Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:1071-1 Issue Date: 2021-04-06 CVE Numbers: CVE-2021-27365 CVE-2021-27363 CVE-2021-27364 — Security Fix(es): * kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) * kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) … Read More
Synopsis: Important: libldb security update Advisory ID: SLSA-2021:1072-1 Issue Date: 2021-04-06 CVE Numbers: CVE-2021-20277 — Security Fix(es): * samba: Out of bounds read in AD DC LDAP server (CVE-2021-20277) For more details about the security issue(s), including the impact, a … Read More
Synopsis: Important: flatpak security update Advisory ID: SLSA-2021:1002-1 Issue Date: 2021-03-29 CVE Numbers: CVE-2021-21381 — Security Fix(es): * flatpak: “file forwarding” feature can be used to gain unprivileged access to files (CVE-2021-21381) For more details about the security issue(s), including … Read More
Synopsis: Important: firefox security update Advisory ID: SLSA-2021:0992-1 Issue Date: 2021-03-25 CVE Numbers: CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 — This update upgrades Firefox to version 78.9.0 ESR. Security Fix(es): * Mozilla: Texture upload into an unbound backing buffer resulted in an … Read More
Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:0996-1 Issue Date: 2021-03-25 CVE Numbers: CVE-2021-23981 CVE-2021-23982 CVE-2021-23984 CVE-2021-23987 — This update upgrades Thunderbird to version 78.9.0. Security Fix(es): * Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound … Read More
Synopsis: Important: pki-core security and bug fix update Advisory ID: SLSA-2021:0851-1 Issue Date: 2021-03-16 CVE Numbers: CVE-2019-10179 CVE-2019-10146 CVE-2019-10221 CVE-2020-1721 CVE-2020-25715 CVE-2021-20179 — Security Fix(es): * pki-core: Unprivileged users can renew any certificate (CVE-2021-20179) * pki-core: XSS in the certificate … Read More
Synopsis: Moderate: ipa security and bug fix update Advisory ID: SLSA-2021:0860-1 Issue Date: 2021-03-16 CVE Numbers: CVE-2020-11023 — Security Fix(es): * jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) For more details about … Read More
Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:0856-1 Issue Date: 2021-03-16 CVE Numbers: CVE-2020-28374 CVE-2020-29661 CVE-2019-19532 CVE-2020-7053 CVE-2020-14351 CVE-2020-25211 CVE-2020-25645 CVE-2020-25656 CVE-2020-25705 CVE-2021-20265 CVE-2020-0427 — Security Fix(es): * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211) … Read More
Synopsis: Important: wpa_supplicant security update Advisory ID: SLSA-2021:0808-1 Issue Date: 2021-03-11 CVE Numbers: CVE-2021-27803 — Security Fix(es): * wpa_supplicant: Use-after-free in P2P provision discovery processing (CVE-2021-27803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More
Synopsis: Important: screen security update Advisory ID: SLSA-2021:0742-1 Issue Date: 2021-03-08 CVE Numbers: CVE-2021-26937 — Security Fix(es): * screen: crash when processing combining chars (CVE-2021-26937) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and … Read More
