thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:3643-1 Issue Date: 2020-09-08 CVE Numbers: None — Security Fix(es): * Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664) * Mozilla: Use-After-Free when aborting an operation (CVE-2020-15669) — SL6 x86_64 thunderbird-68.12.0-1.el6_10.x86_64.rpm thunderbird-debuginfo-68.12.0-1.el6_10.x86_64.rpm i386 thunderbird-68.12.0-1.el6_10.i686.rpm … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:3631-1 Issue Date: 2020-09-08 CVE Numbers: None — Security Fix(es): * Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664) * Mozilla: Use-After-Free when aborting an operation (CVE-2020-15669) — SL7 x86_64 thunderbird-68.12.0-1.el7_8.x86_64.rpm thunderbird-debuginfo-68.12.0-1.el7_8.x86_64.rpm – Scientific … Read More

dovecot (SL7)

Synopsis: Important: dovecot security update Advisory ID: SLSA-2020:3617-1 Issue Date: 2020-09-03 CVE Numbers: None — Security Fix(es): * dovecot: Resource exhaustion via deeply nested MIME parts (CVE-2020-12100) * dovecot: Out of bound reads in dovecot NTLM implementation (CVE-2020-12673) * dovecot: … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:3556-1 Issue Date: 2020-08-26 CVE Numbers: None — Security Fix(es): * Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664) — SL7 x86_64 firefox-68.12.0-1.el7_8.x86_64.rpm firefox-debuginfo-68.12.0-1.el7_8.x86_64.rpm firefox-68.12.0-1.el7_8.i686.rpm firefox-debuginfo-68.12.0-1.el7_8.i686.rpm – Scientific Linux Development Team

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2020:3548-1 Issue Date: 2020-08-26 CVE Numbers: None — Security Fix(es): * kernel: Null pointer dereference in search_keyring (CVE-2017-2647) * kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c (CVE-2019-14896) — … Read More

firefox (SL6)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:3558-1 Issue Date: 2020-08-26 CVE Numbers: None — Security Fix(es): * Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664) * Mozilla: Use-After-Free when aborting an operation (CVE-2020-15669) — SL6 x86_64 firefox-68.12.0-1.el6_10.x86_64.rpm firefox-debuginfo-68.12.0-1.el6_10.x86_64.rpm firefox-68.12.0-1.el6_10.i686.rpm firefox-debuginfo-68.12.0-1.el6_10.i686.rpm … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:3345-1 Issue Date: 2020-08-06 CVE Numbers: None — Security Fix(es): * chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:3344-1 Issue Date: 2020-08-06 CVE Numbers: None — Security Fix(es): * chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when … Read More

postgresql-jdbc (SL6)

Synopsis: Important: postgresql-jdbc security update Advisory ID: SLSA-2020:3284-1 Issue Date: 2020-08-03 CVE Numbers: None — Security Fix(es): * postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692) — SL6 noarch postgresql-jdbc-8.4.704-4.el6_10.noarch.rpm – Scientific Linux Development Team

postgresql-jdbc (SL7)

Synopsis: Important: postgresql-jdbc security update Advisory ID: SLSA-2020:3285-1 Issue Date: 2020-08-03 CVE Numbers: None — Security Fix(es): * postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692) — SL7 noarch postgresql-jdbc-9.2.1002-8.el7_8.noarch.rpm postgresql-jdbc-javadoc-9.2.1002-8.el7_8.noarch.rpm – Scientific Linux Development Team