Scientific Linux Linux Distribution - Security Advisories - Page 19

SciLinux: SLSA-2020-1189-1 Moderate: libqb on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

libqb: Insecure treatment of IPC (temporary) files SL7 x86_64 libqb-devel-1.0.1-9.el7.i686.rpm libqb-devel-1.0.1-9.el7.x86_64.rpm libqb-1.0.1-9.el7.x86_64.rpm libqb-1.0.1-9.el7.i686.rpm libqb-debuginfo-1.0.1-9.el7.i686.rpm libqb-debuginfo-1.0.1-9.el7.x86_64.rpm - Scientific Linux Development Team

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1116-1 Important: qemu-kvm on SL7.x x86_64

QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() SL7 x86_64 qemu-kvm-1.5.3-173.el7.x86_64.rpm qemu-kvm-tools-1.5.3-173.el7.x86_64.rpm qemu-kvm-common-1.5.3-173.el7.x86_64.rpm qemu-img-1.5.3-173.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-173.el7.x86_64.rpm - Scientific Linux Development Team

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1151-1 Moderate: libreoffice on SL7.x x86_64

libreoffice: LibreLogo script can be manipulated into executing arbitrary python commands * libreoffice: Insufficient URL validation allowing LibreLogo script execution * libreoffice: LibreLogo global-event script execution * libreoffice: Insufficient URL encoding flaw in allowed script location check * libreoffice: Insufficient URL decoding flaw in categorizing [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1062-1 Moderate: dovecot on SL7.x x86_64

dovecot: Improper certificate validation * dovecot: Buffer overflow in indexer-worker process results in privilege escalation SL7 x86_64 dovecot-pgsql-2.2.36-6.el7.x86_64.rpm dovecot-pigeonhole-2.2.36-6.el7.x86_64.rpm dovecot-mysql-2.2.36-6.el7.x86_64.rpm dovecot-2.2.36-6.el7.x86_64.rpm dovecot-2.2.36-6.el7.i686.rpm dovecot-debuginfo-2.2.36-6.el7.i686.rpm [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1068-1 Moderate: squid on SL7.x x86_64

squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service * squid: Incorrect pointer handling in HTTP processing and certificate download can lead to denial of service * squid: XSS via user_name or auth parameter in cachemgr.cgi SL7 x86_64 squid-3.5.20-15.el7.x86_64.rpm squid-migration-script-3.5.20-15.el7.x86_64.rpm squi [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1178-1 Moderate: zziplib on SL7.x x86_64

zziplib: directory traversal in unzzip_cat in the bins/unzzipcat-mem.c SL7 x86_64 zziplib-0.13.62-12.el7.i686.rpm zziplib-0.13.62-12.el7.x86_64.rpm zziplib-debuginfo-0.13.62-12.el7.i686.rpm zziplib-debuginfo-0.13.62-12.el7.x86_64.rpm zziplib-devel-0.13.62-12.el7.i686.rpm zziplib-devel-0.13.62-12.el7.x86_64.rpm zziplib-utils-0.13.62-12.el7.x86_64.rpm - Scientific [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1185-1 Moderate: libsndfile on SL7.x x86_64

libsndfile: stack-based buffer overflow in sndfile-deinterleave utility SL7 x86_64 libsndfile-1.0.25-11.el7.i686.rpm libsndfile-1.0.25-11.el7.x86_64.rpm libsndfile-debuginfo-1.0.25-11.el7.i686.rpm libsndfile-debuginfo-1.0.25-11.el7.x86_64.rpm libsndfile-devel-1.0.25-11.el7.i686.rpm libsndfile-devel-1.0.25-11.el7.x86_64.rpm libsndfile-utils-1.0.25-11.el7.x86_64.rpm [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1074-1 Moderate: poppler and evince on SL7.x x86_64

poppler: integer overflow in Parser::makeStream in Parser.cc * poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc * poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc * poppler: integer overflow in JPXStream::init function leading to memory consumption * evince: uninitialized memory use in func [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1000-1 Moderate: rsyslog on SL7.x x86_64

rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c * rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c SL7 x86_64 rsyslog-mysql-8.24.0-52.el7.x86_64.rpm rsyslog-relp-8.24.0-52.el7.x86_64.rpm rsyslog-gnutls-8.24.0-52.el7.x86_64.rpm rsyslog-pgsql-8.24.0-52.el7.x86_64.rpm rsyslog-mmjsonparse-8.24.0-52.el7.x86_64.rpm [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1112-1 Moderate: php on SL7.x x86_64

php: Reflected XSS on PHAR 404 page * php: Stack-based buffer under-read in php_stream_url_wrap_http_ex() in http_fopen_wrapper.c when parsing HTTP response * php: Reflected XSS vulnerability on PHAR 403 and 404 error pages * php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c SL7 x86_64 php-pdo-5.4.16-48.el7.x86_64.rpm php-pgsql-5. [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1047-1 Moderate: wireshark on SL7.x x86_64

wireshark: Out-of-bounds read in packet-ldss.c * wireshark: Multiple dissectors could crash (wnpa-sec-2018-36) * wireshark: DICOM dissector infinite loop (wnpa-sec-2018-39) * wireshark: Bazaar dissector infinite loop (wnpa-sec-2018-40) * wireshark: SIGCOMP dissector crash in packet-sigcomp.c * wireshark: Radiotap dissector crash * wireshark: Infinite loop in the MM [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1190-1 Moderate: libxml2 on SL7.x x86_64

libxml2: Use after free triggered by XPointer paths beginning with range-to * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c * libxml2: DoS caused by incorrect error detection during XZ decompression * libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c * libxml2: Unrestricted memory usage in xz_he [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1022-1 Low: file on SL7.x x86_64

file: out-of-bounds read via a crafted ELF file SL7 x86_64 file-libs-5.11-36.el7.x86_64.rpm python-magic-5.11-36.el7.noarch.rpm file-5.11-36.el7.x86_64.rpm file-libs-5.11-36.el7.i686.rpm file-debuginfo-5.11-36.el7.i686.rpm file-debuginfo-5.11-36.el7.x86_64.rpm file-devel-5.11-36.el7.i686.rpm file-devel-5.11-36.el7.x86_64.rpm file-static-5.11-36.el7.i686.rp [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1175-1 Low: taglib on SL7.x x86_64

taglib: heap-based buffer over-read via a crafted audio file SL7 x86_64 taglib-1.8-8.20130218git.el7.x86_64.rpm taglib-1.8-8.20130218git.el7.i686.rpm taglib-debuginfo-1.8-8.20130218git.el7.i686.rpm taglib-debuginfo-1.8-8.20130218git.el7.x86_64.rpm taglib-devel-1.8-8.20130218git.el7.i686.rpm taglib-devel-1.8-8.20130218git.el7.x86_64.rpm noarch taglib-doc-1.8-8.20 [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1101-1 Low: bluez on SL7.x x86_64

bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices SL7 x86_64 bluez-libs-5.44-6.el7.x86_64.rpm bluez-libs-5.44-6.el7.i686.rpm bluez-5.44-6.el7.x86_64.rpm bluez-debuginfo-5.44-6.el7.i686.rpm bluez-debuginfo-5.44-6.el7.x86_64.rpm bluez-cups-5.44-6.el7.x86_64.rpm bluez-hid2hci-5.44-6.el [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1172-1 Moderate: qt on SL7.x x86_64

qt5-qtbase: Double free in QXmlStreamReader * qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp * qt5-qtsvg: Invalid parsing of malformed url reference resulting in a denial of service * qt5-qtbase: QImage allocation failure in qgifhandler * qt5-qtimageformats: QTgaFile CPU exhaustion * qt5-qtbase: QBmpHandler segmentation fault on ma [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1084-1 Moderate: samba on SL7.x x86_64

samba: Combination of parameters and permissions can allow user to escape from the share path definition * samba: smb client vulnerable to filenames containing path separators SL7 x86_64 samba-libs-4.10.4-10.el7.i686.rpm samba-krb5-printing-4.10.4-10.el7.x86_64.rpm libsmbclient-4.10.4-10.el7.i686.rpm samba-common-tools-4.10.4-10.el7.x86_64.rpm samba-libs-4.10.4-1 [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1100-1 Moderate: mariadb on SL7.x x86_64

mysql: Server: Pluggable Auth unspecified vulnerability (CPU Jul 2019) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul * mysql: Server: XML unspecified vulnerability (CPU Jul 2019) * mysql: Server: Parser unspecified vulnerability (CPU Jul 2019) SL7 x86_64 mariadb-devel-5.5.65-1.el7.x86_64.rpm mariadb-5.5.65-1.el7.x86_64.rpm mariadb-test-5. [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1011-1 Moderate: expat on SL7.x x86_64

expat: Integer overflow leading to buffer overflow in XML_GetBuffer() SL7 x86_64 expat-devel-2.1.0-11.el7.x86_64.rpm expat-2.1.0-11.el7.x86_64.rpm expat-2.1.0-11.el7.i686.rpm expat-devel-2.1.0-11.el7.i686.rpm expat-debuginfo-2.1.0-11.el7.i686.rpm expat-debuginfo-2.1.0-11.el7.x86_64.rpm expat-static-2.1.0-11.el7.i686.rpm expat-static-2.1.0-11.el7.x86_64.rpm - [More...]

LinuxSecurity.com Team
Apr 20, 2020

SciLinux: SLSA-2020-1020-1 Low: curl on SL7.x x86_64

curl: TFTP receive heap buffer overflow in tftp_receive_packet() function SL7 x86_64 libcurl-devel-7.29.0-57.el7.x86_64.rpm libcurl-7.29.0-57.el7.i686.rpm libcurl-7.29.0-57.el7.x86_64.rpm libcurl-devel-7.29.0-57.el7.i686.rpm curl-7.29.0-57.el7.x86_64.rpm curl-debuginfo-7.29.0-57.el7.i686.rpm curl-debuginfo-7.29.0-57.el7.x86_64.rpm - Scientific Linux Development T [More...]

LinuxSecurity.com Team
Apr 20, 2020

Scientific Essential and Critical Security Patch Updates

SciLinux: SLSA-2020-1189-1 Moderate: libqb on SL7.x x86_64

SciLinux: SLSA-2020-1116-1 Important: qemu-kvm on SL7.x x86_64

SciLinux: SLSA-2020-1151-1 Moderate: libreoffice on SL7.x x86_64

SciLinux: SLSA-2020-1062-1 Moderate: dovecot on SL7.x x86_64

SciLinux: SLSA-2020-1068-1 Moderate: squid on SL7.x x86_64

SciLinux: SLSA-2020-1178-1 Moderate: zziplib on SL7.x x86_64

SciLinux: SLSA-2020-1185-1 Moderate: libsndfile on SL7.x x86_64

SciLinux: SLSA-2020-1074-1 Moderate: poppler and evince on SL7.x x86_64

SciLinux: SLSA-2020-1000-1 Moderate: rsyslog on SL7.x x86_64

SciLinux: SLSA-2020-1112-1 Moderate: php on SL7.x x86_64

SciLinux: SLSA-2020-1047-1 Moderate: wireshark on SL7.x x86_64

SciLinux: SLSA-2020-1190-1 Moderate: libxml2 on SL7.x x86_64

SciLinux: SLSA-2020-1022-1 Low: file on SL7.x x86_64

SciLinux: SLSA-2020-1175-1 Low: taglib on SL7.x x86_64

SciLinux: SLSA-2020-1101-1 Low: bluez on SL7.x x86_64

SciLinux: SLSA-2020-1172-1 Moderate: qt on SL7.x x86_64

SciLinux: SLSA-2020-1084-1 Moderate: samba on SL7.x x86_64

SciLinux: SLSA-2020-1100-1 Moderate: mariadb on SL7.x x86_64

SciLinux: SLSA-2020-1011-1 Moderate: expat on SL7.x x86_64

SciLinux: SLSA-2020-1020-1 Low: curl on SL7.x x86_64

LinuxSecurity Poll

Which open source security automation tool do you use to protect against vulnerabilities?

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By