| |
Debian: DSA-4695-1: firefox-esr security update (Jun 3) |
| |
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.
|
| |
Fedora 31: firefox FEDORA-2020-0e5ada32f1 (Jun 4) |
| |
- Updated to latest upstream (77.0.1) ---- - New upstream version (77.0) ---- - Updated VA-API patches for Wayland backend - Use dmabuf WebGL backend by default on Wayland
|
| |
Fedora 31: cacti-spine FEDORA-2020-d50b988a2f (Jun 4) |
| |
- Update to 1.2.12 Release notes:
|
| |
Fedora 31: cacti FEDORA-2020-d50b988a2f (Jun 4) |
| |
- Update to 1.2.12 Release notes:
|
| |
Fedora 31: mbedtls FEDORA-2020-42564738a1 (Jun 4) |
| |
- Update to 2.16.6 Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released Security Advisory:
|
| |
Fedora 32: firefox FEDORA-2020-cd45588dd8 (Jun 4) |
| |
- Updated to latest upstream (77.0.1)
|
| |
Fedora 32: mozjs68 FEDORA-2020-4334da4020 (Jun 4) |
| |
- Firefox 68.9.0 ESR: https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/ - GJS rebuild against mozjs68-68.9.0
|
| |
Fedora 32: gjs FEDORA-2020-4334da4020 (Jun 4) |
| |
- Firefox 68.9.0 ESR: https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/ - GJS rebuild against mozjs68-68.9.0
|
| |
Fedora 32: dbus FEDORA-2020-5a1910208c (Jun 4) |
| |
Update to 1.12.18
|
| |
Fedora 32: perl FEDORA-2020-4021bf2ae8 (Jun 4) |
| |
Fixed CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723
|
| |
Fedora 32: cacti FEDORA-2020-8560db8779 (Jun 4) |
| |
- Update to 1.2.12 Release notes:
|
| |
Fedora 32: cacti-spine FEDORA-2020-8560db8779 (Jun 4) |
| |
- Update to 1.2.12 Release notes:
|
| |
Fedora 32: mbedtls FEDORA-2020-9a6e8e63e9 (Jun 4) |
| |
- Update to 2.16.6 Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released Security Advisory:
|
| |
Fedora 32: firefox FEDORA-2020-6c340484e5 (Jun 3) |
| |
- New upstream version (77.0)
|
| |
Fedora 32: prboom-plus FEDORA-2020-fe80f1f388 (Jun 3) |
| |
Patch for CVE-2019-20797
|
| |
Fedora 31: prboom-plus FEDORA-2020-3f9a846b40 (Jun 3) |
| |
Patch for CVE-2019-20797
|
| |
Fedora 31: slurm FEDORA-2020-11d0cf302f (Jun 2) |
| |
Bug fix and security fix for CVE-2020-12693
|
| |
Fedora 31: perl-Email-MIME FEDORA-2020-39d40d9ae9 (Jun 2) |
| |
This update limits the number of nested MIME parts to 10 (by default), to avoid a possible memory exhaustion issue with lots of tiny MIME parts.
|
| |
Fedora 31: perl-Email-MIME-ContentType FEDORA-2020-39d40d9ae9 (Jun 2) |
| |
This update limits the number of nested MIME parts to 10 (by default), to avoid a possible memory exhaustion issue with lots of tiny MIME parts.
|
| |
Fedora 32: slurm FEDORA-2020-e95ef17134 (Jun 2) |
| |
Bug fix and security fix for CVE-2020-12693
|
| |
Fedora 32: perl-Email-MIME FEDORA-2020-22764f623f (Jun 2) |
| |
This update limits the number of nested MIME parts to 10 (by default), to avoid a possible memory exhaustion issue with lots of tiny MIME parts.
|
| |
Fedora 32: perl-Email-MIME-ContentType FEDORA-2020-22764f623f (Jun 2) |
| |
This update limits the number of nested MIME parts to 10 (by default), to avoid a possible memory exhaustion issue with lots of tiny MIME parts.
|
| |
Fedora 32: java-11-openjdk FEDORA-2020-4578c4a082 (Jun 2) |
| |
Update to upstream's security update, Critical Patch Update April 2020. See: https://bitly.com/oj1107
|
| |
Fedora 32: sqlite FEDORA-2020-0477f8840e (Jun 1) |
| |
Rebase to version 3.32.1
|
| |
Fedora 32: ant FEDORA-2020-7f07da3fef (Jun 1) |
| |
Update to version 1.10.8. Resolves: CVE-2020-1945
|
| |
Fedora 31: kernel FEDORA-2020-5436586091 (Jun 1) |
| |
The 5.6.15 stable kernel update contains a number of important fixes across the tree. ---- The 5.6.14 stable kernel update contains a number of important fixes across the tree
|
| |
Fedora 31: sympa FEDORA-2020-9b6c969aac (Jun 1) |
| |
Update to sympa 6.2.56. Fixes CVE-2020-10936. For details, see: - https://github.com/sympa-community/sympa/releases/tag/6.2.56 - https://www.sympa.community/security/2020-002.html
|
| |
Fedora 31: ant FEDORA-2020-52741b0a49 (Jun 1) |
| |
Update to version 1.10.8. Resolves: CVE-2020-1945
|
| |
Fedora 32: NetworkManager FEDORA-2020-3857463d30 (May 31) |
| |
- Update to 1.22.14 release - ifcfg-rh: handle "802-1x.{,phase2-}ca-path" (rhbz#1841395, CVE-2020-10754)
|
| |
Fedora 31: marked FEDORA-2020-5eca570e16 (May 30) |
| |
New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation.
|
| |
Fedora 31: wireshark FEDORA-2020-ca3d3f15f0 (May 30) |
| |
New version 3.2.4, enabled build with androiddump.
|
| |
Fedora 32: marked FEDORA-2020-d714c08261 (May 30) |
| |
New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation.
|
| |
Fedora 32: drupal7 FEDORA-2020-11be4b36d4 (May 30) |
| |
Security fix for https://www.drupal.org/sa-core-2020-002 and https://www.drupal.org/sa-core-2020-003
|
| |
Fedora 32: wireshark FEDORA-2020-4f5588cf97 (May 29) |
| |
New version 3.2.4, enabled build with androiddump.
|
| |
Fedora 31: python38 FEDORA-2020-6a88dad4a0 (May 28) |
| |
## Python 3.8.3 This is the third maintenance release of Python 3.8. See [the c hangelog](https://docs.python.org/release/3.8.3/whatsnew/changelog.html#changelo g) for details. Contains the security fix for CVE-2020-8492.
|
| |
Fedora 32: dpdk FEDORA-2020-04e3d34451 (May 28) |
| |
Fix cvws CVE-2020-10726,CVE-2020-10724,CVE-2020-10723,CVE-2020-10722,CVE-2020-10725
|
| |
Fedora 32: knot-resolver FEDORA-2020-bf68101ad3 (May 28) |
| |
- fixes CVE-2020-12667
|
| |
RedHat: RHSA-2020-2381:01 Important: firefox security update (Jun 3) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2383:01 Important: bind security update (Jun 3) |
| |
An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2382:01 Important: firefox security update (Jun 3) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2378:01 Important: firefox security update (Jun 3) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2305:01 Moderate: OpenShift Container Platform 4.2.34 (Jun 3) |
| |
An update for openshift-enterprise-apb-tools-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2306:01 Moderate: OpenShift Container Platform 4.2.34 (Jun 3) |
| |
An update for ose-openshift-apiserver-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2380:01 Important: firefox security update (Jun 3) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2379:01 Important: firefox security update (Jun 3) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2369:01 Moderate: Red Hat OpenShift Service Mesh (Jun 2) |
| |
An update for openshift-istio-kiali-rhel7-operator-container is now available for Openshift Service Mesh 1.0 and 1.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2362:01 Moderate: Red Hat OpenShift Service Mesh security (Jun 2) |
| |
An update for jaeger, kiali, and servicemesh-grafana is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2354:01 Important: freerdp security update (Jun 2) |
| |
An update for freerdp is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2252:01 Important: Red Hat support for Spring Boot 2.2.6 (Jun 1) |
| |
An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2345:01 Important: bind security update (Jun 1) |
| |
An update for bind is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2344:01 Important: bind security update (Jun 1) |
| |
An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2342:01 Important: qemu-kvm-rhev bug fix update (Jun 1) |
| |
An update for qemu-kvm-rhev is now available for Red Hat Virtualization for Red Hat Virtualization Host 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2337:01 Important: git security update (May 28) |
| |
An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2336:01 Important: freerdp security update (May 28) |
| |
An update for freerdp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2338:01 Important: bind security update (May 28) |
| |
An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2335:01 Important: freerdp security update (May 28) |
| |
An update for freerdp is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2334:01 Important: freerdp security update (May 28) |
| |
An update for freerdp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2333:01 Important: EAP Continuous Delivery Technical (May 28) |
| |
This is a security update for JBoss EAP Continuous Delivery 19. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2332:01 Low: Red Hat Satellite 5 - End Of Life Notice (May 28) |
| |
This is the notification of the End Of Life (EOL) for the following versions of Red Hat Satellite 5: * Red Hat Satellite 5.8 on Red Hat Enterprise Linux 6 2. Relevant releases/architectures:
|
| |
RedHat: RHSA-2020-2331:01 Low: Red Hat Satellite Proxy 5 - End Of Life (May 28) |
| |
This is the final notification for the End Of Life (EOL) for the following versions of Red Hat Proxy 5: * Red Hat Satellite Proxy 5.8 2. Relevant releases/architectures:
|
| |
RedHat: RHSA-2020-2217:01 Moderate: OpenShift Container Platform 3.11 (May 28) |
| |
Red Hat OpenShift Container Platform release 3.11.219 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2218:01 Low: OpenShift Container Platform 3.11 security (May 28) |
| |
Red Hat OpenShift Container Platform release 3.11.219 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
Slackware: 2020-156-01: mozilla-thunderbird Security Update (Jun 4) |
| |
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.
|
| |
Slackware: 2020-153-01: mozilla-firefox Security Update (Jun 1) |
| |
New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
|
| |
SUSE: 2020:14385-1 moderate: vim (Jun 4) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1538-1 moderate: qemu (Jun 4) |
| |
An update that solves 7 vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:1532-1 moderate: libxml2 (Jun 4) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1534-1 moderate: libexif (Jun 4) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
SUSE: 2020:1535-1 libcroco (Jun 4) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:1533-1 important: krb5-appl (Jun 4) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:14384-1 transfig (Jun 4) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1530-1 moderate: libreoffice (Jun 4) |
| |
An update that solves one vulnerability and has three fixes is now available.
|
| |
SUSE: 2020:1528-1 moderate: osc (Jun 3) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1524-1 moderate: python (Jun 3) |
| |
An update that solves three vulnerabilities and has 18 fixes is now available.
|
| |
SUSE: 2020:1526-1 moderate: qemu (Jun 3) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:14383-1 moderate: evolution-data-server (Jun 3) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:14382-1 moderate: w3m (Jun 3) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1523-1 moderate: qemu (Jun 3) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2020:1516-1 moderate: qemu (Jun 2) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2020:1514-1 moderate: qemu (Jun 2) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
SUSE: 2020:1505-1 moderate: file-roller (May 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1511-1 important: java-11-openjdk (May 29) |
| |
An update that fixes 13 vulnerabilities is now available.
|
| |
SUSE: 2020:1502-1 moderate: qemu (May 29) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2020:1501-1 moderate: qemu (May 28) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2020:1498-1 important: tomcat (May 28) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
SUSE: 2020:1497-1 important: tomcat (May 28) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
Ubuntu 4383-1: Firefox vulnerabilities (Jun 4) |
| |
Firefox could be made to crash or run programs as your login if it opened a malicious website.
|
| |
Ubuntu 4382-1: FreeRDP vulnerabilities (Jun 4) |
| |
Several security issues were fixed in FreeRDP.
|
| |
Ubuntu 4381-2: Django vulnerabilities (Jun 4) |
| |
Several security issues were fixed in Django.
|
| |
Ubuntu 4381-1: Django vulnerabilities (Jun 3) |
| |
Several security issues were fixed in Django.
|
| |
Ubuntu 4380-1: Apache Ant vulnerability (Jun 1) |
| |
Apache Ant could leak sensitive information or be made to run programs as your login.
|
| |
Ubuntu 4379-1: FreeRDP vulnerabilities (Jun 1) |
| |
Several security issues were fixed in FreeRDP.
|
| |
Ubuntu 4377-2: ca-certificates update (Jun 1) |
| |
An expired certificate was removed from ca-certificates.
|
| |
Ubuntu 4378-1: Flask vulnerability (Jun 1) |
| |
Flask could be made to consume a large amount of memory if it received a specially crafted input.
|
| |
Ubuntu 4377-1: ca-certificates update (Jun 1) |
| |
An expired certificate was removed from ca-certificates.
|
| |
Ubuntu 4369-2: Linux kernel regression (May 28) |
| |
USN-4369-1 introduced a regression in the Linux kernel.
|
| |
Ubuntu 4367-2: Linux kernel regression (May 28) |
| |
USN-4367-1 introduced a regression in the Linux kernel.
|
| |
Ubuntu 4359-2: APT vulnerability (May 28) |
| |
APT could be made to crash if it opened a specially crafted file.
|
| |
Ubuntu 4360-4: json-c vulnerability (May 28) |
| |
json-c could be made to execute arbitrary code if it received a specially crafted JSON file.
|
| |
Ubuntu 4376-1: OpenSSL vulnerabilities (May 28) |
| |
Several security issues were fixed in OpenSSL.
|
| |
Debian LTS: DLA-2234-1: netqmail security update (Jun 4) |
| |
There were several CVE bugs reported against src:netqmail. CVE-2005-1513
|
| |
Debian LTS: DLA-2232-1: python-httplib2 security update (Jun 1) |
| |
In httplib2, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts
|
| |
Debian LTS: DLA-2231-1: sane-backends security update (May 31) |
| |
Remote denial of service and several memory management issues were fixed in the epson2 driver.
|
| |
Debian LTS: DLA-2230-1: php-horde security update (May 31) |
| |
The image view functionality in Horde Groupware Webmail Edition was affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker could have
|
| |
Debian LTS: DLA-2228-2: json-c regression update (May 31) |
| |
The json-c shared library had an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
|
| |
Debian LTS: DLA-2229-1: php-horde-gollem security update (May 31) |
| |
Gollem, as used in Horde Groupware Webmail Edition and other products, had been affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting
|
| |
Debian LTS: DLA-2228-1: json-c security update (May 31) |
| |
The json-c shared library had an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
|
| |
Debian LTS: DLA-2227-1: bind9 security update (May 30) |
| |
Several vulnerabilities were discovered in BIND, a DNS server implementation.
|
| |
Debian LTS: DLA-2226-1: gst-plugins-ugly0.10 security update (May 30) |
| |
Two memory management issues were found in the asfdemux element of the GStreamer "ugly" plugin collection, which can be triggered via a maliciously crafted file.
|
| |
Debian LTS: DLA-2225-1: gst-plugins-good0.10 security update (May 30) |
| |
Two memory handling issues were found in gst-plugins-good0.10, a collection of GStreamer plugins from the "good" set:
|
| |
Debian LTS: DLA-2224-1: dosfstools security update (May 30) |
| |
It was discovered that there was both an invalid memory and heap overflow vulnerability in dosfstools, a collection of utilities for making and checking MS-DOS FAT filesystems.
|
| |
Debian LTS: DLA-2223-1: salt security update (May 30) |
| |
Several vulnerabilities were discovered in package salt, a configuration management and infrastructure automation software.
|
| |
Debian LTS: DLA-2209-1: tomcat8 security update (May 28) |
| |
Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
|
| |
Debian LTS: DLA-2222-1: libexif security update (May 28) |
| |
Various minor vulnerabilities have been addredd in libexif, a library to parse EXIF metadata files.
|
| |
ArchLinux: 202005-16: freerdp: information disclosure (Jun 1) |
| |
The package freerdp before version 2:2.1.1-1 is vulnerable to information disclosure.
|
| |
ArchLinux: 202005-15: ant: arbitrary command execution (Jun 1) |
| |
The package ant before version 1.10.8-1 is vulnerable to arbitrary command execution.
|
| |
ArchLinux: 202005-14: unbound: denial of service (Jun 1) |
| |
The package unbound before version 1.10.1-1 is vulnerable to denial of service.
|
| |
ArchLinux: 202005-13: bind: denial of service (Jun 1) |
| |
The package bind before version 9.16.3-1 is vulnerable to denial of service.
|
| |
CentOS: CESA-2020-2406: Important CentOS 6 freerdp (Jun 4) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2406
|
| |
CentOS: CESA-2020-2383: Important CentOS 6 bind (Jun 4) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2383
|
| |
CentOS: CESA-2020-2378: Important CentOS 6 firefox (Jun 4) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2378
|
| |
CentOS: CESA-2020-2381: Important CentOS 7 firefox (Jun 4) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2381
|
| |
CentOS: CESA-2020-2344: Important CentOS 7 bind (Jun 1) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2344
|
| |
CentOS: CESA-2020-2337: Important CentOS 7 git (Jun 1) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2337
|
| |
CentOS: CESA-2020-2334: Important CentOS 7 freerdp (Jun 1) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2334
|
| |
SciLinux: SLSA-2020-2383-1 Important: bind on SL6.x i386/x86_64 (Jun 4) |
| |
bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) * bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) SL6 x86_64 bind-debuginfo-9.8.2-0.68.rc1.el6_10.7.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10 [More...]
|
| |
SciLinux: SLSA-2020-2378-1 Important: firefox on SL6.x i386/x86_64 (Jun 4) |
| |
Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410) SL6 x86_64 firefox-68.9.0-1.el6_10.x86_64.rpm firefox-debuginfo-68.9.0-1.el6_10.x86_64.rpm firefox-68.9.0-1.el6_10.i686.rpm firefox-debuginfo-68.9.0-1.e [More...]
|
| |
SciLinux: SLSA-2020-2381-1 Important: firefox on SL7.x x86_64 (Jun 4) |
| |
Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410) SL7 x86_64 firefox-68.9.0-1.el7_8.x86_64.rpm firefox-debuginfo-68.9.0-1.el7_8.x86_64.rpm firefox-68.9.0-1.el7_8.i686.rpm firefox-debuginfo-68.9.0-1.el7_ [More...]
|
| |
SciLinux: SLSA-2020-2068-1 Moderate: python-pip on SL7.x (noarch) (Jun 1) |
| |
python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060) * python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service (CVE-2019-11236) * python-urllib3: Certification mishandle when error should be thrown (CVE-2019-11324) * python-requests: Redirect from HTTPS to HTTP do [More...]
|
| |
SciLinux: SLSA-2020-2081-1 Moderate: python-virtualenv on SL7.x (noarch) (Jun 1) |
| |
python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure (CVE-2018-20060) * python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service (CVE-2019-11236) * python-requests: Redirect from HTTPS to HTTP does not remove Authorization header (CVE-2018-18074) SL7 noarch python-virtualenv- [More...]
|
| |
SciLinux: SLSA-2020-2344-1 Important: bind on SL7.x x86_64 (Jun 1) |
| |
bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) * bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) SL7 x86_64 bind-debuginfo-9.11.4-16.P2.el7_8.6.i686.rpm bind-debuginfo-9.11.4-16.P2.el7_8.6.x86_64.rpm bind-export-libs-9.11.4-16.P2.el7_8.6 [More...]
|
| |
SciLinux: SLSA-2020-2334-1 Important: freerdp on SL7.x x86_64 (Jun 1) |
| |
freerdp: Out-of-bounds write in planar.c (CVE-2020-11521) * freerdp: Integer overflow in region.c (CVE-2020-11523) * freerdp: Out-of-bounds write in interleaved.c (CVE-2020-11524) SL7 x86_64 freerdp-2.0.0-4.rc4.el7_8.x86_64.rpm freerdp-debuginfo-2.0.0-4.rc4.el7_8.i686.rpm freerdp-debuginfo-2.0.0-4.rc4.el7_8.x86_64.rpm freerdp-libs-2.0.0-4.rc4.el7_8.i686.rpm freerdp-lib [More...]
|
| |
SciLinux: SLSA-2020-2337-1 Important: git on SL7.x x86_64 (May 29) |
| |
git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak (CVE-2020-11008) SL7 x86_64 git-1.8.3.1-23.el7_8.x86_64.rpm git-daemon-1.8.3.1-23.el7_8.x86_64.rpm git-debuginfo-1.8.3.1-23.el7_8.x86_64.rpm git-gnome-keyring-1.8.3.1-23.el7_8.x86_64.rpm git-svn-1.8.3.1-23.el7_8.x86_64.rpm noarch emacs-git-1.8.3.1-23.el7_8.noarch.rpm [More...]
|
| |
openSUSE: 2020:0763-1: moderate: python-rpyc (Jun 3) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0764-1: moderate: mailman (Jun 3) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2020:0765-1: moderate: imapfilter (Jun 3) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0756-1: moderate: qemu (Jun 2) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
openSUSE: 2020:0757-1: important: java-11-openjdk (Jun 2) |
| |
An update that fixes 13 vulnerabilities is now available.
|
| |
openSUSE: 2020:0746-1: libmspack (May 31) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2020:0741-1: moderate: freetds (May 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0744-1: moderate: trousers (May 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0734-1: jasper (May 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0738-1: important: mariadb-connector-c (May 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0736-1: sysstat (May 29) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0731-1: moderate: libxslt (May 28) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
Mageia 2020-0241: jasper security update (May 29) |
| |
Updated jasper packages fix security vulnerability: There is a reachable abort in the function jpc_dec_process_sot in libjasper/jpc/jpc_dec.c of JasPer 2.0.14 that will lead to a remote denial of service attack (CVE-2018-9154).
|
| |
Mageia 2020-0240: json-c security update (May 29) |
| |
Updated json-c package fixes security vulnerabilities: It was discovered that json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend (CVE-2020-12762).
|
| |
Mageia 2020-0239: gdb security update (May 29) |
| |
Updated gdb packages fix security vulnerability: Potential buffer overflow when loading ELF sections larger than the file (CVE-2019-1010180).
|
