| |
Debian: DSA-4735-2: grub2 regression update (Jul 30) |
| |
The update for grub2 released as DSA 4735-1 caused a boot-regression when chainloading another bootlaoder and breaking notably dual-boot with Windows. Updated grub2 packages are now available to correct this issue.
|
| |
Debian: DSA-4737-1: xrdp security update (Jul 29) |
| |
Ashley Newson discovered that the XRDP sessions manager was susceptible to denial of service. A local attacker can further take advantage of this flaw to impersonate the XRDP sessions manager and capture any user credentials that are submitted to XRDP, approve or reject arbitrary
|
| |
Debian: DSA-4735-1: grub2 security update (Jul 29) |
| |
Several vulnerabilities have been discovered in the GRUB2 bootloader. CVE-2020-10713
|
| |
Debian: DSA-4736-1: firefox-esr security update (Jul 29) |
| |
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or an information leak.
|
| |
Debian: DSA-4734-1: openjdk-11 security update (Jul 26) |
| |
Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, bypass of access/sandbox restrictions or information disclosure.
|
| |
Debian: DSA-4733-1: qemu security update (Jul 24) |
| |
It was discovered that incorrect memory handling in the SLIRP networking implementation could result in denial of service or potentially the execution of arbitrary code.
|
| |
Fedora 32: firefox 2020-856ae65766 (Jul 30) |
| |
- New upstream update - 79.0
|
| |
Fedora 32: chromium 2020-bf684961d9 (Jul 30) |
| |
Just enough time for one more update. Chromium 84. Fixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530
|
| |
Fedora 32: freerdp 2020-8d5f86e29a (Jul 30) |
| |
Bugfix and CVE release.
|
| |
Fedora 31: java-11-openjdk 2020-93cc9c3ef2 (Jul 28) |
| |
# July 2020 OpenJDK security update for OpenJDK 11 Full release notes: https://bitly.com/openjdk1108 ## Security fixes - JDK-8230613: Better ASCII conversions - JDK-8231800: Better listing of arrays - JDK-8232014: Expand DTD support - JDK-8233234: Better Zip Naming - JDK-8233239, CVE-2020-14562: Enhance TIFF support - JDK-8233255: Better Swing Buttons -
|
| |
Fedora 31: java-1.8.0-openjdk 2020-508df53719 (Jul 28) |
| |
# July 2020 OpenJDK security update for OpenJDK 8. Full release notes: https://bitly.com/oj8u262 ## New features * [JDK-8223147](https://bugs.openjdk.java.net/browse/JDK-8223147): JFR Backport ## Security fixes - JDK-8028431, CVE-2020-14579: NullPointerException in DerValue.equals(DerValue) - JDK-8028591, CVE-2020-14578:
|
| |
Fedora 31: clamav 2020-dd0c20d985 (Jul 28) |
| |
ClamAV 0.102.4 is a bug patch release to address the following issues: CVE-2020-3350 Fixed a vulnerability a malicious user could exploit to replace a scan target's directory with a symlink to another path to trick clamscan, clamdscan, or clamonacc into removing or moving a different file (such as a critical system
|
| |
Fedora 31: bashtop 2020-54e4356732 (Jul 24) |
| |
0.9.24 release
|
| |
Fedora 32: python27 2020-e9251de272 (Jul 23) |
| |
Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907)
|
| |
Fedora 32: java-11-openjdk 2020-5d0b4a2b5b (Jul 23) |
| |
# July 2020 OpenJDK security update for OpenJDK 11 Full release notes: https://bitly.com/openjdk1108 ## Security fixes - JDK-8230613: Better ASCII conversions - JDK-8231800: Better listing of arrays - JDK-8232014: Expand DTD support - JDK-8233234: Better Zip Naming - JDK-8233239, CVE-2020-14562: Enhance TIFF support - JDK-8233255: Better Swing Buttons -
|
| |
Fedora 32: mod_authnz_pam 2020-cfbed9c9ff (Jul 23) |
| |
Rebase to upstream release 1.2.1.
|
| |
Fedora 32: podofo 2020-ebbf149f3b (Jul 23) |
| |
Add patch to bump W_MAX_BYTES to 8.
|
| |
Gentoo: GLSA-202007-60: Mozilla Firefox: Multiple vulnerabilities (Jul 30) |
| |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-59: Chromium, Google Chrome: Multiple vulnerabilities (Jul 29) |
| |
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-58: FFmpeg: Multiple vulnerabilities (Jul 28) |
| |
Multiple vulnerabilities have been found in FFmpeg, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-57: Mutt, Neomutt: Multiple vulnerabilities (Jul 28) |
| |
Multiple vulnerabilities have been found in Mutt and Neomutt, the worst of which could result in an access restriction bypass.
|
| |
Gentoo: GLSA-202007-56: Claws Mail: Improper STARTTLS handling (Jul 28) |
| |
A vulnerability was discovered in Claws Mail's STARTTLS handling, possibly allowing an integrity/confidentiality compromise.
|
| |
Gentoo: GLSA-202007-55: libetpan: Improper STARTTLS handling (Jul 28) |
| |
A vulnerability was discovered in libetpan's STARTTLS handling, possibly allowing an integrity/confidentiality compromise.
|
| |
Gentoo: GLSA-202007-54: rsync: Multiple vulnerabilities (Jul 28) |
| |
Multiple vulnerabilities have been found in rsync, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-53: Dropbear: Multiple vulnerabilities (Jul 28) |
| |
Multiple vulnerabilities have been found in Dropbear, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-52: mujs: Multiple vulnerabilities (Jul 28) |
| |
Multiple vulnerabilities have been found in mujs, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-51: FileZilla: Untrusted search path (Jul 26) |
| |
A vulnerability was found in FileZilla which might allow privilege escalation.
|
| |
Gentoo: GLSA-202007-50: GLib Networking: Improper certificate validation (Jul 26) |
| |
GLib Networking was not properly verifying TLS certificates in all circumstances, possibly allowing an integrity/confidentiality compromise. [More...]
|
| |
Gentoo: GLSA-202007-49: Mozilla Network Security Service (NSS): Information disclosure (Jul 26) |
| |
NSS has an information disclosure vulnerability when handling DSA keys.
|
| |
Gentoo: GLSA-202007-48: OCaml: Arbitrary code execution (Jul 26) |
| |
An integer overflow was discovered in OCaml's standard library, possibly allowing arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-47: Okular: Local restricted command execution (Jul 26) |
| |
A logic error in Okular might allow an attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-202007-46: D-Bus: Denial of service (Jul 26) |
| |
A local Denial of Service vulnerability was discovered in D-Bus.
|
| |
Gentoo: GLSA-202007-45: NTFS-3G: Remote code execution, possible privilege escalation (Jul 26) |
| |
A buffer overflow in NTFS-3g might allow local or remote attacker(s) to execute arbitrary code, or escalate privileges.
|
| |
Gentoo: GLSA-202007-44: FreeXL: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in FreeXL, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-43: TRE: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in TRE, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-42: LHa: Buffer overflow (Jul 26) |
| |
LHa has a buffer overflow in its compression utility with unspecified impact.
|
| |
Gentoo: GLSA-202007-38: QtGui: Arbitrary code execution (Jul 26) |
| |
A use-after-free was discovered in QtGui's Markdown handling code possibly allowing a remote attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-202007-37: AWStats: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in AWStats, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-36: DjVu: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in DjVu, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-35: ReportLab: Arbitrary code execution (Jul 26) |
| |
A vulnerability allowing arbitrary code execution was found in ReportLab.
|
| |
Gentoo: GLSA-202007-34: Apache Ant: Multiple vulnerabilities (Jul 26) |
| |
Apache Ant uses various insecure temporary files possibly allowing local code execution.
|
| |
Gentoo: GLSA-202007-33: OSSEC: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in OSSEC, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-32: Sarg: Local privilege escalation (Jul 26) |
| |
A flaw in Sarg may allow local privilege escalation.
|
| |
Gentoo: GLSA-202007-31: Icinga: Root privilege escalation (Jul 26) |
| |
Icinga installs files with insecure permissions allowing root privilege escalation.
|
| |
Gentoo: GLSA-202007-28: re2c: Buffer overflow (Jul 26) |
| |
A vulnerability in re2c could lead to a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-27: Haml: Arbitrary code execution (Jul 26) |
| |
A flaw in Haml allows arbitrary code execution as a result of improper filtering.
|
| |
Gentoo: GLSA-202007-26: SQLite: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-25: arpwatch: Root privilege escalation (Jul 26) |
| |
A vulnerability was discovered in arpwatch which may allow local attackers to gain root privileges.
|
| |
Gentoo: GLSA-202007-24: Twisted: Access restriction bypasses (Jul 26) |
| |
Multiple vulnerabilities have been found in Twisted, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-21: Libreswan: Denial of service (Jul 26) |
| |
A vulnerability in Libreswan could lead to a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-20: fuseiso: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in fuseiso, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-18: QtNetwork: Denial of service (Jul 26) |
| |
A vulnerability in QtNetwork could lead to a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-17: JHead: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in JHead, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-16: cURL: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in cURL, the worst of which could result in information disclosure or data loss.
|
| |
Gentoo: GLSA-202007-15: Samba: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in Samba, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-13: Wireshark: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in Wireshark, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-12: NTP: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in NTP, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202007-11: WebKitGTK+: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in WebKitGTK+, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-10: Mozilla Firefox: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-09: Mozilla Thunderbird: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-08: Chromium, Google Chrome: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-07: Transmission: Remote code execution (Jul 26) |
| |
A use-after-free possibly allowing remote execution of code was discovered in Transmission.
|
| |
Gentoo: GLSA-202007-06: HylaFAX: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in HylaFAX, the worst of which could result in privilege escalation.
|
| |
Gentoo: GLSA-202007-05: libexif: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in libexif, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-04: fwupd, libjcat: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in fwupd and libjcat, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-03: Cacti: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in Cacti, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-02: Xen: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in Xen, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202007-01: netqmail: Multiple vulnerabilities (Jul 26) |
| |
Multiple vulnerabilities have been found in netqmail, the worst of which could result in the arbitrary execution of code.
|
| |
RedHat: RHSA-2020-3253:01 Important: firefox security update (Jul 30) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-3254:01 Important: firefox security update (Jul 30) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3248:01 Important: Red Hat build of Quarkus 1.3.4 SP1 (Jul 30) |
| |
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each
|
| |
RedHat: RHSA-2020-3241:01 Important: firefox security update (Jul 30) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-3233:01 Important: firefox security update (Jul 29) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-3230:01 Important: kernel security and bug fix update (Jul 29) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
|
| |
RedHat: RHSA-2020-3232:01 Important: kernel security and bug fix update (Jul 29) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3229:01 Important: firefox security update (Jul 29) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3226:01 Important: kernel security and bug fix update (Jul 29) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3224:01 Important: kernel security and bug fix update (Jul 29) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3228:01 Moderate: kernel security and bug fix update (Jul 29) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-3227:01 Moderate: grub2 security update (Jul 29) |
| |
An update for grub2, shim, and fwupd is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-3223:01 Moderate: grub2 security update (Jul 29) |
| |
An update for grub2, shim, shim-unsigned-x64, and fwupd is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-3222:01 Important: kernel security and bug fix update (Jul 29) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3217:01 Moderate: grub2 security and bug fix update (Jul 29) |
| |
An update for grub2, shim, shim-signed, and fwupdate is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-3216:01 Moderate: grub2 security update (Jul 29) |
| |
An update for grub2, shim, shim-unsigned-x64, and fwupd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-3219:01 Moderate: kernel-rt security and bug fix update (Jul 29) |
| |
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-3218:01 Moderate: kernel security and bug fix update (Jul 29) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-3221:01 Important: kernel-rt security and bug fix update (Jul 29) |
| |
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-3220:01 Important: kernel security and bug fix update (Jul 29) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-3209:01 Moderate: AMQ Online 1.5.2 release and security (Jul 29) |
| |
An update of the Red Hat OpenShift Container Platform 3.11 and 4.4/4.5 container images is now available for Red Hat AMQ Online. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-3199:01 Important: openstack-tripleo-heat-templates (Jul 29) |
| |
An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3197:01 Important: Red Hat Process Automation Manager (Jul 29) |
| |
An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-3196:01 Important: Red Hat Decision Manager 7.8.0 (Jul 29) |
| |
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-3194:01 Important: Container-native Virtualization (Jul 28) |
| |
Red Hat OpenShift Virtualization release 2.4.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3192:01 Important: Red Hat Fuse 7.7.0 release and (Jul 28) |
| |
A minor version update (from 7.6 to 7.7) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact
|
| |
RedHat: RHSA-2020-3185:01 Important: python-pillow security update (Jul 28) |
| |
An update for python-pillow is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3078:01 Low: OpenShift Container Platform 4.4.14 (Jul 28) |
| |
An update for ose-cluster-machine-approver-container is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-3176:01 Important: postgresql-jdbc security update (Jul 28) |
| |
An update for postgresql-jdbc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3167:01 Moderate: OpenShift Container Platform 4.2.z (Jul 27) |
| |
An update for ose-openshift-controller-manager-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2992:01 Moderate: OpenShift Container Platform 3.11 (Jul 27) |
| |
An update for atomic-openshift, atomic-openshift-web-console, and cri-o is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-3017:01 Important: Red Hat support for Spring Boot 2.1.15 (Jul 27) |
| |
An update is now available for Red Hat support for Spring Boot. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-3142:01 Important: Red Hat JBoss Enterprise Application (Jul 23) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3141:01 Important: Red Hat JBoss Enterprise Application (Jul 23) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3143:01 Important: Red Hat JBoss Enterprise Application (Jul 23) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3144:01 Important: Red Hat JBoss Enterprise Application (Jul 23) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3133:01 Important: Red Hat AMQ Broker 7.4.4 release and (Jul 23) |
| |
Red Hat AMQ Broker 7.4.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2905:01 Important: Red Hat build of Thorntail 2.7.0 (Jul 23) |
| |
An update is now available for Red Hat build of Thorntail. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each
|
| |
RedHat: RHSA-2020-3118:01 Moderate: samba security update (Jul 23) |
| |
An update for samba is now available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-3119:01 Moderate: samba security update (Jul 23) |
| |
An update for samba is now available for Red Hat Gluster Storage 3.5 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
Slackware: 2020-209-01: mozilla-firefox Security Update (Jul 27) |
| |
New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
|
| |
SUSE: 2020:2097-1 important: ghostscript (Jul 30) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2095-1 important: ghostscript (Jul 30) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2086-1 moderate: targetcli-fb (Jul 30) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:14440-1 important: grub2 (Jul 29) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:2077-1 important: grub2 (Jul 29) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:2074-1 important: grub2 (Jul 29) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:2078-1 important: grub2 (Jul 29) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:2079-1 important: grub2 (Jul 29) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:2076-1 important: grub2 (Jul 29) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:2073-1 important: grub2 (Jul 29) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:2066-1 moderate: samba (Jul 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2067-1 moderate: ldb (Jul 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2065-1 moderate: samba (Jul 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2069-1 important: webkit2gtk3 (Jul 29) |
| |
An update that fixes 8 vulnerabilities is now available.
|
| |
SUSE: 2020:2068-1 important: freerdp (Jul 29) |
| |
An update that fixes 31 vulnerabilities is now available.
|
| |
SUSE: 2020:2060-1 important: rubygem-puma (Jul 28) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2020:2057-1 important: python-Pillow (Jul 27) |
| |
An update that fixes 8 vulnerabilities is now available.
|
| |
SUSE: 2020:2055-1 important: python-Django (Jul 27) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2053-1 moderate: rubygem-excon (Jul 27) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2046-1 important: tomcat (Jul 24) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2041-1 moderate: rust, rust-cbindgen (Jul 24) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2020:2047-1 important: tomcat (Jul 24) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2048-1 important: mailman (Jul 24) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2036-1 moderate: samba (Jul 24) |
| |
An update that solves one vulnerability and has four fixes is now available.
|
| |
SUSE: 2020:2037-1 important: tomcat (Jul 24) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2045-1 important: tomcat (Jul 24) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2032-1 important: freerdp (Jul 23) |
| |
An update that fixes 31 vulnerabilities is now available.
|
| |
SUSE: 2020:2025-1 moderate: perl-YAML-LibYAML (Jul 23) |
| |
An update that contains security fixes can now be installed.
|
| |
SUSE: 2020:14437-1 moderate: samba (Jul 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2028-1 moderate: libraw (Jul 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2029-1 moderate: libraw (Jul 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2027-1 important: the Linux Kernel (Jul 23) |
| |
An update that solves 19 vulnerabilities and has 162 fixes is now available.
|
| |
SUSE: 2020:2015-1 important: qemu (Jul 23) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
Ubuntu 4432-1: GRUB 2 vulnerabilities (Jul 29) |
| |
Several security issues were fixed in GRUB 2.
|
| |
Ubuntu 4443-1: Firefox vulnerabilities (Jul 29) |
| |
Firefox could be made to crash or run programs as your login if it opened a malicious website.
|
| |
Ubuntu 4436-2: librsvg regression (Jul 29) |
| |
USN-4436-1 introduced a regression in librsvg.
|
| |
Ubuntu 4442-1: Sympa vulnerabilities (Jul 28) |
| |
Several security issues were fixed in Sympa.
|
| |
Ubuntu 4441-1: MySQL vulnerabilities (Jul 28) |
| |
Several security issues were fixed in MySQL.
|
| |
Ubuntu 4440-1: linux kernel vulnerabilities (Jul 27) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4439-1: Linux kernel vulnerabilities (Jul 27) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4435-2: ClamAV vulnerabilities (Jul 27) |
| |
Several security issues were fixed in ClamAV.
|
| |
Ubuntu 4438-1: SQLite vulnerability (Jul 27) |
| |
SQLite could be made to crash or run programs if it processed a specially crafted query.
|
| |
Ubuntu 4437-1: libslirp vulnerability (Jul 27) |
| |
libslirp could be made to crash if it received specially crafted network traffic.
|
| |
Ubuntu 4436-1: librsvg vulnerabilities (Jul 27) |
| |
librsvg could be made to crash if it opened a specially crafted file.
|
| |
Ubuntu 4435-1: ClamAV vulnerabilities (Jul 27) |
| |
Several security issues were fixed in ClamAV.
|
| |
Ubuntu 4434-1: LibVNCServer vulnerabilities (Jul 23) |
| |
Several security issues were fixed in LibVNCServer.
|
| |
Ubuntu 4433-1: OpenJDK vulnerabilities (Jul 23) |
| |
Several security issues were fixed in OpenJDK.
|
| |
Ubuntu 4430-2: Pillow vulnerabilities (Jul 23) |
| |
Pillow could be made to crash if it opened a specially crafted file.
|
| |
Debian LTS: DLA-2293-1: mercurial security update (Jul 31) |
| |
Several vulnerabilities were discovered in mercurial, an easy-to-use, scalable distributed version control system. CVE-2017-17458
|
| |
Debian LTS: DLA-2301-1: json-c security update (Jul 30) |
| |
Tobias Stoeckmann found an integer overflow issue in JSON-C, a C library to manipulate JSON objects, when reading maliciously crafted large files. The issue could be exploited to cause denial of service or possibly execute arbitrary code.
|
| |
Debian LTS: DLA-2300-1: kdepim-runtime security update (Jul 30) |
| |
It was discovered that there was an issue where kdepim-runtime would default to using unencrypted POP3 communication despite the UI indicating that encryption was in use.
|
| |
Debian LTS: DLA-2299-1: net-snmp security update (Jul 30) |
| |
A privilege escalation vulnerability vulnerability was discovered in Net-SNMP, a set of tools for collecting and organising information about devices on computer networks.
|
| |
Debian LTS: DLA-2298-1: libapache2-mod-auth-openidc security (Jul 29) |
| |
Several issues have been found in libapache2-mod-auth-openidc, the OpenID Connect authentication module for the Apache HTTP server.
|
| |
Debian LTS: DLA-2296-1: luajit security update (Jul 28) |
| |
An issue has been found in luajit, a just in time compiler for Lua. An out-of-bounds read could happen because __gc handler frame traversal is
|
| |
Debian LTS: DLA-2295-1: curl security update (Jul 28) |
| |
A vulnerbailty was found in curl, a command line tool for transferring data with URL syntax.
|
| |
Debian LTS: DLA-2294-1: salt security update (Jul 28) |
| |
Two issues have been found in salt, a remote manager to administer servers.
|
| |
Debian LTS: DLA-2292-1: milkytracker security update (Jul 27) |
| |
Several vulnerabilities were fixed in MilkyTracker, a music tracker for composing music in the MOD and XM module file formats. CVE-2019-14464
|
| |
Debian LTS: DLA-2291-1: ffmpeg security update (Jul 27) |
| |
Several vulnerabilities have been fixed by upgrading FFmpeg, a widely used multimedia framework, from 3.2.14 to 3.2.15. CVE-2019-13390
|
| |
Debian LTS: DLA-2288-1: qemu security update (Jul 26) |
| |
The following CVE(s) were reported against src:qemu: CVE-2017-9503
|
| |
Debian LTS: DLA-2290-1: e2fsprogs security update (Jul 26) |
| |
An issue has been found in e2fsprogs, a package that contains ext2/ext3/ext4 file system utilities. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code
|
| |
Debian LTS: DLA-2289-1: mupdf security update (Jul 25) |
| |
Several issues have been found in mupdf, a lightweight PDF viewer. The issues could be exploited by crafted PDF files that result in denial
|
| |
Debian LTS: DLA-2287-1: poppler security update (Jul 23) |
| |
Several issues were found in Poppler, a PDF rendering library, that could lead to denial of service or possibly other unspecified impact when processing maliciously crafted documents.
|
| |
ArchLinux: 202007-1: webkit2gtk: multiple issues (Jul 29) |
| |
The package webkit2gtk before version 2.28.3-1 is vulnerable to multiple issues including arbitrary code execution, cross-site scripting and sandbox escape.
|
| |
CentOS: CESA-2020-3217: Moderate CentOS 7 grub2 (Jul 29) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:3217
|
| |
CentOS: CESA-2020-3217: Moderate CentOS 7 shim-signed (Jul 29) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:3217
|
| |
CentOS: CESA-2018-3140: Moderate CentOS 7 fwupdate (Jul 29) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2018:3140
|
| |
CentOS: CESA-2020-3217: Moderate CentOS 7 shim (Jul 29) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:3217
|
| |
CentOS: CESA-2020-3220: Important CentOS 7 kernel (Jul 29) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:3220
|
| |
SciLinux: SLSA-2020-3233-1 Important: firefox on SL6.x i386/x86_64 (Jul 30) |
| |
chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659) SL6 x86_64 firefox-68.11.0-1.el6_10.x86_64.rpm firefox-debuginfo [More...]
|
| |
openSUSE: 2020:1112-1: moderate: knot (Jul 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1111-1: important: tomcat (Jul 29) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2020:1108-1: important: qemu (Jul 28) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
openSUSE: 2020:1106-1: moderate: cacti, cacti-spine (Jul 27) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2020:1102-1: important: tomcat (Jul 27) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2020:1095-1: important: go1.13 (Jul 27) |
| |
An update that solves two vulnerabilities and has three fixes is now available.
|
| |
openSUSE: 2020:1093-1: moderate: perl-YAML-LibYAML (Jul 27) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2020:1090-1: important: freerdp (Jul 26) |
| |
An update that fixes 31 vulnerabilities is now available.
|
| |
openSUSE: 2020:1089-1: moderate: perl-YAML-LibYAML (Jul 26) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2020:1086-1: moderate: knot (Jul 26) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1087-1: important: go1.13 (Jul 26) |
| |
An update that solves two vulnerabilities and has three fixes is now available.
|
| |
openSUSE: 2020:1085-1: moderate: knot (Jul 26) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1088-1: moderate: libraw (Jul 26) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1064-1: important: webkit2gtk3 (Jul 26) |
| |
An update that fixes 8 vulnerabilities is now available.
|
| |
openSUSE: 2020:1071-1: moderate: vino (Jul 26) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1063-1: important: tomcat (Jul 26) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1062-1: important: the Linux Kernel (Jul 26) |
| |
An update that solves two vulnerabilities and has 55 fixes is now available.
|
| |
openSUSE: 2020:1074-1: moderate: salt (Jul 26) |
| |
An update that solves four vulnerabilities and has 7 fixes is now available.
|
| |
openSUSE: 2020:1061-1: important: chromium (Jul 26) |
| |
An update that fixes 26 vulnerabilities is now available.
|
| |
openSUSE: 2020:1060-1: moderate: cacti, cacti-spine (Jul 25) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2020:1056-1: important: LibVNCServer (Jul 24) |
| |
An update that fixes 10 vulnerabilities is now available.
|
| |
openSUSE: 2020:1050-1: moderate: cni-plugins (Jul 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1051-1: important: tomcat (Jul 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1049-1: moderate: cni-plugins (Jul 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1043-1: moderate: xmlgraphics-batik (Jul 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1042-1: moderate: MozillaFirefox (Jul 23) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2020:1035-1: moderate: redis (Jul 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1037-1: important: singularity (Jul 23) |
| |
An update that solves 5 vulnerabilities and has one errata is now available.
|
| |
Mageia 2020-0294: podofo security update (Jul 30) |
| |
The updated packages fix security vulnerabilities: A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file. (CVE-2018-12983)
|
