| |
Debian: DSA-4763-1: teeworlds security update (Sep 14) |
| |
It was discovered that insufficient sanitising of received network packets in the game server of Teeworlds, an online multi-player platform 2D shooter, could result in denial of service.
|
| |
Fedora 32: dotnet3.1 2020-e2deb72e0f (Sep 16) |
| |
This update updates .NET Core 3.1 to SDK 3.1.108 and Runtime 3.1.8. This update includes a fix for CVE-2020-1045 Release Notes: https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.8/3.1.8.md
|
| |
Fedora 32: kernel 2020-3c6fedeb83 (Sep 16) |
| |
The 5.8.9 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 32: python35 2020-16167a66a2 (Sep 16) |
| |
[Python 3.5.10](https://www.python.org/downloads/release/python-3510/). [Changelog](https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-10). ---- Update to 3.5.10rc1
|
| |
Fedora 31: kernel 2020-5920a7a0b2 (Sep 16) |
| |
The 5.8.9 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 31: mbedtls 2020-48a1ae610c (Sep 16) |
| |
- Update to 2.16.8
|
| |
Fedora 31: python35 2020-4cf7c3910b (Sep 16) |
| |
[Python 3.5.10](https://www.python.org/downloads/release/python-3510/). [Changelog](https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-10). ---- Update to 3.5.10rc1
|
| |
Fedora 32: libssh 2020-f4f5e49cb8 (Sep 15) |
| |
Update to version 0.9.5 * * Fixes CVE-2020-16135
|
| |
Fedora 32: xen 2020-eeb29955ed (Sep 15) |
| |
QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364] (#1871850)
|
| |
Fedora 32: grub2 2020-41e57d7649 (Sep 14) |
| |
grub2 updates for boothole vulnerabilities in f31/f32.
|
| |
Fedora 32: drupal7 2020-0b32a59b54 (Sep 13) |
| |
- https://www.drupal.org/project/drupal/releases/7.72 - [Drupal core - Critical - Cross Site Request Forgery - SA- CORE-2020-004](https://www.drupal.org/sa-core-2020-004) / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - [Drupal core -
|
| |
Fedora 32: mingw-gnutls 2020-0ab6656303 (Sep 13) |
| |
https://lists.gnupg.org/pipermail/gnutls-help/2020-September/004669.html
|
| |
Fedora 31: drupal7 2020-fbb94073a1 (Sep 13) |
| |
- https://www.drupal.org/project/drupal/releases/7.72 - [Drupal core - Critical - Cross Site Request Forgery - SA- CORE-2020-004](https://www.drupal.org/sa-core-2020-004) / CVE-2020-13663 - https://www.drupal.org/project/drupal/releases/7.71 - https://www.drupal.org/project/drupal/releases/7.70 - [Drupal core -
|
| |
Fedora 31: ansible 2020-0450cfd7e3 (Sep 12) |
| |
Update to upstream bugfix and security release 2.9.13.
|
| |
Fedora 31: python-django 2020-6941c0a65b (Sep 12) |
| |
update to 2.2.16, CVE-2020-24583, CVE-2020-24584
|
| |
Fedora 31: selinux-policy 2020-b2d6cffc6f (Sep 12) |
| |
New F31 selinux-policy build
|
| |
Fedora 32: dotnet3.1 2020-cad5d17c6d (Sep 12) |
| |
Update to .NET Core SDK 3.1.107 and Runtime 3.1.7. This fixes CVE-2020-1597 - Release Notes: https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.7/3.1.7.md
|
| |
Fedora 32: dotnet-build-reference-packages 2020-cad5d17c6d (Sep 12) |
| |
Update to .NET Core SDK 3.1.107 and Runtime 3.1.7. This fixes CVE-2020-1597 - Release Notes: https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.7/3.1.7.md
|
| |
Fedora 32: python-django 2020-94407454d7 (Sep 12) |
| |
update to 3.0.10, fixes CVE-2020-24583, CVE-2020-24584
|
| |
Fedora 32: java-1.8.0-openjdk-aarch32 2020-43901402db (Sep 11) |
| |
8u265 update, disable LTO
|
| |
Fedora 32: community-mysql 2020-9c27be9396 (Sep 11) |
| |
Update built with the new CMake settings Number of files which should have been owned by the testsuite subpackage are now owned by it Started building MeCab plugin
|
| |
Fedora 32: php-symfony4 2020-16eb328853 (Sep 11) |
| |
**Version 4.4.13** (2020-09-02) * security **CVE-2020-15094** Remove headers with internal meaning from HttpClient responses (mpdude) * bug #38024 [Console] Fix undefined index for inconsistent command name definition (chalasr) * bug #38023 [DI] fix inlining of non-shared services (nicolas-grekas) * bug #38020 [PhpUnitBridge] swallow deprecations (xabbuh) * bug #38010 [Cache] Psr16Cache
|
| |
Fedora 31: kernel-headers 2020-00e872744f (Sep 11) |
| |
The 5.8.6 stable kernel update contains a number of important fixes across the tree. ---- The 5.7.17 stable kernel update contains a number of important fixes across the tree. ---- The 5.7.16 stable kernel updates contain a number of important fixes across the tree.
|
| |
Fedora 31: kernel-tools 2020-00e872744f (Sep 11) |
| |
The 5.8.6 stable kernel update contains a number of important fixes across the tree. ---- The 5.7.17 stable kernel update contains a number of important fixes across the tree. ---- The 5.7.16 stable kernel updates contain a number of important fixes across the tree.
|
| |
Fedora 31: kernel 2020-00e872744f (Sep 11) |
| |
The 5.8.6 stable kernel update contains a number of important fixes across the tree. ---- The 5.7.17 stable kernel update contains a number of important fixes across the tree. ---- The 5.7.16 stable kernel updates contain a number of important fixes across the tree.
|
| |
Fedora 31: community-mysql 2020-d5b2e71a17 (Sep 11) |
| |
Update built with the new CMake settings Number of files which should have been owned by the testsuite subpackage are now owned by it Started building MeCab plugin
|
| |
Fedora 31: java-1.8.0-openjdk-aarch32 2020-3379860d5e (Sep 11) |
| |
8u265 update, disable LTO
|
| |
Fedora 31: chromium 2020-88bf0a76d1 (Sep 11) |
| |
Update to Chromium 85.0.4183.83. Bugs fixed, security holes patched, and features added. Hold on to your butts. List of CVEs resolved with this update: CVE-2020-6532 CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 CVE-2020-6541 CVE-2020-6542 CVE-2020-6543 CVE-2020-6544 CVE-2020-6545 CVE-2020-6546 CVE-2020-6547 CVE-2020-6548 CVE-2020-6549 CVE-2020-6550
|
| |
Fedora 31: libX11 2020-9a0b272cc1 (Sep 10) |
| |
libX11 1.6.12 (CVE-2020-14363, CVE 2020-14344)
|
| |
Fedora 31: xen 2020-3689b67b53 (Sep 10) |
| |
QEMU: usb: out-of-bounds r/w access issue [XSA-335, CVE-2020-14364] (#1871850)
|
| |
Fedora 32: kernel 2020-b858b48b23 (Sep 10) |
| |
The 5.8.7 stable kernel update contains a number of important fixes across the tree.
|
| |
Gentoo: GLSA-202009-12: ZeroMQ: Denial of service (Sep 13) |
| |
A vulnerability in ZeroMQ could lead to a Denial of Service condition.
|
| |
Gentoo: GLSA-202009-11: ProFTPD: Denial of service (Sep 13) |
| |
A vulnerability in ProFTPD could lead to a Denial of Service condition.
|
| |
Gentoo: GLSA-202009-10: PHP: Denial of service (Sep 13) |
| |
A vulnerabilities in PHP could lead to a Denial of Service condition.
|
| |
Gentoo: GLSA-202009-09: Nextcloud Desktop Sync client: Multiple vulnerabilities (Sep 13) |
| |
Multiple vulnerabilities have been found in Nextcloud Desktop Sync client, the worst of which may allow execution of arbitrary code.
|
| |
Gentoo: GLSA-202009-08: GNOME Shell: Information disclosure (Sep 13) |
| |
An information disclosure vulnerability in GNOME Shell might allow local attackers to obtain sensitive information.
|
| |
Gentoo: GLSA-202009-07: Perl DBI: Multiple vulnerabilities (Sep 13) |
| |
Multiple vulnerabilities have been found in the Perl module DBI, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202009-06: GNOME File Roller: Directory traversal (Sep 13) |
| |
A vulnerability in GNOME File Roller could lead to a directory traversal attack.
|
| |
Gentoo: GLSA-202009-05: GStreamer RTSP Server: Denial of service (Sep 13) |
| |
A vulnerability in GStreamer RTSP Server could lead to a Denial of Service condition.
|
| |
Gentoo: GLSA-202009-04: Qt GUI: Buffer overflow (Sep 13) |
| |
Qt GUI has a buffer overflow with unspecified impact.
|
| |
RedHat: RHSA-2020-3779:01 Important: Red Hat Data Grid 7.3.7 security update (Sep 17) |
| |
An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-3727:01 Moderate: OpenShift Container Platform 3.11.286 (Sep 16) |
| |
An update for logging-kibana5-container and openshift-enterprise-registry-container is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact
|
| |
RedHat: RHSA-2020-3757:01 Important: mysql:8.0 security update (Sep 15) |
| |
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3756:01 Important: librepo security update (Sep 15) |
| |
An update for librepo is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3755:01 Important: mysql:8.0 security update (Sep 15) |
| |
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3749:01 Important: librepo security update (Sep 15) |
| |
An update for librepo is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3740:01 Important: chromium-browser security update (Sep 14) |
| |
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3732:01 Important: mysql:8.0 security update (Sep 14) |
| |
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3733:01 Important: httpd24-httpd security update (Sep 14) |
| |
An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3736:01 Important: dovecot security update (Sep 14) |
| |
An update for dovecot is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3735:01 Important: dovecot security update (Sep 14) |
| |
An update for dovecot is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3734:01 Important: httpd:2.4 security update (Sep 14) |
| |
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3730:01 Important: Red Hat JBoss Enterprise Application (Sep 14) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3731:01 Important: Red Hat JBoss Enterprise Application (Sep 14) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3726:01 Important: httpd:2.4 security update (Sep 11) |
| |
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3723:01 Important: chromium-browser security update (Sep 10) |
| |
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3714:01 Important: httpd:2.4 security update (Sep 10) |
| |
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3713:01 Important: dovecot security update (Sep 10) |
| |
An update for dovecot is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-3711:01 Important: openstack-nova security update (Sep 10) |
| |
An update for openstack-nova is now available for Red Hat OpenStack Platform 10 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3708:01 Important: openstack-nova security update (Sep 10) |
| |
An update for openstack-nova is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3706:01 Important: openstack-nova security update (Sep 10) |
| |
An update for openstack-nova is now available for Red Hat OpenStack Platform 15 (Stein). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3704:01 Important: openstack-nova security update (Sep 10) |
| |
An update for openstack-nova is now available for Red Hat OpenStack Platform 16 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-3702:01 Important: openstack-nova security update (Sep 10) |
| |
An update for openstack-nova is now available for Red Hat OpenStack Platform 16.1 (Train). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
Slackware: 2020-256-01: mozilla-thunderbird Security Update (Sep 12) |
| |
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.
|
| |
SUSE: 2020:2673-1 important: samba (Sep 17) |
| |
An update that fixes 15 vulnerabilities is now available.
|
| |
SUSE: 2020:2661-1 important: perl-DBI (Sep 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2660-1 moderate: libsolv (Sep 16) |
| |
An update that solves three vulnerabilities and has three fixes is now available.
|
| |
SUSE: 2020:0079-2 moderate: libzypp (Sep 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2650-1 important: SUSE Manager Server 4.0 (Sep 16) |
| |
An update that solves three vulnerabilities and has 26 fixes is now available.
|
| |
SUSE: 2020:2650-1 moderate: SUSE Manager Proxy 4.0 (Sep 16) |
| |
An update that solves one vulnerability and has 8 fixes is now available.
|
| |
SUSE: 2020:2647-1 important: for SUSE Manager 4.1 (Sep 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2648-1 important: SUSE Manager 3.2 (Sep 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2646-1 important: perl-DBI (Sep 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2645-1 important: perl-DBI (Sep 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:14493-1 important: perl-DBI (Sep 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:14491-1 important: openssl (Sep 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:14490-1 moderate: shim (Sep 15) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2020:2634-1 important: compat-openssl098 (Sep 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2631-1 important: the Linux Kernel (Sep 14) |
| |
An update that solves 5 vulnerabilities and has 124 fixes is now available.
|
| |
SUSE: 2020:14489-1 moderate: MozillaFirefox (Sep 14) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:2627-1 moderate: shim (Sep 14) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2020:2626-1 moderate: shim (Sep 14) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2020:2628-1 moderate: shim (Sep 14) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2020:2629-1 moderate: shim (Sep 14) |
| |
An update that solves one vulnerability and has 8 fixes is now available.
|
| |
SUSE: 2020:2623-1 important: the Linux Kernel (Sep 14) |
| |
An update that solves 8 vulnerabilities and has 17 fixes is now available.
|
| |
SUSE: 2020:2623-1 important: the Linux Kernel (Sep 14) |
| |
An update that solves 8 vulnerabilities and has 17 fixes is now available.
|
| |
SUSE: 2020:2610-1 important: the Linux Kernel (Sep 11) |
| |
An update that solves 8 vulnerabilities and has 12 fixes is now available.
|
| |
SUSE: 2020:2612-1 moderate: libxml2 (Sep 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2611-1 moderate: tomcat (Sep 11) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2609-1 moderate: libxml2 (Sep 11) |
| |
An update that solves four vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:2610-1 important: the Linux Kernel (Sep 11) |
| |
An update that solves 8 vulnerabilities and has 12 fixes is now available.
|
| |
SUSE: 2020:2606-1 moderate: golang-github-prometheus-prometheus (Sep 11) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2020:2607-1 moderate: pdsh, slurm_20_02 (Sep 11) |
| |
An update that solves 9 vulnerabilities, contains four features and has 22 fixes is now available.
|
| |
SUSE: 2020:2605-1 important: the Linux Kernel (Sep 11) |
| |
An update that solves 8 vulnerabilities and has 122 fixes is now available.
|
| |
SUSE: 2020:2598-1 moderate: slurm (Sep 10) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2602-1 moderate: slurm (Sep 10) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2601-1 moderate: slurm (Sep 10) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:2600-1 moderate: slurm_18_08 (Sep 10) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2604-1 gimp (Sep 10) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2599-1 moderate: slurm_18_08 (Sep 10) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:2603-1 gimp (Sep 10) |
| |
An update that fixes one vulnerability is now available.
|
| |
Ubuntu: USN-4517-1 Email-Address-List vulnerability (Sep 18) |
| |
Email-Address-List could be made to remotely exhaust resources if it received specially crafted email data.
|
| |
Ubuntu 4519-1: PulseAudio vulnerability (Sep 17) |
| |
PulseAudio could be made to crash or run programs as your login if it received specially crafted input.
|
| |
Ubuntu: USN-4518-1 USN-4518-1] xawtv vulnerability (Sep 17) |
| |
xawtv could be made to expose sensitive information and escalate user privileges if it received specially crafted input.
|
| |
Ubuntu 4516-1: GnuPG vulnerability (Sep 17) |
| |
GnuPG could be made to expose sensitive information.
|
| |
Ubuntu 4515-1: Pure-FTPd vulnerability (Sep 17) |
| |
Pure-FTPd could be made to expose sensitive information if it recieved specially crafted input.
|
| |
Ubuntu 4514-1: libproxy vulnerability (Sep 17) |
| |
libproxy could be made to crash if it received a specially crafted PAC file.
|
| |
Ubuntu 4513-1: apng2gif vulnerability (Sep 17) |
| |
apng2gif could be made to expose sensitive information if it opened a specifically crafted APNG file.
|
| |
Ubuntu 4510-2: Samba vulnerability (Sep 17) |
| |
Samba would allow unintended access to files over the network.
|
| |
Ubuntu 4512-1: util-linux vulnerability (Sep 17) |
| |
util-linux could be made to run programs when performing bash completion.
|
| |
Ubuntu 4511-1: QEMU vulnerability (Sep 17) |
| |
QEMU could be made to crash or run programs.
|
| |
Ubuntu 4510-1: Samba vulnerability (Sep 17) |
| |
Samba would allow unintended access to files over the network.
|
| |
Ubuntu 4509-1: Perl DBI module vulnerabilities (Sep 16) |
| |
Several security issues were fixed in Perl DBI module.
|
| |
Ubuntu 4508-1: StoreBackup vulnerability (Sep 16) |
| |
StoreBackup could be made to stop executing or generate a race condition if it received a lock file in the default location.
|
| |
Ubuntu 4507-1: ncmpc vulnerability (Sep 16) |
| |
ncmpc could be made to crash if it received a long chat message.
|
| |
Ubuntu 4506-1: MCabber vulnerability (Sep 16) |
| |
MCabber could be made to modify the roster and intercept messages if it received specially crafted XMPP packets.
|
| |
Ubuntu 4505-1: PHPMailer vulnerability (Sep 16) |
| |
Attachments with specially crafted filenames could bypass filename-based mail attachment filters.
|
| |
Ubuntu 4504-1: OpenSSL vulnerabilities (Sep 16) |
| |
Several security issues were fixed in OpenSSL.
|
| |
Ubuntu 4503-1: Perl DBI module vulnerability (Sep 16) |
| |
Perl DBI module could be made to execute arbitrary code if it received a specially manipulated call.
|
| |
Ubuntu 4502-1: websocket-extensions vulnerability (Sep 16) |
| |
websocket-extensions could be made to exhaust the server's capacity to process incoming requests if it received specially crafted requests.
|
| |
Ubuntu 4501-1: LuaJIT vulnerability (Sep 15) |
| |
LuaJIT could be made crash or expose sensitive information if it received specially crafted input.
|
| |
Ubuntu 4500-1: bsdiff vulnerabilities (Sep 15) |
| |
bsdiff could be made to crash or run programs as your login if it opened a specially crafted file.
|
| |
Ubuntu 4498-1: Loofah vulnerability (Sep 15) |
| |
Loofah could be made to perform XSS attacks if a crafted SVG element is republished
|
| |
Ubuntu 4499-1: MilkyTracker vulnerabilities (Sep 15) |
| |
MilkyTracker could be made to crash or run programs as your login if it opened a specially crafted file.
|
| |
Ubuntu 4497-1: OpenJPEG vulnerabilities (Sep 15) |
| |
Several security issues were fixed in OpenJPEG.
|
| |
Ubuntu 4496-1: Apache XML-RPC vulnerability (Sep 15) |
| |
Apache XML-RPC could be made to execute arbitrary code if it received specially crafted data by a malicious XML-RPC server.
|
| |
Ubuntu 4495-1: Apache Log4j vulnerability (Sep 15) |
| |
Apache Log4j could be made to remotely execute arbitrary code if it received specially crafted log data.
|
| |
Ubuntu 4494-1: GUPnP vulnerability (Sep 15) |
| |
gupnp could be made to expose sensitive information or perform network attacks if it received specially crafted network traffic.
|
| |
Ubuntu 0071-1: linux kernel vulnerability (Sep 10) |
| |
|
| |
Debian LTS: DLA-2373-1: qemu security update (Sep 13) |
| |
The following security issues have been found in qemu, which could potentially result in DoS and execution of arbitrary code. CVE-2020-1711
|
| |
Debian LTS: DLA-2371-1: wordpress security update (Sep 11) |
| |
Multiple vulnerabilities were discovered in Wordpress, a popular content management framework. CVE-2019-17670
|
| |
ArchLinux: 202009-7: netbeans: arbitrary code execution (Sep 17) |
| |
The package netbeans before version 12.0_u1-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 202009-6: chromium: multiple issues (Sep 17) |
| |
The package chromium before version 85.0.4183.102-1 is vulnerable to multiple issues including access restriction bypass and arbitrary code execution.
|
| |
CentOS: CESA-2020-3617: Important CentOS 7 dovecot (Sep 14) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:3617
|
| |
CentOS: CESA-2020-3631: Important CentOS 7 thunderbird (Sep 14) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:3631
|
| |
CentOS: CESA-2020-3643: Important CentOS 6 thunderbird (Sep 14) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:3643
|
| |
openSUSE: 2020:1439-1: moderate: mumble (Sep 16) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2020:1430-1: moderate: libxml2 (Sep 14) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1421-1: moderate: slurm (Sep 13) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1420-1: gimp (Sep 13) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1416-1: moderate: openldap2 (Sep 12) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1415-1: moderate: python-Flask-Cors (Sep 12) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1413-1: moderate: libjpeg-turbo (Sep 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:1407-1: important: go1.14 (Sep 11) |
| |
An update that solves three vulnerabilities and has four fixes is now available.
|
| |
openSUSE: 2020:1405-1: important: go1.14 (Sep 10) |
| |
An update that solves three vulnerabilities and has four fixes is now available.
|
| |
Mageia 2020-0368: libraw security update (Sep 17) |
| |
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)
|
| |
Mageia 2020-0367: zeromq security update (Sep 15) |
| |
If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able to exchange any message. Handshakes complete successfully, and messages are delivered to the library, but the server application never receives them (CVE-2020-15166).
|
| |
Mageia 2020-0366: libetpan security update (Sep 15) |
| |
LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a meddler-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection". (CVE-2020-15953).
|
