kernel (SL6)

Synopsis: Important: kernel security update Advisory ID: SLSA-2020:2103-1 Issue Date: 2020-05-12 CVE Numbers: None — Security Fix(es): * Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711) — SL6 x86_64 kernel-2.6.32-754.29.2.el6.x86_64.rpm kernel-debug-2.6.32-754.29.2.el6.x86_64.rpm … Read More

thunderbird (SL6)

Synopsis: Critical: thunderbird security update Advisory ID: SLSA-2020:2049-1 Issue Date: 2020-05-11 CVE Numbers: None — Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * usrsctp: … Read More

thunderbird (SL7)

Synopsis: Critical: thunderbird security update Advisory ID: SLSA-2020:2050-1 Issue Date: 2020-05-11 CVE Numbers: None — Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * usrsctp: … Read More

squid (SL7)

Synopsis: Important: squid security update Advisory ID: SLSA-2020:2040-1 Issue Date: 2020-05-06 CVE Numbers: None — Security Fix(es): * squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow (CVE-2019-12519) * squid: improper access restriction upon Digest Authentication … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2020:2037-1 Issue Date: 2020-05-06 CVE Numbers: None — Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * Mozilla: … Read More

firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2020:2036-1 Issue Date: 2020-05-06 CVE Numbers: None — Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * Mozilla: … Read More

python-twisted-web (SL6)

Synopsis: Important: python-twisted-web security update Advisory ID: SLSA-2020:1962-1 Issue Date: 2020-04-29 CVE Numbers: None — Security Fix(es): * python-twisted: HTTP request smuggling when presented with two Content-Length headers (CVE-2020-10108) — SL6 x86_64 python-twisted-web-8.2.0-6.el6_10.x86_64.rpm i386 python-twisted-web-8.2.0-6.el6_10.i686.rpm – Scientific Linux Development Team

python-twisted-web (SL7)

Synopsis: Important: python-twisted-web security update Advisory ID: SLSA-2020:1561-1 Issue Date: 2020-04-23 CVE Numbers: None — Security Fix(es): * python-twisted: HTTP request smuggling when presented with two Content-Length headers (CVE-2020-10108) * python-twisted: HTTP request smuggling when presented with a Content-Length and … Read More

kernel (SL6)

Synopsis: Important: kernel security update Advisory ID: SLSA-2020:1524-1 Issue Date: 2020-04-22 CVE Numbers: None — Security Fix(es): * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) * kernel: offset2lib … Read More

java-11-openjdk (SL7)

Synopsis: Important: java-11-openjdk security update Advisory ID: SLSA-2020:1509-1 Issue Date: 2020-04-21 CVE Numbers: None — Security Fix(es): * OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) * OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) * OpenJDK: … Read More