thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2022:9079-1 Issue Date: 2022-12-16 CVE Numbers: CVE-2022-46872 CVE-2022-46874 CVE-2022-46878 CVE-2022-46880 CVE-2022-46881 CVE-2022-46882 CVE-2022-45414 — This update upgrades Thunderbird to version 102.6.0. Security Fix(es): * Mozilla: Arbitrary file read from a compromised content process … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2022:9072-1 Issue Date: 2022-12-16 CVE Numbers: CVE-2022-46872 CVE-2022-46874 CVE-2022-46878 CVE-2022-46880 CVE-2022-46881 CVE-2022-46882 — This update upgrades Firefox to version 102.6.0 ESR. Security Fix(es): * Mozilla: Arbitrary file read from a compromised content process … Read More

bcel (SL7)

Synopsis: Important: bcel security update Advisory ID: SLSA-2022:8958-1 Issue Date: 2022-12-13 CVE Numbers: CVE-2022-42920 — Security Fix(es): * Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More

grub2 (SL7)

Synopsis: Important: grub2 security update Advisory ID: SLSA-2022:8900-1 Issue Date: 2022-12-09 CVE Numbers: CVE-2022-28733 — Security Fix(es): * grub2: Integer underflow in grub_net_recv_ip4_packets (CVE-2022-28733) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other … Read More

pki-core (SL7)

Synopsis: Important: pki-core security update Advisory ID: SLSA-2022:8799-1 Issue Date: 2022-12-06 CVE Numbers: CVE-2022-2414 — Security Fix(es): * pki-core: access to external entities when parsing XML can lead to XXE (CVE-2022-2414) For more details about the security issue(s), including the … Read More

krb5 (SL7)

Synopsis: Important: krb5 security update Advisory ID: SLSA-2022:8640-1 Issue Date: 2022-11-28 CVE Numbers: CVE-2022-42898 — Security Fix(es): * krb5: integer overflow vulnerabilities in PAC parsing (CVE-2022-42898) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2022:8555-1 Issue Date: 2022-11-22 CVE Numbers: CVE-2022-45403 CVE-2022-45404 CVE-2022-45405 CVE-2022-45406 CVE-2022-45408 CVE-2022-45409 CVE-2022-45410 CVE-2022-45411 CVE-2022-45412 CVE-2022-45416 CVE-2022-45418 CVE-2022-45420 CVE-2022-45421 — This update upgrades Thunderbird to version 102.5.0. Security Fix(es): * Mozilla: Service Workers … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2022:8552-1 Issue Date: 2022-11-22 CVE Numbers: CVE-2022-45403 CVE-2022-45404 CVE-2022-45405 CVE-2022-45406 CVE-2022-45408 CVE-2022-45409 CVE-2022-45410 CVE-2022-45411 CVE-2022-45412 CVE-2022-45416 CVE-2022-45418 CVE-2022-45420 CVE-2022-45421 — This update upgrades Firefox to version 102.5.0 ESR. Security Fix(es): * Mozilla: Service … Read More

hsqldb (SL7)

Synopsis: Important: hsqldb security update Advisory ID: SLSA-2022:8560-1 Issue Date: 2022-11-22 CVE Numbers: CVE-2022-41853 — Security Fix(es): * hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853) For more details about the security issue(s), including the impact, a CVSS score, … Read More

xorg-x11-server (SL7)

Synopsis: Important: xorg-x11-server security update Advisory ID: SLSA-2022:8491-1 Issue Date: 2022-11-16 CVE Numbers: CVE-2022-3550 CVE-2022-3551 — Security Fix(es): * xorg-x11-server: buffer overflow in _GetCountedString() in xkb/xkb.c (CVE-2022-3550) * xorg-x11-server: memory leak in ProcXkbGetKbdByName() in xkb/xkb.c (CVE-2022-3551) For more details about … Read More