Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:2906-1 Issue Date: 2020-07-14 CVE Numbers: None — Security Fix(es): * Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 (CVE-2020-12417) * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) … Read More
Synopsis: Important: dbus security update Advisory ID: SLSA-2020:2894-1 Issue Date: 2020-07-13 CVE Numbers: None — Security Fix(es): * dbus: denial of service via file descriptor leak (CVE-2020-12049) — SL7 x86_64 dbus-1.10.24-14.el7_8.x86_64.rpm dbus-debuginfo-1.10.24-14.el7_8.i686.rpm dbus-debuginfo-1.10.24-14.el7_8.x86_64.rpm dbus-libs-1.10.24-14.el7_8.i686.rpm dbus-libs-1.10.24-14.el7_8.x86_64.rpm dbus-x11-1.10.24-14.el7_8.x86_64.rpm dbus-devel-1.10.24-14.el7_8.i686.rpm dbus-devel-1.10.24-14.el7_8.x86_64.rpm dbus-tests-1.10.24-14.el7_8.x86_64.rpm noarch … Read More
Synopsis: Important: firefox security update Advisory ID: SLSA-2020:2827-1 Issue Date: 2020-07-07 CVE Numbers: None — Security Fix(es): * Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 (CVE-2020-12417) * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) … Read More
Synopsis: Important: firefox security update Advisory ID: SLSA-2020:2824-1 Issue Date: 2020-07-07 CVE Numbers: None — Security Fix(es): * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect … Read More
Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2020:2664-1 Issue Date: 2020-06-23 CVE Numbers: None — Security Fix(es): * Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888) — SL7 x86_64 … Read More
Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:2615-1 Issue Date: 2020-06-22 CVE Numbers: None — Security Fix(es): * Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage (CVE-2020-12398) * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion … Read More
Synopsis: Important: unbound security update Advisory ID: SLSA-2020:2642-1 Issue Date: 2020-06-22 CVE Numbers: None — Security Fix(es): * unbound: incomplete fix for CVE-2020-12662 in RHEL7 (CVE-2020-10772) — SL7 x86_64 unbound-1.6.6-5.el7_8.x86_64.rpm unbound-debuginfo-1.6.6-5.el7_8.i686.rpm unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm unbound-libs-1.6.6-5.el7_8.i686.rpm unbound-libs-1.6.6-5.el7_8.x86_64.rpm unbound-devel-1.6.6-5.el7_8.i686.rpm unbound-devel-1.6.6-5.el7_8.x86_64.rpm unbound-python-1.6.6-5.el7_8.x86_64.rpm – Scientific Linux … Read More
Synopsis: Important: unbound security update Advisory ID: SLSA-2020:2640-1 Issue Date: 2020-06-22 CVE Numbers: None — Security Fix(es): * unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662) * unbound: infinite loop via … Read More
Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:2613-1 Issue Date: 2020-06-19 CVE Numbers: None — Security Fix(es): * Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage (CVE-2020-12398) * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion … Read More
