Scientific Linux Essential and Critical Security Patch Updates - Page 11

SciLinux: SLSA-2021-3296-1 Important: libX11 on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

libX11: missing request length checks (CVE-2021-31535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 libX11-1.6.7-4.el7_9.i686.rpm libX11-1.6.7-4.el7_9.x86_64.rpm libX11-debuginfo-1.6.7-4.el7_9.i686.rpm libX11-debuginfo-1.6.7-4.el7_9.x86_64.rpm libX11-devel-1.6.7-4.el7_9.i686. [More...]

LinuxSecurity.com Team
Aug 31, 2021

SciLinux: SLSA-2021-3234-1 Important: compat-exiv2-023 on SL7.x x86_64

exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE7 --- SL7 x86_64 - compat-exiv2-023-0.23-2.el7_9.i686.rpm - compat-exiv2-023-0.23-2.el7_9.x86_64.rpm - compat-exiv2-023-debuginfo-0.23-2.el7_9.i686.rpm - compat- [More...]

LinuxSecurity.com Team
Aug 26, 2021

SciLinux: SLSA-2021-3233-1 Important: compat-exiv2-026 on SL7.x x86_64

exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE7 --- SL7 x86_64 - compat-exiv2-026-0.26-3.el7_9.i686.rpm - compat-exiv2-026-0.26-3.el7_9.x86_64.rpm - compat-exiv2-026-debuginfo-0.26-3.el7_9.i686.rpm - compat-e [More...]

LinuxSecurity.com Team
Aug 26, 2021

SciLinux: SLSA-2021-3154-1 Important: firefox on x86_64

This update upgrades Firefox to version 78.13.0 ESR. * Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980) * Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984) * Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986) * Mozilla: Memory corruption as a result of in [More...]

LinuxSecurity.com Team
Aug 18, 2021

SciLinux: SLSA-2021-3158-1 Important: exiv2 on x86_64

LinuxSecurity.com Team
Aug 18, 2021

SciLinux: SLSA-2021-3160-1 Important: thunderbird on x86_64

This update upgrades Thunderbird to version 78.13.0. * Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980) * Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984) * Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986) * Mozilla: Memory corruption as a result of in [More...]

LinuxSecurity.com Team
Aug 18, 2021

SciLinux: SLSA-2021-3178-1 Important: sssd on

sssd: shell command injection in sssctl (CVE-2021-3621) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team

LinuxSecurity.com Team
Aug 17, 2021

SciLinux: SLSA-2021-3173-1 Important: kernel on

kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) * kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c (CVE-2021-22555) * kernel: race condition for removal of the HCI controller (CVE-2021-32399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other relate [More...]

LinuxSecurity.com Team
Aug 17, 2021

SciLinux: SLSA-2021-3181-1 Important: kpatch-patch on

LinuxSecurity.com Team
Aug 17, 2021

SciLinux: SLSA-2021-3176-1 Important: microcode_ctl on

hw: Vector Register Data Sampling (CVE-2020-0548) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695) * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698) * hw: vt-d related privilege escala [More...]

LinuxSecurity.com Team
Aug 17, 2021

SciLinux: SLSA-2021-3177-1 Moderate: cloud-init on

cloud-init: randomly generated passwords logged in clear-text to world- readable file (CVE-2021-3429) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team

LinuxSecurity.com Team
Aug 17, 2021

SciLinux: SLSA-2021-3172-1 Important: edk2 on

edk2: remote buffer overflow in IScsiHexToBin function in NetworkPkg/IScsiDxe For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team

LinuxSecurity.com Team
Aug 17, 2021

SciLinux: SLSA-2021-3028-1 Important: microcode_ctl on SL7.x x86_64

hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: Vector Register Data Sampling (CVE-2020-0548) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) [More...]

LinuxSecurity.com Team
Aug 09, 2021

SciLinux: SLSA-2021-2989-1 Important: lasso on SL7.x x86_64

lasso: XML signature wrapping vulnerability when parsing SAML responses (CVE-2021-28091) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - lasso-2.5.1-8.el7_9.i686.rpm - lasso-2.5.1-8.el7_9.x86_64.rpm - lasso-debuginfo-2.5.1-8.el7_9.i686.rpm - lasso-debuginfo-2.5.1-8.el7_9 [More...]

LinuxSecurity.com Team
Aug 03, 2021

SciLinux: SLSA-2021-2881-1 Important: thunderbird on SL7.x x86_64

This update upgrades Thunderbird to version 78.12.0. * Mozilla: IMAP server responses sent by a MITM prior to STARTTLS could be processed (CVE-2021-29969) * Mozilla: Use-after-free in accessibility features of a document (CVE-2021-29970) * Mozilla: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12 (CVE-2021-29976) * chromium-browser: Out of bounds write in ANGLE (CVE-2021-30547) [More...]

LinuxSecurity.com Team
Jul 26, 2021

SciLinux: SLSA-2021-2845-1 Important: java-1.8.0-openjdk on SL7.x x86_64

OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) * OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341) * OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) For more details about the security issue(s), including the [More...]

LinuxSecurity.com Team
Jul 26, 2021

SciLinux: SLSA-2021-2784-1 Important: java-11-openjdk on SL7.x x86_64

LinuxSecurity.com Team
Jul 26, 2021

SciLinux: SLSA-2021-2725-1 Important: kernel on SL7.x x86_64

kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) * kernel: use-after-free in show_numa_stats function (CVE-2019-20934) * kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c (CVE-2020-11668) * kernel: use-after-free in cipso_v4 [More...]

LinuxSecurity.com Team
Jul 26, 2021

SciLinux: SLSA-2021-2741-1 Important: firefox on SL7.x x86_64

This update upgrades Firefox to version 78.12.0 ESR. * Mozilla: Use-after-free in accessibility features of a document (CVE-2021-29970) * Mozilla: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12 (CVE-2021-29976) * chromium-browser: Out of bounds write in ANGLE (CVE-2021-30547) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and [More...]

LinuxSecurity.com Team
Jul 15, 2021

SciLinux: SLSA-2021-2683-1 Important: xstream on SL7.x (noarch)

XStream: remote command execution attack by manipulating the processed input stream (CVE-2021-29505) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 noarch - xstream-1.3.1-14.el7_9.noarch.rpm - xstream-javadoc-1.3.1-14.el7_9.noarch.rpm - Scientific Linux Development Team

LinuxSecurity.com Team
Jul 12, 2021

Scientific Essential and Critical Security Patch Updates

SciLinux: SLSA-2021-3296-1 Important: libX11 on SL7.x x86_64

SciLinux: SLSA-2021-3234-1 Important: compat-exiv2-023 on SL7.x x86_64

SciLinux: SLSA-2021-3233-1 Important: compat-exiv2-026 on SL7.x x86_64

SciLinux: SLSA-2021-3154-1 Important: firefox on x86_64

SciLinux: SLSA-2021-3158-1 Important: exiv2 on x86_64

SciLinux: SLSA-2021-3160-1 Important: thunderbird on x86_64

SciLinux: SLSA-2021-3178-1 Important: sssd on

SciLinux: SLSA-2021-3173-1 Important: kernel on

SciLinux: SLSA-2021-3181-1 Important: kpatch-patch on

SciLinux: SLSA-2021-3176-1 Important: microcode_ctl on

SciLinux: SLSA-2021-3177-1 Moderate: cloud-init on

SciLinux: SLSA-2021-3172-1 Important: edk2 on

SciLinux: SLSA-2021-3028-1 Important: microcode_ctl on SL7.x x86_64

SciLinux: SLSA-2021-2989-1 Important: lasso on SL7.x x86_64

SciLinux: SLSA-2021-2881-1 Important: thunderbird on SL7.x x86_64

SciLinux: SLSA-2021-2845-1 Important: java-1.8.0-openjdk on SL7.x x86_64

SciLinux: SLSA-2021-2784-1 Important: java-11-openjdk on SL7.x x86_64

SciLinux: SLSA-2021-2725-1 Important: kernel on SL7.x x86_64

SciLinux: SLSA-2021-2741-1 Important: firefox on SL7.x x86_64

SciLinux: SLSA-2021-2683-1 Important: xstream on SL7.x (noarch)

LinuxSecurity Poll

Which open source security automation tool do you use to protect against vulnerabilities?

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By