hivex (SL7)

Synopsis: Moderate: hivex security update Advisory ID: SLSA-2021:2318-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2021-3504 — Security Fix(es): * hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504) For more details about the security issue(s), including the impact, a CVSS … Read More

qemu-kvm (SL7)

Synopsis: Moderate: qemu-kvm security update Advisory ID: SLSA-2021:2322-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2020-29443 — Security Fix(es): * QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443) For more details about the security issue(s), including the impact, a CVSS … Read More

389-ds-base (SL7)

Synopsis: Moderate: 389-ds-base security and bug fix update Advisory ID: SLSA-2021:2323-1 Issue Date: 2021-06-09 CVE Numbers: CVE-2020-35518 — Security Fix(es): * 389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518) For more details about the security issue(s), including the … Read More

libwebp (SL7)

Synopsis: Important: libwebp security update Advisory ID: SLSA-2021:2260-1 Issue Date: 2021-06-07 CVE Numbers: CVE-2020-36328 CVE-2020-36329 CVE-2018-25011 — Security Fix(es): * libwebp: heap-based buffer overflow in PutLE16() (CVE-2018-25011) * libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328) * libwebp: use-after-free in … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:2263-1 Issue Date: 2021-06-07 CVE Numbers: CVE-2021-29967 CVE-2021-29957 CVE-2021-29956 — This update upgrades Thunderbird to version 78.11.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2021:2206-1 Issue Date: 2021-06-03 CVE Numbers: CVE-2021-29967 — This update upgrades Firefox to version 78.11.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) For … Read More

runc (SL7)

Synopsis: Important: runc security update Advisory ID: SLSA-2021:2145-1 Issue Date: 2021-06-02 CVE Numbers: CVE-2021-30465 — Security Fix(es): * runc: vulnerable to symlink exchange attack (CVE-2021-30465) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and … Read More

glib2 (SL7)

Synopsis: Important: glib2 security update Advisory ID: SLSA-2021:2147-1 Issue Date: 2021-06-01 CVE Numbers: CVE-2021-27219 — Security Fix(es): * glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219) For … Read More

slapi-nis (SL7)

Synopsis: Important: slapi-nis security and bug fix update Advisory ID: SLSA-2021:2032-1 Issue Date: 2021-05-20 CVE Numbers: CVE-2021-3480 — Security Fix(es): * slapi-nis: NULL dereference (DoS) with specially crafted Binding DN (CVE-2021-3480) For more details about the security issue(s), including the … Read More

xorg-x11-server (SL7)

Synopsis: Important: xorg-x11-server security update Advisory ID: SLSA-2021:2033-1 Issue Date: 2021-05-20 CVE Numbers: CVE-2021-3472 — Security Fix(es): * xorg-x11-server: XChangeFeedbackControl integer underflow leads to privilege escalation (CVE-2021-3472) For more details about the security issue(s), including the impact, a CVSS score, … Read More