postgresql-jdbc (SL7)

Synopsis: Important: postgresql-jdbc security update Advisory ID: SLSA-2020:3285-1 Issue Date: 2020-08-03 CVE Numbers: None — Security Fix(es): * postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692) — SL7 noarch postgresql-jdbc-9.2.1002-8.el7_8.noarch.rpm postgresql-jdbc-javadoc-9.2.1002-8.el7_8.noarch.rpm – Scientific Linux Development Team

libvncserver (SL7)

Synopsis: Important: libvncserver security update Advisory ID: SLSA-2020:3281-1 Issue Date: 2020-08-03 CVE Numbers: None — Security Fix(es): * libvncserver: websocket decoding buffer overflow (CVE-2017-18922) — SL7 x86_64 libvncserver-0.9.9-14.el7_8.1.i686.rpm libvncserver-0.9.9-14.el7_8.1.x86_64.rpm libvncserver-debuginfo-0.9.9-14.el7_8.1.i686.rpm libvncserver-debuginfo-0.9.9-14.el7_8.1.x86_64.rpm libvncserver-devel-0.9.9-14.el7_8.1.i686.rpm libvncserver-devel-0.9.9-14.el7_8.1.x86_64.rpm – Scientific Linux Development Team

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:3253-1 Issue Date: 2020-07-30 CVE Numbers: None — Security Fix(es): * chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2020:3220-1 Issue Date: 2020-07-29 CVE Numbers: None — Security Fix(es): * kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757) * kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653) … Read More

grub2 (SL7)

Synopsis: Moderate: grub2 security and bug fix update Advisory ID: SLSA-2020:3217-1 Issue Date: 2020-07-29 CVE Numbers: None — Security Fix(es): * grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process (CVE-2020-10713) * grub2: grub_malloc does not … Read More

firefox (SL6)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:3233-1 Issue Date: 2020-07-30 CVE Numbers: None — Security Fix(es): * chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when … Read More

java-1.8.0-openjdk (SL6)

Synopsis: Important: java-1.8.0-openjdk security update Advisory ID: SLSA-2020:2985-1 Issue Date: 2020-07-16 CVE Numbers: None — Security Fix(es): * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) (CVE-2020-14583) * OpenJDK: Incomplete bounds checks in Affine Transformations (2D, … Read More

java-1.8.0-openjdk (SL7)

Synopsis: Important: java-1.8.0-openjdk security update Advisory ID: SLSA-2020:2968-1 Issue Date: 2020-07-16 CVE Numbers: None — Security Fix(es): * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) (CVE-2020-14583) * OpenJDK: Incomplete bounds checks in Affine Transformations (2D, … Read More

java-11-openjdk (SL7)

Synopsis: Important: java-11-openjdk security update Advisory ID: SLSA-2020:2969-1 Issue Date: 2020-07-16 CVE Numbers: None — Security Fix(es): * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) (CVE-2020-14583) * OpenJDK: Incomplete bounds checks in Affine Transformations (2D, … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:2966-1 Issue Date: 2020-07-16 CVE Numbers: None — Security Fix(es): * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect … Read More