libX11 (SL7)

Synopsis: Important: libX11 security update Advisory ID: SLSA-2020:4908-1 Issue Date: 2020-11-04 CVE Numbers: None — Security Fix(es): * libX11: integer overflow leads to double free in locale handling (CVE-2020-14363) — SL7 x86_64 libX11-1.6.7-3.el7_9.i686.rpm libX11-1.6.7-3.el7_9.x86_64.rpm libX11-debuginfo-1.6.7-3.el7_9.i686.rpm libX11-debuginfo-1.6.7-3.el7_9.x86_64.rpm libX11-devel-1.6.7-3.el7_9.i686.rpm libX11-devel-1.6.7-3.el7_9.x86_64.rpm noarch libX11-common-1.6.7-3.el7_9.noarch.rpm … Read More

java-1.8.0-openjdk (SL6)

Synopsis: Moderate: java-1.8.0-openjdk security update Advisory ID: SLSA-2020:4348-1 Issue Date: 2020-10-27 CVE Numbers: None — Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) … Read More

firefox (SL6)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:4330-1 Issue Date: 2020-10-26 CVE Numbers: None — Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683) * chromium-browser: Use after free in WebRTC (CVE-2020-15969) — … Read More

java-1.8.0-openjdk (SL7)

Synopsis: Moderate: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2020:4350-1 Issue Date: 2020-10-27 CVE Numbers: None — Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:4310-1 Issue Date: 2020-10-22 CVE Numbers: None — Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683) * chromium-browser: Use after free in WebRTC (CVE-2020-15969) — … Read More

java-11-openjdk (SL7)

Synopsis: Moderate: java-11-openjdk security update Advisory ID: SLSA-2020:4307-1 Issue Date: 2020-10-22 CVE Numbers: None — Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) … Read More

ipa (SL7)

Synopsis: Moderate: ipa security, bug fix, and enhancement update Advisory ID: SLSA-2020:3936-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2018-20676 CVE-2018-14040 CVE-2016-10735 CVE-2020-11022 CVE-2018-14042 CVE-2019-11358 CVE-2020-1722 CVE-2015-9251 CVE-2019-8331 CVE-2018-20677 — Security Fix(es): * js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251) * … Read More

e2fsprogs (SL7)

Synopsis: Moderate: e2fsprogs security and bug fix update Advisory ID: SLSA-2020:4011-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-5094 CVE-2019-5188 — Security Fix(es): * e2fsprogs: Crafted ext4 partition leads to out-of-bounds write (CVE-2019-5094) * e2fsprogs: Out-of-bounds write in e2fsck/rehash.c (CVE-2019-5188) — SL7 … Read More

squid (SL7)

Synopsis: Important: squid security update Advisory ID: SLSA-2020:4082-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-24606 CVE-2019-12528 CVE-2020-8450 CVE-2020-15049 CVE-2020-8449 CVE-2020-15810 CVE-2020-15811 — Security Fix(es): * squid: HTTP Request Smuggling could result in cache poisoning (CVE-2020-15810) * squid: HTTP Request Splitting could … Read More

openwsman (SL7)

Synopsis: Moderate: openwsman security update Advisory ID: SLSA-2020:3940-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-3833 — Security Fix(es): * openwsman: Infinite loop in process_connection() allows denial of service (CVE-2019-3833) — SL7 x86_64 libwsman1-2.6.3-7.git4391e5c.el7.x86_64.rpm openwsman-client-2.6.3-7.git4391e5c.el7.i686.rpm openwsman-client-2.6.3-7.git4391e5c.el7.x86_64.rpm openwsman-server-2.6.3-7.git4391e5c.el7.i686.rpm openwsman-python-2.6.3-7.git4391e5c.el7.x86_64.rpm libwsman1-2.6.3-7.git4391e5c.el7.i686.rpm openwsman-server-2.6.3-7.git4391e5c.el7.x86_64.rpm openwsman-debuginfo-2.6.3-7.git4391e5c.el7.i686.rpm openwsman-debuginfo-2.6.3-7.git4391e5c.el7.x86_64.rpm … Read More