Synopsis: Important: dhcp security update Advisory ID: SLSA-2021:2357-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2021-25217 — Security Fix(es): * dhcp: stack-based buffer overflow when parsing statements with colon- separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217) … Read More
Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: SLSA-2021:2305-1 Issue Date: 2021-06-14 CVE Numbers: CVE-2020-24489 CVE-2020-24513 CVE-2020-24511 CVE-2020-24512 — Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some … Read More
Synopsis: Important: qt5-qtimageformats security update Advisory ID: SLSA-2021:2328-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2020-36328 CVE-2020-36329 CVE-2018-25011 CVE-2018-25014 — Security Fix(es): * libwebp: heap-based buffer overflow in PutLE16() (CVE-2018-25011) * libwebp: use of uninitialized value in ReadSymbol() (CVE-2018-25014) * libwebp: heap-based … Read More
Synopsis: Moderate: samba security and bug fix update Advisory ID: SLSA-2021:2313-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2021-20254 — Security Fix(es): * samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token (CVE-2021-20254) For … Read More
Synopsis: Moderate: hivex security update Advisory ID: SLSA-2021:2318-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2021-3504 — Security Fix(es): * hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504) For more details about the security issue(s), including the impact, a CVSS … Read More
Synopsis: Moderate: qemu-kvm security update Advisory ID: SLSA-2021:2322-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2020-29443 — Security Fix(es): * QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443) For more details about the security issue(s), including the impact, a CVSS … Read More
Synopsis: Moderate: 389-ds-base security and bug fix update Advisory ID: SLSA-2021:2323-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2020-35518 — Security Fix(es): * 389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518) For more details about the security issue(s), including the … Read More
Synopsis: Important: libwebp security update Advisory ID: SLSA-2021:2260-1 Issue Date: 2021-06-07 CVE Numbers: CVE-2020-36328 CVE-2020-36329 CVE-2018-25011 — Security Fix(es): * libwebp: heap-based buffer overflow in PutLE16() (CVE-2018-25011) * libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328) * libwebp: use-after-free in … Read More
Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:2263-1 Issue Date: 2021-06-07 CVE Numbers: CVE-2021-29967 CVE-2021-29957 CVE-2021-29956 — This update upgrades Thunderbird to version 78.11.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2021:2206-1 Issue Date: 2021-06-03 CVE Numbers: CVE-2021-29967 — This update upgrades Firefox to version 78.11.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) For … Read More
