podman (SL7)

Synopsis: Important: podman security update Advisory ID: SLSA-2021:0681-1 Issue Date: 2021-03-02 CVE Numbers: CVE-2021-20188 — Security Fix(es): * podman: container users permissions are not respected in privileged containers (CVE-2021-20188) For more details about the security issue(s), including the impact, a … Read More

bind (SL7)

Synopsis: Important: bind security update Advisory ID: SLSA-2021:0671-1 Issue Date: 2021-03-01 CVE Numbers: CVE-2020-8625 — Security Fix(es): * bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625) For more details about the security issue(s), including the … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:0661-1 Issue Date: 2021-02-24 CVE Numbers: CVE-2021-23969 CVE-2021-23968 CVE-2021-23973 CVE-2021-23978 — This update upgrades Thunderbird to version 78.8.0. Security Fix(es): * Mozilla: Content Security Policy violation report could have contained the destination of … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2021:0656-1 Issue Date: 2021-02-24 CVE Numbers: CVE-2021-23969 CVE-2021-23968 CVE-2021-23973 CVE-2021-23978 — This update upgrades Firefox to version 78.8.0 ESR. Security Fix(es): * Mozilla: Content Security Policy violation report could have contained the destination … Read More

xterm (SL7)

Synopsis: Important: xterm security update Advisory ID: SLSA-2021:0617-1 Issue Date: 2021-02-22 CVE Numbers: CVE-2021-27135 — Security Fix(es): * xterm: crash when processing combining characters (CVE-2021-27135) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and … Read More

flatpak (SL7)

Synopsis: Important: flatpak security update Advisory ID: SLSA-2021:0411-1 Issue Date: 2021-02-05 CVE Numbers: CVE-2021-21261 — Security Fix(es): * flatpak: sandbox escape via spawn portal (CVE-2021-21261) — SL7 x86_64 flatpak-1.0.9-10.el7_9.x86_64.rpm flatpak-debuginfo-1.0.9-10.el7_9.x86_64.rpm flatpak-libs-1.0.9-10.el7_9.x86_64.rpm flatpak-builder-1.0.0-10.el7_9.x86_64.rpm flatpak-devel-1.0.9-10.el7_9.x86_64.rpm – Scientific Linux Development Team

qemu-kvm (SL7)

Synopsis: Moderate: qemu-kvm security and bug fix update Advisory ID: SLSA-2021:0347-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-13765 CVE-2020-16092 — Security Fix(es): * QEMU: loader: OOB access while loading registered ROM may lead to code execution (CVE-2020-13765) * QEMU: reachable assertion … Read More

glibc (SL7)

Synopsis: Moderate: glibc security and bug fix update Advisory ID: SLSA-2021:0348-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-10029 CVE-2020-29573 CVE-2019-25013 — Security Fix(es): * glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013) * … Read More

perl (SL7)

Synopsis: Moderate: perl security update Advisory ID: SLSA-2021:0343-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 — Security Fix(es): * perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543) * perl: corruption of intermediate language state of … Read More

linux-firmware (SL7)

Synopsis: Important: linux-firmware security update Advisory ID: SLSA-2021:0339-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-12321 — Security Fix(es): * hardware: buffer overflow in bluetooth firmware (CVE-2020-12321) — SL7 noarch iwl100-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl1000-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl105-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl135-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2000-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2030-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl3160-firmware-25.30.13.0-80.el7_9.noarch.rpm iwl3945-firmware-15.32.2.9-80.el7_9.noarch.rpm iwl4965-firmware-228.61.2.24-80.el7_9.noarch.rpm iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch.rpm iwl5150-firmware-8.24.2.2-80.el7_9.noarch.rpm iwl6000-firmware-9.221.4.1-80.el7_9.noarch.rpm … Read More