SL Developer Blog | Scientific Linux

linux-firmware (SL7)

By Scientific Linux Team on February 2, 2021

Synopsis: Important: linux-firmware security update Advisory ID: SLSA-2021:0339-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-12321 — Security Fix(es): * hardware: buffer overflow in bluetooth firmware (CVE-2020-12321) — SL7 noarch iwl100-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl1000-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl105-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl135-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2000-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2030-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl3160-firmware-25.30.13.0-80.el7_9.noarch.rpm iwl3945-firmware-15.32.2.9-80.el7_9.noarch.rpm iwl4965-firmware-228.61.2.24-80.el7_9.noarch.rpm iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch.rpm iwl5150-firmware-8.24.2.2-80.el7_9.noarch.rpm iwl6000-firmware-9.221.4.1-80.el7_9.noarch.rpm … Read More

kernel (SL7)

By Scientific Linux Team on February 2, 2021

Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2021:0336-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-15436 CVE-2020-35513 — Security Fix(es): * kernel: use-after-free in fs/block_dev.c (CVE-2020-15436) * kernel: Nfsd failure to clear umask after processing an open or … Read More

thunderbird (SL7)

By Scientific Linux Team on January 28, 2021

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:0297-1 Issue Date: 2021-01-28 CVE Numbers: CVE-2021-23953 CVE-2021-23954 CVE-2020-26976 CVE-2021-23960 CVE-2021-23964 CVE-2020-15685 — This update upgrades Thunderbird to version 78.7.0. Security Fix(es): * Mozilla: Cross-origin information leakage via redirected PDF requests (CVE-2021-23953) * … Read More

firefox (SL7)

By Scientific Linux Team on January 27, 2021

Synopsis: Important: firefox security update Advisory ID: SLSA-2021:0290-1 Issue Date: 2021-01-27 CVE Numbers: CVE-2021-23953 CVE-2021-23954 CVE-2020-26976 CVE-2021-23960 CVE-2021-23964 — This update upgrades Firefox to version 78.7.0 ESR. Security Fix(es): * Mozilla: Cross-origin information leakage via redirected PDF requests (CVE-2021-23953) * … Read More

sudo (SL7)

By Scientific Linux Team on January 26, 2021

Synopsis: Important: sudo security update Advisory ID: SLSA-2021:0221-1 Issue Date: 2021-01-26 CVE Numbers: CVE-2021-3156 — Security Fix(es): * sudo: Heap buffer overflow in argument parsing (CVE-2021-3156) — SL7 x86_64 sudo-1.8.23-10.el7_9.1.x86_64.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm sudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm sudo-devel-1.8.23-10.el7_9.1.i686.rpm sudo-devel-1.8.23-10.el7_9.1.x86_64.rpm – Scientific Linux Development Team

dnsmasq (SL7)

By Scientific Linux Team on January 26, 2021

Synopsis: Moderate: dnsmasq security update Advisory ID: SLSA-2021:0153-1 Issue Date: 2021-01-19 CVE Numbers: CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 — Security Fix(es): * dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684) * dnsmasq: loose query name … Read More

xstream (SL7)

By Scientific Linux Team on January 26, 2021

Synopsis: Important: xstream security update Advisory ID: SLSA-2021:0162-1 Issue Date: 2021-01-19 CVE Numbers: CVE-2020-26217 — Security Fix(es): * XStream: remote code execution due to insecure XML deserialization when relying on blocklists (CVE-2020-26217) — SL7 noarch xstream-1.3.1-12.el7_9.noarch.rpm xstream-javadoc-1.3.1-12.el7_9.noarch.rpm – Scientific Linux … Read More

thunderbird (SL7)

By Scientific Linux Team on January 14, 2021

Synopsis: Critical: thunderbird security update Advisory ID: SLSA-2021:0087-1 Issue Date: 2021-01-14 CVE Numbers: CVE-2020-16044 — This update upgrades Thunderbird to version 78.6.1. Security Fix(es): * Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044) — SL7 x86_64 thunderbird-78.6.1-1.el7_9.x86_64.rpm … Read More

firefox (SL7)

By Scientific Linux Team on January 11, 2021

Synopsis: Critical: firefox security update Advisory ID: SLSA-2021:0053-1 Issue Date: 2021-01-11 CVE Numbers: CVE-2020-16044 — This update upgrades Firefox to version 78.6.1 ESR. Security Fix(es): * Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044) — SL7 x86_64 … Read More

ImageMagick (SL7)

By Scientific Linux Team on January 5, 2021

Synopsis: Important: ImageMagick security update Advisory ID: SLSA-2021:0024-1 Issue Date: 2021-01-05 CVE Numbers: None — Security Fix(es): * ImageMagick: Shell injection via PDF password could result in arbitrary code execution (CVE-2020-29599) — SL7 x86_64 ImageMagick-6.9.10.68-5.el7_9.i686.rpm ImageMagick-6.9.10.68-5.el7_9.x86_64.rpm ImageMagick-c++-6.9.10.68-5.el7_9.i686.rpm ImageMagick-c++-6.9.10.68-5.el7_9.x86_64.rpm ImageMagick-debuginfo-6.9.10.68-5.el7_9.i686.rpm ImageMagick-debuginfo-6.9.10.68-5.el7_9.x86_64.rpm … Read More

«123 4 5 6 7...242 »

linux-firmware (SL7)

kernel (SL7)

thunderbird (SL7)

firefox (SL7)

sudo (SL7)

dnsmasq (SL7)

xstream (SL7)

thunderbird (SL7)

firefox (SL7)

ImageMagick (SL7)

SL Security Errata

grub2 (SL7)

podman (SL7)

bind (SL7)

firefox (SL7)