firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:0520-1 Issue Date: 2020-02-17 CVE Numbers: None — Security Fix(es): * Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) * Mozilla: Memory safety bugs fixed in Firefox 73 … Read More

spice-gtk (SL6)

Synopsis: Moderate: spice-gtk security update Advisory ID: SLSA-2020:0471-1 Issue Date: 2020-02-11 CVE Numbers: None — Security Fix(es): * spice-client: Insufficient encoding checks for LZ can cause different integer/buffer overflows (CVE-2018-10893) — SL6 x86_64 spice-glib-0.26-8.el6_10.2.i686.rpm spice-glib-0.26-8.el6_10.2.x86_64.rpm spice-gtk-0.26-8.el6_10.2.i686.rpm spice-gtk-0.26-8.el6_10.2.x86_64.rpm spice-gtk-debuginfo-0.26-8.el6_10.2.i686.rpm spice-gtk-debuginfo-0.26-8.el6_10.2.x86_64.rpm spice-gtk-python-0.26-8.el6_10.2.x86_64.rpm … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2020:0374-1 Issue Date: 2020-02-05 CVE Numbers: None — Security Fix(es): * kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816) * kernel: heap-based buffer overflow in mwifiex_process_country_ie() function … Read More

ipa (SL7)

Synopsis: Important: ipa security and bug fix update Advisory ID: SLSA-2020:0378-1 Issue Date: 2020-02-05 CVE Numbers: None — Security Fix(es): * ipa: Denial of service in IPA server due to wrong use of ber_scanf() (CVE-2019-14867) * ipa: Batch API logging … Read More

qemu-kvm (SL7)

Synopsis: Important: qemu-kvm security, bug fix, and enhancement update Advisory ID: SLSA-2020:0366-1 Issue Date: 2020-02-05 CVE Numbers: None — Security Fix(es): * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378) — … Read More

git (SL6)

Synopsis: Important: git security update Advisory ID: SLSA-2020:0316-1 Issue Date: 2020-02-03 CVE Numbers: None — Security Fix(es): * git: arbitrary code execution via .gitmodules (CVE-2018-17456) — SL6 x86_64 git-1.7.1-10.el6_10.x86_64.rpm git-daemon-1.7.1-10.el6_10.x86_64.rpm git-debuginfo-1.7.1-10.el6_10.x86_64.rpm i386 git-1.7.1-10.el6_10.i686.rpm git-daemon-1.7.1-10.el6_10.i686.rpm git-debuginfo-1.7.1-10.el6_10.i686.rpm noarch emacs-git-1.7.1-10.el6_10.noarch.rpm emacs-git-el-1.7.1-10.el6_10.noarch.rpm git-all-1.7.1-10.el6_10.noarch.rpm git-cvs-1.7.1-10.el6_10.noarch.rpm … Read More

openjpeg2 (SL7)

Synopsis: Important: openjpeg2 security update Advisory ID: SLSA-2020:0262-1 Issue Date: 2020-01-28 CVE Numbers: None — Security Fix(es): * openjpeg: Heap-based buffer overflow in opj_t1_clbl_decode_processor() (CVE-2020-6851) — SL7 x86_64 openjpeg2-2.3.1-2.el7_7.i686.rpm openjpeg2-2.3.1-2.el7_7.x86_64.rpm openjpeg2-debuginfo-2.3.1-2.el7_7.i686.rpm openjpeg2-debuginfo-2.3.1-2.el7_7.x86_64.rpm openjpeg2-devel-2.3.1-2.el7_7.i686.rpm openjpeg2-devel-2.3.1-2.el7_7.x86_64.rpm openjpeg2-tools-2.3.1-2.el7_7.i686.rpm openjpeg2-tools-2.3.1-2.el7_7.x86_64.rpm noarch openjpeg2-devel-docs-2.3.1-2.el7_7.noarch.rpm – Scientific … Read More

sqlite (SL7)

Synopsis: Important: sqlite security update Advisory ID: SLSA-2020:0227-1 Issue Date: 2020-01-27 CVE Numbers: None — Security Fix(es): * sqlite: fts3: improve shadow table corruption detection (CVE-2019-13734) — SL7 x86_64 sqlite-3.7.17-8.el7_7.1.i686.rpm sqlite-3.7.17-8.el7_7.1.x86_64.rpm sqlite-debuginfo-3.7.17-8.el7_7.1.i686.rpm sqlite-debuginfo-3.7.17-8.el7_7.1.x86_64.rpm lemon-3.7.17-8.el7_7.1.x86_64.rpm sqlite-devel-3.7.17-8.el7_7.1.i686.rpm sqlite-devel-3.7.17-8.el7_7.1.x86_64.rpm sqlite-tcl-3.7.17-8.el7_7.1.x86_64.rpm noarch sqlite-doc-3.7.17-8.el7_7.1.noarch.rpm – … Read More

openslp (SL6)

Synopsis: Critical: openslp security update Advisory ID: SLSA-2020:0199-1 Issue Date: 2020-01-22 CVE Numbers: CVE-2019-5544 — Security Fix(es): * openslp: Heap-based buffer overflow in ProcessSrvRqst() in slpd_process.c leading to remote code execution (CVE-2019-5544) — SL6 x86_64 openslp-2.0.0-4.el6_10.i686.rpm openslp-2.0.0-4.el6_10.x86_64.rpm openslp-debuginfo-2.0.0-4.el6_10.i686.rpm openslp-debuginfo-2.0.0-4.el6_10.x86_64.rpm openslp-devel-2.0.0-4.el6_10.i686.rpm … Read More

libarchive (SL7)

Synopsis: Important: libarchive security update Advisory ID: SLSA-2020:0203-1 Issue Date: 2020-01-22 CVE Numbers: CVE-2019-18408 — Security Fix(es): * libarchive: use-after-free in archive_read_format_rar_read_data when there is an error in the decompression of an archive entry (CVE-2019-18408) — SL7 x86_64 libarchive-3.1.2-14.el7_7.i686.rpm libarchive-3.1.2-14.el7_7.x86_64.rpm … Read More