thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:3494-1 Issue Date: 2021-09-13 CVE Numbers: CVE-2021-38493 — This update upgrades Thunderbird to version 78.14.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2021:3498-1 Issue Date: 2021-09-13 CVE Numbers: CVE-2021-38493 — This update upgrades Firefox to version 78.14.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR … Read More

kernel (SL7)

Synopsis: Moderate: kernel security and bug fix update Advisory ID: SLSA-2021:3438-1 Issue Date: 2021-09-08 CVE Numbers: CVE-2021-3715 — Security Fix(es): * kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715) For more details about the security issue(s), including the impact, a CVSS … Read More

sssd (SL7)

Synopsis: Important: sssd security and bug fix update Advisory ID: SLSA-2021:3336-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-3621 — Security Fix(es): * sssd: shell command injection in sssctl (CVE-2021-3621) For more details about the security issue(s), including the impact, a CVSS … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:3327-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-32399 CVE-2021-22555 CVE-2020-27777 CVE-2021-29650 CVE-2021-29154 — Security Fix(es): * kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c (CVE-2021-22555) * kernel: race condition for removal of … Read More

bind (SL7)

Synopsis: Moderate: bind security update Advisory ID: SLSA-2021:3325-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-25214 — Security Fix(es): * bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214) For more details about the security issue(s), including … Read More

libsndfile (SL7)

Synopsis: Important: libsndfile security update Advisory ID: SLSA-2021:3295-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-3246 — Security Fix(es): * libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution (CVE-2021-3246) For more details about the security issue(s), including the … Read More

hivex (SL7)

Synopsis: Low: hivex security update Advisory ID: SLSA-2021:3338-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-3622 — Security Fix(es): * hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622) For more details about the security issue(s), including the impact, a CVSS … Read More

libX11 (SL7)

Synopsis: Important: libX11 security update Advisory ID: SLSA-2021:3296-1 Issue Date: 2021-08-31 CVE Numbers: CVE-2021-31535 — Security Fix(es): * libX11: missing request length checks (CVE-2021-31535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other … Read More

compat-exiv2-023 (SL7)

Synopsis: Important: compat-exiv2-023 security update Advisory ID: SLSA-2021:3234-1 Issue Date: 2021-08-26 CVE Numbers: CVE-2021-31291 — Security Fix(es): * exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More