thunderbird (SL6)

By Scientific Linux Team on June 19, 2020

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:2613-1 Issue Date: 2020-06-19 CVE Numbers: None — Security Fix(es): * Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage (CVE-2020-12398) * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion … Read More

libexif (SL7)

By Scientific Linux Team on June 15, 2020

Synopsis: Moderate: libexif security update Advisory ID: SLSA-2020:2549-1 Issue Date: 2020-06-15 CVE Numbers: None — Security Fix(es): * libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112) — SL7 x86_64 libexif-0.6.21-7.el7_8.i686.rpm libexif-0.6.21-7.el7_8.x86_64.rpm libexif-debuginfo-0.6.21-7.el7_8.i686.rpm … Read More

tomcat6 (SL6)

By Scientific Linux Team on June 12, 2020

Synopsis: Important: tomcat6 security update Advisory ID: SLSA-2020:2529-1 Issue Date: 2020-06-11 CVE Numbers: None — * tomcat: deserialization flaw in session persistence storage leading to RCE (CVE-2020-9484) — SL6 noarch tomcat6-6.0.24-115.el6_10.noarch.rpm tomcat6-admin-webapps-6.0.24-115.el6_10.noarch.rpm tomcat6-docs-webapp-6.0.24-115.el6_10.noarch.rpm tomcat6-el-2.1-api-6.0.24-115.el6_10.noarch.rpm tomcat6-javadoc-6.0.24-115.el6_10.noarch.rpm tomcat6-jsp-2.1-api-6.0.24-115.el6_10.noarch.rpm tomcat6-lib-6.0.24-115.el6_10.noarch.rpm tomcat6-servlet-2.5-api-6.0.24-115.el6_10.noarch.rpm tomcat6-webapps-6.0.24-115.el6_10.noarch.rpm – … Read More

libexif (SL6)

By Scientific Linux Team on June 11, 2020

Synopsis: Moderate: libexif security update Advisory ID: SLSA-2020:2516-1 Issue Date: 2020-06-11 CVE Numbers: None — Security Fix(es): * libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112) — SL6 x86_64 libexif-0.6.21-6.el6_10.i686.rpm libexif-0.6.21-6.el6_10.x86_64.rpm libexif-debuginfo-0.6.21-6.el6_10.i686.rpm … Read More

tomcat (SL7)

By Scientific Linux Team on June 11, 2020

Synopsis: Important: tomcat security update Advisory ID: SLSA-2020:2530-1 Issue Date: 2020-06-11 CVE Numbers: None — Security Fix(es): * tomcat: deserialization flaw in session persistence storage leading to RCE (CVE-2020-9484) — SL7 noarch tomcat-servlet-3.0-api-7.0.76-12.el7_8.noarch.rpm tomcat-7.0.76-12.el7_8.noarch.rpm tomcat-admin-webapps-7.0.76-12.el7_8.noarch.rpm tomcat-docs-webapp-7.0.76-12.el7_8.noarch.rpm tomcat-el-2.2-api-7.0.76-12.el7_8.noarch.rpm tomcat-javadoc-7.0.76-12.el7_8.noarch.rpm tomcat-jsp-2.2-api-7.0.76-12.el7_8.noarch.rpm tomcat-jsvc-7.0.76-12.el7_8.noarch.rpm … Read More

kernel (SL6)

By Scientific Linux Team on June 10, 2020

Synopsis: Moderate: kernel security and bug fix update Advisory ID: SLSA-2020:2430-1 Issue Date: 2020-06-10 CVE Numbers: None — Security Fix(es): * kernel: NULL pointer dereference due to KEYCTL_READ on negative key (CVE-2017-12192) — SL6 x86_64 kernel-2.6.32-754.30.2.el6.x86_64.rpm kernel-debug-2.6.32-754.30.2.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.30.2.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.30.2.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.30.2.el6.i686.rpm … Read More

microcode_ctl (SL6)

By Scientific Linux Team on June 10, 2020

Synopsis: Moderate: microcode_ctl security, bug fix and enhancement update Advisory ID: SLSA-2020:2433-1 Issue Date: 2020-06-10 CVE Numbers: None — Security Fix(es): * hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: Vector … Read More

freerdp (SL7)

By Scientific Linux Team on June 9, 2020

Synopsis: Important: freerdp security update Advisory ID: SLSA-2020:2405-1 Issue Date: 2020-06-09 CVE Numbers: None — Security Fix(es): * freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) — SL7 x86_64 freerdp-2.0.0-4.rc4.el7_8.1.x86_64.rpm freerdp-debuginfo-2.0.0-4.rc4.el7_8.1.i686.rpm freerdp-debuginfo-2.0.0-4.rc4.el7_8.1.x86_64.rpm freerdp-libs-2.0.0-4.rc4.el7_8.1.i686.rpm freerdp-libs-2.0.0-4.rc4.el7_8.1.x86_64.rpm libwinpr-2.0.0-4.rc4.el7_8.1.i686.rpm libwinpr-2.0.0-4.rc4.el7_8.1.x86_64.rpm freerdp-devel-2.0.0-4.rc4.el7_8.1.i686.rpm freerdp-devel-2.0.0-4.rc4.el7_8.1.x86_64.rpm libwinpr-devel-2.0.0-4.rc4.el7_8.1.i686.rpm libwinpr-devel-2.0.0-4.rc4.el7_8.1.x86_64.rpm … Read More

freerdp (SL6)

By Scientific Linux Team on June 9, 2020

Synopsis: Important: freerdp security update Advisory ID: SLSA-2020:2406-1 Issue Date: 2020-06-09 CVE Numbers: None — Security Fix(es): * freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398) — SL6 x86_64 freerdp-1.0.2-7.el6_10.x86_64.rpm freerdp-debuginfo-1.0.2-7.el6_10.x86_64.rpm freerdp-libs-1.0.2-7.el6_10.x86_64.rpm freerdp-plugins-1.0.2-7.el6_10.x86_64.rpm freerdp-debuginfo-1.0.2-7.el6_10.i686.rpm freerdp-devel-1.0.2-7.el6_10.i686.rpm freerdp-devel-1.0.2-7.el6_10.x86_64.rpm freerdp-libs-1.0.2-7.el6_10.i686.rpm i386 freerdp-1.0.2-7.el6_10.i686.rpm freerdp-debuginfo-1.0.2-7.el6_10.i686.rpm … Read More

unbound (SL7)

By Scientific Linux Team on June 9, 2020

Synopsis: Important: unbound security update Advisory ID: SLSA-2020:2414-1 Issue Date: 2020-06-09 CVE Numbers: None — Security Fix(es): * unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662) * unbound: infinite loop via … Read More