Advisories

Linux Advisory Watch

Don't want to miss that crucial security notice?. The editorial staff at Guardian Digital will bring you complete coverage and in-depth
descriptions of all security bulletins, vulnerabilities and updated packages, all in one convenient weekly newsletter.

Linux Advisory Watch: December 18th, 2020

Linux Advisory Watch: December 18th, 2020

Thank you for reading the LinuxSecurity Linux Advisory Watch newsletter! Staying on top of the latest security advisories issued by the distro(s) you use is essential in maintaining an updated, secure Linux system. Our weekly newsletter is an easy, convenient way to track distribution security advisories - helping you keep your Linux environment safe from malware and other exploits.

Important advisories issued this week include Mozilla Firefox and Mozilla Thunderbird updates available for Debian users and an update to the 5.9.14 stable kernel containing a number of important fixes across the tree issued by Fedora. Continue reading to learn about other significant advisories issued this week. Wishing you and your loved ones a healthy, safe and secure holiday season!

Yours in Open Source,

Brittany Day Signature


LinuxSecurity.com Feature Extras:

Anatomy of a Linux Ransomware Attack - In this article, we’ll examine the anatomy of a Linux ransomware attack, explore the magnitude of the ransomware risk Linux users face compared to Windows users and offer some tips and advice for protecting against Linux ransomware.

Verifying Linux Server Security: What Every Admin Needs to Know - This article will introduce LinuxSecurity’s top methods and tools for verifying the security of your Linux servers and will point you in the direction of some other valuable resources to help you get started on this journey.


  Debian: DSA-4816-1: mediawiki security update (Dec 18)
 

Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting or the disclosure of hidden users.

  Debian: DSA-4815-1: thunderbird security update (Dec 17)
 

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or information leak.

  Debian: DSA-4814-1: xerces-c security update (Dec 17)
 

It was discovered that xerces-c, a validating XML parser library for C++, did not correctly scan DTDs. The use-after-free vulnerability resulting from this issue would allow a remote attacker to leverage a specially crafted XML file in order to crash the application or

  Debian: DSA-4813-1: firefox-esr security update (Dec 16)
 

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or CSS sanitiser bypass.

  Debian: DSA-4812-1: xen security update (Dec 15)
 

Multiple vulnerabilities have been discovered in the Xen hypervisor: Several security issues affecting Xenstore could result in cross domain access (denial of service, information leaks or privilege

  Debian: DSA-4811-1: libxstream-java security update (Dec 15)
 

It was discovered that the default blacklist of XStream, a Java library to serialise objects to XML and back again, was vulnerable to the execution of arbitrary shell commands by manipulating the processed input stream.

  Debian: DSA-4810-1: lxml security update (Dec 13)
 

Yaniv Nizry discovered that the clean module of lxml, Python bindings for libxml2 and libxslt could be bypassed. For the stable distribution (buster), this problem has been fixed in

  Fedora 33: mbedtls 2020-9e97ec4cba (Dec 17)
 

Update to 2.16.9 Release notes: https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9

  Fedora 33: kernel 2020-b732958765 (Dec 16)
 

The 5.9.14 stable kernel update contains a number of important fixes across the tree.

  Fedora 33: libfprint 2020-f997de7d0e (Dec 16)
 

Update of fprintd and libfprint. There are two main tests: * Check that enroll still works (and requires a password) * Check that no other USB devices become unusable (e.g. mouse suddenly lags until clicked) Important changes: * Require authentication for enroll (i.e. password) * Fix race conditions in pam_fprintd * More udev autosupsend rules * Plenty of bugfixes * New

  Fedora 33: fprintd 2020-f997de7d0e (Dec 16)
 

Update of fprintd and libfprint. There are two main tests: * Check that enroll still works (and requires a password) * Check that no other USB devices become unusable (e.g. mouse suddenly lags until clicked) Important changes: * Require authentication for enroll (i.e. password) * Fix race conditions in pam_fprintd * More udev autosupsend rules * Plenty of bugfixes * New

  Fedora 32: kernel 2020-bc0cc81a7a (Dec 16)
 

The 5.9.14 stable kernel update contains a number of important fixes across the tree.

  Fedora 32: synergy 2020-2ef60a0580 (Dec 16)
 

Upstream update to v1.12.0-stable Security fix for CVE-2020-15117

  Fedora 33: mingw-openjpeg2 2020-4cd57a6876 (Dec 15)
 

This update backports patches for CVE-2020-27824 and CVE-2020-27823.

  Fedora 33: openjpeg2 2020-4cd57a6876 (Dec 15)
 

This update backports patches for CVE-2020-27824 and CVE-2020-27823.

  Fedora 33: synergy 2020-cc19e88a1f (Dec 15)
 

Upstream update to v1.12.0-stable Security fix for CVE-2020-15117

  Fedora 33: curl 2020-ceaf490686 (Dec 14)
 

- curl: Inferior OCSP verification (CVE-2020-8286) - libcurl: FTP wildcard stack overflow (CVE-2020-8285) - curl: trusting FTP PASV responses (CVE-2020-8284)

  Fedora 32: squeezelite 2020-8d8de2e043 (Dec 13)
 

Update to version 1.9.8.1307. Correct playback speed with PulseAdio. Don't try to guess whether to use HTTPS, provided you're using LMS 8.

  Fedora 33: squeezelite 2020-9217a5606d (Dec 13)
 

Update to version 1.9.8.1307. Correct playback speed with PulseAdio. Don't try to guess whether to use HTTPS, provided you're using LMS 8.

  Fedora 33: php-wikimedia-assert 2020-a4802c53d9 (Dec 13)
 

https://lists.wikimedia.org/pipermail/mediawiki- announce/2020-September/000263.html The 1.34.x series is now end-of-life and the 1.35.x series is a LTS release.

  Fedora 33: mediawiki 2020-a4802c53d9 (Dec 13)
 

https://lists.wikimedia.org/pipermail/mediawiki- announce/2020-September/000263.html The 1.34.x series is now end-of-life and the 1.35.x series is a LTS release.

  Fedora 33: php-zordius-lightncandy 2020-a4802c53d9 (Dec 13)
 

https://lists.wikimedia.org/pipermail/mediawiki- announce/2020-September/000263.html The 1.34.x series is now end-of-life and the 1.35.x series is a LTS release.

  Fedora 32: libpri 2020-e74ae9e90e (Dec 12)
 

Ruild with hardening flags enabled; also, add -doc subpackage, fix .so version symlinking, make -devel dependency on main package strict (arched), and other minor improvements

  Fedora 32: wireshark 2020-d4344dd12f (Dec 12)
 

New version 3.4.0. Security fix for CVE-2020-26575, CVE-2020-28030.

  Fedora 33: libpri 2020-2f1ef40a96 (Dec 12)
 

Build with hardening flags enabled; also, add -doc subpackage, fix .so version symlinking, make -devel dependency on main package strict (arched), and other minor improvements.

  Fedora 33: nodejs 2020-43d5a372fc (Dec 12)
 

Update to 14.15.1

  Fedora 33: wireshark 2020-4cff262f07 (Dec 12)
 

New version 3.4.0. Security fix for CVE-2020-26575, CVE-2020-28030.

  Fedora 32: libxls 2020-688a51575a (Dec 11)
 

Security fix for CVE-2020-27819

  Fedora 33: libxls 2020-ad84def381 (Dec 11)
 

Security fix for CVE-2020-27819

  Fedora 33: opensc 2020-7c80831ffe (Dec 11)
 

New upstream release (#1884886) with fixes for CVE-2020-26572, CVE-2020-26571, CVE-2020-26570

  Fedora 32: pam 2020-bd83344365 (Dec 10)
 

fix CVE-2020-27780: authentication bypass when the user doesn't exist

  RedHat: RHSA-2020-5605:01 Moderate: Red Hat OpenShift Container Storage (Dec 18)
 

Updated images are now available for Red Hat OpenShift Container Storage 4.6.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5623:01 Important: openssl security update (Dec 17)
 

An update for openssl is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5625:01 Moderate: Red Hat Single Sign-On 7.4.0 security (Dec 17)
 

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5624:01 Important: thunderbird security update (Dec 17)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5622:01 Important: thunderbird security update (Dec 17)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5620:01 Important: postgresql:12 security update (Dec 17)
 

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5619:01 Important: postgresql:9.6 security update (Dec 17)
 

An update for the postgresql:9.6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5618:01 Important: thunderbird security update (Dec 17)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5611:01 Important: Red Hat Virtualization security, (Dec 17)
 

An update for cockpit-ovirt, redhat-release-virtualization-host, redhat-virtualization-host, and v2v-conversion-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact

  RedHat: RHSA-2020-5607:01 Important: fapolicyd bug fix update (Dec 17)
 

An update for fapolicyd is now available for Red Hat Enterprise Linux 8. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description:

  RedHat: RHSA-2020-5608:01 Important: fapolicyd bug fix update (Dec 17)
 

An update for fapolicyd is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, s390x, x86_64

  RedHat: RHSA-2020-5609:01 Important: fapolicyd bug fix update (Dec 17)
 

An update for fapolicyd is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v. 8.1) - aarch64, ppc64le, s390x, x86_64

  RedHat: RHSA-2020-5606:01 Moderate: Red Hat OpenShift Container Storage 4.6 (Dec 17)
 

An update for mcg is now available for Red Hat OpenShift Container Storage 4.6.0 on RHEL-8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5599:01 Important: web-admin-build security and bug fix (Dec 16)
 

Updated web-admin-build packages that fixes one bug are now available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5585:01 Important: java-1.8.0-ibm security update (Dec 16)
 

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5586:01 Moderate: java-1.7.1-ibm security update (Dec 16)
 

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5588:01 Important: openssl security update (Dec 16)
 

An update for openssl is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5571:01 Moderate: python-XStatic-Bootstrap-SCSS security (Dec 16)
 

An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5581:01 Moderate: python-XStatic-jQuery security update (Dec 16)
 

An update for python-XStatic-jQuery is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5583:01 Moderate: memcached security update (Dec 16)
 

An update for memcached is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5572:01 Moderate: python-django-horizon security update (Dec 16)
 

An update for python-django-horizon is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5363:01 Moderate: OpenShift Container Platform 3.11.343 (Dec 16)
 

Red Hat OpenShift Container Platform release 3.11.343 is now available with updates to packages and images that fix several bugs. This release includes a security update for Kubernetes for Red Hat OpenShift Container Platform 3.11.

  RedHat: RHSA-2020-5568:01 Important: Red Hat Fuse 7.8.0 release and (Dec 16)
 

A minor version update (from 7.7 to 7.8) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact

  RedHat: RHSA-2020-5566:01 Important: openssl security update (Dec 16)
 

An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5567:01 Important: postgresql:10 security update (Dec 16)
 

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5561:01 Important: firefox security update (Dec 16)
 

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5565:01 Important: firefox security update (Dec 16)
 

An update for firefox is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5563:01 Important: firefox security update (Dec 16)
 

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5562:01 Important: firefox security update (Dec 16)
 

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5564:01 Important: firefox security update (Dec 16)
 

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5361:01 Important: Red Hat build of Thorntail 2.7.2 (Dec 16)
 

An update is now available for Red Hat build of Thorntail. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each

  RedHat: RHSA-2020-5554:01 Important: CloudForms 5.0.10 security, (Dec 15)
 

An update is now available for CloudForms Management Engine 5.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5359:01 Moderate: OpenShift Container Platform 4.5.23 (Dec 15)
 

Red Hat OpenShift Container Platform release 4.5.23 is now available with updates to packages and images that fix several bugs. This release includes a security update for Kubernetes for Red Hat OpenShift Container Platform 4.5.

  RedHat: RHSA-2020-5529:01 Moderate: Red Hat Single Sign-On 7.4.4 on OpenJDK (Dec 15)
 

A new image is available for Red Hat Single Sign-On 7.4.4 on OpenJDK, running on OpenShift Container Platform of versions 3.10, 3.11, up to the 4.6. Red Hat Product Security has rated this update as having a security impact

  RedHat: RHSA-2020-5412:01 Moderate: python-XStatic-jQuery224 security update (Dec 15)
 

An update for python-XStatic-jQuery224 is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5411:01 Moderate: python-django-horizon security update (Dec 15)
 

An update for python-django-horizon is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5495:01 Moderate: nginx:1.16 security update (Dec 15)
 

An update for the nginx:1.16 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5528:01 Low: Red Hat Single Sign-On 7.4.4 security update (Dec 15)
 

New Red Hat Single Sign-On 7.4.4 packages are now available for Red Hat Enterprise Linux 8. 2. Relevant releases/architectures: Red Hat Single Sign-On 7.4 for RHEL 8 - noarch

  RedHat: RHSA-2020-5533:01 Important: Red Hat Single Sign-On 7.4.4 security (Dec 15)
 

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5527:01 Low: Red Hat Single Sign-On 7.4.4 security update (Dec 15)
 

New Red Hat Single Sign-On 7.4.4 packages are now available for Red Hat Enterprise Linux 7. 2. Relevant releases/architectures: Red Hat Single Sign-On 7.4 for RHEL 7 Server - noarch

  RedHat: RHSA-2020-5487:01 Moderate: pacemaker security update (Dec 15)
 

An update for pacemaker is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-5499:01 Moderate: nodejs:12 security and bug fix update (Dec 15)
 

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5503:01 Moderate: mariadb-connector-c security, bug fix, (Dec 15)
 

An update for mariadb-connector-c is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5500:01 Important: mariadb:10.3 security, bug fix, (Dec 15)
 

An update for the mariadb:10.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5493:01 Moderate: go-toolset:rhel8 security update (Dec 15)
 

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5526:01 Low: Red Hat Single Sign-On 7.4.4 security update (Dec 15)
 

New Red Hat Single Sign-On 7.4.4 packages are now available for Red Hat Enterprise Linux 6. 2. Relevant releases/architectures: Red Hat Single Sign-On 7.4 for RHEL 6 Server - noarch

  RedHat: RHSA-2020-5476:01 Important: openssl security and bug fix update (Dec 15)
 

An update for openssl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5480:01 Important: net-snmp security and bug fix update (Dec 15)
 

An update for net-snmp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5483:01 Moderate: gnutls security and bug fix update (Dec 15)
 

An update for gnutls is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-5473:01 Moderate: kernel security and bug fix update (Dec 15)
 

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-5479:01 Important: linux-firmware security and (Dec 15)
 

An update for linux-firmware is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5506:01 Moderate: kernel-rt security and bug fix update (Dec 15)
 

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-5453:01 Moderate: pacemaker security update (Dec 15)
 

An update for pacemaker is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-5437:01 Important: kernel security and bug fix update (Dec 15)
 

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5434:01 Moderate: targetcli security update (Dec 15)
 

An update for targetcli is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-5439:01 Moderate: samba security and bug fix update (Dec 15)
 

An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-5443:01 Moderate: gd security update (Dec 15)
 

An update for gd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-5441:01 Important: kernel-rt security and bug fix update (Dec 15)
 

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5435:01 Moderate: python-rtslib security update (Dec 15)
 

An update for python-rtslib is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5422:01 Important: openssl security update (Dec 15)
 

An update for openssl is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5416:01 Important: linux-firmware security and bug fix (Dec 15)
 

An update for linux-firmware is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5418:01 Moderate: kernel security and bug fix update (Dec 15)
 

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5430:01 Moderate: kernel security and bug fix update (Dec 15)
 

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

  RedHat: RHSA-2020-5420:01 Important: net-snmp security and bug fix update (Dec 15)
 

An update for net-snmp is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5417:01 Moderate: curl security and bug fix update (Dec 15)
 

An update for curl is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5423:01 Moderate: pacemaker security update (Dec 15)
 

An update for pacemaker is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5428:01 Moderate: kernel-rt security and bug fix update (Dec 15)
 

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-5410:01 Important: Red Hat Data Grid 7.3.8 security update (Dec 14)
 

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5408:01 Important: xorg-x11-server security update (Dec 14)
 

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5259:01 Moderate: OpenShift Container Platform 4.6.8 (Dec 14)
 

Red Hat OpenShift Container Platform release 4.6.8 is now available with updates to packages and images that fix several bugs. This release includes a security update for openshift-enterprise-builder-container for Red Hat OpenShift Container

  RedHat: RHSA-2020-5402:01 Important: libexif security update (Dec 14)
 

An update for libexif is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5260:01 Moderate: OpenShift Container Platform 4.6.8 (Dec 14)
 

Red Hat OpenShift Container Platform release 4.6.8 is now available with updates to packages and images that fix several bugs. An update for ironic-images, openshift, openshift-ansible, openshift-clients, and python-eventlet, cri-o, openshift-kuryr,

  RedHat: RHSA-2020-5401:01 Important: libpq security update (Dec 14)
 

An update for libpq is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5400:01 Important: thunderbird security update (Dec 14)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5399:01 Important: thunderbird security update (Dec 14)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5398:01 Important: thunderbird security update (Dec 14)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5394:01 Important: libexif security update (Dec 14)
 

An update for libexif is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5393:01 Important: libexif security update (Dec 14)
 

An update for libexif is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-5395:01 Important: libexif security update (Dec 14)
 

An update for libexif is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-5396:01 Important: libexif security update (Dec 14)
 

An update for libexif is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  Slackware: 2020-347-01: p11-kit Security Update (Dec 12)
 

New p11-kit packages are available for Slackware 14.2 and -current to fix security issues.

  SUSE: 2020:117-1 suse-sles-15-chost-byos-v20201210-hvm-ssd-x86_64 Security Update (Dec 14)
 

The container suse-sles-15-chost-byos-v20201210-hvm-ssd-x86_64 was updated. The following patches have been included in this update:

  SUSE: 2020:852-1 caasp/v4.5/velero-restic-restore-helper Security Update (Dec 12)
 

The container caasp/v4.5/velero-restic-restore-helper was updated. The following patches have been included in this update:

  SUSE: 2020:851-1 caasp/v4.5/velero-plugin-for-microsoft-azure Security Update (Dec 12)
 

The container caasp/v4.5/velero-plugin-for-microsoft-azure was updated. The following patches have been included in this update:

  SUSE: 2020:850-1 caasp/v4.5/velero-plugin-for-gcp Security Update (Dec 12)
 

The container caasp/v4.5/velero-plugin-for-gcp was updated. The following patches have been included in this update:

  SUSE: 2020:849-1 caasp/v4.5/velero-plugin-for-aws Security Update (Dec 12)
 

The container caasp/v4.5/velero-plugin-for-aws was updated. The following patches have been included in this update:

  SUSE: 2020:848-1 caasp/v4.5/velero Security Update (Dec 12)
 

The container caasp/v4.5/velero was updated. The following patches have been included in this update:

  SUSE: 2020:847-1 caasp/v4.5/skuba-tooling Security Update (Dec 12)
 

The container caasp/v4.5/skuba-tooling was updated. The following patches have been included in this update:

  SUSE: 2020:846-1 caasp/v4.5/rsyslog Security Update (Dec 12)
 

The container caasp/v4.5/rsyslog was updated. The following patches have been included in this update:

  SUSE: 2020:845-1 caasp/v4.5/reloader Security Update (Dec 12)
 

The container caasp/v4.5/reloader was updated. The following patches have been included in this update:

  SUSE: 2020:844-1 caasp/v4.5/prometheus-server Security Update (Dec 12)
 

The container caasp/v4.5/prometheus-server was updated. The following patches have been included in this update:

  SUSE: 2020:843-1 caasp/v4.5/prometheus-pushgateway Security Update (Dec 12)
 

The container caasp/v4.5/prometheus-pushgateway was updated. The following patches have been included in this update:

  SUSE: 2020:842-1 caasp/v4.5/prometheus-node-exporter Security Update (Dec 12)
 

The container caasp/v4.5/prometheus-node-exporter was updated. The following patches have been included in this update:

  SUSE: 2020:841-1 caasp/v4.5/prometheus-alertmanager Security Update (Dec 12)
 

The container caasp/v4.5/prometheus-alertmanager was updated. The following patches have been included in this update:

  SUSE: 2020:839-1 caasp/v4.5/metrics-server Security Update (Dec 12)
 

The container caasp/v4.5/metrics-server was updated. The following patches have been included in this update:

  SUSE: 2020:838-1 caasp/v4.5/kured Security Update (Dec 12)
 

The container caasp/v4.5/kured was updated. The following patches have been included in this update:

  SUSE: 2020:837-1 caasp/v4.5/kucero Security Update (Dec 12)
 

The container caasp/v4.5/kucero was updated. The following patches have been included in this update:

  SUSE: 2020:836-1 caasp/v4.5/kubernetes-client Security Update (Dec 12)
 

The container caasp/v4.5/kubernetes-client was updated. The following patches have been included in this update:

  SUSE: 2020:835-1 caasp/v4.5/kube-state-metrics Security Update (Dec 12)
 

The container caasp/v4.5/kube-state-metrics was updated. The following patches have been included in this update:

  SUSE: 2020:835-1 caasp/v4.5/kube-state-metrics Security Update (Dec 12)
 

The container caasp/v4.5/kube-state-metrics was updated. The following patches have been included in this update:

  SUSE: 2020:834-1 caasp/v4.5/kube-scheduler Security Update (Dec 12)
 

The container caasp/v4.5/kube-scheduler was updated. The following patches have been included in this update:

  SUSE: 2020:833-1 caasp/v4.5/kube-proxy Security Update (Dec 12)
 

The container caasp/v4.5/kube-proxy was updated. The following patches have been included in this update:

  SUSE: 2020:832-1 caasp/v4.5/kube-controller-manager Security Update (Dec 12)
 

The container caasp/v4.5/kube-controller-manager was updated. The following patches have been included in this update:

  SUSE: 2020:831-1 caasp/v4.5/kube-apiserver Security Update (Dec 12)
 

The container caasp/v4.5/kube-apiserver was updated. The following patches have been included in this update:

  SUSE: 2020:830-1 caasp/v4.5/k8s-sidecar Security Update (Dec 12)
 

The container caasp/v4.5/k8s-sidecar was updated. The following patches have been included in this update:

  SUSE: 2020:829-1 caasp/v4.5/istio-proxyv2 Security Update (Dec 12)
 

The container caasp/v4.5/istio-proxyv2 was updated. The following patches have been included in this update:

  SUSE: 2020:828-1 caasp/v4.5/istio-pilot Security Update (Dec 12)
 

The container caasp/v4.5/istio-pilot was updated. The following patches have been included in this update:

  SUSE: 2020:827-1 caasp/v4.5/istio-base Security Update (Dec 12)
 

The container caasp/v4.5/istio-base was updated. The following patches have been included in this update:

  SUSE: 2020:826-1 caasp/v4.5/ingress-nginx-controller Security Update (Dec 12)
 

The container caasp/v4.5/ingress-nginx-controller was updated. The following patches have been included in this update:

  SUSE: 2020:825-1 caasp/v4.5/helm-tiller Security Update (Dec 12)
 

The container caasp/v4.5/helm-tiller was updated. The following patches have been included in this update:

  SUSE: 2020:824-1 caasp/v4.5/grafana Security Update (Dec 12)
 

The container caasp/v4.5/grafana was updated. The following patches have been included in this update:

  SUSE: 2020:823-1 caasp/v4.5/gangway Security Update (Dec 12)
 

The container caasp/v4.5/gangway was updated. The following patches have been included in this update:

  SUSE: 2020:822-1 caasp/v4.5/etcd Security Update (Dec 12)
 

The container caasp/v4.5/etcd was updated. The following patches have been included in this update:

  SUSE: 2020:821-1 caasp/v4.5/default-http-backend Security Update (Dec 12)
 

The container caasp/v4.5/default-http-backend was updated. The following patches have been included in this update:

  SUSE: 2020:820-1 caasp/v4.5/curl Security Update (Dec 12)
 

The container caasp/v4.5/curl was updated. The following patches have been included in this update:

  SUSE: 2020:819-1 caasp/v4.5/coredns Security Update (Dec 12)
 

The container caasp/v4.5/coredns was updated. The following patches have been included in this update:

  SUSE: 2020:818-1 caasp/v4.5/configmap-reload Security Update (Dec 12)
 

The container caasp/v4.5/configmap-reload was updated. The following patches have been included in this update:

  SUSE: 2020:817-1 caasp/v4.5/cilium-operator Security Update (Dec 12)
 

The container caasp/v4.5/cilium-operator was updated. The following patches have been included in this update:

  SUSE: 2020:816-1 caasp/v4.5/cilium Security Update (Dec 12)
 

The container caasp/v4.5/cilium was updated. The following patches have been included in this update:

  SUSE: 2020:815-1 caasp/v4.5/cilium-etcd-operator Security Update (Dec 12)
 

The container caasp/v4.5/cilium-etcd-operator was updated. The following patches have been included in this update:

  SUSE: 2020:815-1 caasp/v4.5/cilium-etcd-operator Security Update (Dec 12)
 

The container caasp/v4.5/cilium-etcd-operator was updated. The following patches have been included in this update:

  SUSE: 2020:814-1 caasp/v4.5/cert-manager-webhook Security Update (Dec 12)
 

The container caasp/v4.5/cert-manager-webhook was updated. The following patches have been included in this update:

  SUSE: 2020:813-1 caasp/v4.5/cert-manager-controller Security Update (Dec 12)
 

The container caasp/v4.5/cert-manager-controller was updated. The following patches have been included in this update:

  SUSE: 2020:812-1 caasp/v4.5/cert-manager-cainjector Security Update (Dec 12)
 

The container caasp/v4.5/cert-manager-cainjector was updated. The following patches have been included in this update:

  SUSE: 2020:811-1 caasp/v4.5/cert-exporter Security Update (Dec 12)
 

The container caasp/v4.5/cert-exporter was updated. The following patches have been included in this update:

  SUSE: 2020:810-1 caasp/v4.5/caasp-dex Security Update (Dec 12)
 

The container caasp/v4.5/caasp-dex was updated. The following patches have been included in this update:

  SUSE: 2020:809-1 caasp/v4.5/busybox Security Update (Dec 12)
 

The container caasp/v4.5/busybox was updated. The following patches have been included in this update:

  SUSE: 2020:808-1 caasp/v4.5/389-ds Security Update (Dec 12)
 

The container caasp/v4.5/389-ds was updated. The following patches have been included in this update:

  SUSE: 2020:807-1 caasp/v4/velero-restic-restore-helper Security Update (Dec 12)
 

The container caasp/v4/velero-restic-restore-helper was updated. The following patches have been included in this update:

  SUSE: 2020:806-1 caasp/v4/velero-plugin-for-microsoft-azure Security Update (Dec 12)
 

The container caasp/v4/velero-plugin-for-microsoft-azure was updated. The following patches have been included in this update:

  SUSE: 2020:805-1 caasp/v4/velero-plugin-for-gcp Security Update (Dec 12)
 

The container caasp/v4/velero-plugin-for-gcp was updated. The following patches have been included in this update:

  SUSE: 2020:804-1 caasp/v4/velero-plugin-for-aws Security Update (Dec 12)
 

The container caasp/v4/velero-plugin-for-aws was updated. The following patches have been included in this update:

  SUSE: 2020:803-1 caasp/v4/velero Security Update (Dec 12)
 

The container caasp/v4/velero was updated. The following patches have been included in this update:

  SUSE: 2020:802-1 caasp/v4/test-update Security Update (Dec 12)
 

The container caasp/v4/test-update was updated. The following patches have been included in this update:

  SUSE: 2020:801-1 caasp/v4/skuba-tooling Security Update (Dec 12)
 

The container caasp/v4/skuba-tooling was updated. The following patches have been included in this update:

  SUSE: 2020:800-1 caasp/v4/rsyslog Security Update (Dec 12)
 

The container caasp/v4/rsyslog was updated. The following patches have been included in this update:

  SUSE: 2020:799-1 caasp/v4/prometheus-server Security Update (Dec 12)
 

The container caasp/v4/prometheus-server was updated. The following patches have been included in this update:

  SUSE: 2020:798-1 caasp/v4/prometheus-pushgateway Security Update (Dec 12)
 

The container caasp/v4/prometheus-pushgateway was updated. The following patches have been included in this update:

  SUSE: 2020:797-1 caasp/v4/prometheus-server Security Update (Dec 12)
 

The container caasp/v4/prometheus-server was updated. The following patches have been included in this update:

  SUSE: 2020:796-1 caasp/v4/prometheus-alertmanager Security Update (Dec 12)
 

The container caasp/v4/prometheus-alertmanager was updated. The following patches have been included in this update:

  SUSE: 2020:794-1 caasp/v4/metrics-server Security Update (Dec 12)
 

The container caasp/v4/metrics-server was updated. The following patches have been included in this update:

  SUSE: 2020:794-1 caasp/v4/metrics-server Security Update (Dec 12)
 

The container caasp/v4/metrics-server was updated. The following patches have been included in this update:

  SUSE: 2020:793-1 caasp/v4/kured Security Update (Dec 12)
 

The container caasp/v4/kured was updated. The following patches have been included in this update:

  SUSE: 2020:791-1 caasp/v4/kubernetes-client Security Update (Dec 12)
 

The container caasp/v4/kubernetes-client was updated. The following patches have been included in this update:

  SUSE: 2020:790-1 caasp/v4/kube-state-metrics Security Update (Dec 12)
 

The container caasp/v4/kube-state-metrics was updated. The following patches have been included in this update:

  SUSE: 2020:789-1 caasp/v4/hyperkube Security Update (Dec 12)
 

The container caasp/v4/hyperkube was updated. The following patches have been included in this update:

  SUSE: 2020:788-1 caasp/v4/helm-tiller Security Update (Dec 12)
 

The container caasp/v4/helm-tiller was updated. The following patches have been included in this update:

  SUSE: 2020:787-1 caasp/v4/prometheus Security Update (Dec 12)
 

The container caasp/v4/prometheus was updated. The following patches have been included in this update:

  SUSE: 2020:786-1 caasp/v4/gangway Security Update (Dec 12)
 

The container caasp/v4/gangway was updated. The following patches have been included in this update:

  SUSE: 2020:785-1 caasp/v4/etcd Security Update (Dec 12)
 

The container caasp/v4/etcd was updated. The following patches have been included in this update:

  SUSE: 2020:784-1 caasp/v4/curl Security Update (Dec 12)
 

The container caasp/v4/curl was updated. The following patches have been included in this update:

  SUSE: 2020:783-1 caasp/v4/coredns Security Update (Dec 12)
 

The container caasp/v4/coredns was updated. The following patches have been included in this update:

  SUSE: 2020:782-1 caasp/v4/configmap-reload Security Update (Dec 12)
 

The container caasp/v4/configmap-reload was updated. The following patches have been included in this update:

  SUSE: 2020:781-1 caasp/v4/cloud-provider-openstack Security Update (Dec 12)
 

The container caasp/v4/cloud-provider-openstack was updated. The following patches have been included in this update:

  SUSE: 2020:780-1 caasp/v4/cilium-operator Security Update (Dec 12)
 

The container caasp/v4/cilium-operator was updated. The following patches have been included in this update:

  SUSE: 2020:779-1 caasp/v4/cilium-init Security Update (Dec 12)
 

The container caasp/v4/cilium-init was updated. The following patches have been included in this update:

  SUSE: 2020:778-1 caasp/v4/cilium Security Update (Dec 12)
 

The container caasp/v4/cilium was updated. The following patches have been included in this update:

  SUSE: 2020:777-1 caasp/v4/cilium-etcd-operator Security Update (Dec 12)
 

The container caasp/v4/cilium-etcd-operator was updated. The following patches have been included in this update:

  SUSE: 2020:776-1 caasp/v4/cert-exporter Security Update (Dec 12)
 

The container caasp/v4/cert-exporter was updated. The following patches have been included in this update:

  SUSE: 2020:775-1 caasp/v4/caasp-dex Security Update (Dec 12)
 

The container caasp/v4/caasp-dex was updated. The following patches have been included in this update:

  SUSE: 2020:774-1 caasp/v4/busybox Security Update (Dec 12)
 

The container caasp/v4/busybox was updated. The following patches have been included in this update:

  SUSE: 2020:773-1 caasp/v4/389-ds Security Update (Dec 12)
 

The container caasp/v4/389-ds was updated. The following patches have been included in this update:

  SUSE: 2020:3764-1 important: the Linux Kernel (Dec 11)
 

An update that solves 11 vulnerabilities and has 62 fixes is now available.

  SUSE: 2020:3763-1 important: openssl (Dec 11)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3765-1 important: python (Dec 11)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3762-1 important: openssl-1_0_0 (Dec 11)
 

An update that solves one vulnerability, contains one feature and has 6 fixes is now available.

  SUSE: 2020:3760-1 moderate: Security changes in Kubernetes, etcd, and helm; Bugfix in cri- (Dec 11)
 

An update that fixes 8 vulnerabilities is now available.

  SUSE: 2020:3761-1 important: Security changes in Kubernetes, etcd, and skuba; Bugfix in cr (Dec 11)
 

An update that solves four vulnerabilities and has 11 fixes is now available.

  SUSE: 2020:116-1 sles-15-sp2-chost-byos-v20201208 Security Update (Dec 11)
 

The container sles-15-sp2-chost-byos-v20201208 was updated. The following patches have been included in this update:

  SUSE: 2020:115-1 suse-sles-15-sp2-chost-byos-v20201208-hvm-ssd-x86_64 Security Update (Dec 11)
 

The container suse-sles-15-sp2-chost-byos-v20201208-hvm-ssd-x86_64 was updated. The following patches have been included in this update:

  SUSE: 2020:114-1 suse-sles-15-sp2-chost-byos-v20201208-gen2 Security Update (Dec 11)
 

The container suse-sles-15-sp2-chost-byos-v20201208-gen2 was updated. The following patches have been included in this update:

  SUSE: 2020:113-1 sles-15-sp1-chost-byos-v20201209 Security Update (Dec 11)
 

The container sles-15-sp1-chost-byos-v20201209 was updated. The following patches have been included in this update:

  SUSE: 2020:112-1 suse-sles-15-sp1-chost-byos-v20201209-hvm-ssd-x86_64 Security Update (Dec 11)
 

The container suse-sles-15-sp1-chost-byos-v20201209-hvm-ssd-x86_64 was updated. The following patches have been included in this update:

  SUSE: 2020:111-1 suse-sles-15-sp1-chost-byos-v20201209-gen2 Security Update (Dec 11)
 

The container suse-sles-15-sp1-chost-byos-v20201209-gen2 was updated. The following patches have been included in this update:

  SUSE: 2020:771-1 suse/sles12sp5 Security Update (Dec 11)
 

The container suse/sles12sp5 was updated. The following patches have been included in this update:

  SUSE: 2020:3748-1 important: the Linux Kernel (Dec 10)
 

An update that solves 12 vulnerabilities and has 72 fixes is now available.

  SUSE: 2020:3749-1 moderate: gcc7 (Dec 10)
 

An update that solves one vulnerability, contains one feature and has 7 fixes is now available.

  SUSE: 2020:3748-1 important: the Linux Kernel (Dec 10)
 

An update that solves 12 vulnerabilities and has 72 fixes is now available.

  SUSE: 2020:3739-1 moderate: curl (Dec 10)
 

An update that fixes three vulnerabilities is now available.

  SUSE: 2020:3740-1 important: openssl-1_1 (Dec 10)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3742-1 important: xen (Dec 10)
 

An update that solves 5 vulnerabilities and has one errata is now available.

  SUSE: 2020:770-1 suse/sle15 Security Update (Dec 10)
 

The container suse/sle15 was updated. The following patches have been included in this update:

  SUSE: 2020:769-1 suse/sle15 Security Update (Dec 10)
 

The container suse/sle15 was updated. The following patches have been included in this update:

  SUSE: 2020:768-1 suse/sle15 Security Update (Dec 10)
 

The container suse/sle15 was updated. The following patches have been included in this update:

  SUSE: 2020:767-1 suse/sles12sp5 Security Update (Dec 10)
 

The container suse/sles12sp5 was updated. The following patches have been included in this update:

  Debian LTS: DLA-2494-1: linux security update (Dec 18)
 

Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.

  Debian LTS: DLA-2499-1: sympa security update (Dec 17)
 

Sympa, a modern mailing list manager, grants full SOAP API access by sending invalid string as the cookie value, if the SOAP endpoint was enabled. An attacker could manipulate the mailing lists, including subscribing e-mails or getting the list of subscribers.

  Debian LTS: DLA-2498-1: xerces-c security update (Dec 17)
 

The UK's National Cyber Security Centre (NCSC) discovered that Xerces-C, a validating XML parser library for C++, contains a use-after-free error triggered during the scanning of external DTDs. An attacker could cause a Denial of Service (DoS) and possibly

  Debian LTS: DLA-2497-1: thunderbird security update (Dec 17)
 

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or information leak.

  Debian LTS: DLA-2496-1: firefox-esr security update (Dec 16)
 

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or CSS sanitiser bypass.

  Debian LTS: DLA-2495-1: tomcat8 security update (Dec 16)
 

It was discovered that Apache Tomcat from 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an

  Debian LTS: DLA-2493-1: openssl1.0 security update (Dec 14)
 

David Benjamin discovered a flaw in the GENERAL_NAME_cmp() function which could cause a NULL dereference, resulting in denial of service. For Debian 9 stretch, this problem has been fixed in version

  Debian LTS: DLA-2492-1: openssl security update (Dec 14)
 

David Benjamin discovered a flaw in the GENERAL_NAME_cmp() function which could cause a NULL dereference, resulting in denial of service. For Debian 9 stretch, this problem has been fixed in version

  Debian LTS: DLA-2490-1: x11vnc security update (Dec 10)
 

Guenal Davalan reported a flaw in x11vnc, a VNC server to allow remote access to an existing X session. x11vnc creates shared memory segments with 0777 mode. A local attacker can take advantage of this flaw for

  Debian LTS: DLA-2489-1: minidlna security update (Dec 10)
 

It was discovered that missing input validation in minidlna, a lightweight DLNA/UPnP-AV server could result in the execution of arbitrary code. In addition minidlna was susceptible to the "CallStranger" UPnP

  Debian LTS: DLA-2340-2: sqlite3 (Dec 10)
 

The update of sqlite3 released as DLA-2340-1 contained an incomplete fix for CVE-2019-20218. Updated sqlite3 packages are now available to correct this issue.

  Debian LTS: DLA-2483-1: linux-4.19 security update (Dec 10)
 

Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.

  ArchLinux: 202012-20: lib32-gdk-pixbuf2: denial of service (Dec 17)
 

The package lib32-gdk-pixbuf2 before version 2.42.2-1 is vulnerable to denial of service.

  ArchLinux: 202012-19: gdk-pixbuf2: denial of service (Dec 17)
 

The package gdk-pixbuf2 before version 2.42.2-1 is vulnerable to denial of service.

  ArchLinux: 202012-18: nsd: denial of service (Dec 17)
 

The package nsd before version 4.3.4-1 is vulnerable to denial of service.

  ArchLinux: 202012-17: unbound: denial of service (Dec 17)
 

The package unbound before version 1.13.0-1 is vulnerable to denial of service.

  ArchLinux: 202012-16: hostapd: proxy injection (Dec 17)
 

The package hostapd before version 2.9-4 is vulnerable to proxy injection.

  ArchLinux: 202012-15: minidlna: arbitrary code execution (Dec 17)
 

The package minidlna before version 1.3.0-1 is vulnerable to arbitrary code execution.

  ArchLinux: 202012-14: chromium: multiple issues (Dec 17)
 

The package chromium before version 87.0.4280.88-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure, insufficient validation and denial of service.

  ArchLinux: 202012-13: pam: authentication bypass (Dec 17)
 

The package pam before version 1.5.0-2 is vulnerable to authentication bypass.

  ArchLinux: 202012-12: blueman: privilege escalation (Dec 17)
 

The package blueman before version 2.1.4-1 is vulnerable to privilege escalation.

  CentOS: CESA-2020-5443: Moderate CentOS 7 gd (Dec 17)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:5443

  CentOS: CESA-2020-5434: Moderate CentOS 7 targetcli (Dec 17)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:5434

  CentOS: CESA-2020-5453: Moderate CentOS 7 pacemaker (Dec 17)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:5453

  CentOS: CESA-2020-5435: Moderate CentOS 7 python-rtslib (Dec 17)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:5435

  CentOS: CESA-2020-5439: Moderate CentOS 7 samba (Dec 17)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:5439

  CentOS: CESA-2020-5566: Important CentOS 7 openssl (Dec 17)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:5566

  SciLinux: SLSA-2020-5618-1 Important: thunderbird on SL7.x x86_64 (Dec 17)
 

This update upgrades Thunderbird to version 78.6.0. * chromium-browser: Uninitialized Use in V8 (CVE-2020-16042) * Mozilla: Heap buffer overflow in WebGL (CVE-2020-26971) * Mozilla: CSS Sanitizer performed incorrect sanitization (CVE-2020-26973) * Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use- after-free (CVE-2020-26974) * Mozilla: Memory safety bugs fixed in Firef [More...]

  SciLinux: SLSA-2020-5566-1 Important: openssl on SL7.x x86_64 (Dec 17)
 

openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971) SL7 x86_64 openssl-1.0.2k-21.el7_9.x86_64.rpm openssl-debuginfo-1.0.2k-21.el7_9.i686.rpm openssl-debuginfo-1.0.2k-21.el7_9.x86_64.rpm openssl-libs-1.0.2k-21.el7_9.i686.rpm openssl-libs-1.0.2k-21.el7_9.x86_64.rpm openssl-devel-1.0.2k-21.el7_9.i686.rpm openssl-devel-1.0.2k-21.el7_9.x86_64.rpm opens [More...]

  SciLinux: SLSA-2020-5439-1 Moderate: samba on SL7.x x86_64 (Dec 15)
 

samba: Netlogon elevation of privilege vulnerability (Zerologon) (CVE-2020-1472) * samba: Missing handle permissions check in SMB1/2/3 ChangeNotify (CVE-2020-14318) * samba: Unprivileged user can crash winbind (CVE-2020-14323) SL7 x86_64 libsmbclient-4.10.16-9.el7_9.i686.rpm libsmbclient-4.10.16-9.el7_9.x86_64.rpm libwbclient-4.10.16-9.el7_9.i686.rpm libwbclient-4.10.16-9. [More...]

  SciLinux: SLSA-2020-5443-1 Moderate: gd on SL7.x x86_64 (Dec 15)
 

gd: Integer overflow in _gd2GetHeader() resulting in heap overflow (CVE-2016-5766) SL7 x86_64 gd-2.0.35-27.el7_9.i686.rpm gd-2.0.35-27.el7_9.x86_64.rpm gd-debuginfo-2.0.35-27.el7_9.i686.rpm gd-debuginfo-2.0.35-27.el7_9.x86_64.rpm gd-devel-2.0.35-27.el7_9.i686.rpm gd-devel-2.0.35-27.el7_9.x86_64.rpm gd-progs-2.0.35-27.el7_9.x86_64.rpm - Scientific Linux Developme [More...]

  SciLinux: SLSA-2020-5437-1 Important: kernel on SL7.x x86_64 (Dec 15)
 

kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385) * kernel: The flow_dissector feature allows device tracking (CVE-2019-18282) * kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned. (CVE-2020-10769) * kernel: buffer uses out of index in ext3/4 f [More...]

  SciLinux: SLSA-2020-5435-1 Moderate: python-rtslib on SL7.x (noarch) (Dec 15)
 

python-rtslib: weak permissions for /etc/target/saveconfig.json (CVE-2020-14019) SL7 noarch python-rtslib-2.1.74-1.el7_9.noarch.rpm python-rtslib-doc-2.1.74-1.el7_9.noarch.rpm - Scientific Linux Development Team

  SciLinux: SLSA-2020-5434-1 Moderate: targetcli on SL7.x (noarch) (Dec 15)
 

targetcli: weak permissions for /etc/target and backup files (CVE-2020-13867) SL7 noarch targetcli-2.1.53-1.el7_9.noarch.rpm - Scientific Linux Development Team

  SciLinux: SLSA-2020-5453-1 Moderate: pacemaker on SL7.x x86_64 (Dec 15)
 

pacemaker: ACL restrictions bypass (CVE-2020-25654) SL7 x86_64 pacemaker-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-cli-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.i686.rpm pacemaker-cluster-libs-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-cts-1.1.23-1.el7_9.1.x86_64.rpm pacemaker-debuginfo-1.1.23-1.el7_9.1.i686.rpm pacemaker-debuginfo-1.1.23-1.el7_9 [More...]

  SciLinux: SLSA-2020-5400-1 Important: thunderbird on SL7.x x86_64 (Dec 14)
 

Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) SL7 x86_64 thunderbird-78.5.1-1.el7_9.x86_64.rpm thunderbird-debuginfo-78.5.1-1.el7_9.x86_64.rpm - Scientific Linux Development Team

  SciLinux: SLSA-2020-5408-1 Important: xorg-x11-server on SL7.x x86_64 (Dec 14)
 

xorg-x11-server: Out-of-bounds access in XkbSetMap function (CVE-2020-14360) * xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege escalation vulnerability (CVE-2020-25712) * xorg-x11-server: Leak of uninitialized heap memory from the X server to clients in AllocatePixmap of dix/pixmap.c (CVE-2020-14347) SL7 x86_64 xorg-x11-server-Xephyr-1.20.4-15.el7_9.x86_64.rpm [More...]

  SciLinux: SLSA-2020-5402-1 Important: libexif on SL7.x x86_64 (Dec 14)
 

libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452) SL7 x86_64 libexif-0.6.22-2.el7_9.i686.rpm libexif-0.6.22-2.el7_9.x86_64.rpm libexif-debuginfo-0.6.22-2.el7_9.i686.rpm libexif-debuginfo-0.6.22-2.el7_9.x86_64.rpm libexif-devel-0.6.22-2.el7_9.i686.rpm libexif-devel-0.6.22-2.el7_9.x86_64.rpm libexif-doc-0.6.22-2.el7_9.x86_64.r [More...]

  openSUSE: 2020:2276-1 moderate: clamav (Dec 18)
 

An update that fixes 14 vulnerabilities is now available.

  openSUSE: 2020:2269-1 important: openssl-1_0_0 (Dec 17)
 

An update that solves one vulnerability and has 6 fixes is now available.

  openSUSE: 2020:2268-1 moderate: clamav (Dec 17)
 

An update that fixes 14 vulnerabilities is now available.

  openSUSE: 2020:2261-1 moderate: audacity (Dec 15)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:2264-1 important: gdm (Dec 15)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:2260-1 important: the Linux Kernel (Dec 15)
 

An update that solves 12 vulnerabilities and has 72 fixes is now available.

  openSUSE: 2020:2254-1 important: mariadb (Dec 15)
 

An update that fixes 5 vulnerabilities is now available.

  openSUSE: 2020:2249-1 moderate: curl (Dec 14)
 

An update that fixes three vulnerabilities is now available.

  openSUSE: 2020:2245-1 important: openssl-1_1 (Dec 14)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:2238-1 moderate: curl (Dec 13)
 

An update that fixes three vulnerabilities is now available.

  openSUSE: 2020:2237-1 moderate: python-urllib3 (Dec 13)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:2240-1 moderate: openssh (Dec 13)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:2236-1 important: openssl-1_0_0 (Dec 12)
 

An update that solves one vulnerability and has 6 fixes is now available.

  openSUSE: 2020:2232-1 moderate: rpmlint (Dec 11)
 

An update that contains security fixes can now be installed.

  openSUSE: 2020:2229-1 important: chromium (Dec 11)
 

An update that fixes 6 vulnerabilities is now available.

  openSUSE: 2020:2227-1 moderate: pngcheck (Dec 10)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:2226-1 moderate: minidlna (Dec 10)
 

An update that fixes two vulnerabilities is now available.

  openSUSE: 2020:2222-1 moderate: nsd (Dec 10)
 

An update that fixes two vulnerabilities is now available.

  openSUSE: 2020:2222-1 moderate: nsd (Dec 10)
 

An update that fixes two vulnerabilities is now available.

  openSUSE: 2020:2223-1 important: openssl-1_1 (Dec 10)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:2220-1 moderate: pngcheck (Dec 10)
 

An update that fixes one vulnerability is now available.

  Mageia 2020-0463: jasper security update (Dec 17)
 

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability (CVE-2020-27828).

  Mageia 2020-0462: thunderbird security update (Dec 17)
 

When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read (CVE-2020-16042). Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow in WebGL on some video drivers (CVE-2020-26971).

  Mageia 2020-0461: firefox security update (Dec 17)
 

When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read (CVE-2020-16042). Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow in WebGL on some video drivers (CVE-2020-26971).

  Mageia 2020-0460: dpic security update (Dec 17)
 

dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat() function in main.c. (CVE-2019-13989) References: - https://bugs.mageia.org/show_bug.cgi?id=27759 - https://security-tracker.debian.org/tracker/CVE-2019-13989

  Mageia 2020-0459: sam2p security update (Dec 17)
 

In sam2p 0.49.3, a heap-based buffer overflow exists in the pcxLoadImage24 function of the file in_pcx.cpp. (CVE-2017-14628). In sam2p 0.49.3, the in_xpm_reader function in in_xpm.cpp has an integer signedness error, leading to a crash when writing to an out-of-bounds array

  Mageia 2020-0458: bitcoin security update (Dec 17)
 

Multiple vulnerabilities have been discovered in Bitcoin. In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it may dump a core file. If a user were to mishandle a core file, an attacker can reconstruct the user's

  Mageia 2020-0457: jupyter-notebook security update (Dec 17)
 

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for known notebook server hosts. A link to your notebook server may appear safe, but ultimately redirect to a spoofed server on the public internet. (CVE-2020-26215) References: - https://bugs.mageia.org/show_bug.cgi?id=27705 - https://www.debian.org/lts/security/2020/dla-2477

  Mageia 2020-0456: x11-server security update (Dec 17)
 

A flaw was found in the X.Org Server. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-14360).

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.