| |
Debian: DSA-4505-1: nginx security update (Aug 22) |
| |
Three vulnerabilities were discovered in the HTTP/2 code of Nginx, a high-performance web and reverse proxy server, which could result in denial of service.
|
| |
Debian: DSA-4504-1: vlc security update (Aug 20) |
| |
Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed.
|
| |
Debian: DSA-4503-1: golang-1.11 security update (Aug 18) |
| |
Three vulnerabilities have been discovered in the Go programming language; "net/url" accepted some invalid hosts in URLs which could result in authorisation bypass in some applications and the HTTP/2 implementation was susceptible to denial of service.
|
| |
Debian: DSA-4502-1: ffmpeg security update (Aug 16) |
| |
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed files/streams are processed.
|
| |
Debian: DSA-4501-1: libreoffice security update (Aug 15) |
| |
It was discovered that the code fixes to address CVE-2018-16858 and CVE-2019-9848 were not complete. For the oldstable distribution (stretch), these problems have been fixed
|
| |
|
| |
Fedora 30: httpd FEDORA-2019-099575a123 (Aug 22) |
| |
This update includes the latest release of the Apache HTTP Server, version `2.4.41`, fixing various security issues. Several major enhancements are also included in this update: * `mod_md` is now packaged from upstream *github* releases, adding support for ACMEv2. * `mod_cgid` stderr handling has been improved See for a full list of
|
| |
Fedora 30: mod_md FEDORA-2019-099575a123 (Aug 22) |
| |
This update includes the latest release of the Apache HTTP Server, version `2.4.41`, fixing various security issues. Several major enhancements are also included in this update: * `mod_md` is now packaged from upstream *github* releases, adding support for ACMEv2. * `mod_cgid` stderr handling has been improved See for a full list of
|
| |
Fedora 30: nghttp2 FEDORA-2019-81985a8858 (Aug 22) |
| |
- update to the latest upstream release (fixes CVE-2019-9511 and CVE-2019-9513)
|
| |
Fedora 30: patch FEDORA-2019-ac709da87f (Aug 22) |
| |
- Security fix for CVE-2019-13636 - Security fix for CVE-2019-13638
|
| |
Fedora 30: nginx FEDORA-2019-befd924cfe (Aug 21) |
| |
Fixes CVE-2019-9511, CVE-2019-9513, CVE-2019-9516
|
| |
Fedora 29: ghostscript FEDORA-2019-22f1c93255 (Aug 20) |
| |
- Fix for CVE-2019-10216 added
|
| |
Fedora 29: squirrelmail FEDORA-2019-1a87523729 (Aug 20) |
| |
updated to 1.4 branch snapshot containing several security fixes
|
| |
Fedora 30: pango FEDORA-2019-547be4a683 (Aug 20) |
| |
Security fix for CVE-2019-1010238
|
| |
Fedora 30: ghostscript FEDORA-2019-93e0145607 (Aug 20) |
| |
- Fix for CVE-2019-10216 added
|
| |
Fedora 29: kdelibs3 FEDORA-2019-9f2ee52c88 (Aug 18) |
| |
This update fixes **CVE-2019-14744 (kconfig arbitrary shell code execution)** in the KDE 3 compatibility version of kdelibs used by legacy KDE 3 applications. The full list of fixes in this `kdelibs3` build: * fixes **CVE-2019-14744** - `kconfig`: malicious `.desktop` files (and others) would execute code. KConfig had a well-meaning feature that allowed configuration files to execute arbitrary
|
| |
Fedora 29: mgetty FEDORA-2019-732b5488c2 (Aug 18) |
| |
Security fix for CVE-2019-1010189
|
| |
Fedora 30: kdelibs3 FEDORA-2019-f9f78895c3 (Aug 18) |
| |
This update fixes **CVE-2019-14744 (kconfig arbitrary shell code execution)** in the KDE 3 compatibility version of kdelibs used by legacy KDE 3 applications. The full list of fixes in this `kdelibs3` build: * fixes **CVE-2019-14744** - `kconfig`: malicious `.desktop` files (and others) would execute code. KConfig had a well-meaning feature that allowed configuration files to execute arbitrary
|
| |
Fedora 30: gradle FEDORA-2019-1b6383acdd (Aug 18) |
| |
Resolves CVE-2019-11065.
|
| |
Fedora 30: hostapd FEDORA-2019-97e9040197 (Aug 18) |
| |
Update to version 2.9 from upstream Security fix for CVE-2019-13377
|
| |
Fedora 29: mariadb-connector-c FEDORA-2019-f873e2799f (Aug 15) |
| |
**MariaDB 10.3.17** Release notes: https://mariadb.com/kb/en/mariadb-10317-release-notes/ **MariaDB Connector/C 3.1.3** Release notes: https://mariadb.com/kb/en/mariadb-connector-c-313-release-notes/ **MariaDB Connector/ODBC 3.1.2** Release notes: https://mariadb.com/kb/en/mariadb-connector-odbc-312-release-notes/ -----
|
| |
Fedora 30: python-django FEDORA-2019-647f74ce51 (Aug 15) |
| |
fixes for CVE-2019-14232 to 14235
|
| |
Fedora 30: mariadb FEDORA-2019-60befaed69 (Aug 15) |
| |
**MariaDB 10.3.17** Release notes: https://mariadb.com/kb/en/mariadb-10317-release-notes/ **MariaDB Connector/C 3.1.3** Release notes: https://mariadb.com/kb/en/mariadb-connector-c-313-release-notes/ **MariaDB Connector/ODBC 3.1.2** Release notes: https://mariadb.com/kb/en/mariadb-connector-odbc-312-release-notes/ -----
|
| |
Fedora 30: mariadb-connector-odbc FEDORA-2019-60befaed69 (Aug 15) |
| |
**MariaDB 10.3.17** Release notes: https://mariadb.com/kb/en/mariadb-10317-release-notes/ **MariaDB Connector/C 3.1.3** Release notes: https://mariadb.com/kb/en/mariadb-connector-c-313-release-notes/ **MariaDB Connector/ODBC 3.1.2** Release notes: https://mariadb.com/kb/en/mariadb-connector-odbc-312-release-notes/ -----
|
| |
Fedora 30: mariadb-connector-c FEDORA-2019-60befaed69 (Aug 15) |
| |
**MariaDB 10.3.17** Release notes: https://mariadb.com/kb/en/mariadb-10317-release-notes/ **MariaDB Connector/C 3.1.3** Release notes: https://mariadb.com/kb/en/mariadb-connector-c-313-release-notes/ **MariaDB Connector/ODBC 3.1.2** Release notes: https://mariadb.com/kb/en/mariadb-connector-odbc-312-release-notes/ -----
|
| |
Fedora 30: edk2 FEDORA-2019-d47a9d4b8b (Aug 15) |
| |
* License is now BSD-2-Clause-Patent * Re-enable secureboot enrollment * Use qemu-ovmf-secureboot from git
|
| |
Fedora 30: squirrelmail FEDORA-2019-ad02f64a79 (Aug 15) |
| |
updated to 1.4 branch snapshot containing several security fixes
|
| |
|
| |
Gentoo: GLSA-201908-25: hostapd and wpa_supplicant: Denial of Service (Aug 17) |
| |
A vulnerability in hostapd and wpa_supplicant could lead to a Denial of Service condition.
|
| |
Gentoo: GLSA-201908-24: MariaDB, MySQL: Multiple vulnerabilities (Aug 17) |
| |
Multiple vulnerabilities have been found in MariaDB and MySQL, the worst of which could result in privilege escalation.
|
| |
Gentoo: GLSA-201908-23: VLC: Multiple vulnerabilities (Aug 17) |
| |
Multiple vulnerabilities have been found in VLC, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-22: Patch: Multiple vulnerabilities (Aug 17) |
| |
Multiple vulnerabilities have been found in Patch, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-21: Adobe Flash Player: Multiple vulnerabilities (Aug 17) |
| |
Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-20: Mozilla Thunderbird: Multiple vulnerabilities (Aug 16) |
| |
Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-19: GNU Wget: Arbitrary code execution (Aug 15) |
| |
A vulnerability in GNU Wget might allow an attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-201908-18: Chromium, Google Chrome: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. [More...]
|
| |
Gentoo: GLSA-201908-17: ZeroMQ: Arbitrary code execution (Aug 15) |
| |
A vulnerability in ZeroMQ might allow an attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-201908-16: ProFTPD: Remote code execution (Aug 15) |
| |
A vulnerability in ProFTPD could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-15: ZNC: Privilege escalation (Aug 15) |
| |
A vulnerability in ZNC allows users to escalate privileges.
|
| |
Gentoo: GLSA-201908-14: polkit: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in polkit, the worst of which could result in privilege escalation.
|
| |
Gentoo: GLSA-201908-13: LibreOffice: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-12: Mozilla Firefox: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-11: libarchive: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in libarchive, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-10: Oracle JDK/JRE: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in Oracles JDK and JRE software suites.
|
| |
Gentoo: GLSA-201908-09: SQLite: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-08: CUPS: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in CUPS, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-07: KDE KConfig: User-assisted execution of arbitrary code (Aug 15) |
| |
A vulnerablity has been found in KDE KConfig that could allow a remote attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-201908-06: glibc: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in glibc, the worst of which could result in a Denial of Service condition.
|
| |
|
| |
RedHat: RHSA-2019-2553:01 Important: qemu-kvm-rhev security, bug fix, (Aug 22) |
| |
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2552:01 Moderate: OpenShift Container Platform 3.10 (Aug 21) |
| |
An update for atomic-openshift-web-console is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2542:01 Moderate: Ansible security and bug fix update (Aug 21) |
| |
An update for Ansible is now available for Ansible Engine 2.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2543:01 Moderate: Ansible security and bug fix update (Aug 21) |
| |
An update for Ansible is now available for Ansible Engine 2.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2545:01 Moderate: Ansible security update (Aug 21) |
| |
An update for Ansible is now available for Ansible Engine 2.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2544:01 Moderate: Ansible security update (Aug 21) |
| |
An update for Ansible is now available for Ansible Engine 2.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2541:01 Moderate: Red Hat Ceph Storage 3.3 security, (Aug 21) |
| |
An update is now available for Red Hat Ceph Storage 3.3 on Ubuntu 16.04. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2538:01 Moderate: Red Hat Ceph Storage 3.3 security, (Aug 21) |
| |
An update is now available for Red Hat Ceph Storage 3.3 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2534:01 Important: Red Hat 3scale API Management 2.6.0 (Aug 21) |
| |
A security update for Red Hat 3scale API Management Platform is now available from the Red Hat Container Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2519:01 Moderate: rh-php71-php security, bug fix, (Aug 19) |
| |
An update for rh-php71-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2512:01 Important: subversion:1.10 security update (Aug 15) |
| |
An update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2511:01 Important: mysql:8.0 security update (Aug 15) |
| |
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2508:01 Important: redis security update (Aug 15) |
| |
An update for redis is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2507:01 Important: qemu-kvm-rhev security update (Aug 15) |
| |
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2506:01 Important: redis security update (Aug 15) |
| |
An update for redis is now available for Red Hat OpenStack Platform 9.0 Operational Tools for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2505:01 Important: openstack-ironic-inspector security (Aug 15) |
| |
An update for openstack-ironic-inspector is now available for Red Hat OpenStack Platform 9.0 (Mitaka) director. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2503:01 Important: OpenShift Container Platform 3.11 (Aug 15) |
| |
An update for jenkins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2499:01 Moderate: ovirt-engine-metrics security, bug fix, (Aug 15) |
| |
An update for ovirt-engine-metrics is now available for Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2504:01 Moderate: OpenShift Container Platform 4.1.11 (Aug 15) |
| |
An update for openshift is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2494:01 Important: java-1.7.1-ibm security update (Aug 15) |
| |
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2495:01 Important: java-1.7.1-ibm security update (Aug 15) |
| |
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
|
| |
SUSE: 2019:2209-1 moderate: rubygem-loofah (Aug 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2191-1 wavpack (Aug 21) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:14151-1 important: kvm (Aug 21) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2019:2159-1 important: postgresql96 (Aug 21) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2192-1 important: qemu (Aug 21) |
| |
An update that solves four vulnerabilities and has 7 fixes is now available.
|
| |
SUSE: 2019:1606-2 moderate: libssh2_org (Aug 21) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:2185-1 moderate: flatpak (Aug 20) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2019:2180-1 important: python-Django (Aug 19) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2019:2181-1 important: nodejs6 (Aug 19) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2182-1 moderate: rubygem-rails-html-sanitizer (Aug 19) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2089-2 moderate: squid (Aug 16) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2019:2080-2 important: evince (Aug 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:2053-2 important: python3 (Aug 16) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2019:1861-3 important: MozillaFirefox (Aug 16) |
| |
An update that fixes 10 vulnerabilities is now available.
|
| |
SUSE: 2019:2013-2 important: bzip2 (Aug 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1830-2 important: glib2 (Aug 16) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:1958-2 moderate: glibc (Aug 16) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2036-2 important: java-1_8_0-openjdk (Aug 16) |
| |
An update that solves 8 vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2035-2 important: polkit (Aug 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1783-3 important: postgresql10 (Aug 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2155-1 important: 389-ds (Aug 15) |
| |
An update that solves 8 vulnerabilities and has two fixes is now available.
|
| |
SUSE: 2019:2152-1 moderate: openjpeg2 (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:14146-1 moderate: libvirt and libvirt-python (Aug 15) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
|
| |
Ubuntu 4109-1: OpenJPEG vulnerabilities (Aug 21) |
| |
Several security issues were fixed in OpenJPEG.
|
| |
Ubuntu 4108-1: Zstandard vulnerability (Aug 21) |
| |
Zstandard could be made to execute arbitrary code if it received specially crafted input.
|
| |
Ubuntu 4107-1: GIFLIB vulnerabilities (Aug 20) |
| |
Several security issues were fixed in GIFLIB.
|
| |
Ubuntu 4106-1: NLTK vulnerability (Aug 20) |
| |
NLTK could be made to overwrite files.
|
| |
Ubuntu 4105-1: CUPS vulnerabilities (Aug 20) |
| |
Several security issues were fixed in CUPS.
|
| |
Ubuntu 4104-1: Nova vulnerability (Aug 19) |
| |
Nova could be made to expose sensitive information.
|
| |
Ubuntu 4103-2: Docker vulnerability (Aug 19) |
| |
Docker could be made to crash or run programs as your login.
|
| |
Ubuntu 4103-1: docker-credential-helpers vulnerability (Aug 19) |
| |
docker-credential-helpers could be made to crash or run programs as your login
|
| |
Ubuntu 4078-2: OpenLDAP vulnerabilities (Aug 19) |
| |
Several security issues were fixed in OpenLDAP.
|
| |
Ubuntu 4102-1: LibreOffice vulnerabilities (Aug 19) |
| |
Several security issues were fixed in LibreOffice.
|
| |
Ubuntu 4100-1: KConfig and KDE libraries vulnerabilities (Aug 19) |
| |
KConfig and KDE libraries could be made to crash or run programs if it opened a specially crafted file.
|
| |
Ubuntu 4101-1: Firefox vulnerability (Aug 16) |
| |
A local attacker could obtain saved passwords.
|
| |
Ubuntu 4099-1: nginx vulnerabilities (Aug 15) |
| |
nginx could be made to crash if it received specially crafted network traffic.
|
| |
|
| |
Debian LTS: DLA-1886-2: openjdk-7 regression update (Aug 22) |
| |
The latest security update of openjdk-7 caused a regression when applications relied on elliptic curve algorithms to establish SSL connections. Several duplicate classes were removed from rt.jar by the upstream developers of OpenJDK because they were also present in
|
| |
Debian LTS: DLA-1893-1: cups security update (Aug 22) |
| |
Two issues have been found in cups, the Common UNIX Printing System(tm). Basically both CVEs (CVE-2019-8675 and CVE-2019-8696) are about
|
| |
Debian LTS: DLA-1892-1: flask security update (Aug 20) |
| |
Flask, a micro web framework for Python contains a CWE-20: Improper Input Validation vulnerability that can result in Large amount of memory usage possibly leading to denial of service. This attack appear
|
| |
Debian LTS: DLA-1891-1: openldap security update (Aug 18) |
| |
Several security vulnerabilities were discovered in openldap, a server and tools to provide a standalone directory service. CVE-2019-13057
|
| |
Debian LTS: DLA-1890-1: kde4libs security update (Aug 18) |
| |
Dominik Penner discovered a flaw in how KConfig interpreted shell commands in desktop files and other configuration files. An attacker may trick users into installing specially crafted files which could then be used to execute arbitrary code, e.g. a file manager trying to find out
|
| |
Debian LTS: DLA-1889-1: python3.4 security update (Aug 17) |
| |
A vulnerability has been discovered in Python, an interactive high-level object-oriented language, that is relevant for cookie handling. By using a malicious server an attacker might steal cookies that are
|
| |
Debian LTS: DLA-1888-1: imagemagick security update (Aug 16) |
| |
Multiple vulnerabilities have been found in imagemagick, an image processing toolkit. CVE-2019-12974
|
| |
Debian LTS: DLA-1886-1: openjdk-7 security update (Aug 15) |
| |
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, information disclosure or the execution of arbitrary code.
|
| |
Debian LTS: DLA-1887-1: freetype security update (Aug 15) |
| |
A buffer over-read in the t1-parser of freetype, a font engine, has been found and fixed by checking limits more sensible.
|
| |
|
| |
CentOS: CESA-2019-2473: Important CentOS 6 kernel (Aug 16) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:2473
|
| |
CentOS: CESA-2019-2471: Moderate CentOS 6 openssl (Aug 16) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:2471
|
| |
|
| |
openSUSE: 2019:1985-1: moderate: Recommended putty (Aug 21) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2019:1983-1: moderate: ImageMagick (Aug 21) |
| |
An update that fixes 30 vulnerabilities is now available.
|
| |
openSUSE: 2019:1965-1: moderate: wireshark (Aug 20) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1963-1: moderate: squid (Aug 20) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1968-1: moderate: libcryptopp (Aug 20) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1964-1: moderate: tcpdump (Aug 20) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1959-1: moderate: clementine (Aug 19) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1954-1: moderate: openexr (Aug 19) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1952-1: moderate: zstd (Aug 19) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
openSUSE: 2019:1951-1: moderate: Recommended dkgpg, libTMCG (Aug 19) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2019:1928-1: important: chromium (Aug 18) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1929-1: moderate: LibreOffice (Aug 18) |
| |
An update that solves one vulnerability and has 11 fixes is now available.
|
| |
openSUSE: 2019:1931-1: important: chromium (Aug 18) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1927-1: moderate: zypper, libzypp and libsolv (Aug 18) |
| |
An update that solves three vulnerabilities and has 41 fixes is now available.
|
| |
openSUSE: 2019:1921-1: important: pdns (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1920-1: important: dosbox (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1907-1: important: nodejs8 (Aug 15) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1910-1: important: subversion (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1918-1: important: bzip2 (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1914-1: important: polkit (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1901-1: important: chromium (Aug 15) |
| |
An update that fixes 16 vulnerabilities is now available.
|
| |
openSUSE: 2019:1905-1: important: dosbox (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1908-1: important: evince (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1911-1: important: icedtea-web (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1912-1: important: java-1_8_0-openjdk (Aug 15) |
| |
An update that solves 8 vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:1902-1: important: chromium (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1906-1: important: python (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1904-1: important: pdns (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1909-1: important: vlc (Aug 15) |
| |
An update that solves 7 vulnerabilities and has three fixes is now available.
|
| |
openSUSE: 2019:1917-1: important: gpg2 (Aug 15) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1916-1: important: java-11-openjdk (Aug 15) |
| |
An update that solves 9 vulnerabilities and has two fixes is now available.
|
| |
openSUSE: 2019:1897-1: important: vlc (Aug 15) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
openSUSE: 2019:1904-1: important: pdns (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1913-1: important: mariadb, mariadb-connector-c (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1898-1: important: kconfig, kdelibs4 (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1903-1: important: chromium (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1915-1: important: mariadb, mariadb-connector-c (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
|
| |
Mageia 2019-0226: redis security update (Aug 18) |
| |
This update fixes 2 security issues. A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure (CVE-2019-10192).
|
| |
Mageia 2019-0225: postgresql security update (Aug 18) |
| |
Updated postgresql packages fix security vulnerabilities: Given a suitable SECURITY DEFINER function, an attacker can execute arbitrary SQL under the identity of the function owner. An attack requires EXECUTE permission on the function, which must itself contain a function
|
| |
Mageia 2019-0224: mariadb security update (Aug 18) |
| |
Updated mariadb packages fix security vulnerabilities: An easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise mariadb server. Successful attacks of this vulnerability can result in unauthorized
|
| |
Mageia 2019-0223: mythtv security update (Aug 18) |
| |
This update provides and update to mythtv 30, and updates the bundled ffmpeg to 3.2. It also fixes atleast the following issue: The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 4.0.2 does not check for an empty audio packet, leading to an assertion
|
| |
Mageia 2019-0222: elfutils security update (Aug 18) |
| |
It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service (CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613,
|
