Linux Advisory Watch: October 30th, 2020

Vaisha Bernard discovered that Blueman, a graphical bluetooth manager performed insufficient validation on a D-Bus interface, which could result in denial of service or privilege escalation.

Fix CVE-2020-26116: Reject control chars in HTTP method in httplib

Patch CVE-2020-24265 and CVE-2020-24266.

x86: Race condition in Xen mapping code [XSA-345] undue deferral of IOMMU TLB flushes [XSA-346] unsafe AMD IOMMU page table updates [XSA-347]

Patch CVE-2020-24265 and CVE-2020-24266.

New upstream release (#1889941). It turned out to be security release, so added the security bugs.

Patch CVE-2020-24265 and CVE-2020-24266.

Update to Node.js 12.19.0

createrepo_c 0.16.1 - Update to 0.16.1 - Add the section number to the manual pages - Parse xml snippet in smaller parts (RhBug:1859689) - Add module metadata support to createrepo_c (RhBug:1795936) librepo 1.12.1 - Update to 1.12.1 - Validate path read from repomd.xml (RhBug:1868639) libdnf 0.54.2 - Update to 0.54.2 - history: Fix dnf history rollback when a package was removed

createrepo_c 0.16.1 - Update to 0.16.1 - Add the section number to the manual pages - Parse xml snippet in smaller parts (RhBug:1859689) - Add module metadata support to createrepo_c (RhBug:1795936) librepo 1.12.1 - Update to 1.12.1 - Validate path read from repomd.xml (RhBug:1868639) libdnf 0.54.2 - Update to 0.54.2 - history: Fix dnf history rollback when a package was removed

createrepo_c 0.16.1 - Update to 0.16.1 - Add the section number to the manual pages - Parse xml snippet in smaller parts (RhBug:1859689) - Add module metadata support to createrepo_c (RhBug:1795936) librepo 1.12.1 - Update to 1.12.1 - Validate path read from repomd.xml (RhBug:1868639) libdnf 0.54.2 - Update to 0.54.2 - history: Fix dnf history rollback when a package was removed

createrepo_c 0.16.1 - Update to 0.16.1 - Add the section number to the manual pages - Parse xml snippet in smaller parts (RhBug:1859689) - Add module metadata support to createrepo_c (RhBug:1795936) librepo 1.12.1 - Update to 1.12.1 - Validate path read from repomd.xml (RhBug:1868639) libdnf 0.54.2 - Update to 0.54.2 - history: Fix dnf history rollback when a package was removed

createrepo_c 0.16.1 - Update to 0.16.1 - Add the section number to the manual pages - Parse xml snippet in smaller parts (RhBug:1859689) - Add module metadata support to createrepo_c (RhBug:1795936) librepo 1.12.1 - Update to 1.12.1 - Validate path read from repomd.xml (RhBug:1868639) libdnf 0.54.2 - Update to 0.54.2 - history: Fix dnf history rollback when a package was removed

- Update to 4.3.5 Release notes: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html Security Advisory: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html

Update kpmcore to 4.2.0 and rebuild all dependent packages. This update also fixes a not yet disclosed CVE.

Update kpmcore to 4.2.0 and rebuild all dependent packages. This update also fixes a not yet disclosed CVE.

New in release OpenJDK 8u272 (2020-10-20): notes can be found at: * https://bitly.com/openjdk8u272 * https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u272.txt ## New features * JDK-8245468: Add TLSv1.3 implementation classes from 11.0.7 ##

New in release OpenJDK 11.0.9 (2020-10-20): notes can be found at: * https://bitly.com/openjdk1109 * https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt ## Security fixes - JDK-8233624: Enhance JNI linkage - JDK-8236196: Improve

x86: Race condition in Xen mapping code [XSA-345] undue deferral of IOMMU TLB flushes [XSA-346] unsafe AMD IOMMU page table updates [XSA-347]

Update to freetype 2.10.4 which fixes security flaw CVE-2020-15999.

mupdf 1.18.0 and depending packages

Update to version 1.10.9. Addresses CVE-2020-11979

Update to freetype 2.10.4 which fixes security flaw CVE-2020-15999.

- New upstream version (82.0) - Updated SELinux relabel setup (rhbz#1731371) - Fixed seeking in OpenH264 stream (rhbz#1886722) ---- - New Firefox upstream release (82.0) - Wayland and OpenH264 fixes

New upstream bug fix and security update.

Upgrade to upstream 3.6.4.

Upgrade to upstream 3.6.4.

- New upstream version (82.0) - Updated SELinux relabel setup (rhbz#1731371) - Fixed seeking in OpenH264 stream (rhbz#1886722) ---- - New Firefox upstream release (82.0) - Wayland and OpenH264 fixes

- Update to 4.3.5 Release notes: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html Security Advisory: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2020-07.html

Update kpmcore to 4.2.0 and rebuild all dependent packages. This update also fixes CVE-2020-27187.

Update kpmcore to 4.2.0 and rebuild all dependent packages. This update also fixes CVE-2020-27187.

Update kpmcore to 4.2.0 and rebuild all dependent packages. This update also fixes CVE-2020-27187.

Update to version 1.10.9. Addresses CVE-2020-11979

New upstream bug fix and security update.

Upgrade to upstream 3.6.4.

**Version 5.0.3** (2020-10-09) - issue #15983 Require twig ^2.9 - issue Fix option to import files locally appearing as not available - issue #16048 Fix to allow NULL as a default bit value - issue #16062 Fix "htmlspecialchars() expects parameter 1 to be string, null given" on Export xml - issue #16078 Fix no charts in monitor when using a decimal separator "," - issue #16041 Fix

Update to Nextcloud 19.0.3, fixes CVE-2020-8236, CVE-2020-8223, CVE-2020-8183, CVE-2020-8173

mupdf 1.18.0 and depending packages

mupdf 1.18.0 and depending packages

mupdf 1.18.0 and depending packages

New version 3.2.7 Security fix for CVE-2020-25862, CVE-2020-25863, CVE-2020-25866

Update to 1.0.9, fixes CVE-2020-8927

Update to 3.17.7 -- https://www.claws-mail.org/news.php

Update to latest upstream release 0.3.15 (#1885156)

update to 3.2.1 (rhbz#1829635)

Multiple vulnerabilities have been found in Mozilla Firefox and Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. [More...]

A buffer overflow in FreeType might allow remote attacker(s) to execute arbitrary code.

An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for python-django is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for OpenStack Block Storage (cinder) is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact

Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for openstack-cinder is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for openstack-selinux is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

An update for jenkins-2-plugins, openshift-clients, podman, runc, and skopeo is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update is now available for Red Hat Satellite 6.8 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Open Liberty 20.0.0.11 Runtime is now available from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

Red Hat OpenShift Container Platform release 4.5.16 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score,

An update is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for firefox is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Red Hat Advanced Cluster Management for Kubernetes 2.0.4 General Availability release. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

An update for jenkins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

An update that fixes three vulnerabilities is now available.

An update that solves one vulnerability and has three fixes is now available.

An update that fixes three vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes 6 vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that contains security fixes and contains one feature can now be installed.

An update that fixes one vulnerability is now available.

An update that fixes four vulnerabilities is now available.

An update that solves one vulnerability and has three fixes is now available.

An update that solves one vulnerability and has three fixes is now available.

An update that fixes three vulnerabilities is now available.

An update that solves one vulnerability and has three fixes is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes three vulnerabilities is now available.

An update that fixes three vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that solves one vulnerability and has three fixes is now available.

An update that fixes one vulnerability is now available.

An update that solves two vulnerabilities and has one errata is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes 7 vulnerabilities, contains four features is now available.

An update that fixes one vulnerability is now available.

An update that solves 8 vulnerabilities, contains three features and has 5 fixes is now available.

An update that contains security fixes can now be installed.

An update that fixes four vulnerabilities is now available.

An update that fixes four vulnerabilities is now available.

An update that fixes four vulnerabilities is now available.

An update that fixes four vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that solves one vulnerability, contains three features and has three fixes is now available.

An update that fixes one vulnerability is now available.

An update that solves two vulnerabilities and has three fixes is now available.

An update that solves two vulnerabilities and has one errata is now available.

An update that solves two vulnerabilities and has four fixes is now available.

An update that fixes 16 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that solves one vulnerability and has four fixes is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that solves 14 vulnerabilities and has 78 fixes is now available.

An update that fixes one vulnerability, contains one feature is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes 11 vulnerabilities is now available.

An update that solves two vulnerabilities and has one errata is now available.

An update that fixes one vulnerability is now available.

An update that solves 15 vulnerabilities and has 84 fixes is now available.

An update that fixes one vulnerability is now available.

An update that solves one vulnerability and has one errata is now available.

fastd could be made to remotely exhaust resources if it received specially crafted packets.

Several security issues were fixed in gosa.

USN-4552-1 and USN-4552-2 introduced a regression in Pam-python

The CA certificates in the ca-certificates package were updated.

Several security issues were fixed in OpenJDK.

The system could be made to run programs as an administrator.

Several security issues were fixed in Perl.

Several security issues were fixed in PHP.

Blueman could be made to run programs if it received specially crafted input.

Several security issues were fixed in MySQL.

Firefox could be made to crash or run programs as your login if it opened a malicious website.

kramdown could be made to crash, run programs, or leak sensitive information if it opened a specially crafted file.

Several security issues were fixed in Perl.

FreeType could be made to crash or run programs as your login if it opened a specially crafted file.

Firefox could be made to crash or run programs as your login if it opened a malicious website.

pip could be made to overwrite files as the administrator.

LibEtPan could be made to expose sensitive information over the network.

Several security issues were fixed in mod_auth_mellon.

Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, bypass of sandbox restrictions or information disclosure.

Two issues have been found in dompurify.js, an XSS sanitizer for HTML, MathML and SVG. Both issues are related to mXSS issues in SVG- or MATH-elements.

Several issues have been found in libsndfile, a library for reading/writing audio files. All issues are basically divide by zero errors, heap read overflows or

Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks.

Sergei Glazunov discovered a heap-based buffer overflow vulnerability in the handling of embedded PNG bitmaps in FreeType. Opening malformed fonts may result in denial of service or the execution of arbitrary code.

In fastd, a fast and secure tunnelling daemon, a receive buffer handling problem was discovered which allows a denial of service (memory exhaustion) when receiving packets with an invalid type code.

Several vulnerabilities were found in package phpmyadmin. CVE-2019-19617

OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792) * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 82 [More...]

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that solves two vulnerabilities and has one errata is now available.

An update that fixes one vulnerability is now available.

An update that fixes 16 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes three vulnerabilities is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that solves one vulnerability and has two fixes is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes two vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes 5 vulnerabilities is now available.

An update that solves one vulnerability and has two fixes is now available.

An update that fixes one vulnerability is now available.

An update that fixes one vulnerability is now available.

An update that fixes 5 vulnerabilities is now available.

An update that fixes one vulnerability is now available.

An update that fixes 13 vulnerabilities is now available.

An update that fixes 27 vulnerabilities is now available.

An update that fixes three vulnerabilities is now available.

An update that fixes 27 vulnerabilities is now available.

If an HTTP/2 client exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers. This could lead to users seeing responses for unexpected

Memory safety bugs fixed in Thunderbird 78.4. (CVE-2020-15683) Use-after-free in usersctp. (CVE-2020-15969) References:

Mozilla developers and community members Jason Kratzer, Simon Giesecke, Philipp, and Christian Holler reported memory safety bugs present in Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code (CVE-2020-15683).

Shielded template's |program{} and |attach_program{} so that the command-line that is executed does not allow sequencing such as with && || ;, preventing possible execution of nasty, or at least unexpected, commands. (No CVE).

An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of service for installation that always validate (dnssec=validate),