Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:4134-1 Issue Date: 2021-11-05 CVE Numbers: CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 — This update upgrades Thunderbird to version 91.3.0. Security Fix(es): * Mozilla: Use-after-free in HTTP2 Session object * Mozilla: Memory safety … Read More
Synopsis: Important: firefox security update Advisory ID: SLSA-2021:4116-1 Issue Date: 2021-11-03 CVE Numbers: CVE-2021-38503 CVE-2021-38504 CVE-2021-38506 CVE-2021-38507 CVE-2021-38508 CVE-2021-38509 — This update upgrades Firefox to version 91.3.0 ESR. Security Fix(es): * Mozilla: Use-after-free in HTTP2 Session object * Mozilla: Memory … Read More
Synopsis: Important: flatpak security update Advisory ID: SLSA-2021:4044-1 Issue Date: 2021-11-02 CVE Numbers: CVE-2021-41133 — Security Fix(es): * flatpak: Sandbox bypass via recent VFS-manipulating syscalls (CVE-2021-41133) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More
Synopsis: Moderate: binutils security update Advisory ID: SLSA-2021:4033-1 Issue Date: 2021-11-02 CVE Numbers: CVE-2021-42574 — Security Fix(es): * Developer environment: Unicode’s bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in binutils in order … Read More
Synopsis: Important: xstream security update Advisory ID: SLSA-2021:3956-1 Issue Date: 2021-10-25 CVE Numbers: CVE-2021-39139 CVE-2021-39140 CVE-2021-39141 CVE-2021-39144 CVE-2021-39145 CVE-2021-39146 CVE-2021-39147 CVE-2021-39148 CVE-2021-39149 CVE-2021-39150 CVE-2021-39151 CVE-2021-39152 CVE-2021-39153 CVE-2021-39154 — Security Fix(es): * xstream: Arbitrary code execution via unsafe deserialization of Xalan … Read More
Synopsis: Important: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2021:3889-1 Issue Date: 2021-10-20 CVE Numbers: CVE-2021-35565 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35586 CVE-2021-35603 CVE-2021-35550 CVE-2021-35578 CVE-2021-35567 CVE-2021-35588 — Security Fix(es): * OpenJDK: Loop in HttpsServer triggered during TLS session close … Read More
Synopsis: Important: java-11-openjdk security and bug fix update Advisory ID: SLSA-2021:3892-1 Issue Date: 2021-10-20 CVE Numbers: CVE-2021-35565 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35586 CVE-2021-35603 CVE-2021-35550 CVE-2021-35578 CVE-2021-35567 — Security Fix(es): * OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, … Read More
Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:3841-1 Issue Date: 2021-10-18 CVE Numbers: CVE-2021-32810 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38500 CVE-2021-38501 CVE-2021-38502 — This update upgrades Thunderbird to version 91.2.0. Security Fix(es): * Mozilla: Use-after-free in MessageTask (CVE-2021-38496) * Mozilla: Memory safety … Read More
Synopsis: Important: firefox security update Advisory ID: SLSA-2021:3791-1 Issue Date: 2021-10-12 CVE Numbers: CVE-2021-32810 CVE-2021-38496 CVE-2021-38497 CVE-2021-38498 CVE-2021-38500 CVE-2021-38501 — This update upgrades Firefox to version 91.2.0 ESR. Security Fix(es): * Mozilla: Use-after-free in MessageTask (CVE-2021-38496) * Mozilla: Memory safety … Read More
Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:3801-1 Issue Date: 2021-10-12 CVE Numbers: CVE-2021-22543 CVE-2021-3653 CVE-2021-3656 CVE-2021-37576 — Security Fix(es): * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) * kernel: powerpc: … Read More
