kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:2314-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2020-8648 CVE-2021-3347 CVE-2020-12362 CVE-2020-12363 CVE-2020-12364 CVE-2020-27170 — Security Fix(es): * kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362) * kernel: Use after free via … Read More

gupnp (SL7)

Synopsis: Important: gupnp security update Advisory ID: SLSA-2021:2417-1 Issue Date: 2021-06-15 CVE Numbers: CVE-2021-33516 — Security Fix(es): * gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services (CVE-2021-33516) For more details about … Read More

postgresql (SL7)

Synopsis: Important: postgresql security update Advisory ID: SLSA-2021:2397-1 Issue Date: 2021-06-14 CVE Numbers: CVE-2021-32027 — Security Fix(es): * postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027) For more details about the security issue(s), including the impact, a … Read More

dhcp (SL7)

Synopsis: Important: dhcp security update Advisory ID: SLSA-2021:2357-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2021-25217 — Security Fix(es): * dhcp: stack-based buffer overflow when parsing statements with colon- separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217) … Read More

microcode_ctl (SL7)

Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: SLSA-2021:2305-1 Issue Date: 2021-06-14 CVE Numbers: CVE-2020-24489 CVE-2020-24513 CVE-2020-24511 CVE-2020-24512 — Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some … Read More

qt5-qtimageformats (SL7)

Synopsis: Important: qt5-qtimageformats security update Advisory ID: SLSA-2021:2328-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2020-36328 CVE-2020-36329 CVE-2018-25011 CVE-2018-25014 — Security Fix(es): * libwebp: heap-based buffer overflow in PutLE16() (CVE-2018-25011) * libwebp: use of uninitialized value in ReadSymbol() (CVE-2018-25014) * libwebp: heap-based … Read More

samba (SL7)

Synopsis: Moderate: samba security and bug fix update Advisory ID: SLSA-2021:2313-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2021-20254 — Security Fix(es): * samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token (CVE-2021-20254) For … Read More

hivex (SL7)

Synopsis: Moderate: hivex security update Advisory ID: SLSA-2021:2318-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2021-3504 — Security Fix(es): * hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504) For more details about the security issue(s), including the impact, a CVSS … Read More

qemu-kvm (SL7)

Synopsis: Moderate: qemu-kvm security update Advisory ID: SLSA-2021:2322-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2020-29443 — Security Fix(es): * QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443) For more details about the security issue(s), including the impact, a CVSS … Read More

389-ds-base (SL7)

Synopsis: Moderate: 389-ds-base security and bug fix update Advisory ID: SLSA-2021:2323-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2020-35518 — Security Fix(es): * 389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518) For more details about the security issue(s), including the … Read More