libxml2 (SL7)

Synopsis: Moderate: libxml2 security update Advisory ID: SLSA-2021:3810-1 Issue Date: 2021-10-12 CVE Numbers: CVE-2016-4658 — Security Fix(es): * libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658) For more details about the security issue(s), including the impact, a … Read More

openssl (SL7)

Synopsis: Moderate: openssl security update Advisory ID: SLSA-2021:3798-1 Issue Date: 2021-10-12 CVE Numbers: CVE-2021-23841 CVE-2021-23840 — Security Fix(es): * openssl: integer overflow in CipherUpdate (CVE-2021-23840) * openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841) For more details about the security issue(s), … Read More

389-ds-base (SL7)

Synopsis: Low: 389-ds-base security and bug fix update Advisory ID: SLSA-2021:3807-1 Issue Date: 2021-10-12 CVE Numbers: CVE-2021-3652 — Security Fix(es): * 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed (CVE-2021-3652) For more details about the security … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:3494-1 Issue Date: 2021-09-13 CVE Numbers: CVE-2021-38493 — This update upgrades Thunderbird to version 78.14.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2021:3498-1 Issue Date: 2021-09-13 CVE Numbers: CVE-2021-38493 — This update upgrades Firefox to version 78.14.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR … Read More

kernel (SL7)

Synopsis: Moderate: kernel security and bug fix update Advisory ID: SLSA-2021:3438-1 Issue Date: 2021-09-08 CVE Numbers: CVE-2021-3715 — Security Fix(es): * kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715) For more details about the security issue(s), including the impact, a CVSS … Read More

sssd (SL7)

Synopsis: Important: sssd security and bug fix update Advisory ID: SLSA-2021:3336-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-3621 — Security Fix(es): * sssd: shell command injection in sssctl (CVE-2021-3621) For more details about the security issue(s), including the impact, a CVSS … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:3327-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-32399 CVE-2021-22555 CVE-2020-27777 CVE-2021-29650 CVE-2021-29154 — Security Fix(es): * kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c (CVE-2021-22555) * kernel: race condition for removal of … Read More

bind (SL7)

Synopsis: Moderate: bind security update Advisory ID: SLSA-2021:3325-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-25214 — Security Fix(es): * bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214) For more details about the security issue(s), including … Read More

libsndfile (SL7)

Synopsis: Important: libsndfile security update Advisory ID: SLSA-2021:3295-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-3246 — Security Fix(es): * libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution (CVE-2021-3246) For more details about the security issue(s), including the … Read More