Advisories

Linux Advisory Watch

Don't want to miss that crucial security notice?. The editorial staff at Guardian Digital will bring you complete coverage and in-depth
descriptions of all security bulletins, vulnerabilities and updated packages, all in one convenient weekly newsletter.

Linux Advisory Watch: June 4th, 2021

Linux Advisory Watch: June 4th, 2021

Thank you for reading the LinuxSecurity Linux Advisory Watch newsletter! Staying on top of the latest security advisories issued by the distro(s) you use is essential in maintaining an updated, secure Linux system. Our weekly newsletter is an easy, convenient way to track distribution security advisories - helping you keep your Linux environment safe from malware and other exploits.

Significant advisories issued this week include warnings from multiple distros regarding a Mozilla Firefox security update fixing multiple issues that could potentially result in the execution of arbitrary code, and a 5.12.8 stable kernel update containing a number of important fixes across the tree. Continue reading to learn about other distribution security advisories issued this week. Have a healthy, happy and secure weekend!

Yours in Open Source,

Brittany Day Signature


LinuxSecurity.com Feature Extras:

What Is Threat Intelligence? - Threat intelligence (or threat intell) is information used to understand past, present, and future threats targeting an organization.

CloudLinux Simplifies & Enhances Linux Security with its TuxCare Unified Enterprise Support Services - CloudLinux, the sponsor of the forever-free AlmaLinux OS enterprise Linux distribution, is now automating, simplifying and securing Linux operations with its TuxCare unified enterprise support services.


  Debian: DSA-4926-1: lasso security update (Jun 3)
 

It was discovered that lasso, a library which implements SAML 2.0 and Liberty Alliance standards, did not properly verify that all assertions in a SAML response were properly signed, allowing an attacker to impersonate users or bypass access control.

  Debian: DSA-4925-1: firefox-esr security update (Jun 2)
 

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

  Debian: DSA-4924-1: squid security update (Jun 1)
 

Multiple denial of service vulnerabilities were discovered in the Squid proxy caching server. For the stable distribution (buster), these problems have been fixed in

  Debian: DSA-4899-2: openjdk-11-jre-dcevm update (May 31)
 

The Dynamic Code Evolution Virtual Machine (DCE VM), an alternative VM for OpenJDK 11 with enhanced class redefinition, has been updated for compatibility with OpenJDK 11.0.11.

  Debian: DSA-4923-1: webkit2gtk security update (May 30)
 

The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2021-1788

  Debian: DSA-4922-1: hyperkitty security update (May 29)
 

Amir Sarabadani and Kunal Mehta discovered that the import functionality of Hyperkitty, the web user interface to access Mailman 3 archives, did not restrict the visibility of private archives during the import, i.e. that during the import of a private Mailman 2 archive the archive was

  Debian: DSA-4921-1: nginx security update (May 28)
 

Luis Merino, Markus Vervier and Eric Sesterhenn discovered an off-by-one in Nginx, a high-performance web and reverse proxy server, which could result in denial of service and potentially the execution of arbitrary code.

  Fedora 34: mingw-exiv2 2021-8253c78bd7 (Jun 3)
 

Backport fixes for CVE-2021-32617, CVE-2021-29623.

  Fedora 34: mingw-djvulibre 2021-f3183da6bb (Jun 3)
 

Apply fix for CVE-2021-3500. ---- Apply fix for CVE-2021-32490, CVE-2021-32491, CVE-2021-32492, CVE-2021-32493

  Fedora 34: singularity 2021-08df3bb58a (Jun 3)
 

Upgrade to upstream security release 3.7.4

  Fedora 33: mingw-exiv2 2021-bdba47348c (Jun 3)
 

Backport fixes for CVE-2021-32617, CVE-2021-29623.

  Fedora 33: mingw-djvulibre 2021-3193a4c13f (Jun 3)
 

Apply fix for CVE-2021-3500. ---- Apply fix for CVE-2021-32490, CVE-2021-32491, CVE-2021-32492, CVE-2021-32493

  Fedora 33: singularity 2021-ac3ef133e8 (Jun 3)
 

Upgrade to upstream security release 3.7.4

  Fedora 33: python-lxml 2021-4cdb0f68c7 (Jun 3)
 

Fix CVE-2021-28957: missing input sanitization for formaction HTML5 attributes may lead to XSS

  Fedora 33: mapserver 2021-faab70f09a (Jun 2)
 

Update to 7.4.5.

  Fedora 33: python-pillow 2021-77756994ba (Jun 2)
 

Backport fix for CVE-2021-28675 - CVE-2021-28678, CVE-2021-25287-CVE-2021-25288

  Fedora 33: mingw-python-pillow 2021-77756994ba (Jun 2)
 

Backport fix for CVE-2021-28675 - CVE-2021-28678, CVE-2021-25287-CVE-2021-25288

  Fedora 34: mapserver 2021-74dadee887 (Jun 2)
 

Update to 7.6.3.

  Fedora 34: dhcp 2021-08cdb4dc34 (Jun 1)
 

Fix for CVE-2021-25217

  Fedora 33: kernel 2021-0b35886add (May 31)
 

The 5.12.8 stable kernel update contains a number of important fixes across the tree.

  Fedora 33: chromium 2021-7190a83164 (May 31)
 

Update to 90.0.4430.212. Fixes: CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509 CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513 CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517 CVE-2021-30518 CVE-2021-30519 CVE-2021-30520

  Fedora 33: gnutls 2021-454a0f6f76 (May 31)
 

This updates gnutls package to the latest upstream release 3.6.16, which includes a couple of CVE fixes.

  Fedora 33: eterm 2021-8b85b2de05 (May 31)
 

Fixes a problem with escape sequences.

  Fedora 33: cflow 2021-e8cab459ab (May 31)
 

Fix a use after free problem

  Fedora 34: kernel 2021-646098b5b8 (May 31)
 

The 5.12.8 stable kernel update contains a number of important fixes across the tree.

  Fedora 34: eterm 2021-c883ca2a37 (May 31)
 

Fixes a problem with escape sequences.

  Fedora 34: cflow 2021-6ef76430d0 (May 31)
 

Fix a use after free problem

  Fedora 34: opendmarc 2021-433e7d72ce (May 30)
 

Upgrade to 1.4.1 bugfix release.

  Fedora 34: rust-cranelift-entity 2021-432f4980b4 (May 30)
 

Update to 0.74.0 - Security fix GHSA-hpqh-2wqx-7qp5 ---- Initial package

  Fedora 34: rust-cranelift-codegen-shared 2021-8c6b037eb1 (May 30)
 

Update to 0.74.0 - Security fix GHSA-hpqh-2wqx-7qp5 ---- Initial package

  Fedora 34: exiv2 2021-d1d5a0bf0f (May 30)
 

Fix security issues.

  Fedora 34: mingw-python-pillow 2021-aa5d2e2289 (May 30)
 

Backport fix for CVE-2021-28675 - CVE-2021-28678, CVE-2021-25287-CVE-2021-25288

  Fedora 34: python-pillow 2021-aa5d2e2289 (May 30)
 

Backport fix for CVE-2021-28675 - CVE-2021-28678, CVE-2021-25287-CVE-2021-25288

  Fedora 34: rxvt-unicode 2021-5b96f0f5db (May 30)
 

- New upstream release - 9.26 (roll up to rawhide) - Fixes [CVE-2021-33477](https://nvd.nist.gov/vuln/detail/CVE-2021-33477)

  Fedora 33: rxvt-unicode 2021-a4c0a91884 (May 30)
 

- New upstream release - 9.26 (roll up to rawhide) - Fixes [CVE-2021-33477](https://nvd.nist.gov/vuln/detail/CVE-2021-33477)

  Fedora 33: java-1.8.0-openjdk-aarch32 2021-bfbc1088b6 (May 28)
 

8u292 update

  Fedora 34: java-1.8.0-openjdk-aarch32 2021-275a03ec73 (May 28)
 

8u292 update

  Fedora 34: runc 2021-0440f235a0 (May 28)
 

Security fix for CVE-2021-30465

  Fedora 34: php-symfony4 2021-2d145b95f6 (May 28)
 

**Version 4.4.24** (2021-05-19) * security **CVE-2021-21424** [Security\Core] Fix user enumeration via response body on invalid credentials (chalasr) * bug #41230 [FrameworkBundle][Validator] Fix deprecations from Doctrine Annotations+Cache (derrabus) * bug #41240 Fixed deprecation warnings about passing null as parameter (derrabus) * bug #41241 [Finder] Fix gitignore regex

  Fedora 34: php-symfony3 2021-c57937ab9f (May 28)
 

**Version 3.4.49** (2021-05-19) * security **CVE-2021-21424** [Security\Core] Fix user enumeration via response body on invalid credentials (chalasr) ---- **Version 3.4.48** (2021-05-12) * security **CVE-2021-21424** [Security][Guard] Prevent user enumeration (chalasr)

  Fedora 33: runc 2021-2eb67ba3c2 (May 27)
 

Security fix for CVE-2021-30465

  Fedora 33: php-symfony4 2021-121edb82dd (May 27)
 

**Version 4.4.24** (2021-05-19) * security **CVE-2021-21424** [Security\Core] Fix user enumeration via response body on invalid credentials (chalasr) * bug #41230 [FrameworkBundle][Validator] Fix deprecations from Doctrine Annotations+Cache (derrabus) * bug #41240 Fixed deprecation warnings about passing null as parameter (derrabus) * bug #41241 [Finder] Fix gitignore regex

  Fedora 33: php-symfony3 2021-f3ad34aa9f (May 27)
 

**Version 3.4.49** (2021-05-19) * security **CVE-2021-21424** [Security\Core] Fix user enumeration via response body on invalid credentials (chalasr) ---- **Version 3.4.48** (2021-05-12) * security **CVE-2021-21424** [Security][Guard] Prevent user enumeration (chalasr)

  Fedora 33: python-pip 2021-1b6848f31c (May 27)
 

Security fix for *pip incorrectly handled unicode separators in git references*.

  Fedora 34: kernel 2021-a35b44fd9f (May 27)
 

The 5.12.7 stable kernel update contains a number of important fixes across the tree.

  Fedora 34: curl 2021-eb5b7c53a9 (May 27)
 

- fix TLS session caching disaster (CVE-2021-22901) - fix TELNET stack contents disclosure (CVE-2021-22898)

  Fedora 34: python-lxml 2021-28723f9670 (May 27)
 

Rebase to version 4.6.3. Fix CVE-2021-28957: missing input sanitization for formaction HTML5 attributes may lead to XSS

  Fedora 34: chromium 2021-54683b0888 (May 27)
 

Update to 90.0.4430.212. Fixes: CVE-2021-30506 CVE-2021-30507 CVE-2021-30508 CVE-2021-30509 CVE-2021-30510 CVE-2021-30511 CVE-2021-30512 CVE-2021-30513 CVE-2021-30514 CVE-2021-30515 CVE-2021-30516 CVE-2021-30517 CVE-2021-30518 CVE-2021-30519 CVE-2021-30520

  RedHat: RHSA-2021-2229:01 Moderate: rh-ruby27-ruby security, bug fix, (Jun 3)
 

An update for rh-ruby27-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2021-2230:01 Moderate: rh-ruby26-ruby security, bug fix, (Jun 3)
 

An update for rh-ruby26-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2021-2238:01 Important: polkit security update (Jun 3)
 

An update for polkit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2021-2237:01 Important: polkit security update (Jun 3)
 

An update for polkit is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2243:01 Low: rust-toolset-1.49 and rust-toolset-1.49-rust (Jun 3)
 

New rust-toolset-1.49 packages are now available as a part of Red Hat Developer Tools for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2021-2239:01 Moderate: Red Hat Virtualization Host security (Jun 3)
 

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact

  RedHat: RHSA-2021-2233:01 Critical: firefox security update (Jun 3)
 

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2021-2236:01 Important: polkit security update (Jun 3)
 

An update for polkit is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2214:01 Critical: firefox security update (Jun 2)
 

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2021-2204:01 Important: glib2 security update (Jun 2)
 

An update for glib2 is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2206:01 Critical: firefox security update (Jun 2)
 

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2021-2208:01 Critical: firefox security update (Jun 2)
 

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2021-2203:01 Important: glib2 security update (Jun 2)
 

An update for glib2 is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2205:01 Important: Red Hat OpenStack Platform 10.0 (Jun 2)
 

An update for openvswitch is now available for Red Hat OpenStack Platform 10 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2210:01 Moderate: EAP XP 1 security update to CVE fixes (Jun 2)
 

This advisory resolves CVE issues filed against XP1 releases that have been fixed in the underlying EAP 7.3.x base. There are no changes to the EAP XP1 code base. NOTE: This advisory is informational only. There are no code changes

  RedHat: RHSA-2021-2185:01 Important: kernel security and bug fix update (Jun 1)
 

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2184:01 Moderate: perl security update (Jun 1)
 

An update for perl is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2021-2191:01 Moderate: tcpdump security update (Jun 1)
 

An update for tcpdump is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2021-2190:01 Important: kernel-rt security and bug fix update (Jun 1)
 

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2180:01 Moderate: RHV Engine and Host Common Packages (Jun 1)
 

Updated dependency packages for ovirt-engine and ovirt-host that fix several security flaws, bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact

  RedHat: RHSA-2021-2179:01 Moderate: RHV Manager security update (Jun 1)
 

Updated ovirt-engine packages that fix several bugs , security flaws and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2021-2175:01 Important: glib2 security update (Jun 1)
 

An update for glib2 is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2170:01 Important: glib2 security and bug fix update (Jun 1)
 

An update for glib2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2021-2174:01 Important: glib2 security update (Jun 1)
 

An update for glib2 is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

  RedHat: RHSA-2021-2168:01 Important: kernel security and bug fix update (Jun 1)
 

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2021-2171:01 Important: glib2 security update (Jun 1)
 

An update for glib2 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2173:01 Important: glib2 security update (Jun 1)
 

An update for glib2 is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2172:01 Important: glib2 security update (Jun 1)
 

An update for glib2 is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2165:01 Important: kpatch-patch security update (Jun 1)
 

An update is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2021-2169:01 Important: kernel-rt security and bug fix update (Jun 1)
 

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2021-2167:01 Important: kpatch-patch security update (Jun 1)
 

An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2021-2164:01 Important: kernel security update (Jun 1)
 

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

  RedHat: RHSA-2021-2121:01 Moderate: OpenShift Container Platform 4.7.13 bug (Jun 1)
 

Red Hat OpenShift Container Platform release 4.7.13 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.7.

  RedHat: RHSA-2021-2122:01 Important: OpenShift Container Platform 4.7.13 (Jun 1)
 

Red Hat OpenShift Container Platform release 4.7.13 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.7.

  RedHat: RHSA-2021-2147:01 Important: glib2 security update (May 31)
 

An update for glib2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2021-2145:01 Important: runc security update (May 31)
 

An update for runc is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2021-2144:01 Important: docker security update (May 31)
 

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  SUSE: 2021:241-1 ses/7/rook/ceph Security Update (Jun 3)
 

The container ses/7/rook/ceph was updated. The following patches have been included in this update:

  SUSE: 2021:240-1 ses/7/ceph/ceph Security Update (Jun 3)
 

The container ses/7/ceph/ceph was updated. The following patches have been included in this update:

  SUSE: 2021:239-1 ses/7/cephcsi/cephcsi Security Update (Jun 3)
 

The container ses/7/cephcsi/cephcsi was updated. The following patches have been included in this update:

  SUSE: 2021:238-1 ses/6/rook/ceph Security Update (Jun 3)
 

The container ses/6/rook/ceph was updated. The following patches have been included in this update:

  SUSE: 2021:237-1 ses/6/ceph/ceph Security Update (Jun 3)
 

The container ses/6/ceph/ceph was updated. The following patches have been included in this update:

  SUSE: 2021:236-1 ses/6/cephcsi/cephcsi Security Update (Jun 3)
 

The container ses/6/cephcsi/cephcsi was updated. The following patches have been included in this update:

  SUSE: 2021:235-1 suse/sles/15.2/virt-operator Security Update (Jun 1)
 

The container suse/sles/15.2/virt-operator was updated. The following patches have been included in this update:

  SUSE: 2021:233-1 suse/sles/15.2/virt-launcher Security Update (Jun 1)
 

The container suse/sles/15.2/virt-launcher was updated. The following patches have been included in this update:

  SUSE: 2021:232-1 suse/sles/15.2/virt-handler Security Update (Jun 1)
 

The container suse/sles/15.2/virt-handler was updated. The following patches have been included in this update:

  SUSE: 2021:231-1 suse/sles/15.2/virt-controller Security Update (Jun 1)
 

The container suse/sles/15.2/virt-controller was updated. The following patches have been included in this update:

  SUSE: 2021:230-1 suse/sles/15.2/virt-api Security Update (Jun 1)
 

The container suse/sles/15.2/virt-api was updated. The following patches have been included in this update:

  SUSE: 2021:229-1 suse/sle15 Security Update (Jun 1)
 

The container suse/sle15 was updated. The following patches have been included in this update:

  SUSE: 2021:228-1 suse/sle15 Security Update (Jun 1)
 

The container suse/sle15 was updated. The following patches have been included in this update:

  SUSE: 2021:223-1 caasp/v4.5/velero-restic-restore-helper Security Update (May 28)
 

The container caasp/v4.5/velero-restic-restore-helper was updated. The following patches have been included in this update:

  SUSE: 2021:222-1 caasp/v4.5/velero-plugin-for-microsoft-azure Security Update (May 28)
 

The container caasp/v4.5/velero-plugin-for-microsoft-azure was updated. The following patches have been included in this update:

  SUSE: 2021:221-1 caasp/v4.5/velero-plugin-for-gcp Security Update (May 28)
 

The container caasp/v4.5/velero-plugin-for-gcp was updated. The following patches have been included in this update:

  SUSE: 2021:220-1 caasp/v4.5/velero-plugin-for-aws Security Update (May 28)
 

The container caasp/v4.5/velero-plugin-for-aws was updated. The following patches have been included in this update:

  SUSE: 2021:218-1 caasp/v4.5/velero Security Update (May 28)
 

The container caasp/v4.5/velero was updated. The following patches have been included in this update:

  SUSE: 2021:219-1 suse/sles12sp4 Security Update (May 28)
 

The container suse/sles12sp4 was updated. The following patches have been included in this update:

  SUSE: 2021:217-1 caasp/v4.5/skuba-tooling Security Update (May 27)
 

The container caasp/v4.5/skuba-tooling was updated. The following patches have been included in this update:

  SUSE: 2021:216-1 caasp/v4.5/rsyslog Security Update (May 27)
 

The container caasp/v4.5/rsyslog was updated. The following patches have been included in this update:

  SUSE: 2021:215-1 caasp/v4.5/reloader Security Update (May 27)
 

The container caasp/v4.5/reloader was updated. The following patches have been included in this update:

  SUSE: 2021:214-1 caasp/v4.5/prometheus-server Security Update (May 27)
 

The container caasp/v4.5/prometheus-server was updated. The following patches have been included in this update:

  SUSE: 2021:213-1 caasp/v4.5/prometheus-pushgateway Security Update (May 27)
 

The container caasp/v4.5/prometheus-pushgateway was updated. The following patches have been included in this update:

  SUSE: 2021:212-1 caasp/v4.5/prometheus-node-exporter Security Update (May 27)
 

The container caasp/v4.5/prometheus-node-exporter was updated. The following patches have been included in this update:

  SUSE: 2021:211-1 caasp/v4.5/prometheus-alertmanager Security Update (May 27)
 

The container caasp/v4.5/prometheus-alertmanager was updated. The following patches have been included in this update:

  SUSE: 2021:209-1 caasp/v4.5/metrics-server Security Update (May 27)
 

The container caasp/v4.5/metrics-server was updated. The following patches have been included in this update:

  SUSE: 2021:208-1 caasp/v4.5/kured Security Update (May 27)
 

The container caasp/v4.5/kured was updated. The following patches have been included in this update:

  SUSE: 2021:207-1 caasp/v4.5/kucero Security Update (May 27)
 

The container caasp/v4.5/kucero was updated. The following patches have been included in this update:

  SUSE: 2021:206-1 caasp/v4.5/kubernetes-client Security Update (May 27)
 

The container caasp/v4.5/kubernetes-client was updated. The following patches have been included in this update:

  SUSE: 2021:205-1 caasp/v4.5/kube-state-metrics Security Update (May 27)
 

The container caasp/v4.5/kube-state-metrics was updated. The following patches have been included in this update:

  SUSE: 2021:204-1 caasp/v4.5/kube-scheduler Security Update (May 27)
 

The container caasp/v4.5/kube-scheduler was updated. The following patches have been included in this update:

  SUSE: 2021:203-1 caasp/v4.5/kube-proxy Security Update (May 27)
 

The container caasp/v4.5/kube-proxy was updated. The following patches have been included in this update:

  SUSE: 2021:202-1 caasp/v4.5/kube-controller-manager Security Update (May 27)
 

The container caasp/v4.5/kube-controller-manager was updated. The following patches have been included in this update:

  SUSE: 2021:201-1 caasp/v4.5/kube-apiserver Security Update (May 27)
 

The container caasp/v4.5/kube-apiserver was updated. The following patches have been included in this update:

  SUSE: 2021:197-1 caasp/v4.5/k8s-sidecar Security Update (May 27)
 

The container caasp/v4.5/k8s-sidecar was updated. The following patches have been included in this update:

  SUSE: 2021:200-1 suse/sle15 Security Update (May 27)
 

The container suse/sle15 was updated. The following patches have been included in this update:

  SUSE: 2021:199-1 suse/sles12sp5 Security Update (May 27)
 

The container suse/sles12sp5 was updated. The following patches have been included in this update:

  SUSE: 2021:198-1 suse/sles12sp3 Security Update (May 27)
 

The container suse/sles12sp3 was updated. The following patches have been included in this update:

  Ubuntu 4983-1: Linux kernel (OEM) vulnerabilities (Jun 3)
 

Several security issues were fixed in the Linux kernel.

  Ubuntu 4982-1: Linux kernel vulnerabilities (Jun 3)
 

Several security issues were fixed in the Linux kernel.

  Ubuntu 4981-1: Squid vulnerabilities (Jun 3)
 

Several security issues were fixed in Squid.

  Ubuntu 4980-1: polkit vulnerability (Jun 3)
 

The system could be made to run programs as an administrator.

  Ubuntu 4979-1: Linux kernel vulnerabilities (Jun 2)
 

Several security issues were fixed in the Linux kernel.

  Ubuntu 4978-1: Firefox vulnerabilities (Jun 2)
 

Firefox could be made to crash or run programs as your login if it opened a malicious website.

  Ubuntu 4977-1: Linux kernel vulnerabilities (Jun 2)
 

Several security issues were fixed in the Linux kernel.

  Ubuntu 4976-1: Dnsmasq vulnerability (Jun 2)
 

Dnsmasq could be exposed to cache poisoning.

  Ubuntu 4975-1: Django vulnerabilities (Jun 2)
 

Several security issues were fixed in Django.

  Ubuntu 4974-1: Lasso vulnerability (Jun 1)
 

Applications using Lasso could be made to allow unintended access.

  Ubuntu 4973-1: Python vulnerability (Jun 1)
 

Python could allow unintended access to network services.

  Ubuntu 4972-1: PostgreSQL vulnerabilities (Jun 1)
 

Several security issues were fixed in PostgreSQL.

  Ubuntu 4971-1: libwebp vulnerabilities (Jun 1)
 

libwebp could be made to crash or run programs as your login if it opened a specially crafted file.

  Ubuntu 4970-1: GUPnP vulnerability (Jun 1)
 

GUPnP could allow unintended access to network services.

  Ubuntu 4968-2: LZ4 vulnerability (May 31)
 

LZ4 could be made to crash or run programs if it opened a specially crafted file.

  Ubuntu 4967-2: nginx vulnerability (May 27)
 

nginx could be made to crash or run programs if it received specially crafted network traffic.

  Ubuntu 4969-2: DHCP vulnerability (May 27)
 

DHCP could be made to crash if it received specially crafted network traffic.

  Ubuntu 4969-1: DHCP vulnerability (May 27)
 

DHCP could be made to crash if it received specially crafted network traffic.

  Debian LTS: DLA-2675-1: caribou regression update (Jun 3)
 

It was found that the fix for CVE-2020-25712 in the Xorg X server, addressed in DLA-2486-1, caused a regression in caribou, making it crash whenever special (shifted) characters were entered.

  Debian LTS: DLA-2674-1: isc-dhcp security update (Jun 3)
 

Jon Franklin and Pawel Wieczorkiewicz found an issue in the ISC DHCP client and server when parsing lease information, which could lead to denial of service via application crash.

  Debian LTS: DLA-2673-1: firefox-esr security update (Jun 3)
 

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.

  Debian LTS: DLA-2672-1: imagemagick security update (Jun 3)
 

Multiple security issues have been discovered in imagemagick. CVE-2020-27751

  Debian LTS: DLA-2671-1: rxvt-unicode security update (May 30)
 

rxvt-unicode allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline.

  Debian LTS: DLA-2670-1: nginx security update (May 30)
 

Luis Merino, Markus Vervier and Eric Sesterhenn discovered an off-by-one in Nginx, a high-performance web and reverse proxy server, which could result in denial of service and potentially the execution of arbitrary code.

  Debian LTS: DLA-2669-1: libxml2 security update (May 30)
 

An issue has been found in libxml2, the GNOME XML library. This issue is called "Parameter Laughs"-attack and is related to parameter entities expansion.

  Debian LTS: DLA-2668-1: samba security update (May 29)
 

Several vulnerabilities were discovered in Samba, SMB/CIFS file, print, and login server for Unix

  ArchLinux: 202106-19: keycloak: incorrect calculation (Jun 3)
 

The package keycloak before version 13.0.1-1 is vulnerable to incorrect calculation.

  ArchLinux: 202106-18: packagekit: information disclosure (Jun 3)
 

The package packagekit before version 1.2.3-1 is vulnerable to information disclosure.

  ArchLinux: 202106-17: rabbitmq: denial of service (Jun 3)
 

The package rabbitmq before version 3.8.16-1 is vulnerable to denial of service.

  ArchLinux: 202106-16: pam-u2f: authentication bypass (Jun 3)
 

The package pam-u2f before version 1.1.1-1 is vulnerable to authentication bypass.

  ArchLinux: 202106-15: postgresql: multiple issues (Jun 3)
 

The package postgresql before version 13.3-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.

  ArchLinux: 202106-14: ruby-bundler: insufficient validation (Jun 3)
 

The package ruby-bundler before version 2.2.18-1 is vulnerable to insufficient validation.

  ArchLinux: 202106-13: zint: arbitrary code execution (Jun 3)
 

The package zint before version 2.9.1-2 is vulnerable to arbitrary code execution.

  ArchLinux: 202106-12: redis: arbitrary code execution (Jun 3)
 

The package redis before version 6.2.4-1 is vulnerable to arbitrary code execution.

  ArchLinux: 202106-11: dhcp: arbitrary code execution (Jun 3)
 

The package dhcp before version 4.4.2.P1-1 is vulnerable to arbitrary code execution.

  ArchLinux: 202106-10: dhclient: arbitrary code execution (Jun 3)
 

The package dhclient before version 4.4.2.P1-1 is vulnerable to arbitrary code execution.

  ArchLinux: 202106-9: lib32-libcurl-gnutls: information disclosure (Jun 3)
 

The package lib32-libcurl-gnutls before version 7.77.0-1 is vulnerable to information disclosure.

  ArchLinux: 202106-8: libcurl-gnutls: information disclosure (Jun 3)
 

The package libcurl-gnutls before version 7.77.0-1 is vulnerable to information disclosure.

  ArchLinux: 202106-7: lib32-libcurl-compat: multiple issues (Jun 3)
 

The package lib32-libcurl-compat before version 7.77.0-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.

  ArchLinux: 202106-6: libcurl-compat: multiple issues (Jun 3)
 

The package libcurl-compat before version 7.77.0-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.

  ArchLinux: 202106-5: lib32-curl: multiple issues (Jun 3)
 

The package lib32-curl before version 7.77.0-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.

  ArchLinux: 202106-4: curl: multiple issues (Jun 3)
 

The package curl before version 7.77.0-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure.

  ArchLinux: 202106-3: firefox: multiple issues (Jun 3)
 

The package firefox before version 89.0-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing, information disclosure and access restriction bypass.

  ArchLinux: 202106-2: chromium: multiple issues (Jun 3)
 

The package chromium before version 91.0.4472.77-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure, insufficient validation and content spoofing.

  ArchLinux: 202106-1: opera: multiple issues (Jun 3)
 

The package opera before version 76.0.4017.154-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing, incorrect calculation and information disclosure.

  SciLinux: SLSA-2021-2206-1 Critical: firefox on SL7.x x86_64 (Jun 3)
 

This update upgrades Firefox to version 78.11.0 ESR. * Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - firefox-78.11.0-3.el7_9.i686.rpm - firefox-78.11.0-3.el7_9.x86_64.rpm - firefox-deb [More...]

  SciLinux: SLSA-2021-2147-1 Important: glib2 on x86_64 (Jun 1)
 

glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ----- SL7 x86_64 - glib2-2.56.1-9.el7_9.i686.rpm - glib2-2.56.1-9.el7_9.x86_64.rpm - glib2-debuginfo-2.56.1-9 [More...]

  openSUSE: 2021:0833-1 important: ceph (Jun 3)
 

An update that fixes three vulnerabilities is now available.

  openSUSE: 2021:0835-1 important: nginx (Jun 3)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0834-1 important: dhcp (Jun 3)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0832-1 important: xstream (Jun 3)
 

An update that fixes 11 vulnerabilities is now available.

  openSUSE: 2021:0829-1 important: opera (Jun 3)
 

An update that fixes 15 vulnerabilities is now available.

  openSUSE: 2021:0828-1 important: opera (Jun 3)
 

An update that fixes 15 vulnerabilities is now available.

  openSUSE: 2021:0830-1 moderate: inn (Jun 3)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0826-1 moderate: upx (Jun 3)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0825-1 important: chromium (Jun 2)
 

An update that fixes 21 vulnerabilities is now available.

  openSUSE: 2021:0822-1 important: gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, (Jun 1)
 

An update that fixes one vulnerability, contains one feature is now available.

  openSUSE: 2021:0821-1 important: slurm (Jun 1)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0813-1 moderate: upx (May 30)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0812-1 moderate: libxls (May 30)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0810-1 moderate: singularity (May 30)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0807-1 moderate: libX11 (May 29)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0806-1 moderate: hivex (May 29)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2021:0808-1 moderate: curl (May 29)
 

An update that fixes one vulnerability, contains one feature is now available.

  openSUSE: 2021:0799-1 moderate: libu2f-host (May 28)
 

An update that solves two vulnerabilities, contains one feature and has one errata is now available.

  openSUSE: 2021:0798-1 important: mpv (May 27)
 

An update that fixes one vulnerability is now available.

  Mageia 2021-0225: kernel-linus security update (May 31)
 

This kernel-linus update is based on upstream 5.10.41 and fixes atleast the following security issue: kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations. This can be abused to perform

  Mageia 2021-0224: kernel security update (May 31)
 

This kernel update is based on upstream 5.10.41 and fixes atleast the following security issues: A double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI

  Mageia 2021-0223: ceph security update (May 27)
 

Updated ceph packages fix security vulnerability on rgw CVE-2021-3524 (as well as CVE-2021-3509 and CVE-2021-3531 from which Mageia was not affected). References: - https://bugs.mageia.org/show_bug.cgi?id=28928 - https://docs.ceph.com/en/latest/security/CVE-2021-3524/

  Mageia 2021-0222: wireshark security update (May 27)
 

The MS-WSP dissector could consume excessive amounts of memory (CVE-2021-22207). References: - https://bugs.mageia.org/show_bug.cgi?id=28915

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.