| |
Debian: DSA-4703-1: mysql-connector-java security update (Jun 11) |
| |
Three vulnerabilities have been found in the MySQL Connector/J JDBC driver. For the oldstable distribution (stretch), these problems have been fixed
|
| |
Debian: DSA-4702-1: thunderbird security update (Jun 11) |
| |
Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code.
|
| |
Debian: DSA-4701-1: intel-microcode security update (Jun 11) |
| |
This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for the Special Register Buffer Data Sampling (CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.
|
| |
Debian: DSA-4700-1: roundcube security update (Jun 11) |
| |
Matei Badanoiu and LoRexxar@knownsec discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, did not correctly process and sanitize requests. This would allow a remote attacker to perform a Cross-Side Scripting (XSS) attack leading to the
|
| |
Debian: DSA-4699-1: linux security update (Jun 9) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
|
| |
Debian: DSA-4698-1: linux security update (Jun 9) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
|
| |
Debian: DSA-4697-1: gnutls28 security update (Jun 6) |
| |
A flaw was reported in the TLS session ticket key construction in GnuTLS, a library implementing the TLS and SSL protocols. The flaw caused the TLS server to not securely construct a session ticket encryption key considering the application supplied secret, allowing a
|
| |
Debian: DSA-4696-1: nodejs security update (Jun 6) |
| |
Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code. For the stable distribution (buster), these problems have been fixed in
|
| |
Fedora 32: thunderbird FEDORA-2020-19e5635ee3 (Jun 11) |
| |
Update to latest upstream version.
|
| |
Fedora 31: kernel FEDORA-2020-203ffedeb5 (Jun 11) |
| |
The 5.6.16 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 32: kernel FEDORA-2020-07f0be216f (Jun 7) |
| |
The 5.6.16 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 32: gnutls FEDORA-2020-0cce3578e2 (Jun 7) |
| |
Update to upstream 3.6.14 release, and security fix for CVE-2020-13777.
|
| |
Fedora 32: php-phpmailer6 FEDORA-2020-d67df93aa6 (Jun 7) |
| |
This is a security release, with some other minor changes. For full details, refer to the [advisory](https://github.com/PHPMailer/PHPMailer/security/advisories/GHSA-f7hx-fqxw-rvvj). * **SECURITY** Fix insufficient output escaping bug in file attachment names. **CVE-2020-13625**. Reported by Elar Lang of Clarified
|
| |
Fedora 32: sympa FEDORA-2020-d767d9077b (Jun 7) |
| |
Update to sympa 6.2.56. Fixes CVE-2020-10936. For details, see: - https://github.com/sympa-community/sympa/releases/tag/6.2.56 - https://www.sympa.community/security/2020-002.html
|
| |
Fedora 31: php-phpmailer6 FEDORA-2020-6d2e1105f2 (Jun 7) |
| |
This is a security release, with some other minor changes. For full details, refer to the [advisory](https://github.com/PHPMailer/PHPMailer/security/advisories/GHSA-f7hx-fqxw-rvvj). * **SECURITY** Fix insufficient output escaping bug in file attachment names. **CVE-2020-13625**. Reported by Elar Lang of Clarified
|
| |
Fedora 31: libarchive FEDORA-2020-d8278fe24d (Jun 7) |
| |
Rebase to version 3.4.3
|
| |
Fedora 31: firefox FEDORA-2020-0e5ada32f1 (Jun 4) |
| |
- Updated to latest upstream (77.0.1) ---- - New upstream version (77.0) ---- - Updated VA-API patches for Wayland backend - Use dmabuf WebGL backend by default on Wayland
|
| |
Fedora 31: cacti-spine FEDORA-2020-d50b988a2f (Jun 4) |
| |
- Update to 1.2.12 Release notes:
|
| |
Fedora 31: cacti FEDORA-2020-d50b988a2f (Jun 4) |
| |
- Update to 1.2.12 Release notes:
|
| |
Fedora 31: mbedtls FEDORA-2020-42564738a1 (Jun 4) |
| |
- Update to 2.16.6 Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security Advisory:
|
| |
Fedora 32: firefox FEDORA-2020-cd45588dd8 (Jun 4) |
| |
- Updated to latest upstream (77.0.1)
|
| |
Fedora 32: mozjs68 FEDORA-2020-4334da4020 (Jun 4) |
| |
- Firefox 68.9.0 ESR: https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/ - GJS rebuild against mozjs68-68.9.0
|
| |
Fedora 32: gjs FEDORA-2020-4334da4020 (Jun 4) |
| |
- Firefox 68.9.0 ESR: https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/ - GJS rebuild against mozjs68-68.9.0
|
| |
Fedora 32: dbus FEDORA-2020-5a1910208c (Jun 4) |
| |
Update to 1.12.18
|
| |
Fedora 32: perl FEDORA-2020-4021bf2ae8 (Jun 4) |
| |
Fixed CVE-2020-10543, CVE-2020-10878 and CVE-2020-12723
|
| |
Fedora 32: cacti FEDORA-2020-8560db8779 (Jun 4) |
| |
- Update to 1.2.12 Release notes:
|
| |
Fedora 32: cacti-spine FEDORA-2020-8560db8779 (Jun 4) |
| |
- Update to 1.2.12 Release notes:
|
| |
Fedora 32: mbedtls FEDORA-2020-9a6e8e63e9 (Jun 4) |
| |
- Update to 2.16.6 Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security Advisory:
|
| |
Gentoo: GLSA-202006-03: Perl: Multiple vulnerabilities (Jun 12) |
| |
Multiple vulnerabilities have been found in Perl, the worst of which could result in a Denial of Service condition.
|
| |
Gentoo: GLSA-202006-01: GnuTLS: Information disclosure (Jun 9) |
| |
An information disclosure vulnerability in GnuTLS allow remote attackers to obtain sensitive information.
|
| |
RedHat: RHSA-2020-2539:01 Moderate: net-snmp security and bug fix update (Jun 12) |
| |
An update for net-snmp is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2529:01 Important: tomcat6 security update (Jun 11) |
| |
An update for tomcat6 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2530:01 Important: tomcat security update (Jun 11) |
| |
An update for tomcat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2512:01 Important: Red Hat JBoss Enterprise Application (Jun 11) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2513:01 Important: Red Hat JBoss Enterprise Application (Jun 11) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2524:01 Important: Red Hat OpenShift Service Mesh 1.0 (Jun 11) |
| |
An update for servicemesh-proxy is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2523:01 Important: Red Hat OpenShift Service Mesh 1.1.2 (Jun 11) |
| |
An update for servicemesh-proxy is now available for OpenShift Service Mesh 1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2521:01 Low: file security update (Jun 10) |
| |
An update for file is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2522:01 Important: kernel security and bug fix update (Jun 10) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2519:01 Important: kpatch-patch security update (Jun 10) |
| |
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2520:01 Moderate: python security update (Jun 10) |
| |
An update for python is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2516:01 Moderate: libexif security update (Jun 10) |
| |
An update for libexif is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-2515:01 Important: Red Hat JBoss Enterprise Application (Jun 10) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2511:01 Important: Red Hat JBoss Enterprise Application (Jun 10) |
| |
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2508:01 Moderate: expat security update (Jun 10) |
| |
An update for expat is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2509:01 Important: Red Hat JBoss Web Server 5.3.1 (Jun 10) |
| |
Updated Red Hat JBoss Web Server 5.3.1 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8 and Windows. Red Hat Product Security has rated this release as having a security impact
|
| |
RedHat: RHSA-2020-2505:01 Low: curl security update (Jun 10) |
| |
An update for curl is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2506:01 Important: Red Hat JBoss Web Server 5.3.1 (Jun 10) |
| |
Updated Red Hat JBoss Web Server 5.3.1 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact
|
| |
RedHat: RHSA-2020-2486:01 Low: unzip security update (Jun 10) |
| |
An update for unzip is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2485:01 Low: gettext security update (Jun 10) |
| |
An update for gettext is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2487:01 Important: Red Hat JBoss Web Server 3.1 Service (Jun 10) |
| |
An update is now available for Red Hat JBoss Web Server 3.1, for RHEL 6, RHEL 7 and Windows. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2483:01 Important: Red Hat JBoss Web Server 3.1 Service (Jun 10) |
| |
An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and RHEL 7. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2462:01 Moderate: pcs security and bug fix update (Jun 10) |
| |
An update for pcs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-2480:01 Moderate: CloudForms 5.0.6 security, (Jun 10) |
| |
An update is now available for CloudForms Management Engine 5.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-2475:01 Important: .NET Core on Red Hat Enterprise Linux (Jun 10) |
| |
An update for rh-dotnet31-dotnet is now available for .NET Core on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2471:01 Important: .NET Core on Red Hat Enterprise Linux (Jun 10) |
| |
An update for .NET Core is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2476:01 Important: .NET Core on Red Hat Enterprise Linux (Jun 10) |
| |
An update for rh-dotnet21-dotnet is now available for .NET Core on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2473:01 Moderate: pcs security and bug fix update (Jun 10) |
| |
An update for pcs is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2474:01 Moderate: libexif security update (Jun 10) |
| |
An update for libexif is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2472:01 Important: virt:rhel security update (Jun 10) |
| |
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2432:01 Moderate: microcode_ctl security, (Jun 9) |
| |
Updated microcode_ctl packages that fix several security bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2450:01 Important: .NET Core 3.1 on Red Hat Enterprise (Jun 9) |
| |
An update for .NET Core 3.1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2430:01 Moderate: kernel security and bug fix update (Jun 9) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2020-2433:01 Moderate: microcode_ctl security, (Jun 9) |
| |
An update for microcode_ctl is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2427:01 Important: kernel security and bug fix update (Jun 9) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2429:01 Important: kernel security and bug fix update (Jun 9) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2428:01 Important: kernel-rt security and bug fix update (Jun 9) |
| |
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2431:01 Moderate: microcode_ctl security, (Jun 9) |
| |
Updated microcode_ctl packages that fix several security bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2020-2419:01 Important: unbound security update (Jun 8) |
| |
An update for unbound is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2418:01 Important: unbound security update (Jun 8) |
| |
An update for unbound is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2416:01 Important: unbound security update (Jun 8) |
| |
An update for unbound is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2415:01 Important: freerdp security update (Jun 8) |
| |
An update for freerdp is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2417:01 Important: freerdp security update (Jun 8) |
| |
An update for freerdp is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2414:01 Important: unbound security update (Jun 8) |
| |
An update for unbound is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2405:01 Important: freerdp security update (Jun 5) |
| |
An update for freerdp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2407:01 Important: freerdp security update (Jun 4) |
| |
An update for freerdp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2406:01 Important: freerdp security update (Jun 4) |
| |
An update for freerdp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2404:01 Important: bind security update (Jun 4) |
| |
An update for bind is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2020-2367:01 Important: Red Hat support for Spring Boot 2.1.13 (Jun 4) |
| |
An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2020-2366:01 Important: Red Hat support for Spring Boot 2.1.12 (Jun 4) |
| |
An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
Slackware: 2020-163-01: Slackware 14.2 kernel Security Update (Jun 11) |
| |
New kernel packages are available for Slackware 14.2 to fix security issues.
|
| |
Slackware: 2020-156-01: mozilla-thunderbird Security Update (Jun 4) |
| |
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.
|
| |
SUSE: 2020:1608-1 ed (Jun 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1609-1 important: xen (Jun 11) |
| |
An update that solves one vulnerability and has three fixes is now available.
|
| |
SUSE: 2020:14396-1 moderate: kvm (Jun 11) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2020:1606-1 critical: nodejs12 (Jun 11) |
| |
An update that solves four vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:1602-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 24 vulnerabilities and has 133 fixes is now available.
|
| |
SUSE: 2020:1604-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 24 vulnerabilities and has 126 fixes is now available.
|
| |
SUSE: 2020:1605-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 23 vulnerabilities and has 94 fixes is now available.
|
| |
SUSE: 2020:1605-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 23 vulnerabilities and has 94 fixes is now available.
|
| |
SUSE: 2020:1602-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 24 vulnerabilities and has 133 fixes is now available.
|
| |
SUSE: 2020:1603-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 23 vulnerabilities and has 92 fixes is now available.
|
| |
SUSE: 2020:1591-1 important: MozillaThunderbird (Jun 10) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2020:1601-1 moderate: ucode-intel (Jun 10) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1599-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 24 vulnerabilities and has 126 fixes is now available.
|
| |
SUSE: 2020:1597-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 7 vulnerabilities and has four fixes is now available.
|
| |
SUSE: 2020:1600-1 moderate: ucode-intel (Jun 10) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1599-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 24 vulnerabilities and has 126 fixes is now available.
|
| |
SUSE: 2020:14394-1 moderate: microcode_ctl (Jun 10) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1596-1 important: the Linux Kernel (Jun 10) |
| |
An update that solves 7 vulnerabilities and has 11 fixes is now available.
|
| |
SUSE: 2020:1595-1 moderate: ucode-intel (Jun 10) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1589-1 moderate: ucode-intel (Jun 10) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1582-1 moderate: rubygem-bundler (Jun 9) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1581-1 moderate: texlive (Jun 9) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:1580-1 moderate: texlive-filesystem (Jun 9) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:14393-1 important: the Linux Kernel (Jun 9) |
| |
An update that solves 5 vulnerabilities and has two fixes is now available.
|
| |
SUSE: 2020:1587-1 important: the Linux Kernel (Jun 9) |
| |
An update that solves 24 vulnerabilities and has 133 fixes is now available.
|
| |
SUSE: 2020:14391-1 important: java-1_7_0-ibm (Jun 9) |
| |
An update that fixes 8 vulnerabilities is now available.
|
| |
SUSE: 2020:1584-1 important: gnutls (Jun 9) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2020:1575-1 critical: nodejs10 (Jun 9) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2020:1576-1 critical: nodejs8 (Jun 9) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1572-1 moderate: java-11-openjdk (Jun 9) |
| |
An update that fixes 13 vulnerabilities is now available.
|
| |
SUSE: 2020:1571-1 important: java-1_7_0-openjdk (Jun 9) |
| |
An update that fixes 8 vulnerabilities is now available.
|
| |
SUSE: 2020:1570-1 important: ruby2.1 (Jun 9) |
| |
An update that fixes 42 vulnerabilities is now available.
|
| |
SUSE: 2020:1569-1 important: java-1_8_0-openjdk (Jun 9) |
| |
An update that fixes 10 vulnerabilities is now available.
|
| |
SUSE: 2020:1568-1 critical: nodejs10 (Jun 9) |
| |
An update that solves four vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:1573-1 moderate: Add features for Metrics Server, Cert Status Checker, VSphere (Jun 9) |
| |
An update that solves four vulnerabilities and has 16 fixes is now available.
|
| |
SUSE: 2020:1563-1 important: MozillaFirefox (Jun 8) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1552-1 moderate: dpdk (Jun 8) |
| |
An update that solves three vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:1557-1 file-roller (Jun 8) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:14389-1 important: MozillaFirefox (Jun 8) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1551-1 moderate: vim (Jun 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1550-1 moderate: vim (Jun 8) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2020:1553-1 moderate: libexif (Jun 8) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
SUSE: 2020:1554-1 moderate: slurm_20_02 (Jun 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:14388-1 moderate: gnuplot (Jun 8) |
| |
An update that solves four vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:1556-1 important: MozillaFirefox (Jun 8) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:1545-1 moderate: php7 (Jun 5) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1546-1 moderate: php72 (Jun 5) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2020:14385-1 moderate: vim (Jun 4) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1538-1 moderate: qemu (Jun 4) |
| |
An update that solves 7 vulnerabilities and has one errata is now available.
|
| |
SUSE: 2020:1532-1 moderate: libxml2 (Jun 4) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1534-1 moderate: libexif (Jun 4) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
SUSE: 2020:1535-1 libcroco (Jun 4) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2020:1533-1 important: krb5-appl (Jun 4) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:14384-1 transfig (Jun 4) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2020:1530-1 moderate: libreoffice (Jun 4) |
| |
An update that solves one vulnerability and has three fixes is now available.
|
| |
Ubuntu 4385-2: Intel Microcode regression (Jun 10) |
| |
USN-4385-1 introduced a regression in the Intel Microcode for some processors.
|
| |
Ubuntu 4394-1: SQLite vulnerabilities (Jun 10) |
| |
Several security issues were fixed in SQLite.
|
| |
Ubuntu 4393-1: Linux kernel vulnerabilities (Jun 9) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4392-1: Linux kernel vulnerabilities (Jun 9) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4391-1: Linux kernel vulnerabilities (Jun 9) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4390-1: Linux kernel vulnerabilities (Jun 9) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4389-1: Linux kernel vulnerabilities (Jun 9) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4388-1: Linux kernel vulnerabilities (Jun 9) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4387-1: Linux kernel vulnerabilities (Jun 9) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4385-1: Intel Microcode vulnerabilities (Jun 9) |
| |
Several security issues were fixed in Intel Microcode.
|
| |
Ubuntu 4386-1: libjpeg-turbo vulnerability (Jun 9) |
| |
libjpeg-turbo could be made to expose sensitive information if it received a specially crafted PPM file.
|
| |
Ubuntu 4384-1: GnuTLS vulnerability (Jun 5) |
| |
GnuTLS could be made to expose sensitive information.
|
| |
Ubuntu 4383-1: Firefox vulnerabilities (Jun 4) |
| |
Firefox could be made to crash or run programs as your login if it opened a malicious website.
|
| |
Ubuntu 4382-1: FreeRDP vulnerabilities (Jun 4) |
| |
Several security issues were fixed in FreeRDP.
|
| |
Ubuntu 4381-2: Django vulnerabilities (Jun 4) |
| |
Several security issues were fixed in Django.
|
| |
Debian LTS: DLA-2247-1: thunderbird security update (Jun 12) |
| |
Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code.
|
| |
Debian LTS: DLA-2233-2: python-django regression update (Jun 12) |
| |
It was discovered that there was a regression in the latest update to Django, the Python web development framework. The upstream fix for CVE-2020-13254 to address data leakages via malformed memcached keys could, in some situations, cause a traceback.
|
| |
Debian LTS: DLA-2245-1: mysql-connector-java security update (Jun 11) |
| |
Several issues were discovered in mysql-connector-java, a Java database (JDBC) driver for MySQL, that allow attackers to update, insert or delete access to some of MySQL Connectors accessible data, unauthorized
|
| |
Debian LTS: DLA-2244-1: libphp-phpmailer security update (Jun 11) |
| |
It was discovered that there was an escaping issue in libphp-phpmailer, an email generation utility class for the PHP programming language.
|
| |
Debian LTS: DLA-2241-2: linux security update (Jun 10) |
| |
This update is now available for all supported architectures. For reference the original advisory text follows. Several vulnerabilities have been discovered in the Linux kernel that
|
| |
Debian LTS: DLA-2242-1: linux-4.9 security update (Jun 10) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
|
| |
Debian LTS: DLA-2241-1: linux security update (Jun 9) |
| |
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
|
| |
Debian LTS: DLA-2243-1: firefox-esr security update [REVISED] (Jun 9) |
| |
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.
|
| |
Debian LTS: DLA-2243-1: firefox-esr security update (Jun 9) |
| |
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or a timing attack on cryptographic keys.
|
| |
Debian LTS: DLA-2240-1: bluez security update (Jun 9) |
| |
It was reported that the BlueZ's HID and HOGP profile implementations don't specifically require bonding between the device and the host. Malicious devices can take advantage of this flaw to connect to a target
|
| |
Debian LTS: DLA-2238-1: libupnp security update (Jun 8) |
| |
libupnp, the portable SDK for UPnP Devices allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath
|
| |
Debian LTS: DLA-2237-1: cups security update (Jun 7) |
| |
The following CVE(s) were reported against src:cups. CVE-2019-8842
|
| |
Debian LTS: DLA-2236-1: graphicsmagick security update (Jun 7) |
| |
A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that results in a heap buffer overwrite when magnifying MNG images.
|
| |
Debian LTS: DLA-2234-1: netqmail security update (Jun 4) |
| |
There were several CVE bugs reported against src:netqmail. CVE-2005-1513
|
| |
ArchLinux: 202006-8: python-django: multiple issues (Jun 9) |
| |
The package python-django before version 3.0.7-1 is vulnerable to multiple issues including cross-site scripting and information disclosure.
|
| |
ArchLinux: 202006-7: tomcat9: arbitrary code execution (Jun 9) |
| |
The package tomcat9 before version 9.0.35-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 202006-6: tomcat7: arbitrary code execution (Jun 9) |
| |
The package tomcat7 before version 7.0.104-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 202006-5: tomcat8: arbitrary code execution (Jun 9) |
| |
The package tomcat8 before version 8.5.55-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 202006-4: thunderbird: multiple issues (Jun 9) |
| |
The package thunderbird before version 68.9.0-1 is vulnerable to multiple issues including arbitrary code execution, denial of service, man-in-the-middle and private key recovery.
|
| |
ArchLinux: 202006-3: chromium: multiple issues (Jun 9) |
| |
The package chromium before version 83.0.4103.97-1 is vulnerable to multiple issues including access restriction bypass, arbitrary code execution and content spoofing.
|
| |
ArchLinux: 202006-2: gnutls: man-in-the-middle (Jun 9) |
| |
The package gnutls before version 3.6.14-1 is vulnerable to man-in-the- middle.
|
| |
ArchLinux: 202006-1: firefox: multiple issues (Jun 9) |
| |
The package firefox before version 77.0-1 is vulnerable to multiple issues including arbitrary code execution, denial of service, private key recovery and content spoofing.
|
| |
CentOS: CESA-2020-2530: Important CentOS 7 tomcat (Jun 11) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2530
|
| |
CentOS: CESA-2020-2432: Moderate CentOS 7 microcode_ctl (Jun 10) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2432
|
| |
CentOS: CESA-2020-2430: Moderate CentOS 6 kernel (Jun 10) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2430
|
| |
CentOS: CESA-2020-2433: Moderate CentOS 6 microcode_ctl (Jun 10) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2433
|
| |
CentOS: CESA-2020-2414: Important CentOS 7 unbound (Jun 9) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2414
|
| |
CentOS: CESA-2020-2414: Important CentOS 7 unbound (Jun 9) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2414
|
| |
CentOS: CESA-2020-2406: Important CentOS 6 freerdp (Jun 4) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2406
|
| |
CentOS: CESA-2020-2383: Important CentOS 6 bind (Jun 4) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2383
|
| |
CentOS: CESA-2020-2378: Important CentOS 6 firefox (Jun 4) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2378
|
| |
CentOS: CESA-2020-2381: Important CentOS 7 firefox (Jun 4) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2020:2381
|
| |
SciLinux: SLSA-2020-2516-1 Moderate: libexif on SL6.x i386/x86_64 (Jun 11) |
| |
libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112) SL6 x86_64 libexif-0.6.21-6.el6_10.i686.rpm libexif-0.6.21-6.el6_10.x86_64.rpm libexif-debuginfo-0.6.21-6.el6_10.i686.rpm libexif-debuginfo-0.6.21-6.el6_10.x86_64.rpm libexif-devel-0.6.21-6.el6_10.i686.rpm libexif-devel-0.6.21-6.el6_10.x86_64.rpm [More...]
|
| |
SciLinux: SLSA-2020-2530-1 Important: tomcat on SL7.x (noarch) (Jun 11) |
| |
tomcat: deserialization flaw in session persistence storage leading to RCE (CVE-2020-9484) SL7 noarch tomcat-servlet-3.0-api-7.0.76-12.el7_8.noarch.rpm tomcat-7.0.76-12.el7_8.noarch.rpm tomcat-admin-webapps-7.0.76-12.el7_8.noarch.rpm tomcat-docs-webapp-7.0.76-12.el7_8.noarch.rpm tomcat-el-2.2-api-7.0.76-12.el7_8.noarch.rpm tomcat-javadoc-7.0.76-12.el7_8.noarch.rpm [More...]
|
| |
SciLinux: SLSA-2020-2433-1 Moderate: microcode_ctl on SL6.x i386/x86_64 (Jun 10) |
| |
hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: Vector Register Data Sampling (CVE-2020-0548) SL6 x86_64 microcode_ctl-1.17-33.26.el6_10.x86_64.rpm microcode_ctl-debuginfo-1.17-33.26.el6_10.x86_64.rpm i386 microcode_ctl-1.17-33.26.el6_10.i686.rpm microcode_ctl-debuginfo-1.17-33.26.el6_10.i686.rpm [More...]
|
| |
SciLinux: SLSA-2020-2430-1 Moderate: kernel on SL6.x i386/x86_64 (Jun 10) |
| |
kernel: NULL pointer dereference due to KEYCTL_READ on negative key (CVE-2017-12192) SL6 x86_64 kernel-2.6.32-754.30.2.el6.x86_64.rpm kernel-debug-2.6.32-754.30.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.30.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.30.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.30.2.el6.i686.rpm kernel-debug-devel-2.6.32-754.30.2.el [More...]
|
| |
SciLinux: SLSA-2020-2406-1 Important: freerdp on SL6.x i386/x86_64 (Jun 9) |
| |
freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) SL6 x86_64 freerdp-1.0.2-7.el6_10.x86_64.rpm freerdp-debuginfo-1.0.2-7.el6_10.x86_64.rpm freerdp-libs-1.0.2-7.el6_10.x86_64.rpm freerdp-plugins-1.0.2-7.el6_10.x86_64.rpm freerdp-debuginfo-1.0.2-7.el6_10.i686.rpm freerdp-devel-1.0.2-7.el6_10.i686.rpm freerdp-devel-1.0. [More...]
|
| |
SciLinux: SLSA-2020-2414-1 Important: unbound on SL7.x x86_64 (Jun 9) |
| |
unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662) * unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663) SL7 x86_64 unbound-1.6.6-4.el7_8.x86_64.rpm unbound-debuginfo-1.6.6-4.el7_8.i686.rpm unbound-debuginfo-1.6.6-4.el7_8.x86_64.rpm unbound-libs-1.6.6-4.el7_8.i686.rpm [More...]
|
| |
SciLinux: SLSA-2020-2405-1 Important: freerdp on SL7.x x86_64 (Jun 9) |
| |
freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) SL7 x86_64 freerdp-2.0.0-4.rc4.el7_8.1.x86_64.rpm freerdp-debuginfo-2.0.0-4.rc4.el7_8.1.i686.rpm freerdp-debuginfo-2.0.0-4.rc4.el7_8.1.x86_64.rpm freerdp-libs-2.0.0-4.rc4.el7_8.1.i686.rpm freerdp-libs-2.0.0-4.rc4.el7_8.1.x86_64.rpm libwinpr-2.0.0-4.rc4.el7_8.1.i686.rpm [More...]
|
| |
SciLinux: SLSA-2020-2383-1 Important: bind on SL6.x i386/x86_64 (Jun 4) |
| |
bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) * bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617) SL6 x86_64 bind-debuginfo-9.8.2-0.68.rc1.el6_10.7.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.7.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10 [More...]
|
| |
SciLinux: SLSA-2020-2378-1 Important: firefox on SL6.x i386/x86_64 (Jun 4) |
| |
Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410) SL6 x86_64 firefox-68.9.0-1.el6_10.x86_64.rpm firefox-debuginfo-68.9.0-1.el6_10.x86_64.rpm firefox-68.9.0-1.el6_10.i686.rpm firefox-debuginfo-68.9.0-1.e [More...]
|
| |
SciLinux: SLSA-2020-2381-1 Important: firefox on SL7.x x86_64 (Jun 4) |
| |
Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410) SL7 x86_64 firefox-68.9.0-1.el7_8.x86_64.rpm firefox-debuginfo-68.9.0-1.el7_8.x86_64.rpm firefox-68.9.0-1.el7_8.i686.rpm firefox-debuginfo-68.9.0-1.el7_ [More...]
|
| |
openSUSE: 2020:0794-1: moderate: vim (Jun 11) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0793-1: moderate: libexif (Jun 11) |
| |
An update that fixes 9 vulnerabilities is now available.
|
| |
openSUSE: 2020:0791-1: moderate: ucode-intel (Jun 10) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2020:0790-1: important: gnutls (Jun 10) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2020:0789-1: important: MozillaFirefox (Jun 10) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2020:0787-1: moderate: xawtv (Jun 10) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0788-1: moderate: GraphicsMagick (Jun 10) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0786-1: moderate: libreoffice (Jun 8) |
| |
An update that solves one vulnerability and has three fixes is now available.
|
| |
openSUSE: 2020:0785-1: moderate: axel (Jun 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0784-1: moderate: xawtv (Jun 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0779-1: moderate: GraphicsMagick (Jun 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0780-1: libcroco (Jun 8) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2020:0778-1: moderate: axel (Jun 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2020:0781-1: moderate: libxml2 (Jun 8) |
| |
An update that fixes one vulnerability is now available.
|
| |
Mageia 2020-0257: xawtv security update (Jun 10) |
| |
Updated xawtv packages fix security vulnerability: The v4l-conf program in xawtv allows users to determine the existence of file names in directories they do not have access to, and allows a user to have the system open files they do not have access to, though it does
|
| |
Mageia 2020-0256: nghttp2 security update (Jun 10) |
| |
nghttp2 has been updated to version 1.41.0 to fix CVE-2020-11080. The overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a
|
| |
Mageia 2020-0255: perl security update (Jun 10) |
| |
This update from 5.28.2 to 5.28.3 fixes bugs several bugs the RPM package manager. - Update to 5.23.3 (See https://metacpan.org/release/XSAWYERX/perl-5.28.3/view/pod/perldelta.pod for release notes)
|
| |
Mageia 2020-0254: coturn security update (Jun 10) |
| |
Updated the coturn package in order to fix some security vulnerabilities: http_server.c: An exploitable heap overflow vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted
|
| |
Mageia 2020-0253: libarchive security update (Jun 10) |
| |
Advisory text to describe the update. Wrap lines at ~75 chars. Updated libarchive packages fix security vulnerability: archive_read_support_format_lha.c in libarchive before 3.4.1 does not
|
| |
Mageia 2020-0252: ruby-rack security update (Jun 10) |
| |
Updated ruby-rack packages fix security vulnerabilities: There's a possible information leak / session hijack vulnerability in Rack(RubyGem rack). Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually
|
| |
Mageia 2020-0251: openconnect security update (Jun 10) |
| |
Updated openconnect packages fix security vulnerabilities: OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks (CVE-2020-12105).
|
| |
Mageia 2020-0250: libvirt security update (Jun 10) |
| |
Advisory text to describe the update. Wrap lines at ~75 chars. Updated libvirt packages fix security vulnerability:
|
| |
Mageia 2020-0249: python-typed-ast security update (Jun 10) |
| |
Advisory text to describe the update. Wrap lines at ~75 chars. Updated python-typed-ast package fixes security vulnerabilities: typed_ast 1.3.0 and 1.3.1 has a handle_keywordonly_args out-of-bounds
|
| |
Mageia 2020-0248: cups security update (Jun 10) |
| |
Updated cups packages fix security vulnerabilities: It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information
|
| |
Mageia 2020-0247: nrpe security update (Jun 10) |
| |
Advisory text to describe the update. Wrap lines at ~75 chars. Updated nrpe packages fix security vulnerabilities:
|
| |
Mageia 2020-0246: sudo security update (Jun 10) |
| |
Updated sudo packages fix security vulnerabilities: It was found that sudo always allowed commands to be run with unknown user or group ids if the sudo configuration allowed it for example via the "ALL" alias. This could allow sudo to impersonate non-existent
|
| |
Mageia 2020-0245: libzypp security update (Jun 10) |
| |
Libzypp from mageia 7 is affected by a security issue. This update fixes this. Incorrect Default Permissions vulnerability in libzypp allowed local
|
| |
Mageia 2020-0243: ruby-RubyGems security update (Jun 10) |
| |
Updated ruby-RubyGems package fixes security vulnerabilities The following vulnerabilities have been reported. CVE-2019-8320: Delete directory using symlink when decompressing tar
|
| |
Mageia 2020-0242: vino security update (Jun 10) |
| |
Updated vino packages fix security vulnerabilities: The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer did not properly handle attempts to send a large amount of ClientCutText data, which allowed remote attackers to cause a denial of
|
