hat Satellite Capsule 6.9 - noarch, x86_64
  RedHat: RHSA-2021-1315:01 Moderate: java-1.8.0-openjdk security update (Apr 21)
 

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1297:01 Moderate: java-11-openjdk security and bug fix (Apr 20)
 

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1298:01 Moderate: java-1.8.0-openjdk security update (Apr 20)
 

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1307:01 Moderate: java-11-openjdk security update (Apr 20)
 

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1306:01 Moderate: java-11-openjdk security update (Apr 20)
 

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1299:01 Moderate: java-1.8.0-openjdk security update (Apr 20)
 

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1305:01 Moderate: java-11-openjdk security update (Apr 20)
 

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1301:01 Moderate: java-1.8.0-openjdk security update (Apr 20)
 

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1295:01 Important: kpatch-patch security update (Apr 20)
 

An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1150:01 Moderate: OpenShift Container Platform 4.7.7 (Apr 20)
 

Red Hat OpenShift Container Platform release 4.7.7 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7.
  RedHat: RHSA-2021-1289:01 Important: kernel security and bug fix update (Apr 20)
 

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1288:01 Important: kernel security and bug fix update (Apr 20)
 

An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1272:01 Important: kernel security, bug fix, (Apr 20)
 

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1279:01 Important: kernel-rt security and bug fix update (Apr 20)
 

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1266:01 Moderate: perl security update (Apr 20)
 

An update for perl is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
  RedHat: RHSA-2021-1267:01 Important: kernel security and bug fix update (Apr 20)
 

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
  RedHat: RHSA-2021-1260:01 Low: Red Hat AMQ Streams 1.7.0 release and (Apr 19)
 

Red Hat AMQ Streams 1.7.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1258:01 Moderate: 389-ds:1.4 security and bug fix update (Apr 19)
 

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1246:01 Important: gnutls and nettle security update (Apr 19)
 

An update for gnutls and nettle is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1245:01 Important: gnutls and nettle security update (Apr 19)
 

An update for gnutls and nettle is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1240:01 Important: mariadb:10.3 and mariadb-devel:10.3 (Apr 19)
 

An update for the mariadb:10.3 and mariadb-devel:10.3 modules is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1239:01 Important: dpdk security update (Apr 19)
 

An update for dpdk is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1242:01 Important: mariadb:10.3 and mariadb-devel:10.3 (Apr 19)
 

An update for the mariadb:10.3 and mariadb-devel:10.3 modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1241:01 Important: mariadb:10.3 and mariadb-devel:10.3 (Apr 19)
 

An update for the mariadb:10.3 and mariadb-devel:10.3 modules is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1243:01 Moderate: redhat-ds:11 security and bug fix update (Apr 19)
 

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.2 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2021-1213:01 Important: libldb security update (Apr 15)
 

An update for libldb is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2021-1214:01 Important: libldb security update (Apr 15)
 

An update for libldb is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  Slackware: 2021-110-01: seamonkey Security Update (Apr 20)
 

New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.
  Debian LTS: DLA-2632-1: thunderbird security update (Apr 22)
 

Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. In adddition a number of security issues were addressed in the OpenPGP support.
  Debian LTS: DLA-2631-1: zabbix security update (Apr 21)
 

Multiple vulnerabilities were discovered in Zabbix, a network monitoring solution. An attacker may enumerate valid users and redirect to external links through the zabbix web frontend.
  Debian LTS: DLA-2630-1: wordpress security update (Apr 21)
 

CVE-2021-29447 Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue
  Debian LTS: DLA-2629-1: libebml security update (Apr 18)
 

A heap overflow issue was detected in libebml, a library to read and write files in the EBML format, a binary pendant to XML. These issues appeared in several ReadData functions of various data type
  Debian LTS: DLA-2628-1: python2.7 security update (Apr 17)
 

Two security issues have been discovered in python2.7: CVE-2019-16935
  Debian LTS: DLA-2618-2: smarty3 regression update (Apr 16)
 

The update of smarty3 released as DLA-2618-1 induced a regression due to a syntax error in sysplugins/smarty_security.php. For Debian 9 stretch, this problem has been fixed in version
  CentOS: CESA-2021-1192: Moderate CentOS 7 thunderbird (Apr 16)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2021:1192
  CentOS: CESA-2021-1135: Important CentOS 7 squid (Apr 16)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2021:1135
  CentOS: CESA-2021-1145: Important CentOS 7 nettle (Apr 16)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2021:1145
  SciLinux: SLSA-2021-1298-1 Moderate: java-1.8.0-openjdk on x86_64 (Apr 21)
 

OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (8249906) (CVE-2021-2163) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team
  SciLinux: SLSA-2021-1297-1 Moderate: java-11-openjdk on x86_64 (Apr 21)
 

OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (8249906) (CVE-2021-2163) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * JNI local refs exceeds capacity warning in NetworkInterface::getAll - Scientific Linux Development Team
  openSUSE: 2021:0595-1 moderate: irssi (Apr 22)
 

An update that contains security fixes can now be installed.
  openSUSE: 2021:0597-1 moderate: python-django-registration (Apr 22)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2021:0594-1 moderate: jhead (Apr 22)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2021:0592-1 important: opera (Apr 22)
 

An update that fixes 9 vulnerabilities is now available.
  openSUSE: 2021:0588-1 moderate: python-django-registration (Apr 19)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2021:0587-1 moderate: irssi (Apr 19)
 

An update that contains security fixes can now be installed.
  openSUSE: 2021:0577-1 important: nextcloud-desktop (Apr 19)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2021:0580-1 important: MozillaThunderbird (Apr 19)
 

An update that fixes 7 vulnerabilities is now available.
  openSUSE: 2021:0579-1 important: the Linux Kernel (Apr 19)
 

An update that solves 12 vulnerabilities and has 15 fixes is now available.
  openSUSE: 2021:0575-1 critical: chromium (Apr 19)
 

An update that fixes two vulnerabilities is now available.
  openSUSE: 2021:0571-1 important: python-bleach (Apr 17)
 

An update that fixes three vulnerabilities is now available.
  openSUSE: 2021:0570-1 important: fluidsynth (Apr 17)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2021:0567-1 critical: chromium (Apr 17)
 

An update that fixes two vulnerabilities is now available.
  openSUSE: 2021:0565-1 moderate: opensc (Apr 16)
 

An update that fixes 8 vulnerabilities is now available.
  openSUSE: 2021:0563-1 moderate: wpa_supplicant (Apr 16)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2021:0555-1 important: clamav (Apr 15)
 

An update that solves three vulnerabilities and has one errata is now available.
  openSUSE: 2021:0554-1 important: xorg-x11-server (Apr 15)
 

An update that fixes one vulnerability is now available.
  Mageia 2021-0194: clamav security update (Apr 18)
 

The updated packages fix a security vulnerability: A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition
  Mageia 2021-0193: python3 security update (Apr 18)
 

There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality (CVE-2021-3426).
  Mageia 2021-0192: kernel security update (Apr 18)
 

This kernel update is based on upstream 5.10.30 and fixes atleast the following security issues: nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670)
  Mageia 2021-0191: kernel-linus security update (Apr 18)
 

This kernel-linus update is based on upstream 5.10.30 and fixes atleast the following security issues: nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670)
  Mageia 2021-0190: x11-server security update (Apr 15)
 

Insufficient checks on the lengths of the XInput extension ChangeFeedbackControl request can lead to out of bounds memory accesses in the X server. These issues can lead to privilege escalation for authorized clients
  Mageia 2021-0189: thunderbird security update (Apr 15)
 

An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991). A crafted OpenPGP key with an invalid user ID could be used to confuse the user (MOZ-2021-23992).
  Mageia 2021-0188: chromium-browser-stable security update (Apr 15)
 

The updated packages fix security vulnerabilities and a crash when a device does some cast traffic in the local network. (See upstream release notes). References: - https://bugs.mageia.org/show_bug.cgi?id=28702
  Mageia 2021-0187: gstreamer1.0 security update (Apr 15)
 

GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files (SA-2021-0002). GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files (SA-2021-0003).