xorg-x11-server (SL7)

Synopsis: Important: xorg-x11-server security update Advisory ID: SLSA-2020:5408-1 Issue Date: 2020-12-14 CVE Numbers: None — Security Fix(es): * xorg-x11-server: Out-of-bounds access in XkbSetMap function (CVE-2020-14360) * xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege escalation vulnerability (CVE-2020-25712) * xorg-x11-server: Leak of uninitialized … Read More

libexif (SL7)

Synopsis: Important: libexif security update Advisory ID: SLSA-2020:5402-1 Issue Date: 2020-12-14 CVE Numbers: None — Security Fix(es): * libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452) — SL7 x86_64 libexif-0.6.22-2.el7_9.i686.rpm libexif-0.6.22-2.el7_9.x86_64.rpm libexif-debuginfo-0.6.22-2.el7_9.i686.rpm libexif-debuginfo-0.6.22-2.el7_9.x86_64.rpm libexif-devel-0.6.22-2.el7_9.i686.rpm libexif-devel-0.6.22-2.el7_9.x86_64.rpm … Read More

net-snmp (SL7)

Synopsis: Important: net-snmp security update Advisory ID: SLSA-2020:5350-1 Issue Date: 2020-12-07 CVE Numbers: CVE-2020-15862 — Security Fix(es): * net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution (CVE-2020-15862) — SL7 x86_64 net-snmp-5.7.2-49.el7_9.1.x86_64.rpm net-snmp-agent-libs-5.7.2-49.el7_9.1.i686.rpm net-snmp-agent-libs-5.7.2-49.el7_9.1.x86_64.rpm net-snmp-debuginfo-5.7.2-49.el7_9.1.i686.rpm net-snmp-debuginfo-5.7.2-49.el7_9.1.x86_64.rpm … Read More

firefox (SL6)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:5257-1 Issue Date: 2020-11-30 CVE Numbers: CVE-2020-26951 CVE-2020-16012 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968 — This update upgrades Firefox to version 78.5.0 ESR. Security Fix(es): * Mozilla: Parsing mismatches could confuse … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:5238-1 Issue Date: 2020-11-30 CVE Numbers: CVE-2020-26951 CVE-2020-16012 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968 — This update upgrades Thunderbird to version 78.5.0. Security Fix(es): * Mozilla: Parsing mismatches could confuse and … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2020:5239-1 Issue Date: 2020-11-30 CVE Numbers: CVE-2020-26951 CVE-2020-16012 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968 — This update upgrades Firefox to version 78.5.0 ESR. Security Fix(es): * Mozilla: Parsing mismatches could confuse … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:5235-1 Issue Date: 2020-11-30 CVE Numbers: CVE-2020-26951 CVE-2020-16012 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961 CVE-2020-26965 CVE-2020-26968 — This update upgrades Thunderbird to version 78.5.0. Security Fix(es): * Mozilla: Parsing mismatches could confuse and … Read More

net-snmp (SL6)

Synopsis: Important: net-snmp security update Advisory ID: SLSA-2020:5129-1 Issue Date: 2020-11-24 CVE Numbers: CVE-2020-15862 — Security Fix(es): * net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution (CVE-2020-15862) — SL6 x86_64 net-snmp-5.5-60.el6_10.2.x86_64.rpm net-snmp-debuginfo-5.5-60.el6_10.2.i686.rpm net-snmp-debuginfo-5.5-60.el6_10.2.x86_64.rpm net-snmp-libs-5.5-60.el6_10.2.i686.rpm net-snmp-libs-5.5-60.el6_10.2.x86_64.rpm … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:5164-1 Issue Date: 2020-11-24 CVE Numbers: CVE-2020-26950 — This update upgrades Thunderbird to version 78.4.3. Security Fix(es): * Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950) — SL6 x86_64 thunderbird-78.4.3-1.el6_10.x86_64.rpm … Read More

microcode_ctl (SL6)

Synopsis: Moderate: microcode_ctl security, bug fix, and enhancement update Advisory ID: SLSA-2020:5084-1 Issue Date: 2020-11-11 CVE Numbers: None — Security Fix(es): * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698) — SL6 x86_64 microcode_ctl-1.17-33.31.el6_10.x86_64.rpm microcode_ctl-debuginfo-1.17-33.31.el6_10.x86_64.rpm i386 … Read More