kernel (SL6)

Synopsis: Moderate: kernel security and bug fix update Advisory ID: SLSA-2020:2933-1 Issue Date: 2020-07-15 CVE Numbers: None — Security Fix(es): * kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660) — SL6 x86_64 kernel-2.6.32-754.31.1.el6.x86_64.rpm kernel-debug-2.6.32-754.31.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.31.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.31.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.31.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.31.1.el6.x86_64.rpm … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:2906-1 Issue Date: 2020-07-14 CVE Numbers: None — Security Fix(es): * Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 (CVE-2020-12417) * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) … Read More

dbus (SL7)

Synopsis: Important: dbus security update Advisory ID: SLSA-2020:2894-1 Issue Date: 2020-07-13 CVE Numbers: None — Security Fix(es): * dbus: denial of service via file descriptor leak (CVE-2020-12049) — SL7 x86_64 dbus-1.10.24-14.el7_8.x86_64.rpm dbus-debuginfo-1.10.24-14.el7_8.i686.rpm dbus-debuginfo-1.10.24-14.el7_8.x86_64.rpm dbus-libs-1.10.24-14.el7_8.i686.rpm dbus-libs-1.10.24-14.el7_8.x86_64.rpm dbus-x11-1.10.24-14.el7_8.x86_64.rpm dbus-devel-1.10.24-14.el7_8.i686.rpm dbus-devel-1.10.24-14.el7_8.x86_64.rpm dbus-tests-1.10.24-14.el7_8.x86_64.rpm noarch … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:2827-1 Issue Date: 2020-07-07 CVE Numbers: None — Security Fix(es): * Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64 (CVE-2020-12417) * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) … Read More

firefox (SL6)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:2824-1 Issue Date: 2020-07-07 CVE Numbers: None — Security Fix(es): * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2020:2664-1 Issue Date: 2020-06-23 CVE Numbers: None — Security Fix(es): * Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario (CVE-2020-12888) — SL7 x86_64 … Read More

ntp (SL7)

Synopsis: Moderate: ntp security update Advisory ID: SLSA-2020:2663-1 Issue Date: 2020-06-23 CVE Numbers: None — Security Fix(es): * ntp: ntpd using highly predictable transmit timestamps could result in time change or DoS (CVE-2020-13817) * ntp: DoS on client ntpd using … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:2615-1 Issue Date: 2020-06-22 CVE Numbers: None — Security Fix(es): * Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage (CVE-2020-12398) * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion … Read More

unbound (SL7)

Synopsis: Important: unbound security update Advisory ID: SLSA-2020:2642-1 Issue Date: 2020-06-22 CVE Numbers: None — Security Fix(es): * unbound: incomplete fix for CVE-2020-12662 in RHEL7 (CVE-2020-10772) — SL7 x86_64 unbound-1.6.6-5.el7_8.x86_64.rpm unbound-debuginfo-1.6.6-5.el7_8.i686.rpm unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm unbound-libs-1.6.6-5.el7_8.i686.rpm unbound-libs-1.6.6-5.el7_8.x86_64.rpm unbound-devel-1.6.6-5.el7_8.i686.rpm unbound-devel-1.6.6-5.el7_8.x86_64.rpm unbound-python-1.6.6-5.el7_8.x86_64.rpm – Scientific Linux … Read More

unbound (SL6)

Synopsis: Important: unbound security update Advisory ID: SLSA-2020:2640-1 Issue Date: 2020-06-22 CVE Numbers: None — Security Fix(es): * unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662) * unbound: infinite loop via … Read More