| |
Debian: DSA-4472-1: expat security update (Jun 28) |
| |
It was discovered that Expat, an XML parsing C library, did not properly handled XML input including XML names that contain a large number of colons, potentially resulting in denial of service.
|
| |
Debian: DSA-4471-1: thunderbird security update (Jun 24) |
| |
For the stable distribution (stretch), these problems have been fixed in
|
| |
Debian: DSA-4469-1: libvirt security update (Jun 22) |
| |
Two vulnerabilities were discovered in Libvirt, a virtualisation abstraction library, allowing an API client with read-only permissions to execute arbitrary commands via the virConnectGetDomainCapabilities API, or read or execute arbitrary files via the
|
| |
Debian: DSA-4468-1: php-horde-form security update (Jun 21) |
| |
A path traversal vulnerability due to an unsanitized POST parameter was discovered in php-horde-form, a package providing form rendering, validation, and other functionality for the Horde Application Framework. An attacker can take advantage of this flaw for remote code execution.
|
| |
Debian: DSA-4447-2: intel-microcode security update (Jun 20) |
| |
DSA 4447-1 shipped updated CPU microcode for most types of Intel CPUs as mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities. This update provides additional support for some Sandybridge server
|
|
|
|
| |
Fedora 29: drupal7-uuid FEDORA-2019-a872068cd3 (Jun 28) |
| |
- https://www.drupal.org/project/uuid/releases/7.x-1.3 - https://www.drupal.org/sa-contrib-2019-052
|
| |
Fedora 29: php-typo3-phar-stream-wrapper2 FEDORA-2019-af7bef7165 (Jun 28) |
| |
## php-typo3-phar-stream-wrapper2 ### v2.1.2 Handling mime-type & Windows paths #### Resolved Issues - \#34: Normalize resolved Windows path to Unix-style - \#42: Avoid analysing non-phar files on alias resolving - \#40: Add Windows tests using AppVeyor - \#33: Add alternative mime-type resolving (without ext- fileinfo) ### v2.1.1 Phar Alias Handling & Performance Releases v3.1.1 and
|
| |
Fedora 29: php-brumann-polyfill-unserialize FEDORA-2019-af7bef7165 (Jun 28) |
| |
## php-typo3-phar-stream-wrapper2 ### v2.1.2 Handling mime-type & Windows paths #### Resolved Issues - \#34: Normalize resolved Windows path to Unix-style - \#42: Avoid analysing non-phar files on alias resolving - \#40: Add Windows tests using AppVeyor - \#33: Add alternative mime-type resolving (without ext- fileinfo) ### v2.1.1 Phar Alias Handling & Performance Releases v3.1.1 and
|
| |
Fedora 30: drupal7-uuid FEDORA-2019-9f613ab692 (Jun 26) |
| |
- https://www.drupal.org/project/uuid/releases/7.x-1.3 - https://www.drupal.org/sa-contrib-2019-052
|
| |
Fedora 30: php-brumann-polyfill-unserialize FEDORA-2019-a8121923d5 (Jun 26) |
| |
## php-typo3-phar-stream-wrapper2 ### v2.1.2 Handling mime-type & Windows paths #### Resolved Issues - \#34: Normalize resolved Windows path to Unix-style - \#42: Avoid analysing non-phar files on alias resolving - \#40: Add Windows tests using AppVeyor - \#33: Add alternative mime-type resolving (without ext- fileinfo) ### v2.1.1 Phar Alias Handling & Performance Releases v3.1.1 and
|
| |
Fedora 30: php-typo3-phar-stream-wrapper2 FEDORA-2019-a8121923d5 (Jun 26) |
| |
## php-typo3-phar-stream-wrapper2 ### v2.1.2 Handling mime-type & Windows paths #### Resolved Issues - \#34: Normalize resolved Windows path to Unix-style - \#42: Avoid analysing non-phar files on alias resolving - \#40: Add Windows tests using AppVeyor - \#33: Add alternative mime-type resolving (without ext- fileinfo) ### v2.1.1 Phar Alias Handling & Performance Releases v3.1.1 and
|
| |
Fedora 30: thunderbird FEDORA-2019-fd116d3002 (Jun 24) |
| |
Update to latest upstream version.
|
| |
Fedora 30: tomcat FEDORA-2019-1a3f878d27 (Jun 24) |
| |
This update includes a rebase from 9.0.13 up to 9.0.21 which resolves two CVEs along with various other bugs/features: * rhbz#1673856 tomcat-9.0.21 is available * rhbz#1713279 CVE-2019-0221 tomcat: XSS in SSI printenv * rhbz#1693326 CVE-2019-0199 tomcat: Apache Tomcat HTTP/2 DoS
|
| |
Fedora 30: mozjs60 Security Update (Jun 23) |
| |
Fix CVE-2019-11707 Fix CVE-2019-11708
|
| |
Fedora 30: gjs Security Update (Jun 23) |
| |
Fix CVE-2019-11707 Fix CVE-2019-11708
|
| |
Fedora 29: libxslt Security Update (Jun 23) |
| |
Update to 1.1.33 and fix CVE-2019-11068
|
| |
Fedora 29: poppler Security Update (Jun 21) |
| |
Security fix for CVE-2019-12293, CVE-2019-10872 and CVE-2019-10871.
|
| |
Fedora 29: evince Security Update (Jun 21) |
| |
Security fix for CVE-2019-11459.
|
| |
Fedora 29: firefox Security Update (Jun 21) |
| |
- New upstream version (67.0.4) - Fixes CVE-2019-11708: sandbox escape using Prompt:Open - Release notes are at https://www.mozilla.org/en-US/firefox/67.0.4/releasenotes/
|
| |
Fedora 30: firefox Security Update (Jun 21) |
| |
- New upstream version (67.0.4) - Fixes CVE-2019-11708: sandbox escape using Prompt:Open - Release notes are at https://www.mozilla.org/en-US/firefox/67.0.4/releasenotes/
|
| |
Fedora 29: firefox Security Update (Jun 20) |
| |
- New upstream version (67.0.3) - Fixed CVE-2019-11707: Type confusion in Array.pop ---- - New upstream version (67.0.2) - Release notes are available at https://www.mozilla.org/en-US/firefox/67.0.2/releasenotes/
|
|
|
|
| |
RedHat: RHSA-2019-1633:01 Moderate: Red Hat OpenShift Container Platform (Jun 27) |
| |
An update for atomic-openshift is now available for OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-1632:01 Moderate: Red Hat OpenShift Container Platform (Jun 27) |
| |
An update for atomic-openshift is now available for OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-1626:01 Important: thunderbird security update (Jun 27) |
| |
An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-1624:01 Important: thunderbird security update (Jun 27) |
| |
An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-1623:01 Important: thunderbird security update (Jun 27) |
| |
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-1619:01 Important: vim security update (Jun 27) |
| |
An update for vim is now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-1591:01 Low: OpenShift Container Platform 4.1 image (Jun 26) |
| |
An update for ose-cluster-kube-apiserver-operator-container and ose-cluster-openshift-apiserver-operator-container is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact
|
| |
RedHat: RHSA-2019-1603:01 Critical: firefox security update (Jun 25) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-1604:01 Critical: firefox security update (Jun 25) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-1602:01 Important: kernel-alt security update (Jun 25) |
| |
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-1594:01 Important: redhat-virtualization-host security (Jun 25) |
| |
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this updated as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-1587:01 Important: python security update (Jun 20) |
| |
An update for python is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-1580:01 Important: virt:rhel security update (Jun 20) |
| |
An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-1579:01 Important: libvirt security and bug fix update (Jun 20) |
| |
An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-1569:01 Moderate: redhat-virtualization-host security and (Jun 20) |
| |
An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-1571:01 Moderate: rhvm-appliance security, bug fix, (Jun 20) |
| |
An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-1578:01 Moderate: libvirt security update (Jun 20) |
| |
An update for libvirt is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
|
|
|
| |
Slackware: 2019-172-01: mozilla-firefox Security Update (Jun 21) |
| |
New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue.
|
| |
Slackware: 2019-171-01: bind Security Update (Jun 20) |
| |
New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a denial-of-service security issue.
|
|
|
|
| |
SUSE: 2019:1716-1 moderate: glibc (Jun 27) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:1308-2 important: java-1_8_0-ibm (Jun 27) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
SUSE: 2019:1712-1 moderate: ImageMagick (Jun 25) |
| |
An update that solves 9 vulnerabilities and has two fixes is now available.
|
| |
SUSE: 2019:1703-1 moderate: SUSE Manager Server 3.2 (Jun 25) |
| |
An update that solves one vulnerability and has 24 fixes is now available.
|
| |
SUSE: 2019:1693-1 moderate: tomcat (Jun 25) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:1692-1 important: the Linux Kernel (Jun 24) |
| |
An update that solves 9 vulnerabilities and has 7 fixes is now available.
|
| |
SUSE: 2019:1690-1 important: libvirt (Jun 24) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1686-1 important: libvirt (Jun 24) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:1687-1 moderate: postgresql96 (Jun 24) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1574-2 important: samba (Jun 24) |
| |
An update that solves one vulnerability and has four fixes is now available.
|
| |
SUSE: 2019:14102-1 important: glib2 (Jun 24) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1684-1 important: MozillaFirefox (Jun 22) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1683-1 important: MozillaThunderbird (Jun 22) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2019:1682-1 important: MozillaFirefox (Jun 22) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1648-1 moderate: Recommended evince (Jun 21) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:1674-1 important: the Linux Kernel (Live Patch 0 for SLE 12 SP4) (Jun 21) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
SUSE: 2019:1645-1 moderate: netpbm (Jun 21) |
| |
An update that solves three vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:1668-1 important: the Linux Kernel (Live Patch 32 for SLE 12 SP1) (Jun 21) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2019:1671-1 important: the Linux Kernel (Live Patch 28 for SLE 12 SP2) (Jun 21) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2019:1644-1 important: java-1_8_0-ibm (Jun 21) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
SUSE: 2019:1643-1 important: libvirt (Jun 21) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2019:14101-1 moderate: netpbm (Jun 21) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:14100-1 important: libvirt (Jun 21) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1637-1 important: libvirt (Jun 21) |
| |
An update that solves three vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:1596-1 important: glib2 (Jun 21) |
| |
An update that solves three vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:1607-1 moderate: wireshark (Jun 21) |
| |
An update that contains security fixes can now be installed.
|
| |
SUSE: 2019:14098-1 moderate: libssh2_org (Jun 21) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:1606-1 moderate: libssh2_org (Jun 21) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:1603-1 moderate: exempi (Jun 21) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1597-1 important: dbus-1 (Jun 21) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1599-1 important: libvirt (Jun 21) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2019:1610-1 moderate: wireshark (Jun 21) |
| |
An update that contains security fixes can now be installed.
|
| |
SUSE: 2019:1601-1 important: sqlite3 (Jun 21) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1608-1 moderate: compat-openssl098 (Jun 21) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
SUSE: 2019:1591-1 important: dbus-1 (Jun 21) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1629-1 important: MozillaFirefox (Jun 21) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:1594-1 important: glib2 (Jun 21) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:1602-1 important: gstreamer-0_10-plugins-base (Jun 21) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:14097-1 important: libvirt (Jun 21) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:1595-1 important: dbus-1 (Jun 21) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1605-1 moderate: SDL2 (Jun 21) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:14099-1 moderate: libssh2_org (Jun 21) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
SUSE: 2019:1600-1 important: gstreamer-plugins-base (Jun 21) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1581-1 important: the Linux Kernel (Live Patch 3 for SLE 15) (Jun 20) |
| |
An update that fixes 5 vulnerabilities is now available.
|
| |
SUSE: 2019:1588-1 important: the Linux Kernel (Live Patch 10 for SLE 15) (Jun 20) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2019:1576-1 important: enigmail (Jun 20) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:1574-1 important: samba (Jun 20) |
| |
An update that solves one vulnerability and has four fixes is now available.
|
|
|
|
| |
Ubuntu 4042-1: poppler vulnerabilities (Jun 27) |
| |
Several security issues were fixed in poppler.
|
| |
Ubuntu 4040-2: Expat vulnerability (Jun 26) |
| |
Expat could be made to consume a high amount of RAM and CPU resources if it received a specially crafted XML file.
|
| |
Ubuntu 4040-1: Expat vulnerability (Jun 26) |
| |
Expat could be made to consume a high amount of RAM and CPU resources if it received a specially crafted XML file.
|
| |
Ubuntu 4038-2: bzip2 vulnerabilities (Jun 26) |
| |
Several security issues were fixed in bzip2.
|
| |
Ubuntu 4038-1: bzip2 vulnerabilities (Jun 26) |
| |
Several security issues were fixed in bzip2.
|
| |
Ubuntu 4037-1: policykit-desktop-privileges update (Jun 25) |
| |
A security improvement has been made to policykit-desktop-privileges.
|
| |
Ubuntu 4036-1: OpenStack Neutron vulnerability (Jun 25) |
| |
A system hardening measure could be bypassed.
|
| |
Ubuntu 4035-1: Ceph vulnerabilities (Jun 25) |
| |
Several security issues were fixed in Ceph.
|
| |
Ubuntu 4034-1: ImageMagick vulnerabilities (Jun 25) |
| |
Several security issues were fixed in ImageMagick.
|
| |
Ubuntu 4033-1: libmysofa vulnerability (Jun 24) |
| |
libmysofa could be made to crash if it received specially crafted input.
|
| |
Ubuntu 4032-1: Firefox vulnerability (Jun 24) |
| |
A sandbox escape was discovered in Firefox.
|
| |
Ubuntu 4031-1: Linux kernel vulnerability (Jun 24) |
| |
64-Bit PowerPC systems could be made to expose sensitive information.
|
| |
Ubuntu 4030-1: web2py vulnerabilities (Jun 21) |
| |
Several security issues were fixed in web2py.
|
| |
Ubuntu 3977-3: Intel Microcode update (Jun 20) |
| |
The system could be made to expose sensitive information.
|
| |
Ubuntu 4023-1: Mosquitto vulnerabilities (Jun 20) |
| |
Several security issues were fixed in Mosquitto.
|
| |
Ubuntu 4028-1: Thunderbird vulnerabilities (Jun 20) |
| |
Several security issues were fixed in Thunderbird.
|
| |
Ubuntu 4027-1: PostgreSQL vulnerability (Jun 20) |
| |
PostgreSQL could be made to crash or run programs if it received specially crafted network traffic.
|
| |
Ubuntu 4026-1: Bind vulnerability (Jun 20) |
| |
Bind could be made to crash if it received specially crafted network traffic.
|
|
|
|
| |
Debian LTS: DLA-1838-1: mupdf security update (Jun 28) |
| |
Several minor issues have been fixed in mupdf, a lightweight PDF viewer tailored for display of high quality anti-aliased graphics.
|
| |
Debian LTS: DLA-1835-2: python3.4 regression update (Jun 25) |
| |
The update issued as DLA-1835-1 caused a regression in the http.client library in Python 3.4 which was broken by the patch intended to fix CVE-2019-9740 and CVE-2019-9947.
|
| |
Debian LTS: DLA-1837-1: rdesktop security update (Jun 25) |
| |
Several security vulnerabilities were discovered in the rdesktop RDP client, which could result in buffer overflows and execution of arbitrary code.
|
| |
Debian LTS: DLA-1836-1: thunderbird security update (Jun 25) |
| |
Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read. For Debian 8 "Jessie", these problems have been fixed in version
|
| |
Debian LTS: DLA-1835-1: python3.4 security update (Jun 24) |
| |
Multiple vulnerabilities were discovered in Python, an interactive high-level object-oriented language, including
|
| |
Debian LTS: DLA-1834-1: python2.7 security update (Jun 24) |
| |
Multiple vulnerabilities were discovered in Python, an interactive high-level object-oriented language, including
|
| |
Debian LTS: DLA-1833-1: bzip2 security update (Jun 24) |
| |
Two issues in bzip2, a high-quality block-sorting file compressor, have been fixed. One, CVE-2019-12900, is a out-of-bounds write when using a crafted compressed file. The other, CVE-2016-3189, is a potential
|
| |
Debian LTS: DLA-1832-1: libvirt security update (Jun 24) |
| |
Two vulnerabilities were discovered in libvirt, an abstraction API for different underlying virtualisation mechanisms provided by the kernel, etc.
|
| |
Debian LTS: DLA-1831-1: jackson-databind security update (Jun 21) |
| |
More Polymorphic Typing issues were discovered in jackson-databind. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x or logback-core jar in the classpath, an attacker can send a
|
| |
Debian LTS: DLA-1830-1: znc security update (Jun 20) |
| |
A vulnerability was discovered in the ZNC IRC bouncer which could result in remote code execution.
|
| |
Debian LTS: DLA-1828-1: python-urllib3 security update (Jun 20) |
| |
A vulnerability was discovered in python-urllib3, an HTTP library with thread-safe connection pooling, whereby an attacker can inject CRLF characters in the request parameter.
|
| |
Debian LTS: DLA-1829-1: firefox-esr security update (Jun 20) |
| |
Samuel Gross discovered a type confusion bug in the JavaScript engine of the Mozilla Firefox web browser, which could result in the execution of arbitrary code when browsing a malicious website.
|
|
|
|
| |
CentOS: CESA-2019-1587: Important CentOS 7 python (Jun 24) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:1587
|
| |
CentOS: CESA-2019-1579: Important CentOS 7 libvirt (Jun 20) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:1579
|
| |
CentOS: CESA-2019-1578: Moderate CentOS 6 libvirt (Jun 20) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:1578
|
| |
CentOS: CESA-2019-1467: Important CentOS 6 python (Jun 20) |
| |
Upstream details at : https://access.redhat.com/errata/RHSA-2019:1467
|
|
|
|
| |
SciLinux: SLSA-2019-1604-1 Critical: firefox on SL6.x i386/x86_64 (Jun 26) |
| |
Mozilla: Type confusion in Array.pop (CVE-2019-11707) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) SL6 x86_64 firefox-60.7.2-1.el6_10.x86_64.rpm firefox-debuginfo-60.7.2-1.el6_10.x86_64.rpm firefox-60.7.2-1.el6_10.i686.rpm firefox-debuginfo-60.7.2-1.el6_10.i686.rpm i386 firefox-60.7.2-1.el6_10.i686.rpm firefox-debuginfo-60.7.2-1.el6_10.i686.rpm - [More...]
|
| |
SciLinux: SLSA-2019-1587-1 Important: python on SL7.x x86_64 (Jun 21) |
| |
python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc (CVE-2019-10160) SL7 x86_64 python-2.7.5-80.el7_6.x86_64.rpm python-debuginfo-2.7.5-80.el7_6.i686.rpm python-debuginfo-2.7.5-80.el7_6.x86_64.rpm python-libs-2.7.5-80.el7_6.i686.rpm python-libs-2.7.5-80.el7_6.x86_64.rpm python-debug-2.7.5-80.el7_6.x86_64.rpm python-devel-2.7. [More...]
|
| |
SciLinux: SLSA-2019-1578-1 Moderate: libvirt on SL6.x i386/x86_64 (Jun 20) |
| |
libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE [More...]
|
| |
SciLinux: SLSA-2019-1579-1 Important: libvirt on SL7.x x86_64 (Jun 20) |
| |
libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE [More...]
|
|
|
|
| |
openSUSE: 2019:1658-1: moderate: libmediainfo (Jun 27) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1638-1: important: gstreamer-0_10-plugins-base (Jun 27) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1632-1: moderate: SDL2 (Jun 27) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1637-1: moderate: compat-openssl098 (Jun 27) |
| |
An update that solves one vulnerability and has two fixes is now available.
|
| |
openSUSE: 2019:1635-1: moderate: ansible (Jun 27) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2019:1639-1: important: gstreamer-plugins-base (Jun 27) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1635-1: moderate: ansible (Jun 27) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
openSUSE: 2019:1650-1: important: glib2 (Jun 27) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1649-1: moderate: exempi (Jun 27) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1645-1: important: sqlite3 (Jun 27) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1646-1: moderate: wireshark (Jun 27) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2019:1640-1: moderate: libssh2_org (Jun 27) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1633-1: moderate: SDL2 (Jun 27) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1657-1: moderate: exempi (Jun 27) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1629-1: moderate: libmediainfo (Jun 26) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:1623-1: moderate: GraphicsMagick (Jun 25) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2019:1624-1: moderate: aubio (Jun 25) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1621-1: moderate: docker (Jun 25) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1619-1: moderate: GraphicsMagick (Jun 24) |
| |
An update that contains security fixes can now be installed.
|
| |
openSUSE: 2019:1614-1: important: python-Jinja2 (Jun 24) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1618-1: moderate: aubio (Jun 24) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:1612-1: important: enigmail (Jun 24) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1612-1: important: enigmail (Jun 24) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1606-1: important: MozillaThunderbird (Jun 24) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
openSUSE: 2019:1604-1: important: dbus-1 (Jun 24) |
| |
An update that solves one vulnerability and has one errata is now available.
|
| |
openSUSE: 2019:1602-1: moderate: openssh (Jun 24) |
| |
An update that solves two vulnerabilities and has four fixes is now available.
|
| |
openSUSE: 2019:1603-1: moderate: ImageMagick (Jun 24) |
| |
An update that solves 5 vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:1605-1: moderate: netpbm (Jun 24) |
| |
An update that solves two vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:1595-1: important: MozillaFirefox (Jun 24) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1593-1: important: MozillaFirefox (Jun 23) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:1594-1: critical: MozillaThunderbird (Jun 23) |
| |
An update that fixes two vulnerabilities is now available.
|
|
|
|
| |
Mageia 2019-0197: kernel-linus security update (Jun 20) |
| |
This kernel-linus update is based on the upstream 4.14.127 and fixes atleast the following security issues: Jonathan Looney discovered that it is possible to send a crafted sequence of SACKs which will fragment the RACK send map. An attacker may be able to
|
| |
Mageia 2019-0199: git security update (Jun 20) |
| |
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017 (CVE-2018-19486).
|
| |
Mageia 2019-0198: firefox security update (Jun 20) |
| |
The updated firefox packages fix a security vulnerability that's being exploited in the wild: Type confusion in Array.pop. (CVE-2019-11707)
|
| |
Mageia 2019-0200: phpmyadmin security update (Jun 20) |
| |
Updated phpmyadmin packages fix security vulnerabilities: A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature. (CVE-2019-11768, PMASA-2019-3)
|
| |
Mageia 2019-0192: flash-player-plugin security update (Jun 20) |
| |
Updated flash-player-plugin package fixes a security vulnerability: A use after free that leads to arbitrary code execution. (CVE-2019-7845) References:
|
| |
Mageia 2019-0195: kernel security update (Jun 20) |
| |
This kernel update is based on the upstream 4.14.127 and fixes atleast the following security issues: Jonathan Looney discovered that it is possible to send a crafted sequence of SACKs which will fragment the RACK send map. An attacker may be able to
|
| |
Mageia 2019-0193: thunderbird security update (Jun 20) |
| |
The updated thunderbird packages fix some bugs and security vulnerabilities: Heap buffer overflow in icalparser.c. (CVE-2019-11703) Heap buffer overflow in icalvalue.c. (CVE-2019-11704)
|
| |
Mageia 2019-0194: graphicsmagick security update (Jun 20) |
| |
GraphicsMagick 1.3.32 is now released, fixing another 52 additional issues detected by oss-fuzz. Of special mention is a bug reported to us by "Battle Furry" via our security mail alias. This bug (was considered to be a "feature")
|
| |
Mageia 2019-0196: kernel-tmb security update (Jun 20) |
| |
This kernel-tmb update is based on the upstream 4.14.127 and fixes atleast the following security issues: Jonathan Looney discovered that it is possible to send a crafted sequence of SACKs which will fragment the RACK send map. An attacker may be able to
|
