| |
Debian: DSA-4501-1: libreoffice security update (Aug 15) |
| |
It was discovered that the code fixes to address CVE-2018-16858 and CVE-2019-9848 were not complete. For the oldstable distribution (stretch), these problems have been fixed
|
| |
Debian: DSA-4500-1: chromium security update (Aug 13) |
| |
Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-5805
|
| |
Debian: DSA-4497-1: linux security update (Aug 13) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
|
| |
Debian: DSA-4499-1: ghostscript security update (Aug 12) |
| |
Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.
|
| |
Debian: DSA-4498-1: python-django security update (Aug 12) |
| |
Several vulnerabilities were discovered in python-django, a web development framework. They could lead to remote denial-of-service or SQL injection,
|
| |
Debian: DSA-4496-1: pango1.0 security update (Aug 11) |
| |
Benno Fuenfstueck discovered that Pango, a library for layout and rendering of text with an emphasis on internationalization, is prone to a heap-based buffer overflow flaw in the pango_log2vis_get_embedding_levels function. An attacker can take advantage of this flaw for denial of
|
| |
Debian: DSA-4494-1: kconfig security update (Aug 9) |
| |
Dominik Penner discovered that KConfig, the KDE configuration settings framework, supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file (e.g. if it's embedded into a downloaded archive and it gets opened in
|
| |
Debian: DSA-4493-1: postgresql-11 security update (Aug 8) |
| |
Two security issues have been discovered in the PostgreSQL database system, which could result in privilege escalation, denial of service or memory disclosure.
|
| |
Debian: DSA-4492-1: postgresql-9.6 security update (Aug 8) |
| |
A issue has been discovered in the PostgreSQL database system, which could result in privilege escalation. For additional information please refer to the upstream announcement at
|
| |
|
| |
Fedora 29: mariadb-connector-c FEDORA-2019-f873e2799f (Aug 15) |
| |
**MariaDB 10.3.17** Release notes: 10317-release-notes/ **MariaDB Connector/C 3.1.3** Release notes: connector-c-313-release-notes/ **MariaDB Connector/ODBC 3.1.2** Release notes: connector-odbc-312-release-notes/ -----
|
| |
Fedora 30: python-django FEDORA-2019-647f74ce51 (Aug 15) |
| |
fixes for CVE-2019-14232 to 14235
|
| |
Fedora 30: mariadb FEDORA-2019-60befaed69 (Aug 15) |
| |
**MariaDB 10.3.17** Release notes: 10317-release-notes/ **MariaDB Connector/C 3.1.3** Release notes: connector-c-313-release-notes/ **MariaDB Connector/ODBC 3.1.2** Release notes: connector-odbc-312-release-notes/ -----
|
| |
Fedora 30: mariadb-connector-odbc FEDORA-2019-60befaed69 (Aug 15) |
| |
**MariaDB 10.3.17** Release notes: 10317-release-notes/ **MariaDB Connector/C 3.1.3** Release notes: connector-c-313-release-notes/ **MariaDB Connector/ODBC 3.1.2** Release notes: connector-odbc-312-release-notes/ -----
|
| |
Fedora 30: mariadb-connector-c FEDORA-2019-60befaed69 (Aug 15) |
| |
**MariaDB 10.3.17** Release notes: 10317-release-notes/ **MariaDB Connector/C 3.1.3** Release notes: connector-c-313-release-notes/ **MariaDB Connector/ODBC 3.1.2** Release notes: connector-odbc-312-release-notes/ -----
|
| |
Fedora 30: edk2 FEDORA-2019-d47a9d4b8b (Aug 15) |
| |
* License is now BSD-2-Clause-Patent * Re-enable secureboot enrollment * Use qemu-ovmf-secureboot from git
|
| |
Fedora 30: squirrelmail FEDORA-2019-ad02f64a79 (Aug 15) |
| |
updated to 1.4 branch snapshot containing several security fixes
|
| |
Fedora 29: jhead FEDORA-2019-441c2fb0d1 (Aug 13) |
| |
added patches to fix CVE-2019-1010301 and CVE-2019-1010302 from Debian
|
| |
Fedora 29: igraph FEDORA-2019-5d52865475 (Aug 13) |
| |
Patch for CVE-2018-20349
|
| |
Fedora 30: jhead FEDORA-2019-17b95fecd3 (Aug 13) |
| |
added patches to fix CVE-2019-1010301 and CVE-2019-1010302 from Debian
|
| |
Fedora 30: igraph FEDORA-2019-060e7b383c (Aug 13) |
| |
Patch for CVE-2018-20349
|
| |
Fedora 29: poppler FEDORA-2019-8729e0edf5 (Aug 12) |
| |
Security fix for CVE-2019-9959.
|
| |
Fedora 29: pam-u2f FEDORA-2019-cd8f4b9568 (Aug 12) |
| |
New upstream release Fixes Debug file descriptor leak CVE-2019-1221 Fixes insecure debug file handling CVE-2019-1220
|
| |
Fedora 29: mingw-sqlite FEDORA-2019-49f80a78bc (Aug 12) |
| |
- update to 3.26.0.0
|
| |
Fedora 30: kf5-kconfig FEDORA-2019-48b691092f (Aug 12) |
| |
Backport upstream fix for CVE-2019-14744 security issue.
|
| |
Fedora 30: poppler FEDORA-2019-69ec14786b (Aug 12) |
| |
Security fix for CVE-2019-9959.
|
| |
Fedora 29: aubio FEDORA-2019-b1157fdfdc (Aug 11) |
| |
Security fix for CVE-2018-19800 CVE-2018-19801 CVE-2018-19802
|
| |
Fedora 30: aubio FEDORA-2019-00ca0acb47 (Aug 11) |
| |
Security fix for CVE-2018-19800 CVE-2018-19801 CVE-2018-19802
|
| |
Fedora 29: kernel-tools FEDORA-2019-6bda4c81f4 (Aug 10) |
| |
The 5.2.7 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.6 kernel rebase contains new hardware support, features, and a number of important bug fixes across the tree. ---- Update to v5.1.12
|
| |
Fedora 29: kernel-headers FEDORA-2019-6bda4c81f4 (Aug 10) |
| |
The 5.2.7 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.6 kernel rebase contains new hardware support, features, and a number of important bug fixes across the tree. ---- Update to v5.1.12
|
| |
Fedora 29: kernel FEDORA-2019-6bda4c81f4 (Aug 10) |
| |
The 5.2.7 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.6 kernel rebase contains new hardware support, features, and a number of important bug fixes across the tree. ---- Update to v5.1.12
|
| |
Fedora 29: upx FEDORA-2019-bf4633142b (Aug 10) |
| |
Patches for CVE-2019-14295, CVE-2019-14296
|
| |
Fedora 29: icedtea-web FEDORA-2019-efb92eed7a (Aug 10) |
| |
fixed CVEs 2019-10181, 2019-10182, 2019-10185 ---- Updated to fres upstream release: https://mail.openjdk.org/pipermail/distro-pkg-dev/2019-March/041320.html New in release 1.8 (2019-03-12): * added support for javafx-desc and so allwong run of pure-javafx only applications * --nosecurity enhanced for possibility to skip invalid signatures * enhanced to allow
|
| |
Fedora 29: java-1.8.0-openjdk FEDORA-2019-3854a1727e (Aug 10) |
| |
July CPU update. See: https://openjdk.org/groups/vulnerability/advisories/2019-07-16 and https://mail.openjdk.org/pipermail/jdk8u-dev/2019-July/009840.html
|
| |
Fedora 30: kernel-headers FEDORA-2019-e37c348348 (Aug 10) |
| |
The 5.2.7 stable update contains a number of important fixes across the tree.
|
| |
Fedora 30: kernel FEDORA-2019-e37c348348 (Aug 10) |
| |
The 5.2.7 stable update contains a number of important fixes across the tree.
|
| |
Fedora 30: kernel-tools FEDORA-2019-e37c348348 (Aug 10) |
| |
The 5.2.7 stable update contains a number of important fixes across the tree.
|
| |
Fedora 30: libslirp FEDORA-2019-77bafc4454 (Aug 10) |
| |
Security fix for CVE-2019-14378
|
| |
Fedora 30: upx FEDORA-2019-9a0f02c8c8 (Aug 10) |
| |
Patches for CVE-2019-14295, CVE-2019-14296
|
| |
Fedora 30: java-1.8.0-openjdk FEDORA-2019-146b81efba (Aug 10) |
| |
July CPU update. See: https://openjdk.org/groups/vulnerability/advisories/2019-07-16 and https://mail.openjdk.org/pipermail/jdk8u-dev/2019-July/009840.html
|
| |
Fedora 30: icedtea-web FEDORA-2019-2e349753ed (Aug 10) |
| |
fixed CVEs 2019-10181, 2019-10182, 2019-10185
|
| |
Fedora 30: os-autoinst FEDORA-2019-c404576415 (Aug 10) |
| |
This update provides recent git snapshots of os-autoinst and openQA, with the usual slate of bug fixes and changes from upstream. Also, the AMQP plugin is now enabled, as the dependencies have been packaged into Fedora. The update also addresses some potential security issues.
|
| |
Fedora 30: openqa FEDORA-2019-c404576415 (Aug 10) |
| |
This update provides recent git snapshots of os-autoinst and openQA, with the usual slate of bug fixes and changes from upstream. Also, the AMQP plugin is now enabled, as the dependencies have been packaged into Fedora. The update also addresses some potential security issues.
|
| |
Fedora 30: exiv2 FEDORA-2019-60553d5a18 (Aug 8) |
| |
New upstream bugfix and security release.
|
| |
|
| |
Gentoo: GLSA-201908-19: GNU Wget: Arbitrary code execution (Aug 15) |
| |
A vulnerability in GNU Wget might allow an attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-201908-18: Chromium, Google Chrome: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. [More...]
|
| |
Gentoo: GLSA-201908-17: ZeroMQ: Arbitrary code execution (Aug 15) |
| |
A vulnerability in ZeroMQ might allow an attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-201908-16: ProFTPD: Remote code execution (Aug 15) |
| |
A vulnerability in ProFTPD could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-15: ZNC: Privilege escalation (Aug 15) |
| |
A vulnerability in ZNC allows users to escalate privileges.
|
| |
Gentoo: GLSA-201908-14: polkit: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in polkit, the worst of which could result in privilege escalation.
|
| |
Gentoo: GLSA-201908-13: LibreOffice: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-12: Mozilla Firefox: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-11: libarchive: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in libarchive, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-10: Oracle JDK/JRE: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in Oracles JDK and JRE software suites.
|
| |
Gentoo: GLSA-201908-09: SQLite: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in SQLite, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-08: CUPS: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in CUPS, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-07: KDE KConfig: User-assisted execution of arbitrary code (Aug 15) |
| |
A vulnerablity has been found in KDE KConfig that could allow a remote attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-201908-06: glibc: Multiple vulnerabilities (Aug 15) |
| |
Multiple vulnerabilities have been found in glibc, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-201908-05: LibVNCServer: Multiple vulnerabilities (Aug 9) |
| |
Multiple vulnerabilities have been found in LibVNCServer, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-04: Redis: Multiple vulnerabilities (Aug 9) |
| |
Multiple vulnerabilities have been found in Redis, the worst of which may allow execution of arbitrary code.
|
| |
Gentoo: GLSA-201908-03: JasPer: Multiple vulnerabilities (Aug 9) |
| |
Multiple vulnerabilities have been found in JasPer, the worst of which could result in a Denial of Service condition.
|
| |
|
| |
RedHat: RHSA-2019-2512:01 Important: subversion:1.10 security update (Aug 15) |
| |
An update for the subversion:1.10 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2511:01 Important: mysql:8.0 security update (Aug 15) |
| |
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2508:01 Important: redis security update (Aug 15) |
| |
An update for redis is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2507:01 Important: qemu-kvm-rhev security update (Aug 15) |
| |
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2506:01 Important: redis security update (Aug 15) |
| |
An update for redis is now available for Red Hat OpenStack Platform 9.0 Operational Tools for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2505:01 Important: openstack-ironic-inspector security (Aug 15) |
| |
An update for openstack-ironic-inspector is now available for Red Hat OpenStack Platform 9.0 (Mitaka) director. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2503:01 Important: OpenShift Container Platform 3.11 (Aug 15) |
| |
An update for jenkins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2499:01 Moderate: ovirt-engine-metrics security, bug fix, (Aug 15) |
| |
An update for ovirt-engine-metrics is now available for Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2504:01 Moderate: OpenShift Container Platform 4.1.11 (Aug 15) |
| |
An update for openshift is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2494:01 Important: java-1.7.1-ibm security update (Aug 15) |
| |
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2495:01 Important: java-1.7.1-ibm security update (Aug 15) |
| |
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2483:01 Important: Red Hat Single Sign-On 7.3.3 security (Aug 13) |
| |
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2476:01 Important: kernel security update (Aug 13) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2471:01 Moderate: openssl security update (Aug 13) |
| |
An update for openssl is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2473:01 Important: kernel security and bug fix update (Aug 13) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-2466:01 Moderate: CloudForms 4.7.8 security, (Aug 13) |
| |
An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2465:01 Important: ghostscript security update (Aug 12) |
| |
An update for ghostscript is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-2462:01 Important: ghostscript security update (Aug 12) |
| |
An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-2433:01 Moderate: cockpit-ovirt security, bug fix, (Aug 12) |
| |
An update for cockpit-ovirt is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2439:01 Moderate: rhvm-appliance security, bug fix, (Aug 12) |
| |
An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2437:01 Important: Red Hat Virtualization security update (Aug 12) |
| |
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2427:01 Important: chromium-browser security update (Aug 12) |
| |
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2425:01 Important: qemu-kvm-rhev security and bug fix (Aug 8) |
| |
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 10.0 (Newton), Red Hat OpenStack Platform 13.0 (Queens), and Red Hat OpenStack Platform 14.0 (Rocky). Red Hat Product Security has rated this update as having a security impact
|
| |
RedHat: RHSA-2019-2413:01 Important: Red Hat Fuse 7.4.0 security update (Aug 8) |
| |
A minor version update (from 7.3 to 7.4) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact
|
| |
|
| |
Slackware: 2019-226-02: mozilla-firefox Security Update (Aug 14) |
| |
New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
|
| |
Slackware: 2019-226-01: Slackware 14.2 kernel Security Update (Aug 14) |
| |
New kernel packages are available for Slackware 14.2 to fix security issues.
|
| |
Slackware: 2019-220-01: kdelibs Security Update (Aug 8) |
| |
New kdelibs packages are available for Slackware 14.2 and -current to fix a security issue.
|
| |
|
| |
SUSE: 2019:2155-1 important: 389-ds (Aug 15) |
| |
An update that solves 8 vulnerabilities and has two fixes is now available.
|
| |
SUSE: 2019:2152-1 moderate: openjpeg2 (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:14146-1 moderate: libvirt and libvirt-python (Aug 15) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:2119-1 important: containerd, docker, docker-runc, golang-github-docker-libnetwork (Aug 13) |
| |
An update that solves four vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2118-1 important: mariadb-100 (Aug 13) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:2117-1 important: containerd, docker, docker-runc, golang-github-docker-libnetwork (Aug 13) |
| |
An update that solves four vulnerabilities and has three fixes is now available.
|
| |
SUSE: 2019:2114-1 moderate: python (Aug 12) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2105-1 important: libvirt (Aug 9) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2103-1 moderate: wireshark (Aug 9) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2104-1 moderate: wireshark (Aug 9) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2098-1 important: evince (Aug 9) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:2099-1 important: nodejs10 (Aug 9) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:14142-1 important: python (Aug 8) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:2091-1 important: python (Aug 8) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:2092-1 moderate: squid (Aug 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2089-1 moderate: squid (Aug 8) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
|
| |
Ubuntu 4099-1: nginx vulnerabilities (Aug 15) |
| |
nginx could be made to crash if it received specially crafted network traffic.
|
| |
Ubuntu 4098-1: wpa_supplicant and hostapd vulnerability (Aug 14) |
| |
wpa_supplicant and hostapd could be made to expose sensitive information over the network.
|
| |
Ubuntu 4097-2: PHP vulnerabilities (Aug 13) |
| |
PHP could be made to crash or execute arbitrary code if it received specially crafted image.
|
| |
Ubuntu 4097-1: PHP vulnerabilities (Aug 13) |
| |
PHP could be made to crash or execute arbitrary code if it received specially crafted image.
|
| |
Ubuntu 4095-2: Linux kernel (Xenial HWE) vulnerabilities (Aug 13) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4096-1: Linux kernel (AWS) vulnerability (Aug 13) |
| |
The system could be made to expose sensitive information.
|
| |
Ubuntu 4095-1: Linux kernel vulnerabilities (Aug 13) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4094-1: Linux kernel vulnerabilities (Aug 13) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4093-1: Linux kernel vulnerabilities (Aug 13) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4070-3: MariaDB vulnerabilities (Aug 13) |
| |
Several security issues were fixed in MariaDB.
|
| |
Ubuntu 4070-2: MariaDB vulnerabilities (Aug 12) |
| |
Several security issues were fixed in MariaDB
|
| |
Ubuntu 4092-1: Ghostscript vulnerability (Aug 12) |
| |
Ghostscript could be made to access files if it opened a specially crafted file.
|
| |
Ubuntu 4091-1: poppler vulnerability (Aug 12) |
| |
poppler could be made to crash if it received specially crafted PDF.
|
| |
Ubuntu 4090-1: PostgreSQL vulnerabilities (Aug 8) |
| |
Several security issues were fixed in PostgreSQL.
|
| |
|
| |
Debian LTS: DLA-1886-1: openjdk-7 security update (Aug 15) |
| |
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, information disclosure or the execution of arbitrary code.
|
| |
Debian LTS: DLA-1887-1: freetype security update (Aug 15) |
| |
A buffer over-read in the t1-parser of freetype, a font engine, has been found and fixed by checking limits more sensible.
|
| |
Debian LTS: DLA-1877-1: otrs2 security update (Aug 14) |
| |
Several security issues have been fixed in otrs2, a well known trouble ticket system.
|
| |
Debian LTS: DLA-1885-1: linux-4.9 security update (Aug 14) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
|
| |
Debian LTS: DLA-1884-1: linux security update (Aug 13) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
|
| |
Debian LTS: DLA-1883-1: tomcat8 security update (Aug 13) |
| |
Several minor issues have been fixed in tomcat8, a Java Servlet and JSP engine.
|
| |
Debian LTS: DLA-1882-1: atril security update (Aug 13) |
| |
A few issues were found in Atril, the MATE document viewer. CVE-2017-1000159
|
| |
Debian LTS: DLA-1881-1: evince security update (Aug 13) |
| |
A few issues were found in the Evince document viewer. CVE-2017-1000159
|
| |
Debian LTS: DLA-1880-1: ghostscript security update (Aug 13) |
| |
Netanel reported that the .buildfont1 procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.
|
| |
Debian LTS: DLA-1878-1: php5 security update (Aug 12) |
| |
Two heap buffer overflows were found in the EXIF parsing code of PHP, a widely-used open source general purpose scripting language. For Debian 8 "Jessie", these problems have been fixed in version
|
| |
Debian LTS: DLA-1879-1: jackson-databind security update (Aug 12) |
| |
Deserialization flaws were discovered in jackson-databind relating to EHCache and logback/jndi, which could allow an unauthenticated user to perform remote code execution. The issue was resolved by extending the
|
| |
Debian LTS: DLA-1874-1: postgresql-9.4 security update (Aug 9) |
| |
* CVE-2019-10208: `TYPE` in `pg_temp` executes arbitrary SQL during `SECURITY DEFINER` execution Versions Affected: 9.4 - 11
|
| |
|
| |
ArchLinux: 201908-8: postgresql: multiple issues (Aug 12) |
| |
The package postgresql before version 11.5-1 is vulnerable to multiple issues including access restriction bypass and information disclosure.
|
| |
ArchLinux: 201908-7: postgresql-libs: multiple issues (Aug 12) |
| |
The package postgresql-libs before version 11.5-1 is vulnerable to multiple issues including access restriction bypass and information disclosure.
|
| |
ArchLinux: 201908-6: chromium: arbitrary code execution (Aug 12) |
| |
The package chromium before version 76.0.3809.100-1 is vulnerable to arbitrary code execution.
|
| |
|
| |
SciLinux: SLSA-2019-2471-1 Moderate: openssl on SL6.x i386/x86_64 (Aug 13) |
| |
openssl: 0-byte record padding oracle (CVE-2019-1559) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. SL6 x86_64 openssl-1.0.1e-58.el6_10.i686.rpm openssl-1.0.1e-58.el6_10.x86_64.rpm openssl-debuginfo-1.0.1e-58.el6_10.i686.rpm openssl- [More...]
|
| |
SciLinux: SLSA-2019-2473-1 Important: kernel on SL6.x i386/x86_64 (Aug 13) |
| |
Kernel: page cache side channel attacks (CVE-2019-5489) * kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service (CVE-2017-17805) * kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks (CVE-2018-17972) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more d [More...]
|
| |
|
| |
openSUSE: 2019:1921-1: important: pdns (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1920-1: important: dosbox (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1907-1: important: nodejs8 (Aug 15) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1910-1: important: subversion (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1918-1: important: bzip2 (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1914-1: important: polkit (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1901-1: important: chromium (Aug 15) |
| |
An update that fixes 16 vulnerabilities is now available.
|
| |
openSUSE: 2019:1905-1: important: dosbox (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1908-1: important: evince (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1911-1: important: icedtea-web (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1912-1: important: java-1_8_0-openjdk (Aug 15) |
| |
An update that solves 8 vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:1902-1: important: chromium (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1906-1: important: python (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1904-1: important: pdns (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1909-1: important: vlc (Aug 15) |
| |
An update that solves 7 vulnerabilities and has three fixes is now available.
|
| |
openSUSE: 2019:1917-1: important: gpg2 (Aug 15) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1916-1: important: java-11-openjdk (Aug 15) |
| |
An update that solves 9 vulnerabilities and has two fixes is now available.
|
| |
openSUSE: 2019:1897-1: important: vlc (Aug 15) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
openSUSE: 2019:1904-1: important: pdns (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1913-1: important: mariadb, mariadb-connector-c (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1898-1: important: kconfig, kdelibs4 (Aug 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1903-1: important: chromium (Aug 15) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1915-1: important: mariadb, mariadb-connector-c (Aug 15) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1891-1: moderate: libqb (Aug 14) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1894-1: moderate: irssi (Aug 14) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1895-1: moderate: ledger (Aug 14) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2019:1889-1: moderate: libmediainfo (Aug 14) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1883-1: moderate: libsass (Aug 14) |
| |
An update that fixes 12 vulnerabilities is now available.
|
| |
openSUSE: 2019:1888-1: moderate: libheimdal (Aug 14) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1872-1: moderate: python-Django (Aug 14) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
openSUSE: 2019:1880-1: moderate: live555 (Aug 14) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:1876-1: moderate: mumble (Aug 14) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1870-1: important: proftpd (Aug 14) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1854-1: moderate: GraphicsMagick (Aug 14) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2019:1858-1: moderate: ansible (Aug 14) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2019:1851-2: important: kconfig, kdelibs4 (Aug 14) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1859-1: important: znc (Aug 14) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1861-1: moderate: phpMyAdmin (Aug 14) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1855-1: important: kconfig, kdelibs4 (Aug 13) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1851-1: important: kconfig, kdelibs4 (Aug 13) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1853-1: important: chromium (Aug 13) |
| |
An update that fixes 16 vulnerabilities is now available.
|
| |
openSUSE: 2019:1851-1: important: kconfig, kdelibs4 (Aug 13) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1852-1: moderate: aubio (Aug 13) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2019:1849-1: important: chromium (Aug 12) |
| |
An update that fixes 16 vulnerabilities is now available.
|
| |
openSUSE: 2019:1846-1: important: nodejs10 (Aug 12) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1848-1: important: chromium (Aug 12) |
| |
An update that fixes 16 vulnerabilities is now available.
|
| |
openSUSE: 2019:1845-1: moderate: zstd (Aug 12) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
openSUSE: 2019:1844-1: important: osc (Aug 12) |
| |
An update that solves one vulnerability and has 5 fixes is now available.
|
| |
openSUSE: 2019:1839-1: moderate: python-Django (Aug 8) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
openSUSE: 2019:1840-1: important: vlc (Aug 8) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
openSUSE: 2019:1836-1: important: proftpd (Aug 8) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
|
| |
Mageia 2019-0221: kernel security update (Aug 12) |
| |
This kernel update is based on the upstream 4.14.137 and fixes atleast the following security issues: A Spectre SWAPGS gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information
|
| |
Mageia 2019-0220: kernel security update (Aug 12) |
| |
This kernel update provides an update to the kernel 5.2 series, currently based on 5.2.7 adding support for newer hardware and other new features. It also fixes atleast the following security issues: A Spectre SWAPGS gadget was found in the Linux kernel's implementation of
|
| |
Mageia 2019-0219: cyrus-imapd security update (Aug 9) |
| |
Updated cyrus-imapd package fixes security vulnerability: It was discovered that cyrus-imapd had a buffer overflow in CalDAV request handling triggered by a long iCalendar property name (CVE-2019-11356).
|
| |
Mageia 2019-0218: php security update (Aug 9) |
| |
Updated php packages fixes atleast the following security issues: When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with
|
