| |
Debian: DSA-4706-1: drupal7 security update (Jun 18) |
| |
It was discovered that Drupal, a fully-featured content management framework, was suspectible to cross site request forgery. For additional information, please refer to the upstream advisory at
|
| |
Debian: DSA-4705-1: python-django security update (Jun 18) |
| |
It was discovered that Django, a high-level Python web development framework, did not properly sanitize input. This would allow a remote attacker to perform SQL injection attacks, Cross-Site Scripting (XSS) attacks, or leak sensitive information.
|
| |
Debian: DSA-4704-1: vlc security update (Jun 16) |
| |
A vulnerability was discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed video file is opened.
|
| |
Debian: DSA-4703-1: mysql-connector-java security update (Jun 11) |
| |
Three vulnerabilities have been found in the MySQL Connector/J JDBC driver. For the oldstable distribution (stretch), these problems have been fixed
|
| |
Debian: DSA-4702-1: thunderbird security update (Jun 11) |
| |
Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code.
|
| |
Debian: DSA-4701-1: intel-microcode security update (Jun 11) |
| |
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling (CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.
|
| |
Debian: DSA-4700-1: roundcube security update (Jun 11) |
| |
Matei Badanoiu and LoRexxar@knownsec discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process and sanitize requests. This would allow a remote attacker to perform a Cross-Side Scripting (XSS) attack leading to the
|
| |
Fedora 31: mingw-glib-networking FEDORA-2020-cadbc5992f (Jun 18) |
| |
Security fix for CVE-2020-13645
|
| |
Fedora 31: roundcubemail FEDORA-2020-2a1a6a8432 (Jun 18) |
| |
**RELEASE 1.4.6** - Installer: Fix regression in SMTP test section (#7417) ---- **RELEASE 1.4.5** - Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364) - Fix so the database setup description is compatible with MySQL 8 (#7340) - Markasjunk: Fix regression in jsevent driver (#7361) - Fix missing flag indication on collapsed
|
| |
Fedora 31: moby-engine FEDORA-2020-5ba8c2d9d5 (Jun 18) |
| |
Update to upstream 19.03.11 to prevent CVE-2020-13401
|
| |
Fedora 31: dbus FEDORA-2020-99ee5a2baa (Jun 18) |
| |
Update to 1.12.18
|
| |
Fedora 32: kernel FEDORA-2020-125ccdc871 (Jun 18) |
| |
The 5.6.19 stable kernel updates contain a number of important fixes across the tree.
|
| |
Fedora 32: microcode_ctl FEDORA-2020-e8835a5f8e (Jun 18) |
| |
Security fix for CVE-2020-0548, CVE-2020-0549, CVE-2020-0543 ---- Update to upstream 2.1-28. 20200609
|
| |
Fedora 32: mingw-glib-networking FEDORA-2020-a83c8cd358 (Jun 18) |
| |
Security fix for CVE-2020-13645
|
| |
Fedora 32: roundcubemail FEDORA-2020-aeffd92b77 (Jun 18) |
| |
**RELEASE 1.4.6** - Installer: Fix regression in SMTP test section (#7417) ---- **RELEASE 1.4.5** - Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364) - Fix so the database setup description is compatible with MySQL 8 (#7340) - Markasjunk: Fix regression in jsevent driver (#7361) - Fix missing flag indication on collapsed
|
| |
Fedora 32: moby-engine FEDORA-2020-6d7deafd81 (Jun 18) |
| |
Update to upstream 19.03.11 to prevent CVE-2020-13401
|
| |
Fedora 31: kernel-headers FEDORA-2020-3364913ace (Jun 17) |
| |
The 5.6.18 stable kernel update contains a number of important fixes across the tree. ---- The 5.6.17 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 31: kernel FEDORA-2020-3364913ace (Jun 17) |
| |
The 5.6.18 stable kernel update contains a number of important fixes across the tree. ---- The 5.6.17 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 31: glib-networking FEDORA-2020-98ebbd1397 (Jun 17) |
| |
Fix CVE-2020-13645, fail connections when server identity is unset
|
| |
Fedora 31: nghttp2 FEDORA-2020-f7d15c8b77 (Jun 17) |
| |
- update to the latest upstream release (CVE-2020-11080)
|
| |
Fedora 32: mariadb-connector-c FEDORA-2020-35f52d9370 (Jun 15) |
| |
**MariaDB 10.4.13 , Galera 26.4.4 , MariaDB CONC/C 3.1.8** Release notes: https://mariadb.com/kb/en/mariadb-10413-release-notes/ https://mariadb.com/kb/en/mariadb-connector-c-318-release-notes/
|
| |
Fedora 32: galera FEDORA-2020-35f52d9370 (Jun 15) |
| |
**MariaDB 10.4.13 , Galera 26.4.4 , MariaDB CONC/C 3.1.8** Release notes: https://mariadb.com/kb/en/mariadb-10413-release-notes/ https://mariadb.com/kb/en/mariadb-connector-c-318-release-notes/
|
| |
Fedora 32: grafana FEDORA-2020-a09e5be0be (Jun 15) |
| |
Security fix for CVE-2020-13379
|
| |
Fedora 32: libjcat FEDORA-2020-eec60309f2 (Jun 15) |
| |
Security fix for CVE-2020-10759
|
| |
Fedora 31: perl FEDORA-2020-fd73c08076 (Jun 15) |
| |
Fixed CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723
|
| |
Fedora 31: libvirt FEDORA-2020-5cd83efda7 (Jun 15) |
| |
* Fix iptables No chain/target/match by that name (bz #1813830) * systemd: start libvirtd after firewalld/iptables services (bz #1697636) * CVE-2020-12430: memory leak in domstats may allow read-only user to perform DoS attack (bz #1828216, bz #1828190) * CVE-2020-10703: Potential denial of service via active pool without target path (bz #1820690, bz #1816650) * CVE-2019-20485: potential
|
| |
Fedora 31: grafana FEDORA-2020-e6e81a03d6 (Jun 14) |
| |
Security fix for CVE-2020-13379
|
| |
Fedora 32: kernel FEDORA-2020-e47d28bc2b (Jun 14) |
| |
The 5.6.18 stable kernel update contains a number of important fixes across the tree. ---- The 5.6.17 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 32: kernel-headers FEDORA-2020-e47d28bc2b (Jun 14) |
| |
The 5.6.18 stable kernel update contains a number of important fixes across the tree. ---- The 5.6.17 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 31: mingw-gnutls FEDORA-2020-ea11cb5ccc (Jun 14) |
| |
Update to upstream 3.6.14 release, and security fix for CVE-2020-13777.
|
| |
Fedora 31: pdns-recursor FEDORA-2020-c0ff3df740 (Jun 14) |
| |
Fixes CVE-2020-10995, CVE-2020-12244 and CVE-2020-10030
|
| |
Fedora 31: gnutls FEDORA-2020-76b705bb63 (Jun 14) |
| |
Update to upstream 3.6.14 release, and security fix for CVE-2020-13777. ---- - Fix certificate chain validation involving the expired "AddTrust External Root". - Disable RSA blinding during FIPS self-tests to avoid hanging if there is not enough entropy for `getrandom()` - Add `--waitresumption` option to `gnutls-cli` to force the client to wait for resumption data (new session ticket) under TLS
|
| |
Fedora 31: mod_auth_openidc FEDORA-2020-1106ece93a (Jun 14) |
| |
Fixes CVE-2019-20479
|
| |
Fedora 31: NetworkManager FEDORA-2020-ace543feff (Jun 14) |
| |
- Update to 1.20.12 release - ifcfg-rh: handle "802-1x.{,phase2-}ca-path" (rh #1841395, CVE-2020-10754)
|
| |
Fedora 32: mingw-gnutls FEDORA-2020-4f78f122a3 (Jun 14) |
| |
Update to upstream 3.6.14 release, and security fix for CVE-2020-13777.
|
| |
Fedora 32: pdns-recursor FEDORA-2020-d9abb0c06d (Jun 14) |
| |
Fixes CVE-2020-10995, CVE-2020-12244 and CVE-2020-10030
|
| |
Fedora 32: mod_auth_openidc FEDORA-2020-33d51234cd (Jun 14) |
| |
Fixes CVE-2019-20479
|
| |
Fedora 32: thunderbird FEDORA-2020-19e5635ee3 (Jun 11) |
| |
Update to latest upstream version.
|
| |
Fedora 31: kernel FEDORA-2020-203ffedeb5 (Jun 11) |
| |
The 5.6.16 stable kernel update contains a number of important fixes across the tree.
|
| |
Gentoo: GLSA-202006-23: Cyrus IMAP Server: Access restriction bypass (Jun 15) |
| |
An error in Cyrus IMAP Server allows mailboxes to be created with administrative privileges.
|
| |
Gentoo: GLSA-202006-22: OpenJDK, IcedTea: Multiple vulnerabilities (Jun 15) |
| |
Multiple vulnerabilities have been found in OpenJDK and IcedTea, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-21: Apache Tomcat: Remote code execution (Jun 15) |
| |
A vulnerability has been discovered in Apache Tomcat which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-20: Asterisk: Root privilege escalation (Jun 15) |
| |
A vulnerability was discovered in Asterisk which may allow local attackers to gain root privileges.
|
| |
Gentoo: GLSA-202006-19: Mozilla Thunderbird: Multiple vulnerabilities (Jun 15) |
| |
Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-18: Bubblewrap: Arbitrary code execution (Jun 15) |
| |
Bubblewrap misuses temporary directories allowing local code execution.
|
| |
Gentoo: GLSA-202006-17: FAAD2: Multiple vulnerabilities (Jun 15) |
| |
Multiple vulnerabilities have been found in FAAD2, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-16: PCRE2: Denial of service (Jun 15) |
| |
A vulnerability in PCRE2 could lead to a Denial of Service condition.
|
| |
Gentoo: GLSA-202006-15: OpenConnect: Multiple vulnerabilities (Jun 15) |
| |
Multiple vulnerabilities have been found in OpenConnect, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-14: PEAR Archive_Tar: Remote code execution vulnerability (Jun 15) |
| |
A buffer overflow in the PEAR module Archive_Tar might allow local or remote attacker(s) to execute arbitrary code.
|
| |
Gentoo: GLSA-202006-13: json-c: Multiple vulnerabilities (Jun 15) |
| |
Multiple vulnerabilities have been found in json-c, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202006-12: GNU Mailutils: Privilege escalation (Jun 12) |
| |
A vulnerability has been found in GNU Mailutils allowing privilege escalation.
|
| |
Gentoo: GLSA-202006-11: Ansible: Multiple vulnerabilities (Jun 12) |
| |
Multiple vulnerabilities have been found in Ansible, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-10: GNU Readline: Multiple vulnerabilities (Jun 12) |
| |
Multiple vulnerabilities have been found in GNU Readline, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202006-09: Adobe Flash Player: Arbitrary code execution (Jun 12) |
| |
A flaw in Adobe Flash Player may allow local or remote attacker(s) to execute arbitrary code.
|
| |
Gentoo: GLSA-202006-08: WebKitGTK+: Multiple vulnerabilities (Jun 12) |
| |
Multiple vulnerabilities have been found in WebKitGTK+, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-07: Mozilla Firefox: Multiple vulnerabilities (Jun 12) |
| |
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-06: ssvnc: Multiple vulnerabilities (Jun 12) |
| |
Multiple vulnerabilities have been found in ssvnc, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-05: Nokogiri: Command injection (Jun 12) |
| |
Nokogiri has a vulnerability allowing arbitrary execution of code if a certain function is used.
|
| |
Gentoo: GLSA-202006-04: glibc: Multiple vulnerabilities (Jun 12) |
| |
Multiple vulnerabilities have been found in glibc, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202006-02: Chromium, Google Chrome: Multiple vulnerabilities (Jun 12) |
| |
Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-202006-03: Perl: Multiple vulnerabilities (Jun 12) |
| |
Multiple vulnerabilities have been found in Perl, the worst of which could result in a Denial of Service condition.
|
| |
RedHat: RHSA-2020-2625:01 Moderate: rh-nodejs8-nodejs security update (Jun 18) |
| |
An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2614:01 Important: thunderbird security update (Jun 18) |
| |
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2613:01 Important: thunderbird security update (Jun 18) |
| |
An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2619:01 Important: Red Hat Fuse 7.6.0 on EAP security (Jun 18) |
| |
A patch is now available for Red Hat Fuse 7.6 on EAP. The purpose of this text-only errata is to inform you about the security issue fixed in this release. Red Hat Product Security has rated this update as having a security impact
|
| |
RedHat: RHSA-2020-2616:01 Important: thunderbird security update (Jun 18) |
| |
An update for thunderbird is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2611:01 Important: thunderbird security update (Jun 18) |
| |
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2617:01 Moderate: security update - Red Hat Ansible Tower (Jun 18) |
| |
Red Hat Ansible Tower 3.7.1-1 - RHEL7 Container 2. Description: * Updated rsyslog integration to not write world-readable configuration files (CVE-2020-10782)
|
| |
RedHat: RHSA-2020-2618:01 Moderate: Red Hat AMQ Streams 1.5.0 release and (Jun 18) |
| |
Red Hat AMQ Streams 1.5.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2479:01 Moderate: OpenShift Container Platform 3.11 (Jun 18) |
| |
An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2478:01 Important: OpenShift Container Platform 3.11 (Jun 17) |
| |
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2449:01 Moderate: OpenShift Container Platform 4.4.8 (Jun 17) |
| |
An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2403:01 Moderate: OpenShift Container Platform 4.4.8 (Jun 17) |
| |
An update for containernetworking-plugins is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2441:01 Moderate: OpenShift Container Platform 4.3.25 (Jun 17) |
| |
An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2442:01 Moderate: OpenShift Container Platform 4.3.25 (Jun 17) |
| |
An update for openshift-enterprise-apb-tools-container is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2439:01 Moderate: OpenShift Container Platform 4.3.25 (Jun 17) |
| |
Red Hat OpenShift Container Platform release 4.3.25 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2448:01 Moderate: OpenShift Container Platform 4.4.8 (Jun 17) |
| |
An update for openshift is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2605:01 Low: AMQ Clients 2.7.0 Release (Jun 17) |
| |
An update is now available for Red Hat AMQ Clients 2.7.0. Red Hat Product Security has rated this update as having a Low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-2440:01 Moderate: OpenShift Container Platform 4.3.25 (Jun 17) |
| |
An update for openshift is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2443:01 Moderate: OpenShift Container Platform 4.3.25 (Jun 17) |
| |
An update for containernetworking-plugins is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2391:01 Low: Red Hat build of Eclipse Vert.x 3.9.1 (Jun 17) |
| |
An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For
|
| |
RedHat: RHSA-2020-2603:01 Moderate: Red Hat build of Quarkus 1.3.4 security (Jun 17) |
| |
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For
|
| |
RedHat: RHSA-2020-2567:01 Important: kpatch-patch security update (Jun 15) |
| |
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2561:01 Critical: EAP Continuous Delivery Technical (Jun 15) |
| |
This is a security update for JBoss EAP Continuous Delivery 12.0. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-2562:01 Important: EAP Continuous Delivery Technical (Jun 15) |
| |
This is a security update for JBoss EAP Continuous Delivery 13.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2565:01 Important: EAP Continuous Delivery Technical (Jun 15) |
| |
This is a security update for JBoss EAP Continuous Delivery 18.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2564:01 Important: EAP Continuous Delivery Technical (Jun 15) |
| |
This is a security update for JBoss EAP Continuous Delivery 16.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2563:01 Important: EAP Continuous Delivery Technical (Jun 15) |
| |
This is a security update for JBoss EAP Continuous Delivery 14.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2549:01 Moderate: libexif security update (Jun 15) |
| |
An update for libexif is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-2550:01 Moderate: libexif security update (Jun 15) |
| |
An update for libexif is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-2547:01 Critical: flash-plugin security update (Jun 15) |
| |
An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2544:01 Important: chromium-browser security update (Jun 15) |
| |
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2539:01 Moderate: net-snmp security and bug fix update (Jun 12) |
| |
An update for net-snmp is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2529:01 Important: tomcat6 security update (Jun 11) |
| |
An update for tomcat6 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2530:01 Important: tomcat security update (Jun 11) |
| |
An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2512:01 Important: Red Hat JBoss Enterprise Application (Jun 11) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2513:01 Important: Red Hat JBoss Enterprise Application (Jun 11) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2524:01 Important: Red Hat OpenShift Service Mesh 1.0 (Jun 11) |
| |
An update for servicemesh-proxy is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2523:01 Important: Red Hat OpenShift Service Mesh 1.1.2 (Jun 11) |
| |
An update for servicemesh-proxy is now available for OpenShift Service Mesh 1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
Slackware: 2020-170-01: bind Security Update (Jun 18) |
| |
New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
|
| |
Slackware: 2020-163-01: Slackware 14.2 kernel Security Update (Jun 11) |
| |
New kernel packages are available for Slackware 14.2 to fix security issues.
|
| |
SUSE: 2020:1682-1 important: perl (Jun 19) |
| |
An update that solves three vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:1681-1 important: fwupd (Jun 19) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1684-1 important: java-1_8_0-ibm (Jun 19) |
| |
An update that fixes 11 vulnerabilities is now available.
|
| |
SUSE: 2020:1677-1 important: mozilla-nspr, mozilla-nss (Jun 18) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:14399-1 important: adns (Jun 18) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:1672-1 important: dbus-1 (Jun 18) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2020:1656-1 important: the Linux Kernel (Live Patch 1 for SLE 15 SP1) (Jun 18) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2020:1661-1 moderate: php7 (Jun 18) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1663-1 important: the Linux Kernel (Jun 18) |
| |
An update that solves 55 vulnerabilities and has 93 fixes is now available.
|
| |
SUSE: 2020:1657-1 moderate: containerd, docker, docker-runc, golang-github-docker-libnetwo (Jun 18) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1659-1 guile (Jun 18) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1662-1 important: perl (Jun 18) |
| |
An update that solves three vulnerabilities and has three fixes is now available.
|
| |
SUSE: 2020:1663-1 important: the Linux Kernel (Jun 18) |
| |
An update that solves 55 vulnerabilities and has 93 fixes is now available.
|
| |
SUSE: 2020:1646-1 important: the Linux Kernel (Live Patch 10 for SLE 15 SP1) (Jun 18) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:1658-1 moderate: gegl (Jun 18) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1664-1 moderate: containerd, docker, docker-runc, golang-github-docker-libnetwo (Jun 18) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1660-1 moderate: gnuplot (Jun 18) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2020:1671-1 important: the Linux Kernel (Live Patch 11 for SLE 15) (Jun 18) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:14398-1 important: java-1_7_1-ibm (Jun 17) |
| |
An update that fixes 8 vulnerabilities is now available.
|
| |
SUSE: 2020:1632-1 important: xen (Jun 17) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2020:1633-1 important: xen (Jun 17) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2020:1634-1 important: xen (Jun 17) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2020:1630-1 important: xen (Jun 16) |
| |
An update that fixes 12 vulnerabilities is now available.
|
| |
SUSE: 2020:1625-1 moderate: mariadb (Jun 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:1623-1 critical: nodejs6 (Jun 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:1626-1 moderate: poppler (Jun 16) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
SUSE: 2020:1621-1 important: libEMF (Jun 13) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2020:1622-1 important: libEMF (Jun 13) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2020:1619-1 audiofile (Jun 12) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1612-1 important: adns (Jun 12) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:1608-1 ed (Jun 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1609-1 important: xen (Jun 11) |
| |
An update that solves one vulnerability and has three fixes is now available.
|
| |
SUSE: 2020:14396-1 moderate: kvm (Jun 11) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2020:1606-1 critical: nodejs12 (Jun 11) |
| |
An update that solves four vulnerabilities and has one errata is now available.
|
| |
Ubuntu 4399-1: Bind vulnerabilities (Jun 17) |
| |
Bind could be made to crash if it received specially crafted network traffic.
|
| |
Ubuntu 4397-2: NSS vulnerability (Jun 17) |
| |
NSS could be made to expose sensitive information over the network.
|
| |
Ubuntu 4398-2: DBus vulnerability (Jun 16) |
| |
DBus could be made to crash if it received specially crafted input.
|
| |
Ubuntu 4398-1: DBus vulnerability (Jun 16) |
| |
DBus could be made to crash if it received specially crafted input.
|
| |
Ubuntu 4397-1: NSS vulnerabilities (Jun 16) |
| |
Several security issues were fixed in NSS.
|
| |
Ubuntu 4396-1: libexif vulnerabilities (Jun 16) |
| |
Several security issues were fixed in libexif.
|
| |
Ubuntu 4315-2: Apport vulnerabilities (Jun 15) |
| |
Several security issues were fixed in Apport.
|
| |
Ubuntu 4395-1: fwupd vulnerability (Jun 15) |
| |
fwupd could be made to install an unsigned firmware.
|
| |
Debian LTS: DLA-2250-1: drupal7 security update (Jun 18) |
| |
Drupal 7 has an Open Redirect vulnerability. For example, a user could be tricked into visiting a specially crafted link which would redirect them to an arbitrary external URL.
|
| |
Debian LTS: DLA-2247-1: thunderbird security update (Jun 12) |
| |
Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code.
|
| |
Debian LTS: DLA-2233-2: python-django regression update (Jun 12) |
| |
It was discovered that there was a regression in the latest update to Django, the Python web development framework. The upstream fix for CVE-2020-13254 to address data leakages via malformed memcached keys could, in some situations, cause a traceback.
|
| |
Debian LTS: DLA-2245-1: mysql-connector-java security update (Jun 11) |
| |
Several issues were discovered in mysql-connector-java, a Java database (JDBC) driver for MySQL, that allow attackers to update, insert or delete access to some of MySQL Connectors accessible data, unauthorized
|
| |
Debian LTS: DLA-2244-1: libphp-phpmailer security update (Jun 11) |
| |
It was discovered that there was an escaping issue in libphp-phpmailer, an email generation utility class for the PHP programming language.
|
| |
ArchLinux: 202006-10: intel-ucode: information disclosure (Jun 16) |
| |
The package intel-ucode before version 20200609-1 is vulnerable to information disclosure.
|
| |
ArchLinux: 202006-9: dbus: denial of service (Jun 16) |
| |
The package dbus before version 1.12.18-1 is vulnerable to denial of service.
|
| |
CentOS: CESA-2020-2549: Moderate CentOS 7 libexif (Jun 16) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2549
|
| |
CentOS: CESA-2020-2530: Important CentOS 7 tomcat (Jun 11) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2530
|
| |
SciLinux: SLSA-2020-2549-1 Moderate: libexif on SL7.x x86_64 (Jun 15) |
| |
libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112) SL7 x86_64 libexif-0.6.21-7.el7_8.i686.rpm libexif-0.6.21-7.el7_8.x86_64.rpm libexif-debuginfo-0.6.21-7.el7_8.i686.rpm libexif-debuginfo-0.6.21-7.el7_8.x86_64.rpm libexif-devel-0.6.21-7.el7_8.i686.rpm libexif-devel-0.6.21-7.el7_8.x86_64.rpm li [More...]
|
| |
SciLinux: SLSA-2020-2529-1 Important: tomcat6 on SL6.x (noarch) (Jun 12) |
| |
|
| |
SciLinux: SLSA-2020-2516-1 Moderate: libexif on SL6.x i386/x86_64 (Jun 11) |
| |
libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112) SL6 x86_64 libexif-0.6.21-6.el6_10.i686.rpm libexif-0.6.21-6.el6_10.x86_64.rpm libexif-debuginfo-0.6.21-6.el6_10.i686.rpm libexif-debuginfo-0.6.21-6.el6_10.x86_64.rpm libexif-devel-0.6.21-6.el6_10.i686.rpm libexif-devel-0.6.21-6.el6_10.x86_64.rpm [More...]
|
| |
SciLinux: SLSA-2020-2530-1 Important: tomcat on SL7.x (noarch) (Jun 11) |
| |
tomcat: deserialization flaw in session persistence storage leading to RCE (CVE-2020-9484) SL7 noarch tomcat-servlet-3.0-api-7.0.76-12.el7_8.noarch.rpm tomcat-7.0.76-12.el7_8.noarch.rpm tomcat-admin-webapps-7.0.76-12.el7_8.noarch.rpm tomcat-docs-webapp-7.0.76-12.el7_8.noarch.rpm tomcat-el-2.2-api-7.0.76-12.el7_8.noarch.rpm tomcat-javadoc-7.0.76-12.el7_8.noarch.rpm [More...]
|
| |
openSUSE: 2020:0836-1: moderate: rmt-server (Jun 19) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2020:0832-1: important: chromium (Jun 18) |
| |
An update that fixes 32 vulnerabilities is now available.
|
| |
openSUSE: 2020:0827-1: important: adns (Jun 17) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
openSUSE: 2020:0831-1: important: libEMF (Jun 17) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2020:0825-1: file-roller (Jun 17) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2020:0823-1: important: chromium (Jun 17) |
| |
An update that fixes 32 vulnerabilities is now available.
|
| |
openSUSE: 2020:0805-1: moderate: libupnp (Jun 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0806-1: moderate: libntlm (Jun 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0819-1: moderate: varnish (Jun 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2020:0821-1: moderate: libupnp (Jun 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0816-1: moderate: libntlm (Jun 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0820-1: moderate: prboom-plus (Jun 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0807-1: moderate: prboom-plus (Jun 16) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0808-1: moderate: varnish (Jun 16) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2020:0818-1: important: xen (Jun 16) |
| |
An update that solves one vulnerability and has three fixes is now available.
|
| |
openSUSE: 2020:0802-1: critical: nodejs8 (Jun 13) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2020:0800-1: important: java-1_8_0-openjdk (Jun 13) |
| |
An update that fixes 10 vulnerabilities is now available.
|
| |
openSUSE: 2020:0801-1: important: the Linux Kernel (Jun 13) |
| |
An update that solves 25 vulnerabilities and has 132 fixes is now available.
|
| |
openSUSE: 2020:0804-1: moderate: texlive-filesystem (Jun 13) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2020:0803-1: moderate: rubygem-bundler (Jun 13) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0799-1: important: MozillaThunderbird (Jun 12) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2020:0794-1: moderate: vim (Jun 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0793-1: moderate: libexif (Jun 11) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
Mageia 2020-0267: libjpeg security update (Jun 19) |
| |
Updated libjpeg packages fix security vulnerability: libjpeg-turbo 2.0.4 has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file (CVE-2020-13790).
|
| |
Mageia 2020-0266: scapy security update (Jun 16) |
| |
Updated scapy packages fix security vulnerabilities: A vulnerability was found in scapy 2.4.0 and earlier is affected by: Denial of Services. The impact is: busy loop forever. The component is:
|
| |
Mageia 2020-0265: mbedtls security update (Jun 16) |
| |
Updated mbedtls packages fix security vulnerability Fix side channel in ECC code that allowed an adversary with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave) to fully recover an ECDSA private key.
|
| |
Mageia 2020-0264: flash-player-plugin security update (Jun 15) |
| |
The updated packages fix a security vulnerability: Use after free that leads to arbitrary code executionin the context of the current user. (CVE-2020-9633) References:
|
| |
Mageia 2020-0263: axel security update (Jun 15) |
| |
Updated axel package fixes security vulnerability: An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification (CVE-2020-13614). The axel package has been updated to version 2.17.8, fixing this issue and other bugs.
|
| |
Mageia 2020-0262: dbus security update (Jun 15) |
| |
The updated packages fix a security vulnerability: An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private
|
| |
Mageia 2020-0261: roundcubemail security update (Jun 15) |
| |
The latest maintenance release of roundcubemail fixes some xss issues: - Fix XSS issue in template object 'username' - Fix cross-site scripting (XSS) via malicious XML attachment and improves the fix for CVE-2020-12641
|
| |
Mageia 2020-0260: networkmanager security update (Jun 15) |
| |
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely (CVE-2020-10754).
|
| |
Mageia 2020-0259: bind security update (Jun 15) |
| |
Updated bind packages fix security vulnerabilities: It was discovered that Bind incorrectly handled certain TCP-pipelined queries. A remote attacker could possibly use this issue to cause Bind to consume
|
| |
Mageia 2020-0258: libreoffice security update (Jun 12) |
| |
This update increase Libreoffice to version 6.4.4.2 It fixes Security issues and add kf5 support. If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers
|
