compat-exiv2-026 (SL7)

Synopsis: Important: compat-exiv2-026 security update Advisory ID: SLSA-2021:3233-1 Issue Date: 2021-08-26 CVE Numbers: CVE-2021-31291 — Security Fix(es): * exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2021:3154-1 Issue Date: 2021-08-18 CVE Numbers: CVE-2021-29986 CVE-2021-29988 CVE-2021-29984 CVE-2021-29980 CVE-2021-29985 CVE-2021-29989 — This update upgrades Firefox to version 78.13.0 ESR. Security Fix(es): * Mozilla: Uninitialized memory in a canvas object could have … Read More

exiv2 (SL7)

Synopsis: Important: exiv2 security update Advisory ID: SLSA-2021:3158-1 Issue Date: 2021-08-18 CVE Numbers: CVE-2021-31291 — Security Fix(es): * exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:3160-1 Issue Date: 2021-08-18 CVE Numbers: CVE-2021-29986 CVE-2021-29988 CVE-2021-29984 CVE-2021-29980 CVE-2021-29985 CVE-2021-29989 — This update upgrades Thunderbird to version 78.13.0. Security Fix(es): * Mozilla: Uninitialized memory in a canvas object could have led … Read More

microcode_ctl (SL7)

Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: SLSA-2021:3028-1 Issue Date: 2021-08-09 CVE Numbers: CVE-2020-0548 CVE-2020-0549 CVE-2020-0543 CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-8695 CVE-2020-8696 CVE-2020-8698 — Security Fix(es): * hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: … Read More

lasso (SL7)

Synopsis: Important: lasso security update Advisory ID: SLSA-2021:2989-1 Issue Date: 2021-08-03 CVE Numbers: CVE-2021-28091 — Security Fix(es): * lasso: XML signature wrapping vulnerability when parsing SAML responses (CVE-2021-28091) For more details about the security issue(s), including the impact, a CVSS … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:2881-1 Issue Date: 2021-07-26 CVE Numbers: CVE-2021-30547 CVE-2021-29970 CVE-2021-29976 CVE-2021-29969 — This update upgrades Thunderbird to version 78.12.0. Security Fix(es): * Mozilla: IMAP server responses sent by a MITM prior to STARTTLS could … Read More

java-1.8.0-openjdk (SL7)

Synopsis: Important: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2021:2845-1 Issue Date: 2021-07-21 CVE Numbers: CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 — Security Fix(es): * OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) * OpenJDK: FTP PASV command response can … Read More

java-11-openjdk (SL7)

Synopsis: Important: java-11-openjdk security update Advisory ID: SLSA-2021:2784-1 Issue Date: 2021-07-21 CVE Numbers: CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 — Security Fix(es): * OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) * OpenJDK: FTP PASV command response can cause FtpClient to … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:2725-1 Issue Date: 2021-07-21 CVE Numbers: CVE-2020-11668 CVE-2019-20934 CVE-2021-33033 CVE-2021-33034 CVE-2021-33909 — Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: use-after-free in net/bluetooth/hci_event.c when … Read More