Advisories

Linux Advisory Watch

Don't want to miss that crucial security notice?. The editorial staff at Guardian Digital will bring you complete coverage and in-depth
descriptions of all security bulletins, vulnerabilities and updated packages, all in one convenient weekly newsletter.

Linux Advisory Watch: November 6th, 2020

Linux Advisory Watch: November 6th, 2020

Thank you for subscribing to the LinuxSecurity Linux Advisory Watch newsletter! Staying on top of the latest security advisories issued by the distro(s) you use is essential in maintaining an updated, secure Linux system. Our weekly newsletter is an easy, convenient way to track distribution security advisories - helping you keep your Linux environment safe from malware and other exploits.

Important advisories issued this week include an update for the xorg-x11-server for Red Hat Enterprise Linux 6 and an update to Chromium 86 released by Fedora. Continue reading to learn about other significant advisories issued this week. Stay healthy, safe and secure - both on and offline!



Yours in Open Source,
Brittany Day Signature


LinuxSecurity.com Feature Extras:

WireGuard Brings Speed and Simplicity to VPN Technology - VPN technology has become a critical part of our digital lives, serving a variety of purposes including securing wireless connections, resolving geographical limitations, reaching prohibited websites and protecting the privacy of sensitive data. However, the unfortunate reality is that many of the VPN protocols on the market today are comlex, slow, unstable and insecure. Luckily, the new, innovative Wireguard protocol has demonstrated significant promise in all of these areas - and has earned a place in the mainline Linux kernel as a result. This article will briefly explore VPN protocols and potential concerns when implementing a VPN, and will dive deeper into the unique benefits that Wireguard offers users.

Open Source is Revolutionizing Careers in Cybersecurity - What You Need to Know - Technology is an integral part of our everyday lives. Widespread reliance on devices that connect us to the Internet and cloud platforms that facilitate digital communications has markedly increased since the beginning of this pandemic. As technology companies are scrambling to meet businesses and consumers evolving needs, one trend has become clearly apparent - open-source is at the forefront of modern technological innovation, revolutionizing careers available in the field of cybersecurity in the process. 


  Debian: DSA-4784-1: wordpress security update (Nov 6)
 

Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to run insecure deserialization, embed spam, perform various Cross-Site Scripting (XSS) or Cross-Site Request Forgery (CSRF) attacks, escalate privileges, run arbitrary

  Debian: DSA-4783-1: sddm security update (Nov 5)
 

Fabian Vogt discovered a flaw in sddm, a modern display manager for X11. A local attacker can take advantage of a race condition when creating the Xauthority file to escalate privileges.

  Debian: DSA-4782-1: openldap security update (Oct 30)
 

A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a

  Fedora 32: salt 2020-f9fa7892f2 (Nov 5)
 

Update to CVE release 3001.3-1 for Python3 Includes fixes for CVE-2020-16846, CVE-2020-17490, CVE-2020-25592

  Fedora 32: pngcheck 2020-d67cc48dce (Nov 5)
 

Fix executable hardening (PIC/PIE)

  Fedora 32: blueman 2020-ebabb6bf76 (Nov 5)
 

Update to v2.1.4. Contains security fix for CVE-2020-15238.

  Fedora 32: chromium 2020-127d40f1ab (Nov 5)
 

Update to Chromium 86. A few big things here: 1. Upstream has made hardware accelerated video support (VAAPI) for Linux possible without patches. One key difference is that the patchset used previously in Fedora enabled it by default and upstream's approach disables it by default. To enable Hardware accelerated video in chromium, open this link in chromium: chrome://flags/#enable-

  Fedora 33: salt 2020-5f08623da1 (Nov 5)
 

Update to CVE release 3002.1-1 for Python3 Includes fixes for CVE-2020-16846, CVE-2020-17490, CVE-2020-25592

  Fedora 33: pngcheck 2020-337dd39e3e (Nov 5)
 

Fix executable hardening (PIC/PIE)

  Fedora 33: blueman 2020-7c22b25a07 (Nov 5)
 

Update to v2.1.4. Contains security fix for CVE-2020-15238.

  Fedora 31: arpwatch 2020-193da8cf44 (Nov 4)
 

Fix a buffer overflow from long hostnames (#1563939).

  Fedora 32: thunderbird 2020-4ee7c84cd7 (Nov 4)
 

Update to latest upstream version.

  Fedora 32: arpwatch 2020-9c2f330b5a (Nov 4)
 

Fix a buffer overflow from long hostnames (#1563939).

  Fedora 33: trousers 2020-ab3dace708 (Nov 4)
 

Security update for trousers. Fixes for the following CVEs, plus a fix for an annocheck warning. - Fix for CVE-2020-24330 (RHBZ#1874824) - Fix for CVE-2020-24331 (RHBZ#1870057) - Fix for CVE-2020-24332 (RHBZ#1870053)

  Fedora 33: arpwatch 2020-8e115f0c7a (Nov 4)
 

Fix a buffer overflow from long hostnames (#1563939).

  Fedora 33: nss 2020-f29254bd5e (Nov 3)
 

Updates the nss package to upstream NSS 3.58 respectively. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes - https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes

  Fedora 32: kernel 2020-920a258c79 (Nov 2)
 

The 5.8.17 stable kernel update contains a number of important fixes across the tree.

  Fedora 32: fastd 2020-495c14a23f (Nov 2)
 

Fix for CVE-2020-27638

  Fedora 31: kernel 2020-09e4d062fe (Nov 2)
 

The 5.8.17 stable kernel update contains a number of important fixes across the tree.

  Fedora 31: fastd 2020-01dc2bc62c (Nov 2)
 

Fix for CVE-2020-27638

  Fedora 33: kernel 2020-474d747b60 (Nov 2)
 

The 5.8.17 stable kernel update contains a number of important fixes across the tree.

  Fedora 33: samba 2020-c1e9ae02d2 (Nov 2)
 

Update to Samba 4.13.1 - Security fixes for CVE-2020-14318, CVE-2020-14323 and CVE-2020-14383

  Fedora 33: fastd 2020-13edfc3215 (Nov 2)
 

Fix for CVE-2020-27638

  Fedora 33: thunderbird 2020-25247f0fe7 (Nov 1)
 

Update to latest upstream version.

  Fedora 31: java-1.8.0-openjdk 2020-febe36c3ac (Oct 30)
 

New in release OpenJDK 8u272 (2020-10-20): notes can be found at: * https://bitly.com/openjdk8u272 * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u272.txt ## New features * JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7 ##

  Fedora 31: java-11-openjdk 2020-421f817e5f (Oct 30)
 

New in release OpenJDK 11.0.9 (2020-10-20): notes can be found at: * https://bitly.com/openjdk1109 * https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt ## Security fixes - JDK-8233624: Enhance JNI linkage - JDK-8236196: Improve

  Fedora 32: java-11-openjdk 2020-fdc79d8e5b (Oct 30)
 

New in release OpenJDK 11.0.9 (2020-10-20): notes can be found at: * https://bitly.com/openjdk1109 * https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt ## Security fixes - JDK-8233624: Enhance JNI linkage - JDK-8236196: Improve

  Fedora 32: java-1.8.0-openjdk 2020-a405eea76a (Oct 30)
 

New in release OpenJDK 8u272 (2020-10-20): notes can be found at: * https://bitly.com/openjdk8u272 * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u272.txt ## New features * JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7 ##

  Fedora 33: firefox 2020-1a48fa788b (Oct 30)
 

- New upstream version (82.0.2) - Fixed Wayland crashes (rhbz#1888920)

  Fedora 31: python2 2020-e33acdea18 (Oct 29)
 

Fix CVE-2020-26116: Reject control chars in HTTP method in httplib

  Gentoo: GLSA-202011-05: libssh: Denial of Service (Nov 2)
 

A vulnerability in libssh could lead to a Denial of Service condition.

  Gentoo: GLSA-202011-04: Fossil: Multiple vulnerabilities (Nov 2)
 

Multiple vulnerabilities have been found in Fossil, the worst of which could result in the arbitrary execution of code.

  Gentoo: GLSA-202011-03: KPMCore: Root privilege escalation (Nov 2)
 

A vulnerability in kpmcore could result in privilege escalation.

  Gentoo: GLSA-202011-02: OpenDMARC: Heap-based buffer overflow (Nov 2)
 

A heap-based buffer overflow in OpenDMARC might allow remote attackers to execute arbitrary code.

  Gentoo: GLSA-202011-01: BlueZ: Arbitrary code execution (Nov 2)
 

A vulnerability in BlueZ might allow remote attackers to execute arbitrary code.

  RedHat: RHSA-2020-4961:01 Moderate: Red Hat Process Automation Manager (Nov 5)
 

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4960:01 Moderate: Red Hat Decision Manager 7.9.0 security (Nov 5)
 

An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4953:01 Important: xorg-x11-server security update (Nov 5)
 

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4946:01 Important: libX11 security update (Nov 5)
 

An update for libX11 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4947:01 Important: thunderbird security update (Nov 5)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4945:01 Important: thunderbird security update (Nov 5)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4951:01 Important: freetype security update (Nov 5)
 

An update for freetype is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4944:01 Important: thunderbird security update (Nov 5)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4948:01 Important: thunderbird security update (Nov 5)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4952:01 Important: freetype security update (Nov 5)
 

An update for freetype is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4950:01 Important: freetype security update (Nov 5)
 

An update for freetype is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4949:01 Important: freetype security update (Nov 5)
 

An update for freetype is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4932:01 Moderate: Red Hat Single Sign-On 7.4.3 security (Nov 4)
 

New Red Hat Single Sign-On 7.4.3 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4930:01 Moderate: Red Hat Single Sign-On 7.4.3 security (Nov 4)
 

New Red Hat Single Sign-On 7.4.3 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4929:01 Moderate: Red Hat Single Sign-On 7.4.3 security (Nov 4)
 

New Red Hat Single Sign-On 7.4.3 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4931:01 Moderate: Red Hat Single Sign-On 7.4.3 security (Nov 4)
 

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4910:01 Important: xorg-x11-server security update (Nov 4)
 

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4922:01 Important: Red Hat JBoss Enterprise Application (Nov 4)
 

An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4923:01 Important: Red Hat JBoss Enterprise Application (Nov 4)
 

An update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

  RedHat: RHSA-2020-4909:01 Important: thunderbird security update (Nov 4)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4907:01 Important: freetype security update (Nov 4)
 

An update for freetype is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4908:01 Important: libX11 security update (Nov 4)
 

An update for libX11 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4913:01 Important: thunderbird security update (Nov 4)
 

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4903:01 Moderate: nodejs:12 security and bug fix update (Nov 4)
 

An update for the nodejs:12 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4900:01 Moderate: cryptsetup security update (Nov 4)
 

An update for cryptsetup is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4799:01 Moderate: freeradius:3.0 security and bug fix (Nov 4)
 

An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4654:01 Moderate: python27:2.7 security update (Nov 4)
 

An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4605:01 Low: resource-agents security and bug fix update (Nov 4)
 

An update for resource-agents is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4709:01 Moderate: librsvg2 security update (Nov 4)
 

An update for librsvg2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4685:01 Important: kernel security update (Nov 4)
 

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4490:01 Moderate: gnupg2 security, bug fix, (Nov 4)
 

An update for gnupg2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4484:01 Moderate: expat security update (Nov 4)
 

An update for expat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4464:01 Moderate: libxslt security update (Nov 4)
 

An update for libxslt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4806:01 Important: dpdk security, bug fix, (Nov 4)
 

An update for dpdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4659:01 Moderate: gd security update (Nov 4)
 

An update for gd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4508:01 Moderate: libsolv security, bug fix, (Nov 4)
 

An update for libsolv is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4760:01 Moderate: tcpdump security, bug fix, (Nov 4)
 

An update for tcpdump is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4846:01 Moderate: mingw-expat security update (Nov 4)
 

An update for mingw-expat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4844:01 Moderate: fontforge security update (Nov 4)
 

An update for fontforge is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4743:01 Moderate: squid:4 security, bug fix, (Nov 4)
 

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4756:01 Moderate: varnish:6 security, bug fix, (Nov 4)
 

An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4542:01 Moderate: cryptsetup security, bug fix, (Nov 4)
 

An update for cryptsetup is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4643:01 Low: poppler security update (Nov 4)
 

An update for poppler is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4694:01 Moderate: container-tools:rhel8 security, bug fix, (Nov 4)
 

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4479:01 Moderate: libxml2 security update (Nov 4)
 

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4629:01 Moderate: libvpx security update (Nov 4)
 

An update for libvpx is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4568:01 Moderate: libldb security, bug fix, (Nov 4)
 

An update for libldb is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4751:01 Moderate: httpd:2.4 security, bug fix, (Nov 4)
 

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4807:01 Moderate: prometheus-jmx-exporter security update (Nov 4)
 

An update for prometheus-jmx-exporter is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4599:01 Moderate: curl security and bug fix update (Nov 4)
 

An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4482:01 Moderate: libgcrypt security, bug fix, (Nov 4)
 

An update for libgcrypt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4627:01 Moderate: SDL security update (Nov 4)
 

An update for SDL is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4553:01 Low: systemd security, bug fix, (Nov 4)
 

An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4500:01 Moderate: bind security, bug fix, (Nov 4)
 

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4690:01 Moderate: qt5-qtbase and qt5-qtwebsockets (Nov 4)
 

An update for qt5-qtbase, qt5-qttools, and qt5-qtwebsockets is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4649:01 Low: evolution security and bug fix update (Nov 4)
 

An update for bogofilter, evolution, evolution-data-server, evolution-mapi, and openchange is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4697:01 Moderate: targetcli security and enhancement (Nov 4)
 

An update for targetcli is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4465:01 Low: binutils security update (Nov 4)
 

An update for binutils is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4820:01 Moderate: file-roller security update (Nov 4)
 

An update for file-roller is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4686:01 Important: kernel-rt security update (Nov 3)
 

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

  RedHat: RHSA-2020-4689:01 Moderate: openwsman security update (Nov 3)
 

An update for openwsman is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4628:01 Low: libreoffice security, bug fix, (Nov 3)
 

An update for libreoffice, libcmis, and liborcus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4619:01 Moderate: frr security and bug fix update (Nov 3)
 

An update for frr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4670:01 Moderate: idm:DL1 and idm:client security, bug fix, (Nov 3)
 

An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4667:01 Moderate: mailman:2.1 security and bug fix update (Nov 3)
 

An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4805:01 Moderate: edk2 security, bug fix, (Nov 3)
 

An update for edk2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4545:01 Moderate: libssh security, bug fix, (Nov 3)
 

An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4625:01 Moderate: spamassassin security update (Nov 3)
 

An update for spamassassin is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4634:01 Moderate: libtiff security update (Nov 3)
 

An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4647:01 Moderate: freerdp and vinagre security, bug fix, (Nov 3)
 

An update for freerdp and vinagre is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4539:01 Moderate: pcre2 security and enhancement update (Nov 3)
 

An update for pcre2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4712:01 Moderate: subversion:1.10 security update (Nov 3)
 

An update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4547:01 Low: libpcap security, bug fix, (Nov 3)
 

An update for libpcap is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4483:01 Moderate: opensc security, bug fix, (Nov 3)
 

An update for opensc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4469:01 Low: cups security and bug fix update (Nov 3)
 

An update for cups is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4682:01 Moderate: grafana security, bug fix, (Nov 3)
 

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4650:01 Moderate: cloud-init security, bug fix, (Nov 3)
 

An update for cloud-init is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4763:01 Moderate: dovecot security update (Nov 3)
 

An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4687:01 Moderate: oddjob security, bug fix, (Nov 3)
 

An update for oddjob is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4641:01 Moderate: python38:3.8 security, bug fix, (Nov 3)
 

An update for the python38:3.8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4453:01 Moderate: vim security update (Nov 3)
 

An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4497:01 Moderate: cyrus-sasl security, bug fix, (Nov 3)
 

An update for cyrus-sasl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4514:01 Low: openssl security, bug fix, (Nov 3)
 

An update for openssl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4481:01 Moderate: bluez security update (Nov 3)
 

An update for bluez is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4655:01 Moderate: cyrus-imapd security update (Nov 3)
 

An update for cyrus-imapd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4827:01 Moderate: oniguruma security update (Nov 3)
 

An update for oniguruma is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4638:01 Low: sysstat security update (Nov 3)
 

An update for sysstat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4766:01 Moderate: libexif security, bug fix, (Nov 3)
 

An update for libexif is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4676:01 Moderate: virt:rhel and virt-devel:rhel security, (Nov 3)
 

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4609:01 Moderate: kernel-rt security and bug fix update (Nov 3)
 

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4442:01 Moderate: sqlite security update (Nov 3)
 

An update for sqlite is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4432:01 Moderate: python-pip security update (Nov 3)
 

An update for python-pip is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4445:01 Moderate: librabbitmq security update (Nov 3)
 

An update for librabbitmq is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4451:01 Moderate: GNOME security, bug fix, (Nov 3)
 

An update for GNOME is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4443:01 Moderate: libarchive security update (Nov 3)
 

An update for libarchive is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4444:01 Moderate: glibc security, bug fix, (Nov 3)
 

An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4431:01 Moderate: kernel security, bug fix, (Nov 3)
 

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  RedHat: RHSA-2020-4436:01 Low: gnome-software and fwupd security, bug fix, (Nov 3)
 

An update for appstream-data, fwupd, gnome-software, and libxmlb is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

  RedHat: RHSA-2020-4433:01 Moderate: python3 security and bug fix update (Nov 3)
 

An update for python3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

  SUSE: 2020:3191-1 important: java-1_8_0-openjdk (Nov 5)
 

An update that fixes 16 vulnerabilities is now available.

  SUSE: 2020:3180-1 important: the Linux Kernel (Live Patch 18 for SLE 15) (Nov 5)
 

An update that fixes 5 vulnerabilities is now available.

  SUSE: 2020:3181-1 important: the Linux Kernel (Live Patch 4 for SLE 15 SP2) (Nov 5)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3186-1 important: the Linux Kernel (Live Patch 2 for SLE 15 SP2) (Nov 5)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3187-1 important: the Linux Kernel (Live Patch 0 for SLE 15 SP2) (Nov 5)
 

An update that fixes three vulnerabilities is now available.

  SUSE: 2020:3190-1 important: the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Nov 5)
 

An update that fixes four vulnerabilities is now available.

  SUSE: 2020:3188-1 important: the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Nov 5)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3178-1 important: the Linux Kernel (Live Patch 20 for SLE 15) (Nov 5)
 

An update that fixes four vulnerabilities is now available.

  SUSE: 2020:3171-1 critical: salt (Nov 5)
 

An update that fixes three vulnerabilities is now available.

  SUSE: 2020:3161-1 important: u-boot (Nov 5)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3163-1 moderate: ImageMagick (Nov 5)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3160-1 important: rmt-server (Nov 5)
 

An update that fixes 16 vulnerabilities is now available.

  SUSE: 2020:3165-1 moderate: bluez (Nov 5)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3166-1 moderate: wireshark (Nov 5)
 

An update that fixes four vulnerabilities is now available.

  SUSE: 2020:3164-1 moderate: ImageMagick (Nov 5)
 

An update that solves one vulnerability and has one errata is now available.

  SUSE: 2020:3162-1 moderate: ImageMagick (Nov 5)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3155-1 critical: salt (Nov 4)
 

An update that solves three vulnerabilities and has 6 fixes is now available.

  SUSE: 2020:3152-1 important: apache-commons-httpclient (Nov 4)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3147-1 important: rmt-server (Nov 4)
 

An update that fixes 16 vulnerabilities is now available.

  SUSE: 2020:3151-1 important: apache-commons-httpclient (Nov 4)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3149-1 important: apache-commons-httpclient (Nov 4)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3143-1 important: libvirt (Nov 3)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3133-1 opensc (Nov 3)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3122-1 important: the Linux Kernel (Nov 3)
 

An update that solves three vulnerabilities and has 31 fixes is now available.

  SUSE: 2020:3132-1 moderate: gnome-settings-daemon, gnome-shell (Nov 3)
 

An update that solves one vulnerability, contains one feature and has one errata is now available.

  SUSE: 2020:3125-1 important: sane-backends (Nov 3)
 

An update that fixes 8 vulnerabilities, contains three features is now available.

  SUSE: 2020:3126-1 moderate: ovmf (Nov 3)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3122-1 important: the Linux Kernel (Nov 3)
 

An update that solves three vulnerabilities and has 31 fixes is now available.

  SUSE: 2020:3121-1 moderate: python (Nov 2)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3115-1 moderate: python (Nov 2)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:14525-1 important: samba (Oct 30)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:14524-1 graphviz (Oct 30)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3107-1 liblouis (Oct 30)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3092-1 important: samba (Oct 29)
 

An update that fixes three vulnerabilities is now available.

  SUSE: 2020:3094-1 important: pacemaker (Oct 29)
 

An update that solves one vulnerability and has three fixes is now available.

  SUSE: 2020:3093-1 important: samba (Oct 29)
 

An update that fixes three vulnerabilities is now available.

  SUSE: 2020:3096-1 important: python-Jinja2 (Oct 29)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3091-1 important: MozillaThunderbird and mozilla-nspr (Oct 29)
 

An update that fixes 6 vulnerabilities is now available.

  SUSE: 2020:3095-1 important: libvirt (Oct 29)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:1396-3 moderate: zstd (Oct 29)
 

An update that contains security fixes and contains one feature can now be installed.

  SUSE: 2020:3090-1 graphviz (Oct 29)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3088-1 important: xen (Oct 29)
 

An update that fixes four vulnerabilities is now available.

  SUSE: 2020:3089-1 important: pacemaker (Oct 29)
 

An update that solves one vulnerability and has three fixes is now available.

  SUSE: 2020:3086-1 important: pacemaker (Oct 29)
 

An update that solves one vulnerability and has three fixes is now available.

  SUSE: 2020:3087-1 important: samba (Oct 29)
 

An update that fixes three vulnerabilities is now available.

  SUSE: 2020:3080-1 important: pacemaker (Oct 29)
 

An update that solves one vulnerability and has three fixes is now available.

  SUSE: 2020:3085-1 moderate: spice-gtk (Oct 29)
 

An update that fixes one vulnerability is now available.

  SUSE: 2020:3083-1 important: samba (Oct 29)
 

An update that fixes two vulnerabilities is now available.

  SUSE: 2020:3082-1 important: samba (Oct 29)
 

An update that fixes three vulnerabilities is now available.

  SUSE: 2020:3081-1 important: samba (Oct 29)
 

An update that fixes three vulnerabilities is now available.

  SUSE: 2020:3084-1 moderate: spice (Oct 29)
 

An update that fixes one vulnerability is now available.

  Ubuntu 4621-1: netqmail vulnerabilities (Nov 6)
 

netqmail could be made to crash if it received specially crafted input.

  Ubuntu 4599-3: Firefox regressions (Nov 5)
 

USN-4599-1 and USN-4599-2 caused some minor regressions in Firefox.

  Ubuntu 4619-1: dom4j vulnerability (Nov 5)
 

dom4j could be made to crash or run programs if it received a specially crafted file.

  Ubuntu 4618-1: tmux vulnerability (Nov 5)
 

tmux could be made to crash or execute arbitrary code if it received a specially crafted input.

  Ubuntu 4616-2: AccountsService vulnerabilities (Nov 4)
 

Several security issues were fixed in AccountsService.

  Ubuntu 4617-1: SPICE vdagent vulnerabilities (Nov 4)
 

Several security issues were fixed in SPICE vdagent.

  Ubuntu 4613-1: python-cryptography vulnerability (Nov 3)
 

python-cryptography could be made to expose sensitive information over the network.

  Ubuntu 4616-1: AccountsService vulnerabilities (Nov 3)
 

Several security issues were fixed in AccountsService.

  Ubuntu 4614-1: GDM vulnerability (Nov 3)
 

GDM could be made to create privileged users.

  Ubuntu 4605-2: Blueman update (Nov 2)
 

A security improvement has been made to blueman.

  Ubuntu 4611-1: Samba vulnerabilities (Nov 2)
 

Several security issues were fixed in Samba.

  Ubuntu 4610-1: fastd vulnerability (Oct 29)
 

fastd could be made to remotely exhaust resources if it received specially crafted packets.

  [SECURITY][DLA 2431-1] libonig security update (Nov 4)
 

Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring. CVE-2019-13224

  Debian LTS: DLA-2430-1: blueman security update (Nov 3)
 

Vaisha Bernard discovered that Blueman, a graphical bluetooth manager performed insufficient validation on a D-Bus interface, which could result in denial of service or privilege escalation.

  Debian LTS: DLA-2429-1: wordpress security update (Nov 3)
 

There were several vulnerabilites reported against wordpress, as follows: CVE-2020-28032

  Debian LTS: DLA-2426-1: junit4 security update (Nov 1)
 

In junit4 the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by

  Debian LTS: DLA-2428-1: spice-gtk security update (Nov 1)
 

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system. Both the SPICE client (spice-gtk) and server are affected by

  Debian LTS: DLA-2427-1: spice security update (Nov 1)
 

Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1.

  Debian LTS: DLA-2425-1: openldap security update (Nov 1)
 

A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash)

  Debian LTS: DLA-2424-1: tzdata new upstream version (Oct 31)
 

tzdata, the time zone and daylight-saving time data, has been updated to the latest version. - Revised predictions for Morocco's changes starting in 2023.

  Debian LTS: DLA-2423-1: wireshark security update (Oct 31)
 

Several vulnerabilities were fixed in the Wireshark network protocol analyzer. CVE-2019-10894

  Debian LTS: DLA-2422-1: qtsvg-opensource-src security update (Oct 31)
 

Malformed SVG images were able to cause a segmentation fault in qtsvg-opensource-src, the QtSvg module for displaying the contents of SVG files in Qt.

  Debian LTS: DLA-2420-2: linux regression update (Oct 31)
 

This update corrects a regression in some Xen virtual machine environments. For reference the original advisory text follows. Several vulnerabilities have been discovered in the Linux kernel that

  Debian LTS: DLA-2421-1: cimg security update (Oct 30)
 

Several issues have been found in cimg, a powerful image processing library.

  Debian LTS: DLA-2420-1: linux security update (Oct 30)
 

Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.

  Debian LTS: DLA-2412-1: openjdk-8 security update (Oct 30)
 

Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, bypass of sandbox restrictions or information disclosure.

  Debian LTS: DLA-2419-1: dompurify.js security update (Oct 29)
 

Two issues have been found in dompurify.js, an XSS sanitizer for HTML, MathML and SVG. Both issues are related to mXSS issues in SVG- or MATH-elements.

  Debian LTS: DLA-2418-1: libsndfile security update (Oct 29)
 

Several issues have been found in libsndfile, a library for reading/writing audio files. All issues are basically divide by zero errors, heap read overflows or

  ArchLinux: 202011-2: chromium: multiple issues (Nov 3)
 

The package chromium before version 86.0.4240.183-1 is vulnerable to multiple issues including arbitrary code execution and privilege escalation.

  ArchLinux: 202011-1: firefox: multiple issues (Nov 3)
 

The package firefox before version 82.0-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and content spoofing.

  openSUSE: 2020:1844-1: important: xen (Nov 5)
 

An update that fixes four vulnerabilities is now available.

  openSUSE: 2020:1841-1: critical: tigervnc (Nov 5)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1840-1: moderate: tiff (Nov 5)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1834-1: moderate: tmux (Nov 5)
 

An update that solves two vulnerabilities and has two fixes is now available.

  openSUSE: 2020:1842-1: moderate: tomcat (Nov 5)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1834-1: moderate: tmux (Nov 5)
 

An update that solves two vulnerabilities and has two fixes is now available.

  openSUSE: 2020:1843-1: moderate: transfig (Nov 5)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1833-1: critical: salt (Nov 5)
 

An update that solves three vulnerabilities and has 6 fixes is now available.

  openSUSE: 2020:1831-1: important: chromium (Nov 5)
 

An update that fixes 7 vulnerabilities is now available.

  openSUSE: 2020:1829-1: important: chromium, gn (Nov 5)
 

An update that fixes 39 vulnerabilities is now available.

  openSUSE: 2020:1825-1: important: pacemaker (Nov 4)
 

An update that solves one vulnerability and has three fixes is now available.

  openSUSE: 2020:1820-1: moderate: icinga2 (Nov 3)
 

An update that solves one vulnerability and has two fixes is now available.

  openSUSE: 2020:1822-1: moderate: claws-mail (Nov 3)
 

An update that solves one vulnerability and has one errata is now available.

  openSUSE: 2020:1819-1: important: samba (Nov 2)
 

An update that fixes three vulnerabilities is now available.

  openSUSE: 2020:1812-1: important: lout (Nov 2)
 

An update that fixes two vulnerabilities is now available.

  openSUSE: 2020:1813-1: important: lout (Nov 2)
 

An update that fixes two vulnerabilities is now available.

  openSUSE: 2020:1814-1: important: singularity (Nov 2)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1811-1: important: samba (Nov 2)
 

An update that fixes three vulnerabilities is now available.

  openSUSE: 2020:1810-1: moderate: pagure (Nov 1)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1806-1: important: phpMyAdmin (Nov 1)
 

An update that solves 5 vulnerabilities and has one errata is now available.

  openSUSE: 2020:1806-1: important: phpMyAdmin (Nov 1)
 

An update that solves 5 vulnerabilities and has one errata is now available.

  openSUSE: 2020:1804-1: moderate: binutils (Nov 1)
 

An update that solves 8 vulnerabilities and has 5 fixes is now available.

  openSUSE: 2020:1798-1: important: sane-backends (Nov 1)
 

An update that fixes 7 vulnerabilities is now available.

  openSUSE: 2020:1799-1: moderate: tomcat (Nov 1)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1802-1: moderate: spice (Nov 1)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1803-1: moderate: spice-gtk (Nov 1)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1792-1: important: apache2 (Oct 31)
 

An update that solves two vulnerabilities and has one errata is now available.

  openSUSE: 2020:1787-1: moderate: virt-bootstrap (Oct 31)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1791-1: important: sane-backends (Oct 31)
 

An update that fixes 7 vulnerabilities is now available.

  openSUSE: 2020:1790-1: moderate: binutils (Oct 31)
 

An update that solves 8 vulnerabilities and has 5 fixes is now available.

  openSUSE: 2020:1785-1: important: MozillaThunderbird and mozilla-nspr (Oct 31)
 

An update that fixes 6 vulnerabilities is now available.

  openSUSE: 2020:1782-1: important: pacemaker (Oct 31)
 

An update that solves one vulnerability and has three fixes is now available.

  openSUSE: 2020:1783-1: important: xen (Oct 31)
 

An update that fixes four vulnerabilities is now available.

  openSUSE: 2020:1780-1: important: MozillaThunderbird and mozilla-nspr (Oct 30)
 

An update that fixes 6 vulnerabilities is now available.

  openSUSE: 2020:1777-1: important: libvirt (Oct 30)
 

An update that solves two vulnerabilities and has four fixes is now available.

  openSUSE: 2020:1778-1: important: libvirt (Oct 30)
 

An update that solves two vulnerabilities and has four fixes is now available.

  openSUSE: 2020:1769-1: important: singularity (Oct 29)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1770-1: important: singularity (Oct 29)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1772-1: important: lout (Oct 29)
 

An update that fixes two vulnerabilities is now available.

  openSUSE: 2020:1771-1: important: lout (Oct 29)
 

An update that fixes two vulnerabilities is now available.

  openSUSE: 2020:1767-1: important: php7 (Oct 29)
 

An update that solves two vulnerabilities and has one errata is now available.

  openSUSE: 2020:1765-1: moderate: pagure (Oct 29)
 

An update that fixes one vulnerability is now available.

  openSUSE: 2020:1766-1: moderate: tensorflow2 (Oct 29)
 

An update that fixes 16 vulnerabilities is now available.

  Mageia 2020-0397: tomcat security update (Oct 29)
 

If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.