| |
Debian: DSA-4569-1: ghostscript security update (Nov 14) |
| |
Manfred Paul and Lukas Schauer reported that the .charkeys procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system restrictions of the dSAFER sandbox.
|
| |
Debian: DSA-4568-1: postgresql-common security update (Nov 14) |
| |
Rich Mirch discovered that the pg_ctlcluster script didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation.
|
| |
Debian: DSA-4565-1: intel-microcode security update (Nov 13) |
| |
This update ships updated CPU microcode for some types of Intel CPUs. In particular it provides mitigations for the TAA (TSX Asynchronous Abort) vulnerability. For affected CPUs, to fully mitigate the vulnerability it is also necessary to update the Linux kernel packages as released in DSA
|
| |
Debian: DSA-4566-1: qemu security update (Nov 12) |
| |
This update for QEMU, a fast processor emulator, backports support to passthrough the pschange-mc-no CPU flag. The virtualised MSR seen by a guest is set to show the bug as fixed, allowing to disable iTLB Multihit mitigations in nested hypervisors (cf. DSA 4564-1).
|
| |
Debian: DSA-4567-1: dpdk security update (Nov 12) |
| |
It was discovered that the vhost PMD in DPDK, a set of libraries for fast packet processing, was affected by memory and file descriptor leaks which could result in denial of service.
|
| |
Debian: DSA-4563-1: webkit2gtk security update (Nov 12) |
| |
These vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2019-8812
|
| |
Debian: DSA-4564-1: linux security update (Nov 12) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak.
|
| |
Debian: DSA-4562-1: chromium security update (Nov 10) |
| |
Several vulnerabilities have been discovered in the chromium web browser. CVE-2019-5869
|
| |
Debian: DSA-4561-1: fribidi security update (Nov 7) |
| |
Alex Murray discovered a stack-based buffer overflow vulnerability in fribidi, an implementation of the Unicode Bidirectional Algorithm algorithm, which could result in denial of service or potentially the execution of arbitrary code, when processing a large number of unicode
|
| |
|
| |
Fedora 30: php-robrichards-xmlseclibs FEDORA-2019-dc90bf093b (Nov 14) |
| |
## 2.1.1 CVE-2019-3465 / https://simplesamlphp.org/security/201911-01 ## 2.1.0 Backports changes from 3.0 branch
|
| |
Fedora 30: php-robrichards-xmlseclibs3 FEDORA-2019-ec8719a21c (Nov 14) |
| |
## 3.0.4 CVE-2019-3465 / https://simplesamlphp.org/security/201911-01
|
| |
Fedora 30: chromium FEDORA-2019-2fa7552273 (Nov 14) |
| |
Update chromium to 78.0.3904.87. Fixes CVE-2019-13720 and CVE-2019-13721 ---- Chromium 78. Fixes these: CVE-2019-5870 CVE-2019-5871 CVE-2019-5872 CVE-2019-5874 CVE-2019-5875 CVE-2019-13691 CVE-2019-13692 CVE-2019-5876 CVE-2019-5877 CVE-2019-5878 CVE-2019-5879 CVE-2019-5880 CVE-2019-5881 CVE-2019-13659 CVE-2019-13660 CVE-2019-13661 CVE-2019-13662 CVE-2019-13663
|
| |
Fedora 29: php-robrichards-xmlseclibs FEDORA-2019-81f61cdceb (Nov 14) |
| |
## 2.1.1 CVE-2019-3465 / https://simplesamlphp.org/security/201911-01 ## 2.1.0 Backports changes from 3.0 branch
|
| |
Fedora 29: php-robrichards-xmlseclibs3 FEDORA-2019-be01267416 (Nov 14) |
| |
## 3.0.4 CVE-2019-3465 / https://simplesamlphp.org/security/201911-01
|
| |
Fedora 29: samba FEDORA-2019-703e299870 (Nov 14) |
| |
Update to Samba 4.9.15 - Security fixes for CVE-2019-10218, CVE-2019-14833, CVE-2019-14847
|
| |
Fedora 29: wpa_supplicant FEDORA-2019-65509aac53 (Nov 14) |
| |
Security fix for CVE-2019-16275
|
| |
Fedora 31: php-robrichards-xmlseclibs3 FEDORA-2019-9a960c8a98 (Nov 14) |
| |
## 3.0.4 CVE-2019-3465 / https://simplesamlphp.org/security/201911-01
|
| |
Fedora 31: php-robrichards-xmlseclibs FEDORA-2019-73d0fe1d15 (Nov 14) |
| |
## 2.1.1 CVE-2019-3465 / https://simplesamlphp.org/security/201911-01 ## 2.1.0 Backports changes from 3.0 branch
|
| |
Fedora 31: samba FEDORA-2019-57d43f3b58 (Nov 13) |
| |
Update code to deal with removal of DES support in MIT Kerberos. ---- Update to Samba 4.11.2 - Security fixes for CVE-2019-10218, CVE-2019-14833 ---- Since MIT Kerberos deprecated use of DES encryption type, restore Samba AD domain controller functionality by not using DES encryption keys. Only AES and RC4 keys would work.
|
| |
Fedora 31: apache-commons-beanutils FEDORA-2019-bcad44b5d6 (Nov 13) |
| |
Update to version 1.9.4. Resolves CVE-2019-10086.
|
| |
Fedora 31: libell FEDORA-2019-17419b24a3 (Nov 13) |
| |
bluez 5.52: * improvements for bluetooth mesh * audio bug fixes * general bug fixes ---- ell 0.26: * Fix issue with memory leak and TLS certificates. * Fix issue with buffer size and TLS PRF handling. * Add support for D-Bus non-root ObjectManager. iwd 1.0: * Add support for stable D-Bus interfaces. * Add support for network configuration documentation. ---- ell ver 0.25: * Fix
|
| |
Fedora 31: iwd FEDORA-2019-17419b24a3 (Nov 13) |
| |
bluez 5.52: * improvements for bluetooth mesh * audio bug fixes * general bug fixes ---- ell 0.26: * Fix issue with memory leak and TLS certificates. * Fix issue with buffer size and TLS PRF handling. * Add support for D-Bus non-root ObjectManager. iwd 1.0: * Add support for stable D-Bus interfaces. * Add support for network configuration documentation. ---- ell ver 0.25: * Fix
|
| |
Fedora 31: bluez FEDORA-2019-17419b24a3 (Nov 13) |
| |
bluez 5.52: * improvements for bluetooth mesh * audio bug fixes * general bug fixes ---- ell 0.26: * Fix issue with memory leak and TLS certificates. * Fix issue with buffer size and TLS PRF handling. * Add support for D-Bus non-root ObjectManager. iwd 1.0: * Add support for stable D-Bus interfaces. * Add support for network configuration documentation. ---- ell ver 0.25: * Fix
|
| |
Fedora 30: apache-commons-beanutils FEDORA-2019-79b5790566 (Nov 13) |
| |
Update to version 1.9.4. Resolves CVE-2019-10086.
|
| |
Fedora 29: kernel-tools FEDORA-2019-7a3fc17778 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12. ---- The 5.3.9 update contains a number of important fixes across the tree ---- Update to upstream 2.1-22. 20190618
|
| |
Fedora 29: microcode_ctl FEDORA-2019-7a3fc17778 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12. ---- The 5.3.9 update contains a number of important fixes across the tree ---- Update to upstream 2.1-22. 20190618
|
| |
Fedora 29: kernel-headers FEDORA-2019-7a3fc17778 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12. ---- The 5.3.9 update contains a number of important fixes across the tree ---- Update to upstream 2.1-22. 20190618
|
| |
Fedora 29: kernel FEDORA-2019-7a3fc17778 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12. ---- The 5.3.9 update contains a number of important fixes across the tree ---- Update to upstream 2.1-22. 20190618
|
| |
Fedora 31: kernel-headers FEDORA-2019-68d7f68507 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12.
|
| |
Fedora 31: kernel-tools FEDORA-2019-68d7f68507 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12.
|
| |
Fedora 31: microcode_ctl FEDORA-2019-68d7f68507 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12.
|
| |
Fedora 31: kernel FEDORA-2019-68d7f68507 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12.
|
| |
Fedora 30: kernel-headers FEDORA-2019-1689d3fe07 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12.
|
| |
Fedora 30: kernel-tools FEDORA-2019-1689d3fe07 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12.
|
| |
Fedora 30: microcode_ctl FEDORA-2019-1689d3fe07 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12.
|
| |
Fedora 30: kernel FEDORA-2019-1689d3fe07 (Nov 13) |
| |
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12.
|
| |
Fedora 31: crun FEDORA-2019-1ba2a6e386 (Nov 11) |
| |
built version 0.10.5 fix CVE-2019-18837 ---- built version 0.10.4 ---- built version 0.10.3
|
| |
Fedora 31: community-mysql FEDORA-2019-d40df38271 (Nov 11) |
| |
**MySQL 8.0.18** Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-18.html CVEs fixed: CVE-2019-2911 CVE-2019-2914 CVE-2019-2938 CVE-2019-2946 CVE-2019-2957 CVE-2019-2960 CVE-2019-2963 CVE-2019-2966 CVE-2019-2967 CVE-2019-2968 CVE-2019-2974 CVE-2019-2982 CVE-2019-2991 CVE-2019-2993 CVE-2019-2997
|
| |
Fedora 31: java-latest-openjdk FEDORA-2019-e87dd3ca51 (Nov 11) |
| |
This update brings security updates for OpenJDK 13 and updates it to most current version 13.0.1.9.
|
| |
Fedora 30: crun FEDORA-2019-80a2646798 (Nov 11) |
| |
built version 0.10.5 fix CVE-2019-18837
|
| |
Fedora 30: community-mysql FEDORA-2019-48a0a07033 (Nov 11) |
| |
**MySQL 8.0.18** Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-18.html CVEs fixed: CVE-2019-2911 CVE-2019-2914 CVE-2019-2938 CVE-2019-2946 CVE-2019-2957 CVE-2019-2960 CVE-2019-2963 CVE-2019-2966 CVE-2019-2967 CVE-2019-2968 CVE-2019-2974 CVE-2019-2982 CVE-2019-2991 CVE-2019-2993 CVE-2019-2997
|
| |
Fedora 30: mupdf FEDORA-2019-10f02ad597 (Nov 11) |
| |
rebase to 1.16.1
|
| |
Fedora 30: java-latest-openjdk FEDORA-2019-119312dbfc (Nov 11) |
| |
This update brings security updates for OpenJDK 13 and updates it to most current version 13.0.1.9.
|
| |
Fedora 29: gd FEDORA-2019-d7f8995451 (Nov 9) |
| |
fixed multiple security bugs
|
| |
Fedora 29: rssh FEDORA-2019-bfb407659e (Nov 9) |
| |
Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018.
|
| |
Fedora 29: file FEDORA-2019-18036b898e (Nov 9) |
| |
- fix heap-based buffer overflow in cdf_read_property_info() (CVE-2019-18218)
|
| |
Fedora 29: nspr FEDORA-2019-e4c45e113c (Nov 9) |
| |
Updates the nspr and nss packages to upstream NSPR 4.23 and NSS 3.47 respectively. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes -
|
| |
Fedora 30: gd FEDORA-2019-ab7d22a466 (Nov 9) |
| |
fixed multiple security bugs
|
| |
Fedora 30: hostapd FEDORA-2019-2265b5ae86 (Nov 9) |
| |
Security fix CVE-2019-16275 (AP mode PMF disconnection protection bypass)
|
| |
Fedora 30: rssh FEDORA-2019-d1487c13ac (Nov 9) |
| |
Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018.
|
| |
Fedora 31: chromium FEDORA-2019-688d52f9ff (Nov 9) |
| |
Update chromium to 78.0.3904.87. Fixes CVE-2019-13720 and CVE-2019-13721
|
| |
Fedora 31: hostapd FEDORA-2019-740834c559 (Nov 9) |
| |
Security fix CVE-2019-16275 (AP mode PMF disconnection protection bypass)
|
| |
Fedora 31: rssh FEDORA-2019-e47add6b2b (Nov 9) |
| |
Fix CVE-2019-3463, CVE-2019-3464 and CVE-2019-1000018.
|
| |
|
| |
Gentoo: GLSA-201911-04: OpenSSL: Multiple vulnerabilities (Nov 7) |
| |
Multiple information disclosure vulnerabilities in OpenSSL allow attackers to obtain sensitive information.
|
| |
Gentoo: GLSA-201911-03: Oniguruma: Multiple vulnerabilities (Nov 7) |
| |
Multiple vulnerabilities have been found in Oniguruma, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201911-02: pump: User-assisted execution of arbitrary code (Nov 7) |
| |
A buffer overflow in pump might allow remote attacker to execute arbitrary code.
|
| |
Gentoo: GLSA-201911-01: OpenSSH: Integer overflow (Nov 7) |
| |
An integer overflow in OpenSSH might allow an attacker to execute arbitrary code.
|
| |
|
| |
RedHat: RHSA-2019-3892:01 Important: Red Hat Fuse 7.5.0 security update (Nov 14) |
| |
A minor version update (from 7.4 to 7.5) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact
|
| |
RedHat: RHSA-2019-3890:01 Important: ghostscript security update (Nov 14) |
| |
An update for ghostscript is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3888:01 Important: ghostscript security update (Nov 14) |
| |
An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3889:01 Important: kernel security update (Nov 14) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3887:01 Important: kernel-rt security update (Nov 14) |
| |
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3883:01 Important: kernel security update (Nov 14) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.
|
| |
RedHat: RHSA-2019-3878:01 Important: kernel security update (Nov 13) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3877:01 Important: kernel security update (Nov 13) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
|
| |
RedHat: RHSA-2019-3872:01 Important: kernel security update (Nov 13) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3770:01 Moderate: OpenShift Container Platform 4.2.4 (Nov 13) |
| |
An update for oauth-server-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3771:01 Moderate: OpenShift Container Platform 4.2.4 (Nov 13) |
| |
An update for golang-github-prometheus-prometheus-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3873:01 Important: kernel security update (Nov 13) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3871:01 Important: kernel security update (Nov 13) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3870:01 Important: kernel-rt security update (Nov 13) |
| |
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3839:01 Important: kernel security update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
|
| |
RedHat: RHSA-2019-3840:01 Important: kernel security update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions.
|
| |
RedHat: RHSA-2019-3843:01 Important: kernel security update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 6.5 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3842:01 Important: kernel security update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3844:01 Important: kernel-rt security update (Nov 12) |
| |
An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3841:01 Important: kernel security update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions.
|
| |
RedHat: RHSA-2019-3836:01 Important: kernel security and bug fix update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3834:01 Important: kernel security update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3838:01 Important: kernel security update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3837:01 Important: kernel security update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3860:01 Important: redhat-release-virtualization-host and (Nov 12) |
| |
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS.
|
| |
RedHat: RHSA-2019-3832:01 Important: kernel security update (Nov 12) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3835:01 Important: kernel-rt security update (Nov 12) |
| |
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3833:01 Important: kernel-rt security update (Nov 12) |
| |
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-3812:01 Moderate: OpenShift Container Platform 3.9 cri-o (Nov 7) |
| |
An update for cri-o is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3813:01 Low: OpenShift Container Platform 3.9 (Nov 7) |
| |
An update for mediawiki123 is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3811:01 Important: OpenShift Container Platform 3.9 (Nov 7) |
| |
An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3788:01 Moderate: openstack-octavia security and bug fix (Nov 7) |
| |
An update for openstack-octavia is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3787:01 Important: qemu-kvm-rhev security update (Nov 7) |
| |
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3789:01 Moderate: ansible security update (Nov 7) |
| |
An update for ansible is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-3775:01 Important: chromium-browser security update (Nov 7) |
| |
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-3722:01 Moderate: OpenShift Container Platform 4.1.22 (Nov 7) |
| |
An update for openshift-enterprise-hypershift-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
|
| |
Slackware: 2019-311-01: Slackware 14.2 kernel Security Update (Nov 7) |
| |
New kernel packages are available for Slackware 14.2 to fix security issues.
|
| |
|
| |
SUSE: 2019:2984-1 important: the Linux Kernel (Nov 15) |
| |
An update that solves 49 vulnerabilities and has two fixes is now available.
|
| |
SUSE: 2019:2976-1 important: bash (Nov 14) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2975-1 important: squid (Nov 14) |
| |
An update that fixes 12 vulnerabilities is now available.
|
| |
SUSE: 2019:2744-2 moderate: openconnect (Nov 14) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2785-2 moderate: ImageMagick (Nov 14) |
| |
An update that fixes 10 vulnerabilities is now available.
|
| |
SUSE: 2019:2971-1 important: libjpeg-turbo (Nov 14) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2972-1 important: libjpeg-turbo (Nov 14) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:14217-1 important: microcode_ctl (Nov 13) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:14218-1 important: the Linux Kernel (Nov 13) |
| |
An update that solves 29 vulnerabilities and has 7 fixes is now available.
|
| |
SUSE: 2019:2951-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 12 vulnerabilities and has 98 fixes is now available.
|
| |
SUSE: 2019:2960-1 important: xen (Nov 12) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2019:2954-1 important: qemu (Nov 12) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2019:2950-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 40 vulnerabilities and has 9 fixes is now available.
|
| |
SUSE: 2019:2947-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 10 vulnerabilities and has 117 fixes is now available.
|
| |
SUSE: 2019:2956-1 important: qemu (Nov 12) |
| |
An update that solves four vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2727-2 moderate: dhcp (Nov 12) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:2962-1 important: xen (Nov 12) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2019:1391-2 moderate: evolution (Nov 12) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2748-2 moderate: python (Nov 12) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:2752-2 moderate: sysstat (Nov 12) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2719-2 moderate: python-xdg (Nov 12) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2957-1 important: ucode-intel (Nov 12) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2946-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 12 vulnerabilities and has 93 fixes is now available.
|
| |
SUSE: 2019:2745-2 moderate: libcaca (Nov 12) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2019:2948-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 6 vulnerabilities and has 30 fixes is now available.
|
| |
SUSE: 2019:2947-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 10 vulnerabilities and has 117 fixes is now available.
|
| |
SUSE: 2019:2958-1 important: ucode-intel (Nov 12) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2953-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 12 vulnerabilities and has 115 fixes is now available.
|
| |
SUSE: 2019:2959-1 important: ucode-intel (Nov 12) |
| |
An update that solves two vulnerabilities and has two fixes is now available.
|
| |
SUSE: 2019:2961-1 important: xen (Nov 12) |
| |
An update that solves 8 vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2955-1 important: qemu (Nov 12) |
| |
An update that solves 6 vulnerabilities and has 8 fixes is now available.
|
| |
SUSE: 2019:2946-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 12 vulnerabilities and has 93 fixes is now available.
|
| |
SUSE: 2019:2952-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 10 vulnerabilities and has 111 fixes is now available.
|
| |
SUSE: 2019:2949-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 49 vulnerabilities and has 18 fixes is now available.
|
| |
SUSE: 2019:2948-1 important: the Linux Kernel (Nov 12) |
| |
An update that solves 6 vulnerabilities and has 30 fixes is now available.
|
| |
SUSE: 2019:2941-1 moderate: libseccomp (Nov 12) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:14215-1 moderate: tar (Nov 11) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2940-1 moderate: go1.12 (Nov 11) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2937-1 moderate: rsyslog (Nov 8) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2934-1 important: apache2-mod_auth_openidc (Nov 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2936-1 moderate: libssh2_org (Nov 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2935-1 important: apache2-mod_auth_openidc (Nov 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2932-1 moderate: rubygem-haml (Nov 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2912-1 important: Recommended MozillaThunderbird (Nov 7) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
SUSE: 2019:2916-1 moderate: gdb (Nov 7) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:2915-1 moderate: bluez (Nov 7) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2914-1 moderate: gdb (Nov 7) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:2913-1 moderate: gdb (Nov 7) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
|
| |
Ubuntu 4194-1: postgresql-common vulnerability (Nov 14) |
| |
postgresql-common could be made to create arbitrary directories.
|
| |
Ubuntu 4193-1: Ghostscript vulnerability (Nov 14) |
| |
Ghostscript could be made to crash, access files, or run programs if it opened a specially crafted file.
|
| |
Ubuntu 4192-1: ImageMagick vulnerabilities (Nov 14) |
| |
Several security issues were fixed in ImageMagick.
|
| |
Ubuntu 4191-2: QEMU vulnerabilities (Nov 13) |
| |
Several security issues were fixed in QEMU.
|
| |
Ubuntu 4191-1: QEMU vulnerabilities (Nov 13) |
| |
Several security issues were fixed in QEMU.
|
| |
Ubuntu 4186-3: Linux kernel vulnerability (Nov 13) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4185-3: Linux kernel vulnerability and regression (Nov 13) |
| |
Several issues were fixed in the Linux kernel.
|
| |
Ubuntu 4184-2: Linux kernel vulnerability and regression (Nov 13) |
| |
Several issues were fixed in the Linux kernel.
|
| |
Ubuntu 4183-2: Linux kernel vulnerability (Nov 13) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4190-1: libjpeg-turbo vulnerabilities (Nov 13) |
| |
Several security issues were fixed in libjpeg-turbo.
|
| |
Ubuntu 4189-1: DPDK vulnerability (Nov 13) |
| |
DPDK could be made to consume resources if it received specially crafted input.
|
| |
Ubuntu 4185-2: Linux kernel (Azure) vulnerabilities (Nov 12) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4186-2: Linux kernel (Xenial HWE) vulnerabilities (Nov 12) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4188-1: Linux kernel vulnerability (Nov 12) |
| |
The system could be made to expose sensitive information.
|
| |
Ubuntu 4187-1: Linux kernel vulnerability (Nov 12) |
| |
The system could be made to expose sensitive information.
|
| |
Ubuntu 4186-1: Linux kernel vulnerabilities (Nov 12) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4185-1: Linux kernel vulnerabilities (Nov 12) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4184-1: Linux kernel vulnerabilities (Nov 12) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4183-1: Linux kernel vulnerabilities (Nov 12) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 0059-1: Linux kernel vulnerability (Nov 12) |
| |
On November 12, fixes for several high-severity Intel processor CVEs were released into the Ubuntu kernel, accompanied by a related processor microcode update. Due to the high complexity of the fixes and the required microcode update, we are unable to livepatch this set of CVEs. Please plan to reboot [More...]
|
| |
Ubuntu 4182-1: Intel Microcode update (Nov 12) |
| |
Several security issues were fixed in Intel Microcode.
|
| |
Ubuntu 4182-2: Intel Microcode update (Nov 12) |
| |
Several security issues were fixed in Intel Microcode.
|
| |
Ubuntu 4181-1: WebKitGTK+ vulnerabilities (Nov 12) |
| |
Several security issues were fixed in WebKitGTK+.
|
| |
Ubuntu 4180-1: Bash vulnerability (Nov 11) |
| |
Bash could be made to crash or execute arbitrary code if it received a specially crafted input.
|
| |
Ubuntu 4179-1: FriBidi vulnerability (Nov 8) |
| |
Applications using FriBidi could be made to crash or run programs as your login if it displayed specially crafted text.
|
| |
Ubuntu 4178-1: WebKitGTK+ vulnerabilities (Nov 7) |
| |
Several security issues were fixed in WebKitGTK+.
|
| |
|
| |
Debian LTS: DLA-1993-1: mesa security update (Nov 15) |
| |
Tim Brown discovered a shared memory permissions vulnerability in the Mesa 3D graphics library. Some Mesa X11 drivers use shared-memory XImages to implement back buffers for improved performance, but Mesa
|
| |
Debian LTS: DLA-1992-1: ghostscript security update (Nov 14) |
| |
Manfred Paul and Lukas Schauer reported that the .charkeys procedure in Ghostscript, the GPL PostScript/PDF interpreter, does not properly restrict privileged calls, which could result in bypass of file system
|
| |
Debian LTS: DLA-1990-1: linux-4.9 security update (Nov 13) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak.
|
| |
Debian LTS: DLA-1991-1: libssh2 security update (Nov 13) |
| |
In libssh2, SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A
|
| |
Debian LTS: DLA-1989-1: linux security update (Nov 12) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak.
|
| |
Debian LTS: DLA-1988-1: ampache security update (Nov 11) |
| |
Several vulnerabilities were discovered in Ampache, a web-based audio file management system.
|
| |
Debian LTS: DLA-1986-1: ruby-haml security update (Nov 10) |
| |
In haml, when using user input to perform tasks on the server, characters like " ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional
|
| |
Debian LTS: DLA-1987-1: firefox-esr security update (Nov 10) |
| |
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, cross-site scripting or denial of service.
|
| |
Debian LTS: DLA-1984-1: gdal security update (Nov 9) |
| |
GDAL through 3.0.1 had a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold was exceeded.
|
| |
Debian LTS: DLA-1985-1: djvulibre security update (Nov 8) |
| |
It was discovered that there was a NULL pointer dereference issue in the IW44 encoder/decoder within DjVu, a set of compression technologies for high-resolution ssues.
|
| |
|
| |
ArchLinux: 201911-12: linux-zen: arbitrary code execution (Nov 14) |
| |
The package linux-zen before version 5.3.9.1-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201911-11: linux-lts: arbitrary code execution (Nov 14) |
| |
The package linux-lts before version 4.19.82-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201911-10: linux: arbitrary code execution (Nov 14) |
| |
The package linux before version 5.3.9.1-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201911-9: linux-hardened: arbitrary code execution (Nov 7) |
| |
The package linux-hardened before version 5.3.7.b-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201911-8: squid: multiple issues (Nov 7) |
| |
The package squid before version 4.9-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing and information disclosure.
|
| |
|
| |
CentOS: CESA-2019-3878: Important CentOS 6 kernel (Nov 14) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3878
|
| |
CentOS: CESA-2019-3872: Important CentOS 7 kernel (Nov 14) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3872
|
| |
CentOS: CESA-2019-3834: Important CentOS 7 kernel (Nov 14) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3834
|
| |
CentOS: CESA-2019-3756: Important CentOS 6 thunderbird (Nov 13) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3756
|
| |
CentOS: CESA-2019-3836: Important CentOS 6 kernel (Nov 13) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3836
|
| |
CentOS: CESA-2019-3755: Important CentOS 6 sudo (Nov 13) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:3755
|
| |
|
| |
SciLinux: SLSA-2019-3872-1 Important: kernel on SL7.x x86_64 (Nov 14) |
| |
hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) SL7 x86_64 bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7. [More...]
|
| |
SciLinux: SLSA-2019-3888-1 Important: ghostscript on SL7.x x86_64 (Nov 14) |
| |
ghostscript: -dSAFER escape in .charkeys (701841) (CVE-2019-14869) SL7 x86_64 ghostscript-9.25-2.el7_7.3.i686.rpm ghostscript-9.25-2.el7_7.3.x86_64.rpm ghostscript-cups-9.25-2.el7_7.3.x86_64.rpm ghostscript-debuginfo-9.25-2.el7_7.3.i686.rpm ghostscript-debuginfo-9.25-2.el7_7.3.x86_64.rpm libgs-9.25-2.el7_7.3.i686.rpm libgs-9.25-2.el7_7.3.x86_64.rpm ghostscrip [More...]
|
| |
SciLinux: SLSA-2019-3878-1 Important: kernel on SL6.x i386/x86_64 (Nov 14) |
| |
hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. SL6 x86_64 kernel-2.6.32-754.24.3.el6.x86_64.rpm kernel-debug-2.6.32-754.24.3.el6.x86_64.rpm ke [More...]
|
| |
SciLinux: SLSA-2019-3836-1 Important: kernel on SL6.x i386/x86_64 (Nov 13) |
| |
hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900) * hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154) For more details about the security issue(s), including the impact, a CVSS score, [More...]
|
| |
SciLinux: SLSA-2019-3834-1 Important: kernel on SL7.x x86_64 (Nov 13) |
| |
hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the R [More...]
|
| |
SciLinux: SLSA-2019-3756-1 Important: thunderbird on SL6.x i386/x86_64 (Nov 7) |
| |
This update upgrades Thunderbird to version 68.2.0. * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buf [More...]
|
| |
|
| |
openSUSE: 2019:2514-1: moderate: libtomcrypt (Nov 15) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2515-1: moderate: ImageMagick (Nov 15) |
| |
An update that fixes 11 vulnerabilities is now available.
|
| |
openSUSE: 2019:2507-1: important: the Linux Kernel (Nov 14) |
| |
An update that solves 8 vulnerabilities and has 29 fixes is now available.
|
| |
openSUSE: 2019:2505-1: important: qemu (Nov 14) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2019:2506-1: important: xen (Nov 14) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
openSUSE: 2019:2509-1: important: ucode-intel (Nov 14) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:2503-1: important: the Linux Kernel (Nov 14) |
| |
An update that solves 10 vulnerabilities and has 38 fixes is now available.
|
| |
openSUSE: 2019:2510-1: important: qemu (Nov 14) |
| |
An update that solves 6 vulnerabilities and has 8 fixes is now available.
|
| |
openSUSE: 2019:2504-1: important: ucode-intel (Nov 14) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:2501-1: moderate: rsyslog (Nov 14) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:2500-1: moderate: rsyslog (Nov 13) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:2499-1: important: apache2-mod_auth_openidc (Nov 13) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2493-1: moderate: gdb (Nov 12) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
openSUSE: 2019:2494-1: moderate: gdb (Nov 12) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
openSUSE: 2019:2483-1: moderate: libssh2_org (Nov 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2477-1: moderate: Recommended bcm20702a1-firmware (Nov 10) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2019:2472-1: moderate: python-ecdsa (Nov 10) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:2474-1: moderate: python-ecdsa (Nov 10) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:2466-1: moderate: gdal (Nov 9) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2453-1: moderate: python3 (Nov 9) |
| |
An update that solves two vulnerabilities and has three fixes is now available.
|
| |
openSUSE: 2019:2454-1: moderate: libtomcrypt (Nov 9) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2464-1: important: Recommended MozillaThunderbird (Nov 9) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
openSUSE: 2019:2452-1: important: Recommended MozillaThunderbird (Nov 9) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
openSUSE: 2019:2459-1: important: MozillaFirefox, MozillaFirefox-branding-SLE (Nov 9) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
openSUSE: 2019:2451-1: important: MozillaFirefox, MozillaFirefox-branding-SLE (Nov 9) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
openSUSE: 2019:2458-1: important: samba (Nov 9) |
| |
An update that solves three vulnerabilities and has four fixes is now available.
|
| |
openSUSE: 2019:2457-1: important: php7 (Nov 9) |
| |
An update that fixes one vulnerability is now available.
|
| |
|
| |
Mageia 2019-0327: libapreq2 security update (Nov 14) |
| |
Updated libapreq2 packages fix security vulnerability: Max Kellermann reported a NULL pointer dereference flaw in libapreq2, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested
|
| |
Mageia 2019-0326: cpio security update (Nov 14) |
| |
in cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive (CVE-2015-1197). Thomas Habets discovered that GNU cpio incorrectly handled certain
|
| |
Mageia 2019-0325: fribidi security update (Nov 14) |
| |
Updated fribidi packages fix security vulnerability: A stack buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi 1.0.0 through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary
|
| |
Mageia 2019-0324: webkit2 security update (Nov 14) |
| |
Updated webkit2 packages fix security vulnerabilities: Processing maliciously crafted web content may lead to universal cross site scripting (CVE-2019-8625, CVE-2019-8674, CVE-2019-8719, CVE-2019-8813)
|
| |
Mageia 2019-0323: zeromq security update (Nov 14) |
| |
A security vulnerability has been reported in libzmq/zeromq. a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary
|
| |
Mageia 2019-0322: python-numpy security update (Nov 14) |
| |
Updated python-numpy packages fix security vulnerability: An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call
|
| |
Mageia 2019-0321: expat security update (Nov 7) |
| |
It was discovered that Expat did not properly handle internal entities closing the doctype, potentially resulting in denial of service or information disclosure if a malformed XML file is processed (CVE-2019-15903).
|
| |
Mageia 2019-0320: chromium-browser-stable security update (Nov 7) |
| |
Chromium-browser 78.0.3904.87 fixes security issues: Multiple flaws were found in the way Chromium 77.0.3865.120 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose
|
| |
Mageia 2019-0319: freetds security update (Nov 7) |
| |
Updated freetds packages fix security vulnerability: Felix Wilhelm discovered that FreeTDS incorrectly handled certain types after a protocol downgrade. A remote attacker could use this issue to cause FreeTDS to crash, resulting in a denial of service, or possibly
|
| |
Mageia 2019-0318: python security update (Nov 7) |
| |
Updated python and python3 packages fix security vulnerabilities: It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications into accepting email addresses that should be denied (CVE-2019-16056).
|
| |
Mageia 2019-0317: unbound security update (Nov 7) |
| |
Updated unbound packages fix security vulnerability: Versions before 1.9.4 allow accesses to uninitialized memory, which would permit remote attackers to trigger a crash (CVE-2019-16866).
|
| |
Mageia 2019-0316: thunderbird security update (Nov 7) |
| |
The updated packages fix security issues: Use-after-free when creating index updates in IndexedDB. (CVE-2019-11757)
|
| |
Mageia 2019-0315: firefox security update (Nov 7) |
| |
The updated packages fix several bugs and some security issues: Use-after-free when creating index updates in IndexedDB. (CVE-2019-11757)
|
| |
Mageia 2019-0314: proftpd security update (Nov 7) |
| |
Updated proftpd package fixes security vulnerabilities: It was discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands (CVE-2019-12815).
|
