Thank you for subscribing to the LinuxSecurity Linux Advisory Watch newsletter! Staying on top of the latest security advisories issued by the distro(s) you use is essential in maintaining an updated, secure Linux system. Our weekly newsletter is an easy, convenient way to track distribution security advisories - helping you keep your Linux environment safe from malware and other exploits.

Important advisories issued this week include warnings from ArchLinux and Gentoo of multiple flaws in Google Chrome and Chromium which could result in the arbitrary execution of code and two advisories from SUSE urging users to update tomcat to fix five security vulnerabilities discovered in the web server. Continue reading to learn about other significant advisories issued this week. Stay healthy, safe and secure - both on and offline!

LinuxSecurity.com Feature Extras:

New Report: Severe Flaws in Cyberoams Firewall and VPN Technology Left At Least 86,000 Networks Vulnerable to Exploit - A new report published by vpnMentor examines two critical vulnerabilities in cybersecurity provider Cyberoam s firewall and VPN technology, which - both independently and combined - could be exploited by malicious actors to access the companys email quarantine system without authentication and remotely execute arbitrary commands. These flaws were discovered by different security researchers working independently, and have both been patched by Sophos .

Know The Enemy: Upgrade Your Threat Detection Strategy with Honeynets - Honeynets are an invaluable offensive security tool for learning the tactics and motives of the blackhat community and sharing the information and insights gathered. This article will explore what a Honeynet is, its value, how it works and the risks involved with deploying a Honeynet. It will also examine some great open-source honeynet options your organization may wish to consider.

  Debian: DSA-4694-1: unbound security update (May 26)
 

Two vulnerabiliites have been discovered in Unbound, a recursive-only caching DNS server; a traffic amplification attack against third party authoritative name servers (NXNSAttack) and insufficient sanitisation of replies from upstream servers could result in denial of service via
  Debian: DSA-4693-1: drupal7 security update (May 26)
 

Several vulnerabilities were discovered in Drupal, a fully-featured content management framework, which could result in an open redirect or cross-site scripting.
  Debian: DSA-4692-1: netqmail security update (May 24)
 

Georgi Guninski and the Qualys Research Labs discovered multiple vulnerabilities in qmail (shipped in Debian as netqmail with additional patches) which could result in the execution of arbitrary code, bypass of mail address verification and a local information leak whether a file
  Debian: DSA-4691-1: pdns-recursor security update (May 21)
 

Two vulnerabiliites have been discovered in PDNS Recursor, a resolving name server; a traffic amplification attack against third party authoritative name servers (NXNSAttack) and insufficient validation of NXDOMAIN responses lacking an SOA.
  Fedora 31: python38 FEDORA-2020-6a88dad4a0 (May 28)
 

## Python 3.8.3 This is the third maintenance release of Python 3.8. See [the c hangelog](https://docs.python.org/release/3.8.3/whatsnew/changelog.html#changelo g) for details. Contains the security fix for CVE-2020-8492.
  Fedora 32: dpdk FEDORA-2020-04e3d34451 (May 28)
 

Fix cvws CVE-2020-10726,CVE-2020-10724,CVE-2020-10723,CVE-2020-10722,CVE-2020-10725
  Fedora 32: knot-resolver FEDORA-2020-bf68101ad3 (May 28)
 

- fixes CVE-2020-12667
  Fedora 31: unbound FEDORA-2020-8e9b62948e (May 27)
 

Security fix for CVE-2020-12662 and CVE-2020-12663
  Fedora 31: dovecot FEDORA-2020-b60344c987 (May 27)
 

- CVE-2020-10957: lmtp/submission: A client can crash the server by sending a NOOP command with an invalid string parameter. This occurs particularly for a parameter that doesn't start with a double quote. This applies to all SMTP services, including submission-login, which makes it possible to crash the submission service without authentication. - CVE-2020-10958: lmtp/submission:
  Fedora 31: transmission FEDORA-2020-3ef028d53f (May 26)
 

Backported patch for CVE-2018-10756.
  Fedora 31: libEMF FEDORA-2020-c696d8604b (May 26)
 

Latest upstream release fixing security issues.
  Fedora 31: netdata FEDORA-2020-4d87a62071 (May 25)
 

Exclude arch s390x on el8 ---- Update from upstream
  Fedora 30: netdata FEDORA-2020-c807d02b1f (May 25)
 

Exclude arch s390x on el8 ---- Update from upstream
  Fedora 32: libarchive FEDORA-2020-94211d0a7d (May 25)
 

Rebase to version 3.4.3
  Fedora 32: netdata FEDORA-2020-aeb3b29305 (May 25)
 

Exclude arch s390x on el8 ---- Update from upstream
  Fedora 30: python-markdown2 FEDORA-2020-3864f32b3d (May 24)
 

### python-markdown2 2.3.9 ### - [pull #335] Added header support for wiki tables - [pull #336] Reset _toc when convert is run - [pull #353] XSS fix - [pull #350] XSS fix
  Fedora 32: kernel FEDORA-2020-57bf620276 (May 24)
 

The 5.6.14 stable kernel update contains a number of important fixes across the tree
  Fedora 32: python-markdown2 FEDORA-2020-5f8f90e69c (May 24)
 

### python-markdown2 2.3.9 ### - [pull #335] Added header support for wiki tables - [pull #336] Reset _toc when convert is run - [pull #353] XSS fix - [pull #350] XSS fix
  Fedora 30: log4net FEDORA-2020-cfc319e067 (May 24)
 

Security fix for CVE-2018-1285
  Fedora 30: openconnect FEDORA-2020-bc22f06aa3 (May 24)
 

Update to 8.10 release (CVE-2020-12823)
  Fedora 32: unbound FEDORA-2020-3cfd38fefd (May 23)
 

Security fix for CVE-2020-12662 and CVE-2020-12663
  Fedora 32: dovecot FEDORA-2020-1dee17d880 (May 23)
 

- CVE-2020-10957: lmtp/submission: A client can crash the server by sending a NOOP command with an invalid string parameter. This occurs particularly for a parameter that doesn't start with a double quote. This applies to all SMTP services, including submission-login, which makes it possible to crash the submission service without authentication. - CVE-2020-10958: lmtp/submission:
  Fedora 32: log4net FEDORA-2020-73d380e9b9 (May 23)
 

Security fix for CVE-2018-1285
  Fedora 31: log4net FEDORA-2020-847775bf79 (May 23)
 

Security fix for CVE-2018-1285
  Fedora 31: openconnect FEDORA-2020-2af15c566e (May 23)
 

Update to 8.10 release (CVE-2020-12823)
  Fedora 30: php FEDORA-2020-9fa7f4e25c (May 22)
 

**PHP version 7.3.18** (14 May 2020) **Core:** * Fixed bug php#78875 (Long filenames cause OOM and temp files are not cleaned). (**CVE-2019-11048**) (cmb) * Fixed bug php#78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (**CVE-2019-11048**) (cmb) * Fixed bug php#79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant). (Nikita) *
  Fedora 31: ruby FEDORA-2020-a95706b117 (May 21)
 

Update to Ruby 2.6.6. Also fixes CVE-2020-10933 and CVE-2020-10663.
  Fedora 31: php FEDORA-2020-8838d072d5 (May 21)
 

**PHP version 7.3.18** (14 May 2020) **Core:** * Fixed bug php#78875 (Long filenames cause OOM and temp files are not cleaned). (**CVE-2019-11048**) (cmb) * Fixed bug php#78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (**CVE-2019-11048**) (cmb) * Fixed bug php#79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant). (Nikita) *
  RedHat: RHSA-2020-2337:01 Important: git security update (May 28)
 

An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
  RedHat: RHSA-2020-2336:01 Important: freerdp security update (May 28)
 

An update for freerdp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
  RedHat: RHSA-2020-2338:01 Important: bind security update (May 28)
 

An update for bind is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
  RedHat: RHSA-2020-2335:01 Important: freerdp security update (May 28)
 

An update for freerdp is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2334:01 Important: freerdp security update (May 28)
 

An update for freerdp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
  RedHat: RHSA-2020-2333:01 Important: EAP Continuous Delivery Technical (May 28)
 

This is a security update for JBoss EAP Continuous Delivery 19. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
  RedHat: RHSA-2020-2332:01 Low: Red Hat Satellite 5 - End Of Life Notice (May 28)
 

This is the notification of the End Of Life (EOL) for the following versions of Red Hat Satellite 5: * Red Hat Satellite 5.8 on Red Hat Enterprise Linux 6 2. Relevant releases/architectures:
  RedHat: RHSA-2020-2331:01 Low: Red Hat Satellite Proxy 5 - End Of Life (May 28)
 

This is the final notification for the End Of Life (EOL) for the following versions of Red Hat Proxy 5: * Red Hat Satellite Proxy 5.8 2. Relevant releases/architectures:
  RedHat: RHSA-2020-2217:01 Moderate: OpenShift Container Platform 3.11 (May 28)
 

Red Hat OpenShift Container Platform release 3.11.219 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2218:01 Low: OpenShift Container Platform 3.11 security (May 28)
 

Red Hat OpenShift Container Platform release 3.11.219 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2321:01 Important: Red Hat Data Grid 7.3.6 security update (May 26)
 

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
  RedHat: RHSA-2020-2320:01 Important: rh-maven35-jackson-databind security (May 26)
 

An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2298:01 Moderate: openvswitch security, (May 26)
 

An update for openvswitch is now available in Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2020-2296:01 Moderate: openvswitch2.11 security, (May 26)
 

An update for openvswitch2.11 is now available for Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2020-2295:01 Important: openvswitch2.13 security, (May 26)
 

An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2297:01 Moderate: openvswitch2.11 security, (May 26)
 

An update for openvswitch2.11 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2020-2291:01 Important: kpatch-patch security update (May 26)
 

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2286:01 Important: ipmitool security update (May 26)
 

An update for ipmitool is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2288:01 Moderate: ruby security update (May 26)
 

An update for ruby is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2020-2289:01 Important: kernel security and bug fix update (May 26)
 

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2277:01 Important: kernel security update (May 26)
 

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.
  RedHat: RHSA-2020-2276:01 Important: ipmitool security update (May 26)
 

An update for ipmitool is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.
  RedHat: RHSA-2020-2263:01 Moderate: httpd24-httpd and httpd24-mod_md (May 26)
 

An update for httpd24-httpd and httpd24-mod_md is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2020-2285:01 Important: kernel security update (May 26)
 

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2284:01 Important: ipmitool security update (May 26)
 

An update for ipmitool is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  RedHat: RHSA-2020-2265:01 Moderate: rh-haproxy18-haproxy security, bug fix, (May 26)
 

An update for rh-haproxy18-haproxy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2020-2274:01 Moderate: devtoolset-9-gcc security and bug fix (May 26)
 

An update for devtoolset-9-gcc is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
  RedHat: RHSA-2020-2250:01 Important: dotnet3.1 security update (May 21)
 

An update for dotnet3.1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
  RedHat: RHSA-2020-2249:01 Important: .NET Core on Red Hat Enterprise Linux (May 21)
 

An update for rh-dotnet31-dotnet is now available for .NET Core on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
  SUSE: 2020:1501-1 moderate: qemu (May 28)
 

An update that fixes 6 vulnerabilities is now available.
  SUSE: 2020:1498-1 important: tomcat (May 28)
 

An update that fixes 5 vulnerabilities is now available.
  SUSE: 2020:1497-1 important: tomcat (May 28)
 

An update that fixes 5 vulnerabilities is now available.
  SUSE: 2020:1493-1 libmspack (May 27)
 

An update that solves one vulnerability and has one errata is now available.
  SUSE: 2020:1486-1 important: the Linux Kernel (Live Patch 34 for SLE 12 SP2) (May 27)
 

An update that fixes three vulnerabilities is now available.
  SUSE: 2020:1475-1 important: the Linux Kernel (Live Patch 34 for SLE 12 SP1) (May 26)
 

An update that fixes two vulnerabilities is now available.
  SUSE: 2020:1452-1 important: the Linux Kernel (Live Patch 4 for SLE 12 SP5) (May 26)
 

An update that fixes three vulnerabilities is now available.
  SUSE: 2020:1430-1 important: dpdk (May 26)
 

An update that fixes three vulnerabilities is now available.
  SUSE: 2020:1431-1 important: mariadb-connector-c (May 26)
 

An update that fixes one vulnerability is now available.
  SUSE: 2020:1423-1 important: mariadb-connector-c (May 26)
 

An update that fixes one vulnerability is now available.
  SUSE: 2020:1420-1 jasper (May 26)
 

An update that fixes one vulnerability is now available.
  SUSE: 2020:1417-1 moderate: freetds (May 26)
 

An update that fixes one vulnerability is now available.
  SUSE: 2020:1419-1 sysstat (May 26)
 

An update that fixes one vulnerability is now available.
  SUSE: 2020:1409-1 moderate: libxslt (May 25)
 

An update that fixes three vulnerabilities is now available.
  SUSE: 2020:1396-1 moderate: zstd (May 25)
 

An update that contains security fixes can now be installed.
  SUSE: 2020:1392-1 important: salt (May 22)
 

An update that fixes two vulnerabilities is now available.
  SUSE: 2020:14375-1 important: tomcat6 (May 22)
 

An update that fixes three vulnerabilities is now available.
  SUSE: 2020:1382-1 important: dom4j (May 22)
 

An update that fixes one vulnerability is now available.
  SUSE: 2020:1383-1 important: dom4j (May 22)
 

An update that fixes one vulnerability is now available.
  SUSE: 2020:1381-1 moderate: memcached (May 22)
 

An update that fixes two vulnerabilities is now available.
  SUSE: 2020:1379-1 important: dovecot23 (May 22)
 

An update that fixes three vulnerabilities is now available.
  SUSE: 2020:1380-1 important: dovecot23 (May 22)
 

An update that fixes three vulnerabilities is now available.
  SUSE: 2020:1364-1 important: tomcat (May 21)
 

An update that fixes one vulnerability is now available.
  SUSE: 2020:1363-1 important: tomcat (May 21)
 

An update that fixes one vulnerability is now available.
  SUSE: 2020:1365-1 important: tomcat (May 21)
 

An update that fixes one vulnerability is now available.
  Ubuntu 4369-2: Linux kernel regression (May 28)
 

USN-4369-1 introduced a regression in the Linux kernel.
  Ubuntu 4367-2: Linux kernel regression (May 28)
 

USN-4367-1 introduced a regression in the Linux kernel.
  Ubuntu 4359-2: APT vulnerability (May 28)
 

APT could be made to crash if it opened a specially crafted file.
  Ubuntu 4360-4: json-c vulnerability (May 28)
 

json-c could be made to execute arbitrary code if it received a specially crafted JSON file.
  Ubuntu 4376-1: OpenSSL vulnerabilities (May 28)
 

Several security issues were fixed in OpenSSL.
  Ubuntu 4375-1: PHP vulnerability (May 27)
 

PHP could be made to crash if it received a specially crafted file.
  Ubuntu 4374-1: Unbound vulnerabilities (May 27)
 

Several security issues were fixed in Unbound.
  Ubuntu 4373-1: Thunderbird vulnerabilities (May 26)
 

Several security issues were fixed in Thunderbird.
  Ubuntu 4370-2: ClamAV vulnerabilities (May 21)
 

Several security issues were fixed in ClamAV.
  Ubuntu 4372-1: QEMU vulnerabilities (May 21)
 

Several security issues were fixed in QEMU.
  Ubuntu 4371-1: libvirt vulnerabilities (May 21)
 

Several security issues were fixed in libvirt.
  Ubuntu 4370-1: ClamAV vulnerabilities (May 21)
 

Several security issues were fixed in ClamAV.
  Debian LTS: DLA-2209-1: tomcat8 security update (May 28)
 

Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
  Debian LTS: DLA-2222-1: libexif security update (May 28)
 

Various minor vulnerabilities have been addredd in libexif, a library to parse EXIF metadata files.
  Debian LTS: DLA-2221-1: sqlite3 (May 26)
 

An integer overflow vulnerability was found in the sqlite3_str_vappendf function of the src/printf.c file of sqlite3 from
  Debian LTS: DLA-2220-1: cracklib2 security update (May 24)
 

It was discovered that there was a stack-based buffer overflow when parsing large GECOS fields in cracklib2, a pro-active password checker library.
  Debian LTS: DLA-2219-1: feh security update (May 24)
 

Tobias Stoeckmann discovered that it was possible to trigger an out-of-boundary heap write with the image viewer feh while receiving an IPC message.
  Debian LTS: DLA-2218-1: transmission security update (May 24)
 

Tom Richards reported that by using a crafted torrent file one could cause a use-after-free, which might result in a denial of service (crash) or possible execution of arbitrary code.
  Debian LTS: DLA-2216-1: ruby-rack security update (May 22)
 

There was a possible directory traversal vulnerability in the Rack::Directory app that is bundled with Rack.
  ArchLinux: 202005-12: chromium: multiple issues (May 23)
 

The package chromium before version 83.0.4103.61-1 is vulnerable to multiple issues including access restriction bypass, arbitrary code execution, content spoofing and insufficient validation.
  ArchLinux: 202005-11: openconnect: arbitrary code execution (May 23)
 

The package openconnect before version 1:8.10-1 is vulnerable to arbitrary code execution.
  ArchLinux: 202005-10: powerdns-recursor: multiple issues (May 23)
 

The package powerdns-recursor before version 4.2.2-1 is vulnerable to multiple issues including denial of service and insufficient validation.
  ArchLinux: 202005-9: dovecot: multiple issues (May 23)
 

The package dovecot before version 2.3.10.1-1 is vulnerable to multiple issues including arbitrary code execution and denial of service.
  CentOS: CESA-2020-2040: Important CentOS 7 squid (May 21)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:2040
  CentOS: CESA-2020-0984: Important CentOS 7 ipmitool (May 21)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:0984
  CentOS: CESA-2020-2103: Important CentOS 6 kernel (May 21)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:2103
  CentOS: CESA-2020-2049: Critical CentOS 6 thunderbird (May 21)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:2049
  CentOS: CESA-2020-2036: Critical CentOS 6 firefox (May 21)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:2036
  CentOS: CESA-2020-2050: Critical CentOS 7 thunderbird (May 21)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:2050
  CentOS: CESA-2020-2037: Critical CentOS 7 firefox (May 21)
 

Upstream details at : https://access.redhat.com/errata/RHSA-2020:2037
  openSUSE: 2020:0731-1: moderate: libxslt (May 28)
 

An update that fixes three vulnerabilities is now available.
  openSUSE: 2020:0719-1: important: dom4j (May 26)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2020:0721-1: moderate: memcached (May 26)
 

An update that fixes two vulnerabilities is now available.
  openSUSE: 2020:0720-1: important: dovecot23 (May 26)
 

An update that fixes three vulnerabilities is now available.
  openSUSE: 2020:0716-1: moderate: gcc9 (May 26)
 

An update that solves two vulnerabilities and has 8 fixes is now available.
  openSUSE: 2020:0711-1: important: tomcat (May 24)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2020:0709-1: important: opera (May 24)
 

An update that fixes two vulnerabilities is now available.
  openSUSE: 2020:0703-1: moderate: ant (May 23)
 

An update that solves one vulnerability and has two fixes is now available.
  openSUSE: 2020:0704-1: moderate: freetype2 (May 23)
 

An update that solves one vulnerability and has one errata is now available.
  openSUSE: 2020:0698-1: moderate: pdns-recursor (May 23)
 

An update that fixes three vulnerabilities is now available.
  openSUSE: 2020:0698-1: moderate: pdns-recursor (May 23)
 

An update that fixes three vulnerabilities is now available.
  openSUSE: 2020:0682-1: moderate: openexr (May 22)
 

An update that solves 7 vulnerabilities and has one errata is now available.
  openSUSE: 2020:0676-1: moderate: autoyast2 (May 22)
 

An update that solves one vulnerability and has 6 fixes is now available.
  openSUSE: 2020:0678-1: important: gstreamer-plugins-base (May 22)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2020:0680-1: moderate: libvpx (May 22)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2020:0681-1: moderate: libxml2 (May 22)
 

An update that fixes three vulnerabilities is now available.
  openSUSE: 2020:0685-1: moderate: python-rpyc (May 22)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2020:0693-1: moderate: dpdk (May 22)
 

An update that fixes 5 vulnerabilities is now available.
  openSUSE: 2020:0677-1: moderate: file (May 22)
 

An update that solves one vulnerability and has one errata is now available.
  openSUSE: 2020:0679-1: moderate: libbsd (May 22)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2020:0673-1: moderate: imapfilter (May 22)
 

An update that fixes one vulnerability is now available.
  openSUSE: 2020:0696-1: moderate: python (May 22)
 

An update that fixes two vulnerabilities is now available.
  openSUSE: 2020:0670-1: moderate: nextcloud (May 22)
 

An update that fixes two vulnerabilities is now available.
  openSUSE: 2020:0694-1: moderate: openconnect (May 22)
 

An update that fixes one vulnerability is now available.
  Mageia 2020-0238: libexif security update (May 27)
 

The updated packages fix a security vulnerability: In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed.
  Mageia 2020-0237: ant security update (May 27)
 

Updated ant packages fix security vulnerability: Apache Ant uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy
  Mageia 2020-0236: php security update (May 27)
 

Updated php packages fix security vulnerabilities: - Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). [1] - Fixed bug #78876 (Long variables in multipart/form-data cause OOM and
  Mageia 2020-0235: transmission security update (May 27)
 

Updated transmission packages fix security vulnerability: Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent
  Mageia 2020-0234: sleuthkit security update (May 27)
 

Updated sleuthkit packages fix security vulnerabilities: An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table (CVE-2019-14532).
  Mageia 2020-0233: log4net security update (May 27)
 

Updated log4net packages fix security vulnerability This patch fixes a security vulnerabiliy reported by Karthik Balasundaram. The security vulnerability was found in the way how log4net parses xml configuration files where it allowed to process XML External Entity Processing. An attacker could use
  Mageia 2020-0232: dojo security update (May 27)
 

Advisory text to describe the update. Wrap lines at ~75 chars. Updated dojo package fixes security vulnerabilities: In affected versions of dojo, the deepCopy method is vulnerable to
  Mageia 2020-0231: nginx security update (May 27)
 

Nginx was updated due to the following vulnerabilities: ngx_http_special_response.c: With a certain error_page configuration, HTTP request smuggling is possible. Thus, an attacker may be able to read unauthorized web pages at times when NGINX is being fronted by a load balancer. (CVE-2019-20372).
  Mageia 2020-0230: nodejs-set-value security update (May 26)
 

Updated nodejs-set-value package fixes security vulnerability: A vulnerability was found in NOdejs set-value, where set-value is vulnerable to prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying
  Mageia 2020-0229: microcode security update (May 24)
 

This microcode updates provides new microcode versions for the following Intel Ice Lake and Sandy Bride family processors: Processor Stepping Model Update Name - ICL-U/Y D1 6-7e-5/80 00000046->00000078 Core Gen10 Mobile
  Mageia 2020-0228: kernel-linus security update (May 24)
 

This update is based on the upstream 5.6.14 kernel and fixes atleast the following security issues: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the
  Mageia 2020-0227: kernel security update (May 24)
 

This update is based on the upstream 5.6.14 kernel and fixes atleast the following security issues: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the
  Mageia 2020-0226: clamav security update (May 24)
 

Updated clamav packages fix security vulnerabilities: Fixed a vulnerability in the ARJ archive-parsing module in ClamAV 0.102.2 that could cause a denial-of-service condition. Improper bounds checking of an unsigned variable results in an out-of-bounds read which causes a
  Mageia 2020-0225: wireshark security update (May 24)
 

Updated wireshark packages fix security vulnerability: The NFS dissector could crash. References:
  Mageia 2020-0224: unbound security update (May 24)
 

Updated unbound packages fix security vulnerabilities: Unbound can be tricked into amplifying an incoming query into a large number of queries directed to a target (CVE-2020-12662).
  Mageia 2020-0223: pdns-recursor security update (May 24)
 

Updated pdns-recursor packages fix security vulnerabilities: An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritative name servers. The attack uses a crafted reply by an authoritative name server
  Mageia 2020-0222: dovecot security update (May 24)
 

Dovecot has been updated to fix several security issues. Sending malformed NOOP command causes crash in submission, submission-login or lmtp service (CVE-2020-10957).
  Mageia 2020-0221: viewvc security update (May 24)
 

Updated viewvc package fixes security vulnerability: ViewVC before versions 1.1.28 has an XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository
  Mageia 2020-0220: glpi security update (May 24)
 

Updated glpi packages fix security vulnerabilities: In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All api_tokens which can be used
  Mageia 2020-0219: libntlm security update (May 24)
 

Updated libntlm packages fix security vulnerability: It was discovered that libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer
  Mageia 2020-0218: file-roller security update (May 24)
 

Updated the file-roller package in order to fix a security vulnerability: fr-archive-libarchive.c: File Roller lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location. Thus, directory traversal is not prevented (CVE-2020-11736).
  Mageia 2020-0217: ansible security update (May 24)
 

Updated ansible package fixes security vulnerabilities: A race condition flaw was found in Ansible Engine when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory
  Mageia 2020-0216: nmap security update (May 24)
 

Updated nmap packages fix security vulnerability: nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse