| |
Debian: DSA-4517-1: exim4 security update (Sep 6) |
| |
"Zerons" and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges.
|
| |
Debian: DSA-4516-1: firefox-esr security update (Sep 5) |
| |
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, bypass of the same-origin policy, sandbox escape, information disclosure or denial of service.
|
| |
Debian: DSA-4515-1: webkit2gtk security update (Sep 4) |
| |
Several vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2019-8644
|
| |
Debian: DSA-4514-1: varnish security update (Sep 4) |
| |
Alf-Andre Walla discovered a remotely triggerable assert in the Varnish web accelerator; sending a malformed HTTP request could result in denial of service.
|
| |
Debian: DSA-4513-1: samba security update (Sep 3) |
| |
Stefan Metzmacher discovered a flaw in Samba, a SMB/CIFS file, print, and login server for Unix. Specific combinations of parameters and permissions can allow user to escape from the share path definition and see the complete '/' filesystem. Unix permission checks in the kernel
|
| |
Debian: DSA-4512-1: qemu security update (Sep 2) |
| |
Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs.
|
| |
Debian: DSA-4511-1: nghttp2 security update (Sep 1) |
| |
Two vulnerabilities were discovered in the HTTP/2 code of the nghttp2 HTTP server, which could result in denial of service. For the oldstable distribution (stretch), these problems have been fixed
|
| |
|
| |
Fedora 31: systemd FEDORA-2019-d5bd5f0aa4 (Sep 4) |
| |
- Update to latest release - Emission of Session property-changed notifications from logind is fixed (this was breaking the switching of sessions to and from gnome). - Security issue: unprivileged users were allowed to change DNS servers configured in systemd-resolved. Now proper polkit authorization is required (CVE-2019-15718). Switching ttys will work again after reboot. Otherwise, no
|
| |
Fedora 29: kernel-tools FEDORA-2019-97380355ae (Sep 4) |
| |
The 5.2.11 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.10 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.9 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.8 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 29: kernel-headers FEDORA-2019-97380355ae (Sep 4) |
| |
The 5.2.11 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.10 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.9 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.8 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 29: kernel FEDORA-2019-97380355ae (Sep 4) |
| |
The 5.2.11 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.10 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.9 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.8 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 29: python-mitogen FEDORA-2019-1f17485159 (Sep 4) |
| |
Latest upstream 0.2.8
|
| |
Fedora 30: kernel-headers FEDORA-2019-4c91a2f76e (Sep 3) |
| |
The 5.2.11 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.10 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 30: kernel-tools FEDORA-2019-4c91a2f76e (Sep 3) |
| |
The 5.2.11 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.10 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 30: kernel FEDORA-2019-4c91a2f76e (Sep 3) |
| |
The 5.2.11 stable kernel update contains a number of important fixes across the tree. ---- The 5.2.10 stable kernel update contains a number of important fixes across the tree.
|
| |
Fedora 30: community-mysql FEDORA-2019-c106e46a95 (Sep 3) |
| |
**MySQL 8.0.17** This update brings the latest MySQL 8.0.17 which fixes severe security issues. Now available as both a standard package and a module! Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-17.html Mainatiner notes: * The MySQL Modules are now built from the same sources as the base packages, so the should be identical * The package is now being
|
| |
Fedora 30: python-mitogen FEDORA-2019-b25dd670a4 (Sep 3) |
| |
Latest upstream 0.2.8
|
| |
Fedora 30: wavpack FEDORA-2019-c72f5f6361 (Sep 3) |
| |
Fix for CVE-2019-1010317 and CVE-2019-1010319
|
| |
Fedora 30: ansible FEDORA-2019-01e86d4832 (Sep 2) |
| |
2.8.4 update with various bugfixes. Also Fixes CVE-2019-10217 and CVE-2019-10206 ---- New 2.8.3 upstream bugfix release.
|
| |
Fedora 29: pango FEDORA-2019-155e34df5a (Aug 30) |
| |
Security fix for CVE-2019-1010238
|
| |
Fedora 30: dovecot FEDORA-2019-3844281be1 (Aug 30) |
| |
* CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes
|
| |
Fedora 30: mod_http2 FEDORA-2019-63ba15cc83 (Aug 30) |
| |
Rebuilt with newer nghttp2 ---- This update includes the latest upstream release of `mod_http2`, version **1.15.3**. Upstream changes include: * fixes Timeout vs. KeepAliveTimeout behaviour, see PR 63534. * Fixes stream cleanup when connection throttling is in place. * Counts stream resets by client on streams initiated by client as cause for connection throttling. * Header length
|
| |
Fedora 29: wireshark FEDORA-2019-23f7634765 (Aug 29) |
| |
New version 3.0.3, Security fix for CVE-2019-13619
|
| |
Fedora 29: sleuthkit FEDORA-2019-52f83932a1 (Aug 29) |
| |
Update to 2.6.7
|
| |
Fedora 30: wireshark FEDORA-2019-70e93298e3 (Aug 29) |
| |
New version 3.0.3, Security fix for CVE-2019-13619
|
| |
Fedora 30: sleuthkit FEDORA-2019-2e68c0a0ee (Aug 29) |
| |
Update to 2.6.7
|
| |
|
| |
Gentoo: GLSA-201908-29: Dovecot: Multiple vulnerabilities (Aug 31) |
| |
Multiple vulnerabilities have been found in Dovecot, the worst of which could result in the arbitrary execution of code.
|
| |
Gentoo: GLSA-201908-28: GNOME desktop library: Security bypass (Aug 31) |
| |
A vulnerability in the GNOME desktop library may allow attackers to escape the sandbox.
|
| |
Gentoo: GLSA-201908-27: Nautilus: Security bypass (Aug 31) |
| |
A vulnerability in Nautilus may allow attackers to escape the sandbox.
|
| |
Gentoo: GLSA-201908-26: libofx: Multiple vulnerabilities (Aug 31) |
| |
Multiple vulnerabilities have been found in libofx, the worst of which could result in the arbitrary execution of code.
|
| |
|
| |
RedHat: RHSA-2019-2670:01 Important: chromium-browser security update (Sep 5) |
| |
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2587:01 Moderate: CloudForms 4.7.9 security, (Sep 5) |
| |
An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2551:01 Moderate: OpenShift Container Platform 3.9 (Sep 5) |
| |
An update for atomic-openshift-web-console is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2663:01 Critical: firefox security update (Sep 4) |
| |
An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2652:01 Moderate: openstack-nova security and bug fix (Sep 4) |
| |
An update for openstack-nova is now available for Red Hat OpenStack Platform 14.0 (Rocky). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2651:01 Important: Red Hat OpenShift Container Platform (Sep 4) |
| |
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2600:01 Important: kernel security and bug fix update (Sep 3) |
| |
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-2609:01 Important: kernel-rt security and bug fix update (Sep 3) |
| |
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-2606:01 Important: kdelibs and kde-settings security and (Sep 3) |
| |
An update for kdelibs and kde-setting is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2607:01 Low: qemu-kvm security update (Sep 3) |
| |
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
|
| |
RedHat: RHSA-2019-2622:01 Moderate: openstack-nova security and bug fix (Sep 3) |
| |
An update for openstack-nova is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2628:01 Important: redis security update (Sep 3) |
| |
An update for redis is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2631:01 Moderate: openstack-nova security and bug fix (Sep 3) |
| |
An update for openstack-nova is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
|
| |
RedHat: RHSA-2019-2630:01 Important: redis security update (Sep 3) |
| |
An update for redis is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2621:01 Important: redis security update (Sep 3) |
| |
An update for redis is now available for Red Hat OpenStack Platform 14.0 (Rocky). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2593:01 Important: squid:4 security update (Sep 2) |
| |
An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2592:01 Important: java-1.8.0-ibm security update (Sep 2) |
| |
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2586:01 Important: ghostscript security update (Sep 2) |
| |
An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-2591:01 Important: ghostscript security update (Sep 2) |
| |
An update for ghostscript is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
RedHat: RHSA-2019-2590:01 Important: java-1.8.0-ibm security update (Sep 2) |
| |
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2585:01 Important: java-1.8.0-ibm security update (Sep 2) |
| |
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
|
| |
RedHat: RHSA-2019-2582:01 Important: pango security update (Aug 29) |
| |
An update for pango is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
|
| |
|
| |
Slackware: 2019-247-01: seamonkey Security Update (Sep 4) |
| |
New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.
|
| |
|
| |
SUSE: 2019:2309-1 important: nginx (Sep 5) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2019:14163-1 moderate: SUSE Manager Client Tools (Sep 5) |
| |
An update that solves one vulnerability and has 19 fixes is now available.
|
| |
SUSE: 2019:2307-1 moderate: util-linux and shadow (Sep 5) |
| |
An update that contains security fixes can now be installed.
|
| |
SUSE: 2019:2308-1 moderate: python-Werkzeug (Sep 5) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2299-1 important: the Linux Kernel (Sep 5) |
| |
An update that solves 12 vulnerabilities and has 19 fixes is now available.
|
| |
SUSE: 2019:2300-1 moderate: python-urllib3 (Sep 5) |
| |
An update that fixes four vulnerabilities is now available.
|
| |
SUSE: 2019:2291-1 important: java-1_8_0-ibm (Sep 4) |
| |
An update that fixes 12 vulnerabilities is now available.
|
| |
SUSE: 2019:2278-1 moderate: qemu (Sep 4) |
| |
An update that solves three vulnerabilities and has two fixes is now available.
|
| |
SUSE: 2019:14160-1 important: java-1_7_1-ibm (Sep 4) |
| |
An update that fixes 8 vulnerabilities is now available.
|
| |
SUSE: 2019:2273-1 moderate: libosinfo (Sep 3) |
| |
An update that solves one vulnerability and has three fixes is now available.
|
| |
SUSE: 2019:14158-1 important: php53 (Sep 3) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
SUSE: 2019:2274-1 moderate: ansible (Sep 3) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2270-1 important: php72 (Sep 2) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:2268-1 important: pacemaker (Sep 2) |
| |
An update that solves two vulnerabilities and has 7 fixes is now available.
|
| |
SUSE: 2019:2265-1 moderate: libsolv, libzypp, zypper (Sep 2) |
| |
An update that solves three vulnerabilities and has 13 fixes is now available.
|
| |
SUSE: 2019:2261-1 important: python-SQLAlchemy (Sep 2) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:2257-1 important: python-Django (Sep 2) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
SUSE: 2019:2264-1 important: perl (Sep 2) |
| |
An update that fixes one vulnerability is now available.
|
| |
SUSE: 2019:2258-1 Recommended NetworkManager (Sep 2) |
| |
An update that contains security fixes can now be installed.
|
| |
SUSE: 2019:2263-1 important: the Linux Kernel (Sep 2) |
| |
An update that solves 12 vulnerabilities and has 24 fixes is now available.
|
| |
SUSE: 2019:2262-1 important: the Linux Kernel (Sep 2) |
| |
An update that solves 7 vulnerabilities and has 13 fixes is now available.
|
| |
SUSE: 2019:2259-1 important: nodejs10 (Sep 2) |
| |
An update that fixes 8 vulnerabilities is now available.
|
| |
SUSE: 2019:2260-1 important: nodejs8 (Sep 2) |
| |
An update that solves 8 vulnerabilities and has one errata is now available.
|
| |
SUSE: 2019:2254-1 important: nodejs10 (Aug 29) |
| |
An update that fixes 8 vulnerabilities is now available.
|
| |
SUSE: 2019:2253-1 important: python-SQLAlchemy (Aug 29) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
SUSE: 2019:14157-1 important: the Linux Kernel (Aug 29) |
| |
An update that solves 7 vulnerabilities and has 9 fixes is now available.
|
| |
|
| |
Ubuntu 4123-1: npm/fstream vulnerability (Sep 5) |
| |
npm/fstream could be made to overwrite files.
|
| |
Ubuntu 4122-1: Firefox vulnerabilities (Sep 4) |
| |
Firefox could be made to crash or run programs as your login if it opened a malicious website.
|
| |
Ubuntu 4120-1: systemd vulnerability (Sep 3) |
| |
systemd-resolved would allow unprivileged users to change DNS settings.
|
| |
Ubuntu 4121-1: Samba vulnerability (Sep 3) |
| |
Samba would allow unintended access to files over the network.
|
| |
Ubuntu 4119-1: Irssi vulnerability (Sep 3) |
| |
Irssi could be made to crash or execute arbitrary code if it received a specially crafted CAP request.
|
| |
Ubuntu 4118-1: Linux kernel (AWS) vulnerabilities (Sep 2) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4117-1: Linux kernel (AWS) vulnerabilities (Sep 2) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4116-1: Linux kernel vulnerabilities (Sep 2) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4115-1: Linux kernel vulnerabilities (Sep 2) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 4114-1: Linux kernel vulnerabilities (Sep 2) |
| |
Several security issues were fixed in the Linux kernel.
|
| |
Ubuntu 3934-2: PolicyKit vulnerability (Sep 2) |
| |
PolicyKit could allow unintended access.
|
| |
Ubuntu 4113-1: Apache HTTP Server vulnerabilities (Aug 29) |
| |
Several security issues were fixed in Apache.
|
| |
Ubuntu 4112-1: Ceph vulnerability (Aug 29) |
| |
Ceph could be made to crash if it received specially crafted network traffic.
|
| |
|
| |
Debian LTS: DLA-1911-1: exim4 security update (Sep 6) |
| |
"Zerons" and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges.
|
| |
Debian LTS: DLA-1909-1: freetype security update (Sep 4) |
| |
Several newly-referenced issues have been fixed in the FreeType 2 font engine.
|
| |
Debian LTS: DLA-1908-1: pump security update (Sep 2) |
| |
It was discovered that there was an arbitrary code execution vulnerability in the pump BOOTP and DHCP client. When copying the body of the server response, the ethernet packet
|
| |
Debian LTS: DLA-1907-1: libav security update (Sep 2) |
| |
Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.
|
| |
Debian LTS: DLA-1906-1: python2.7 security update (Aug 31) |
| |
A vulnerability has been discovered in Python, an interactive high-level object-oriented language, that is relevant for cookie handling. By using a malicious server an attacker might steal cookies that are meant for other
|
| |
Debian LTS: DLA-1904-1: libextractor security update (Aug 30) |
| |
jianglin found an issue in libextractor, a library that extracts meta-data from files of arbitrary type.
|
| |
Debian LTS: DLA-1902-1: djvulibre security update (Aug 29) |
| |
Hongxu Chen found several issues in djvulibre, a library and set of tools to handle images in the DjVu format.
|
| |
Debian LTS: DLA-1903-1: subversion security update (Aug 29) |
| |
Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems:
|
| |
Debian LTS: DLA-1901-1: dovecot security update (Aug 29) |
| |
Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input (both pre- and post-login). A remote attacker can take advantage
|
| |
|
| |
ArchLinux: 201908-22: jenkins: multiple issues (Sep 4) |
| |
The package jenkins before version 2.192-1 is vulnerable to multiple issues including cross-site request forgery and cross-site scripting.
|
| |
ArchLinux: 201908-21: grafana: denial of service (Sep 4) |
| |
The package grafana before version 6.3.4-1 is vulnerable to denial of service.
|
| |
ArchLinux: 201908-20: irssi: arbitrary code execution (Sep 3) |
| |
The package irssi before version 1.2.2-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201908-19: pigeonhole: arbitrary code execution (Aug 29) |
| |
The package pigeonhole before version 0.5.7.2-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201908-18: dovecot: arbitrary code execution (Aug 29) |
| |
The package dovecot before version 2.3.7.2-1 is vulnerable to arbitrary code execution.
|
| |
ArchLinux: 201908-17: libnghttp2: denial of service (Aug 29) |
| |
The package libnghttp2 before version 1.39.2-1 is vulnerable to denial of service.
|
| |
ArchLinux: 201908-16: go-pie: multiple issues (Aug 29) |
| |
The package go-pie before version 2:1.12.8-1 is vulnerable to multiple issues including denial of service and insufficient validation.
|
| |
ArchLinux: 201908-15: go: multiple issues (Aug 29) |
| |
The package go before version 2:1.12.8-1 is vulnerable to multiple issues including denial of service and insufficient validation.
|
| |
ArchLinux: 201908-14: gettext: arbitrary code execution (Aug 29) |
| |
The package gettext before version 0.20.1-1 is vulnerable to arbitrary code execution.
|
| |
|
| |
SciLinux: SLSA-2019-2607-1 Low: qemu-kvm on SL7.x x86_64 (Sep 3) |
| |
|
| |
SciLinux: SLSA-2019-2606-1 Important: kdelibs and kde-settings on SL7.x x86_64 (Sep 3) |
| |
|
| |
SciLinux: SLSA-2019-2600-1 Important: kernel on SL7.x x86_64 (Sep 3) |
| |
|
| |
SciLinux: SLSA-2019-2586-1 Important: ghostscript on SL7.x x86_64 (Sep 3) |
| |
|
| |
|
| |
openSUSE: 2019:2067-1: wavpack (Sep 5) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:2071-1: moderate: SDL_image (Sep 5) |
| |
An update that fixes 7 vulnerabilities is now available.
|
| |
openSUSE: 2019:2068-1: moderate: python-Twisted (Sep 5) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2070-1: moderate: SDL2_image (Sep 5) |
| |
An update that fixes 12 vulnerabilities is now available.
|
| |
openSUSE: 2019:2072-1: moderate: go1.11 (Sep 5) |
| |
An update that solves three vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:2064-1: important: python-SQLAlchemy (Sep 4) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:2062-1: important: postgresql10 (Sep 3) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2059-1: important: qemu (Sep 3) |
| |
An update that solves three vulnerabilities and has 7 fixes is now available.
|
| |
openSUSE: 2019:2058-1: important: apache-commons-beanutils (Sep 2) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2057-1: important: libreoffice (Sep 2) |
| |
An update that solves 5 vulnerabilities and has one errata is now available.
|
| |
openSUSE: 2019:2052-1: important: slurm (Sep 2) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2051-1: important: apache2 (Sep 2) |
| |
An update that fixes 6 vulnerabilities is now available.
|
| |
openSUSE: 2019:2050-1: moderate: httpie (Sep 2) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2056-1: moderate: go1.12 (Sep 2) |
| |
An update that solves three vulnerabilities and has two fixes is now available.
|
| |
openSUSE: 2019:2044-1: moderate: podman, slirp4netns and libcontainers-common (Sep 1) |
| |
An update that solves three vulnerabilities and has four fixes is now available.
|
| |
openSUSE: 2019:2041-1: important: qemu (Sep 1) |
| |
An update that solves four vulnerabilities and has 7 fixes is now available.
|
| |
openSUSE: 2019:2040-1: moderate: libmirage (Aug 31) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2038-1: moderate: flatpak (Aug 31) |
| |
An update that fixes three vulnerabilities is now available.
|
| |
openSUSE: 2019:2039-1: important: python-SQLAlchemy (Aug 31) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
openSUSE: 2019:2033-1: moderate: libmirage (Aug 31) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2024-1: moderate: qbittorrent (Aug 30) |
| |
An update that fixes one vulnerability is now available.
|
| |
openSUSE: 2019:2021-1: important: containerd, docker, docker-runc, golang-github-docker-libnetwork (Aug 29) |
| |
An update that solves four vulnerabilities and has three fixes is now available.
|
| |
openSUSE: 2019:2019-1: important: schismtracker (Aug 29) |
| |
An update that fixes two vulnerabilities is now available.
|
| |
|
| |
Mageia 2019-0238: mpg123 security update (Aug 31) |
| |
The mpg123 package has been updated to version 1.25.12, fixing several issues which could cause it to crash or hang while parsing mp3 files. References: - https://bugs.mageia.org/show_bug.cgi?id=25350
|
| |
Mageia 2019-0237: webmin security update (Aug 31) |
| |
Updated webmin package fixes security vulnerability: Webmin before 1.930 allows remote exploits if the option to change expired passwords is enabled (CVE-2019-15107).
|
| |
Mageia 2019-0236: ghostscript security update (Aug 31) |
| |
Updated ghostscript packages fix security vulnerability: It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript
|
| |
Mageia 2019-0235: pango security update (Aug 31) |
| |
Updated pango package fixes security vulnerability: It was discovered that pango was subject to a heap based buffer overflow vulnerability which could be used to get code execution (CVE-2019-1010238).
|
| |
Mageia 2019-0234: ansible security update (Aug 31) |
| |
Updated ansible package fixes security vulnerability: A flaw was discovered in the way Ansible templating was implemented before version 2.7.12, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable
|
| |
Mageia 2019-0233: vlc security update (Aug 31) |
| |
Updated vlc packages fixes security vulnerabilities: Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed (CVE-2019-13602, CVE-2019-13962,
|
| |
Mageia 2019-0232: memcached security update (Aug 31) |
| |
AUpdated memcached packages fix security vulnerability: In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in
|
| |
Mageia 2019-0231: wavpack security update (Aug 31) |
| |
Updated wavpack packages fixes security vulnerabilities: Rohan Padhye discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service (CVE-2019-1010315, CVE-2019-1010317, CVE-2019-1010318, CVE-2019-1010319).
|
| |
Mageia 2019-0230: wavpack security update (Aug 31) |
| |
Updated wavpack packages fixes security vulnerabilities: It was discovered that WavPack incorrectly handled certain DFF files. An attacker could possibly use this issue to cause a denial of service (CVE-2019-11498).
|
| |
Mageia 2019-0229: wpa_supplicant and hostapd security update (Aug 31) |
| |
A number of potential side channel attacks were discovered in the SAE implementations used by both hostapd (AP) and wpa_supplicant (infrastructure BSS station/mesh station). SAE (Simultaneous Authentication of Equals) is also known as WPA3-Personal. The discovered side channel attacks may be able to leak information about the used
|
| |
Mageia 2019-0228: graphicsmagick security update (Aug 31) |
| |
This is a maintenance and security update fixing various memory leaks, overflows, out-of-memory, heap overwriting and other issues. References: - https://bugs.mageia.org/show_bug.cgi?id=25256
|
| |
Mageia 2019-0227: wireshark security update (Aug 31) |
| |
Updated wireshark packages fix security vulnerability: ASN.1 BER and related dissectors crash (CVE-2019-13619). References:
|
