Synopsis: Moderate: grub2 security update Advisory ID: SLSA-2021:0699-1 Issue Date: 2021-03-03 CVE Numbers: CVE-2020-14372 CVE-2020-25632 CVE-2020-25647 CVE-2020-27749 CVE-2020-27779 CVE-2021-20225 CVE-2021-20233 — Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled … Read More
Synopsis: Important: podman security update Advisory ID: SLSA-2021:0681-1 Issue Date: 2021-03-02 CVE Numbers: CVE-2021-20188 — Security Fix(es): * podman: container users permissions are not respected in privileged containers (CVE-2021-20188) For more details about the security issue(s), including the impact, a … Read More
Synopsis: Important: bind security update Advisory ID: SLSA-2021:0671-1 Issue Date: 2021-03-01 CVE Numbers: CVE-2020-8625 — Security Fix(es): * bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625) For more details about the security issue(s), including the … Read More
Synopsis: Important: thunderbird security update Advisory ID: SLSA-2021:0661-1 Issue Date: 2021-02-24 CVE Numbers: CVE-2021-23969 CVE-2021-23968 CVE-2021-23973 CVE-2021-23978 — This update upgrades Thunderbird to version 78.8.0. Security Fix(es): * Mozilla: Content Security Policy violation report could have contained the destination of … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2021:0656-1 Issue Date: 2021-02-24 CVE Numbers: CVE-2021-23969 CVE-2021-23968 CVE-2021-23973 CVE-2021-23978 — This update upgrades Firefox to version 78.8.0 ESR. Security Fix(es): * Mozilla: Content Security Policy violation report could have contained the destination … Read More
Synopsis: Important: xterm security update Advisory ID: SLSA-2021:0617-1 Issue Date: 2021-02-22 CVE Numbers: CVE-2021-27135 — Security Fix(es): * xterm: crash when processing combining characters (CVE-2021-27135) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and … Read More
Synopsis: Important: flatpak security update Advisory ID: SLSA-2021:0411-1 Issue Date: 2021-02-05 CVE Numbers: CVE-2021-21261 — Security Fix(es): * flatpak: sandbox escape via spawn portal (CVE-2021-21261) — SL7 x86_64 flatpak-1.0.9-10.el7_9.x86_64.rpm flatpak-debuginfo-1.0.9-10.el7_9.x86_64.rpm flatpak-libs-1.0.9-10.el7_9.x86_64.rpm flatpak-builder-1.0.0-10.el7_9.x86_64.rpm flatpak-devel-1.0.9-10.el7_9.x86_64.rpm – Scientific Linux Development Team
Synopsis: Moderate: qemu-kvm security and bug fix update Advisory ID: SLSA-2021:0347-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-13765 CVE-2020-16092 — Security Fix(es): * QEMU: loader: OOB access while loading registered ROM may lead to code execution (CVE-2020-13765) * QEMU: reachable assertion … Read More
Synopsis: Moderate: glibc security and bug fix update Advisory ID: SLSA-2021:0348-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-10029 CVE-2020-29573 CVE-2019-25013 — Security Fix(es): * glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013) * … Read More
Synopsis: Moderate: perl security update Advisory ID: SLSA-2021:0343-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 — Security Fix(es): * perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543) * perl: corruption of intermediate language state of … Read More
