| |
Debian: DSA-4561-1: fribidi security update (Nov 7) |
| |
Alex Murray discovered a stack-based buffer overflow vulnerability in fribidi, an implementation of the Unicode Bidirectional Algorithm algorithm, which could result in denial of service or potentially the execution of arbitrary code, when processing a large number of unicode
|
| |
Debian: DSA-4560-1: simplesamlphp security update (Nov 6) |
| |
It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, it was possible to circumvent XML signature verification on SAML messages.
|
| |
Debian: DSA-4559-1: proftpd-dfsg security update (Nov 5) |
| |
Stephan Zeisberg discovered that missing input validation in ProFTPD, a FTP/SFTP/FTPS server, could result in denial of service via an infinite loop.
|
| |
Debian: DSA-4558-1: webkit2gtk security update (Nov 4) |
| |
Several vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2019-8625
|
| |
Debian: DSA-4557-1: libarchive security update (Oct 31) |
| |
A use-after-free was found in libarchive, a multi-format archive and compression library, which could result in denial of service and potentially the execution of arbitrary code is a malformed archive is processed.
|
| |
Debian: DSA-4556-1: qtbase-opensource-src security update (Oct 31) |
| |
An out-of-bounds memory access was discovered in the Qt library, which could result in denial of service through a text file containing many directional characters.
|
| |
|
| |
Fedora 31: chromium FEDORA-2019-5975f6ca93 (Nov 6) |
| |
Chromium 78. Fixes these: CVE-2019-5870 CVE-2019-5871 CVE-2019-5872 CVE-2019-5874 CVE-2019-5875 CVE-2019-13691 CVE-2019-13692 CVE-2019-5876 CVE-2019-5877 CVE-2019-5878 CVE-2019-5879 CVE-2019-5880 CVE-2019-5881 CVE-2019-13659 CVE-2019-13660 CVE-2019-13661 CVE-2019-13662 CVE-2019-13663 CVE-2019-13664 CVE-2019-13665 CVE-2019-13666 CVE-2019-13667 CVE-2019-13668
|
| |
Fedora 31: wpa_supplicant FEDORA-2019-0e0b28001d (Nov 6) |
| |
Security fix for CVE-2019-16275
|
| |
Fedora 31: libssh2 FEDORA-2019-91529f19e4 (Nov 6) |
| |
- fix integer overflow in SSH_MSG_DISCONNECT logic (CVE-2019-17498)
|
| |
Fedora 31: thunderbird FEDORA-2019-9b4ebc2973 (Nov 6) |
| |
Update to latest upstream version.
|
| |
Fedora 29: java-latest-openjdk FEDORA-2019-d81be00640 (Nov 3) |
| |
This update brings security updates for OpenJDK 13 and updates it to most current version 13.0.1.9.
|
| |
Fedora 29: t1utils FEDORA-2019-9fffac5168 (Nov 3) |
| |
T1utils 1.41 T1utils 1.40 Wilk and Niels Thykier
|
| |
Fedora 30: t1utils FEDORA-2019-b2156dcba6 (Nov 3) |
| |
T1utils 1.41 T1utils 1.40 Wilk and Niels Thykier
|
| |
Fedora 31: t1utils FEDORA-2019-0c2f24ce3f (Nov 3) |
| |
T1utils 1.41 T1utils 1.40 Wilk and Niels Thykier
|
| |
Fedora 30: webkit2gtk3 FEDORA-2019-99db7a510e (Nov 2) |
| |
Rebasing to 2.26.x For release info please see https://www.webkitgtk.org/2019/09/09/webkitgtk2.26.0-released.html and https://www.webkitgtk.org/2019/09/23/webkitgtk2.26.1-released.html CVE fixes: CVE-2019-8625, CVE-2019-8720, CVE-2019-8769, CVE-2019-8771
|
| |
Fedora 30: file FEDORA-2019-97dcb2762a (Nov 2) |
| |
- fix heap-based buffer overflow in cdf_read_property_info() (CVE-2019-18218)
|
| |
Fedora 30: nss FEDORA-2019-8934d55352 (Nov 2) |
| |
Updates the nspr and nss packages to upstream NSPR 4.23 and NSS 3.47 respectively. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes -
|
| |
Fedora 30: nspr FEDORA-2019-8934d55352 (Nov 2) |
| |
Updates the nspr and nss packages to upstream NSPR 4.23 and NSS 3.47 respectively. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes -
|
| |
Fedora 30: php FEDORA-2019-7bb07c3b02 (Nov 2) |
| |
**PHP version 7.3.11** (24 Oct 2019) **Core:** * Fixed bug php#78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser) * Fixed bug php#78620 (Out of memory error). (cmb, Nikita) **Exif :** * Fixed bug php#78442 ('Illegal component' on exif_read_data since PHP7) (Kalle) **FPM:** * Fixed bug php#78599 (env_path_info underflow in fpm_main.c can lead to RCE).
|
| |
Fedora 31: nss FEDORA-2019-4175e7cb56 (Nov 1) |
| |
Updates the nspr and nss packages to upstream NSPR 4.23 and NSS 3.47 respectively. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes -
|
| |
Fedora 31: nspr FEDORA-2019-4175e7cb56 (Nov 1) |
| |
Updates the nspr and nss packages to upstream NSPR 4.23 and NSS 3.47 respectively. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes -
|
| |
Fedora 29: php FEDORA-2019-187ae3128d (Nov 1) |
| |
**PHP version 7.2.24** (24 Oct 2019) **Core:** * Fixed bug php#78535 (auto_detect_line_endings value not parsed as bool). (bugreportuser) * Fixed bug php#78620 (Out of memory error). (cmb, Nikita) **Exif:** * Fixed bug php#78442 ('Illegal component' on exif_read_data since PHP7) (Kalle) **FPM:** * Fixed bug php#78599 (env_path_info underflow in fpm_main.c can lead to RCE).
|
| |
|
| |
Gentoo: GLSA-201911-04: OpenSSL: Multiple vulnerabilities (Nov 7) |
| |
Multiple information disclosure vulnerabilities in OpenSSL allow attackers to obtain sensitive information.
|
| |
Gentoo: GLSA-201911-03: Oniguruma: Multiple vulnerabilities (Nov 7) |
| |
Multiple vulnerabilities have been found in Oniguruma, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201911-02: pump: User-assisted execution of arbitrary code (Nov 7) |
| |
A buffer overflow in pump might allow remote attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-201911-01: OpenSSH: Integer overflow (Nov 7) |
| |
An integer overflow in OpenSSH might allow an attacker to execute arbitrary code.
|
| |
|
| |
RedHat: RHSA-2019-3812:01 Moderate: OpenShift Container Platform 3.9 cri-o (Nov 7) |
| |
An update for cri-o is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3813:01 Low: OpenShift Container Platform 3.9 (Nov 7) |
| |
An update for mediawiki123 is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3811:01 Important: OpenShift Container Platform 3.9 (Nov 7) |
| |
An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3788:01 Moderate: openstack-octavia security and bug fix (Nov 7) |
| |
An update for openstack-octavia is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3787:01 Important: qemu-kvm-rhev security update (Nov 7) |
| |
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3789:01 Moderate: ansible security update (Nov 7) |
| |
An update for ansible is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3775:01 Important: chromium-browser security update (Nov 7) |
| |
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3722:01 Moderate: OpenShift Container Platform 4.1.22 (Nov 7) |
| |
An update for openshift-enterprise-hypershift-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3755:01 Important: sudo security update (Nov 6) |
| |
An update for sudo is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3756:01 Important: thunderbird security update (Nov 6) |
| |
An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3758:01 Important: patch security update (Nov 6) |
| |
An update for patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3757:01 Important: patch security update (Nov 6) |
| |
An update for patch is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3754:01 Important: sudo security update (Nov 6) |
| |
An update for sudo is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3759:01 Important: chromium-browser security update (Nov 6) |
| |
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3744:01 Moderate: ansible security update (Nov 6) |
| |
An update for ansible is now available for Red Hat OpenStack Platform 14.0 (Rocky). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3742:01 Important: qemu-kvm-rhev security update (Nov 6) |
| |
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 14.0 (Rocky). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3743:01 Moderate: openstack-octavia security update (Nov 6) |
| |
An update for openstack-octavia is now available for Red Hat OpenStack Platform 14.0 (Rocky). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3736:01 Critical: php:7.3 security update (Nov 6) |
| |
An update for the php:7.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3735:01 Critical: php:7.2 security update (Nov 6) |
| |
An update for the php:7.2 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3725:01 Moderate: rh-python36-python security, bug fix, (Nov 6) |
| |
An update for rh-python36-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3724:01 Critical: rh-php70-php security update (Nov 6) |
| |
An update for rh-php70-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3699:01 Moderate: evolution security and bug fix update (Nov 5) |
| |
An update for evolution, evolution-data-server, and evolution-ews is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3698:01 Moderate: libarchive security and bug fix update (Nov 5) |
| |
An update for libarchive is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3701:01 Moderate: curl security and bug fix update (Nov 5) |
| |
An update for curl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3700:01 Low: openssl security, bug fix, (Nov 5) |
| |
An update for openssl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3706:01 Moderate: lua security and bug fix update (Nov 5) |
| |
An update for lua is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3704:01 Moderate: numpy security update (Nov 5) |
| |
An update for numpy is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3705:01 Moderate: libjpeg-turbo security update (Nov 5) |
| |
An update for libjpeg-turbo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3702:01 Moderate: openssh security, bug fix, (Nov 5) |
| |
An update for openssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3694:01 Important: sudo security update (Nov 5) |
| |
An update for sudo is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3708:01 Moderate: mariadb:10.3 security and bug fix update (Nov 5) |
| |
An update for the mariadb:10.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3707:01 Moderate: dbus security update (Nov 5) |
| |
An update for dbus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3703:01 Low: libvorbis security update (Nov 5) |
| |
An update for libvorbis is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3345:01 Low: virt:rhel security, bug fix, (Nov 5) |
| |
An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3352:01 Low: gdb security, bug fix, and enhancement update (Nov 5) |
| |
An update for gdb is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3552:01 Low: bind security and bug fix update (Nov 5) |
| |
An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3513:01 Moderate: glibc security, bug fix, (Nov 5) |
| |
An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3575:01 Low: elfutils security, bug fix, (Nov 5) |
| |
An update for elfutils is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3391:01 Low: libreswan security and bug fix update (Nov 5) |
| |
An update for libreswan is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3643:01 Low: gettext security update (Nov 5) |
| |
An update for gettext is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3387:01 Low: osinfo-db and libosinfo security and bug fix (Nov 5) |
| |
An update for osinfo-db, osinfo-db-tools, libosinfo, and gnome-boxes is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3517:01 Important: kernel security, bug fix, (Nov 5) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3651:01 Low: sssd security, bug fix, (Nov 5) |
| |
An update for sssd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3553:01 Low: GNOME security, bug fix, (Nov 5) |
| |
An update for GNOME is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3353:01 Moderate: freeradius:3.0 security and bug fix (Nov 5) |
| |
An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3403:01 Important: container-tools:rhel8 security, bug fix, (Nov 5) |
| |
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3610:01 Moderate: libqb security and bug fix update (Nov 5) |
| |
An update for libqb is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3421:01 Moderate: mod_auth_mellon security, bug fix, (Nov 5) |
| |
An update for mod_auth_mellon is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3338:01 Moderate: edk2 security, bug fix, (Nov 5) |
| |
An update for edk2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3476:01 Moderate: squid:4 security and bug fix update (Nov 5) |
| |
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3520:01 Moderate: python3 security and bug fix update (Nov 5) |
| |
An update for python3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3525:01 Moderate: dhcp security and bug fix update (Nov 5) |
| |
An update for dhcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3335:01 Moderate: python27:2.7 security and bug fix update (Nov 5) |
| |
An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3600:01 Moderate: gnutls security, bug fix, (Nov 5) |
| |
An update for gnutls is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3590:01 Moderate: python-urllib3 security update (Nov 5) |
| |
An update for python-urllib3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3401:01 Important: 389-ds:1.4 security, bug fix, (Nov 5) |
| |
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3530:01 Moderate: glib2 security, bug fix, (Nov 5) |
| |
An update for glib2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3673:01 Low: lldpad security and bug fix update (Nov 5) |
| |
An update for lldpad is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3497:01 Moderate: http-parser security and bug fix update (Nov 5) |
| |
An update for http-parser is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3583:01 Moderate: yum security, bug fix, (Nov 5) |
| |
An update for yum is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3419:01 Moderate: libtiff security update (Nov 5) |
| |
An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3436:01 Moderate: httpd:2.4 security and bug fix update (Nov 5) |
| |
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3467:01 Moderate: dovecot security and bug fix update (Nov 5) |
| |
An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3433:01 Moderate: go-toolset:rhel8 security, bug fix, (Nov 5) |
| |
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3592:01 Moderate: systemd security, bug fix, (Nov 5) |
| |
An update for systemd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3624:01 Moderate: libseccomp security, bug fix, (Nov 5) |
| |
An update for libseccomp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3309:01 Important: kernel-rt security and bug fix update (Nov 5) |
| |
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3390:01 Moderate: qt5-qtbase security and bug fix update (Nov 5) |
| |
An update for qt5-qtbase is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3582:01 Moderate: samba security, bug fix, (Nov 5) |
| |
An update for samba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3464:01 Low: virt-manager security, bug fix, (Nov 5) |
| |
An update for virt-manager is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3494:01 Important: container-tools:1.0 security and bug (Nov 5) |
| |
An update for the container-tools:1.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3300:01 Critical: rh-php71-php security update (Nov 1) |
| |
An update for rh-php71-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3299:01 Critical: rh-php72-php security update (Nov 1) |
| |
An update for rh-php72-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3297:01 Important: Red Hat Process Automation Manager (Oct 31) |
| |
An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3286:01 Critical: php security update (Oct 31) |
| |
An update for php is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3287:01 Critical: php security update (Oct 31) |
| |
An update for php is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3292:01 Important: Red Hat Decision Manager 7.5.0 (Oct 31) |
| |
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3281:01 Critical: firefox security update (Oct 31) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-3278:01 Important: sudo security update (Oct 31) |
| |
An update for sudo is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.
|
| |
|
| |
Slackware: 2019-311-01: Slackware 14.2 kernel Security Update (Nov 7) |
| |
New kernel packages are available for Slackware 14.2 to fix security issues.
|
| |
Slackware: 2019-308-01: libtiff Security Update (Nov 4) |
| |
New libtiff packages are available for Slackware 14.2 and -current to fix security issues.
|
| |
|
| |
SUSE: 2019:2912-1 important: Recommended MozillaThunderbird (Nov 7) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
SUSE: 2019:2916-1 moderate: gdb (Nov 7) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:2915-1 moderate: bluez (Nov 7) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2914-1 moderate: gdb (Nov 7) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:2913-1 moderate: gdb (Nov 7) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:2909-1 important: php72 (Nov 6) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:14206-1 moderate: libssh2_org (Nov 6) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:14207-1 moderate: gdb (Nov 6) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2900-1 moderate: libssh2_org (Nov 6) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2902-1 moderate: gdb (Nov 6) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:2896-1 moderate: ImageMagick (Nov 5) |
| |
An update that fixes 11 vulnerabilities is now available.
|
| |
SUSE: 2019:2893-1 important: samba (Nov 5) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2891-1 moderate: python-ecdsa (Nov 4) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:2890-1 important: samba (Nov 4) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2875-1 important: samba (Oct 31) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2871-1 important: MozillaFirefox, MozillaFirefox-branding-SLE (Oct 31) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
SUSE: 2019:2872-1 important: MozillaFirefox (Oct 31) |
| |
An update that fixes 51 vulnerabilities is now available.
|
| |
|
| |
Ubuntu 4179-1: FriBidi vulnerability (Nov 8) |
| |
Applications using FriBidi could be made to crash or run programs as your login if it displayed specially crafted text.
|
| |
Ubuntu 4178-1: WebKitGTK+ vulnerabilities (Nov 7) |
| |
Several security issues were fixed in WebKitGTK+.
|
| |
Ubuntu 4177-1: Rygel vulnerability (Nov 6) |
| |
The system could be made to expose sensitive information.
|
| |
Ubuntu 4176-1: GNU cpio vulnerability (Nov 6) |
| |
GNU cpio could be made to expose sensitive information if it received a specially crafted input.
|
| |
Ubuntu 4165-2: Firefox regressions (Nov 5) |
| |
USN-4165-1 caused some minor regressions in Firefox.
|
| |
Ubuntu 4171-3: Apport regression (Nov 5) |
| |
USN-4171-1 introduced a regression in Apport.
|
| |
Ubuntu 4170-3: Whoopsie regression (Nov 5) |
| |
USN-4170-2 caused a regression in Whoopsie
|
| |
Ubuntu 4175-1: Nokogiri vulnerability (Nov 5) |
| |
Nokogiri could be made to execute programs if it received specially crafted input.
|
| |
Ubuntu 4171-4: Apport regression (Nov 5) |
| |
USN-4171-2 introduced a regression in Apport.
|
| |
Ubuntu 4174-1: HAproxy vulnerability (Nov 5) |
| |
HAproxy would allow unintended access if ii received specially crafted HTTP request.
|
| |
Ubuntu 4171-2: Apport vulnerabilities (Nov 4) |
| |
Several security issues were fixed in Apport.
|
| |
Ubuntu 4172-2: file vulnerability (Oct 31) |
| |
file could be made to crash or run programs if it opened a specially crafted file.
|
| |
|
| |
Debian LTS: DLA-1983-1: simplesamlphp security update (Nov 6) |
| |
It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, it was possible to circumvent XML signature verification on SAML messages.
|
| |
Debian LTS: DLA-1982-1: openafs security update (Nov 5) |
| |
Several security vulnerabilities were discovered in OpenAFS, a distributed file system. CVE-2019-18601
|
| |
Debian LTS: DLA-1980-1: wordpress security update (Nov 5) |
| |
Several vulnerabilities in wordpress, a web blogging tool, have been fixed.
|
| |
Debian LTS: DLA-1981-1: cpio security update (Nov 5) |
| |
A vulnerability was discovered in the cpio package. CVE-2019-14866
|
| |
|
| |
ArchLinux: 201911-9: linux-hardened: arbitrary code execution (Nov 7) |
| |
The package linux-hardened before version 5.3.7.b-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201911-8: squid: multiple issues (Nov 7) |
| |
The package squid before version 4.9-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing and information disclosure.
|
| |
ArchLinux: 201911-7: electron: arbitrary code execution (Nov 4) |
| |
The package electron before version 7.0.1-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201911-6: samba: multiple issues (Nov 4) |
| |
The package samba before version 4.10.10-1 is vulnerable to multiple issues including arbitrary filesystem access, insufficient validation and denial of service.
|
| |
ArchLinux: 201911-5: ghostscript: sandbox escape (Nov 4) |
| |
The package ghostscript before version 9.50-1 is vulnerable to sandbox escape.
|
| |
ArchLinux: 201911-4: python2: information disclosure (Nov 4) |
| |
The package python2 before version 2.7.17-1 is vulnerable to information disclosure.
|
| |
ArchLinux: 201911-3: glibc: information disclosure (Nov 4) |
| |
The package glibc before version 2.30-1 is vulnerable to information disclosure.
|
| |
ArchLinux: 201911-2: qt5-webengine: arbitrary code execution (Nov 4) |
| |
The package qt5-webengine before version 5.13.2-2 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201911-2: qt5-webengine: arbitrary code execution (Nov 2) |
| |
The package qt5-webengine before version 5.13.2-2 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201911-1: chromium: arbitrary code execution (Nov 1) |
| |
The package chromium before version 78.0.3904.87-1 is vulnerable to arbitrary code execution.
|
| |
|
| |
CentOS: CESA-2019-3287: Critical CentOS 6 php (Nov 1) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3287
|
| |
CentOS: CESA-2019-3281: Critical CentOS 6 firefox (Nov 1) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3281
|
| |
CentOS: CESA-2019-3286: Critical CentOS 7 php (Nov 1) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3286
|
| |
CentOS: CESA-2019-3197: Important CentOS 7 sudo (Oct 31) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3197
|
| |
CentOS: CESA-2019-3210: Important CentOS 7 thunderbird (Oct 31) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3210
|
| |
CentOS: CESA-2019-3193: Critical CentOS 7 firefox (Oct 31) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3193
|
| |
|
| |
SciLinux: SLSA-2019-3756-1 Important: thunderbird on SL6.x i386/x86_64 (Nov 7) |
| |
This update upgrades Thunderbird to version 68.2.0. * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buf [More...]
|
| |
SciLinux: SLSA-2019-3755-1 Important: sudo on SL6.x i386/x86_64 (Nov 6) |
| |
sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword (CVE-2019-14287) SL6 x86_64 sudo-1.8.6p3-29.el6_10.2.x86_64.rpm sudo-debuginfo-1.8.6p3-29.el6_10.2.x86_64.rpm sudo-debuginfo-1.8.6p3-29.el6_10.2.i686.rpm sudo-devel-1.8.6p3-29.el6_10.2.i686.rpm sudo-devel-1.8.6p3-29.el6_10.2.x86_64.rpm i386 sudo-1.8.6p3-29.el6_10.2.i686.rpm sudo-debuginfo-1 [More...]
|
| |
SciLinux: SLSA-2019-3281-1 Critical: firefox on SL6.x i386/x86_64 (Nov 1) |
| |
Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * [More...]
|
| |
SciLinux: SLSA-2019-3287-1 Critical: php on SL6.x i386/x86_64 (Nov 1) |
| |
php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) SL6 x86_64 php-5.3.3-50.el6_10.x86_64.rpm php-bcmath-5.3.3-50.el6_10.x86_64.rpm php-cli-5.3.3-50.el6_10.x86_64.rpm php-common-5.3.3-50.el6_10.x86_64.rpm php-dba-5.3.3-50.el6_10.x86_64.rpm php-debuginfo-5.3.3-50.el6_10.x86_64.rpm php-devel-5.3.3-50.el6_10.x86_64.rpm php-embedded-5.3.3-50.el6_10.x86 [More...]
|
| |
SciLinux: SLSA-2019-3286-1 Critical: php on SL7.x x86_64 (Oct 31) |
| |
php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) SL7 x86_64 php-5.4.16-46.1.el7_7.x86_64.rpm php-bcmath-5.4.16-46.1.el7_7.x86_64.rpm php-cli-5.4.16-46.1.el7_7.x86_64.rpm php-common-5.4.16-46.1.el7_7.x86_64.rpm php-dba-5.4.16-46.1.el7_7.x86_64.rpm php-debuginfo-5.4.16-46.1.el7_7.x86_64.rpm php-devel-5.4.16-46.1.el7_7.x86_64.rpm php-embedded-5.4.1 [More...]
|
| |
|
| |
openSUSE: 2019:2447-1: important: chromium (Nov 6) |
| |
An update that fixes 86 vulnerabilities is now available.
|
| |
openSUSE: 2019:2438-1: moderate: python3 (Nov 5) |
| |
An update that solves two vulnerabilities and has three fixes is now available.
|
| |
openSUSE: 2019:2441-1: important: php7 (Nov 5) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2444-1: important: the Linux Kernel (Nov 5) |
| |
An update that solves 7 vulnerabilities and has 96 fixes is now available.
|
| |
openSUSE: 2019:2434-1: moderate: docker-runc (Nov 5) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2432-1: moderate: binutils (Nov 5) |
| |
An update that fixes 28 vulnerabilities is now available.
|
| |
openSUSE: 2019:2442-1: important: samba (Nov 5) |
| |
An update that solves three vulnerabilities and has two fixes is now available.
|
| |
openSUSE: 2019:2435-1: moderate: nfs-utils (Nov 5) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2427-1: important: chromium (Nov 4) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:2426-1: important: chromium (Nov 3) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:2425-1: important: chromium, re2 (Nov 3) |
| |
An update that fixes 21 vulnerabilities is now available.
|
| |
openSUSE: 2019:2424-1: important: chromium, re2 (Nov 2) |
| |
An update that fixes 21 vulnerabilities is now available.
|
| |
openSUSE: 2019:2421-1: important: chromium (Nov 2) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:2420-1: important: chromium, re2 (Nov 1) |
| |
An update that fixes 21 vulnerabilities is now available.
|
| |
openSUSE: 2019:2418-1: moderate: docker-runc (Oct 31) |
| |
An update that fixes one vulnerability is now available.
|
| |
|
| |
Mageia 2019-0321: expat security update (Nov 7) |
| |
It was discovered that Expat did not properly handle internal entities closing the doctype, potentially resulting in denial of service or information disclosure if a malformed XML file is processed (CVE-2019-15903).
|
| |
Mageia 2019-0320: chromium-browser-stable security update (Nov 7) |
| |
Chromium-browser 78.0.3904.87 fixes security issues: Multiple flaws were found in the way Chromium 77.0.3865.120 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose
|
| |
Mageia 2019-0319: freetds security update (Nov 7) |
| |
Updated freetds packages fix security vulnerability: Felix Wilhelm discovered that FreeTDS incorrectly handled certain types after a protocol downgrade. A remote attacker could use this issue to cause FreeTDS to crash, resulting in a denial of service, or possibly
|
| |
Mageia 2019-0318: python security update (Nov 7) |
| |
Updated python and python3 packages fix security vulnerabilities: It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications into accepting email addresses that should be denied (CVE-2019-16056).
|
| |
Mageia 2019-0317: unbound security update (Nov 7) |
| |
Updated unbound packages fix security vulnerability: Versions before 1.9.4 allow accesses to uninitialized memory, which would permit remote attackers to trigger a crash (CVE-2019-16866).
|
| |
Mageia 2019-0316: thunderbird security update (Nov 7) |
| |
The updated packages fix security issues: Use-after-free when creating index updates in IndexedDB. (CVE-2019-11757)
|
| |
Mageia 2019-0315: firefox security update (Nov 7) |
| |
The updated packages fix several bugs and some security issues: Use-after-free when creating index updates in IndexedDB. (CVE-2019-11757)
|
| |
Mageia 2019-0314: proftpd security update (Nov 7) |
| |
Updated proftpd package fixes security vulnerabilities: It was discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands (CVE-2019-12815).
|
| |
Mageia 2019-0313: libxslt security update (Nov 2) |
| |
Updated libxslt package fixes security vulnerabilities: * In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains
|
| |
Mageia 2019-0312: libsoup security update (Nov 2) |
| |
Updated libsoup package fixes security vulnerability: It was discovered that libsoup incorrectly handled parsing certain NTLM messages. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to
|
| |
Mageia 2019-0311: aspell security update (Nov 2) |
| |
Updated aspell packages fix security vulnerability: libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character (CVE-2019-17544).
|
| |
Mageia 2019-0310: golang security update (Nov 2) |
| |
Updated golang packages fix security vulnerability: Daniel Mandragona discovered that invalid DSA public keys can cause a panic in dsa.Verify(), resulting in denial of service (CVE-2019-17596).
|
| |
Mageia 2019-0309: ansible security update (Nov 2) |
| |
Updated ansible package fixes security vulnerabilities: ansible-playbook -k and ansible cli tools prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to prevent templates trigger and exposing them
|
