Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:3979-1 Issue Date: 2019-12-05 CVE Numbers: CVE-2019-14821 CVE-2019-15239 — Security Fix(es): * Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821) * kernel: local attacker can trigger multiple use-after-free … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:4108-1 Issue Date: 2019-12-05 CVE Numbers: CVE-2019-17008 CVE-2019-17010 CVE-2019-17005 CVE-2019-17011 CVE-2019-17012 — Security Fix(es): * Mozilla: Use-after-free in worker destruction (CVE-2019-17008) * Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR … Read More
Synopsis: Important: SDL security update Advisory ID: SLSA-2019:4024-1 Issue Date: 2019-12-02 CVE Numbers: None — Security Fix(es): * SDL: CVE-2019-13616 not fixed in Red Hat Enterprise Linux 7 erratum RHSA-2019:3950 (CVE-2019-14906) — SL7 x86_64 SDL-1.2.15-15.el7_7.i686.rpm SDL-1.2.15-15.el7_7.x86_64.rpm SDL-debuginfo-1.2.15-15.el7_7.i686.rpm SDL-debuginfo-1.2.15-15.el7_7.x86_64.rpm SDL-devel-1.2.15-15.el7_7.i686.rpm SDL-devel-1.2.15-15.el7_7.x86_64.rpm … Read More
Synopsis: Low: tcpdump security update Advisory ID: SLSA-2019:3976-1 Issue Date: 2019-12-02 CVE Numbers: None — Security Fix(es): * tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap (CVE-2018-19519) — SL7 x86_64 tcpdump-4.9.2-4.el7_7.1.x86_64.rpm tcpdump-debuginfo-4.9.2-4.el7_7.1.x86_64.rpm – Scientific Linux Development Team
Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: SLSA-2019:3981-1 Issue Date: 2019-12-02 CVE Numbers: None — Security Fix(es): * 389-ds-base: Read permission check bypass via the deref plugin (CVE-2019-14824) — SL7 x86_64 389-ds-base-1.3.9.1-12.el7_7.x86_64.rpm 389-ds-base-debuginfo-1.3.9.1-12.el7_7.x86_64.rpm 389-ds-base-devel-1.3.9.1-12.el7_7.x86_64.rpm 389-ds-base-libs-1.3.9.1-12.el7_7.x86_64.rpm 389-ds-base-snmp-1.3.9.1-12.el7_7.x86_64.rpm – … Read More
Synopsis: Important: kernel security update Advisory ID: SLSA-2019:3872-1 Issue Date: 2019-11-14 CVE Numbers: None — Security Fix(es): * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) — SL7 x86_64 bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm … Read More
Synopsis: Important: ghostscript security update Advisory ID: SLSA-2019:3888-1 Issue Date: 2019-11-14 CVE Numbers: CVE-2019-14869 — Security Fix(es): * ghostscript: -dSAFER escape in .charkeys (701841) (CVE-2019-14869) — SL7 x86_64 ghostscript-9.25-2.el7_7.3.i686.rpm ghostscript-9.25-2.el7_7.3.x86_64.rpm ghostscript-cups-9.25-2.el7_7.3.x86_64.rpm ghostscript-debuginfo-9.25-2.el7_7.3.i686.rpm ghostscript-debuginfo-9.25-2.el7_7.3.x86_64.rpm libgs-9.25-2.el7_7.3.i686.rpm libgs-9.25-2.el7_7.3.x86_64.rpm ghostscript-gtk-9.25-2.el7_7.3.x86_64.rpm libgs-devel-9.25-2.el7_7.3.i686.rpm libgs-devel-9.25-2.el7_7.3.x86_64.rpm noarch ghostscript-doc-9.25-2.el7_7.3.noarch.rpm … Read More
Synopsis: Important: kernel security update Advisory ID: SLSA-2019:3878-1 Issue Date: 2019-11-14 CVE Numbers: CVE-2019-0155 — Security Fix(es): * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the … Read More
Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:3836-1 Issue Date: 2019-11-13 CVE Numbers: None — Security Fix(es): * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * … Read More
Synopsis: Important: kernel security update Advisory ID: SLSA-2019:3834-1 Issue Date: 2019-11-13 CVE Numbers: None — Security Fix(es): * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * hw: Intel GPU … Read More
