firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2022:4870-1 Issue Date: 2022-06-02 CVE Numbers: CVE-2022-31736 CVE-2022-31737 CVE-2022-31738 CVE-2022-31740 CVE-2022-31741 CVE-2022-31742 CVE-2022-31747 — This update upgrades Firefox to version 91.10.0 ESR. Security Fix(es): * Mozilla: Cross-Origin resource’s length leaked (CVE-2022-31736) * Mozilla: … Read More

rsyslog (SL7)

Synopsis: Important: rsyslog security update Advisory ID: SLSA-2022:4803-1 Issue Date: 2022-06-01 CVE Numbers: CVE-2022-24903 — Security Fix(es): * rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2022:4729-1 Issue Date: 2022-05-25 CVE Numbers: CVE-2022-1802 CVE-2022-1529 — This update upgrades Firefox to version 91.9.1 ESR. Security Fix(es): * Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution (CVE-2022-1529) … Read More

thunderbird (SL7)

Synopsis: Critical: thunderbird security update Advisory ID: SLSA-2022:4730-1 Issue Date: 2022-05-25 CVE Numbers: CVE-2022-1802 CVE-2022-1529 — This update upgrades Thunderbird to version 91.9.1. Security Fix(es): * Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution (CVE-2022-1529) * … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2022:4642-1 Issue Date: 2022-05-19 CVE Numbers: CVE-2022-0492 — Security Fix(es): * kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492) For more details about the security issue(s), including the … Read More

zlib (SL7)

Synopsis: Important: zlib security update Advisory ID: SLSA-2022:2213-1 Issue Date: 2022-05-17 CVE Numbers: CVE-2018-25032 — Security Fix(es): * zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032) For more details about the security issue(s), including the … Read More

gzip (SL7)

Synopsis: Important: gzip security update Advisory ID: SLSA-2022:2191-1 Issue Date: 2022-05-11 CVE Numbers: CVE-2022-1271 — Security Fix(es): * gzip: arbitrary-file-write vulnerability (CVE-2022-1271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2022:1725-1 Issue Date: 2022-05-05 CVE Numbers: CVE-2022-29914 CVE-2022-29909 CVE-2022-29916 CVE-2022-29911 CVE-2022-29912 CVE-2022-29917 CVE-2022-1520 CVE-2022-29913 — This update upgrades Thunderbird to version 91.9.0. Security Fix(es): * Mozilla: Bypassing permission prompt in nested browsing contexts … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2022:1703-1 Issue Date: 2022-05-04 CVE Numbers: CVE-2022-29914 CVE-2022-29909 CVE-2022-29916 CVE-2022-29911 CVE-2022-29912 CVE-2022-29917 — This update upgrades Firefox to version 91.9.0 ESR. Security Fix(es): * Mozilla: Bypassing permission prompt in nested browsing contexts (CVE-2022-29909) … Read More

maven-shared-utils (SL7)

Synopsis: Important: maven-shared-utils security update Advisory ID: SLSA-2022:1541-1 Issue Date: 2022-04-27 CVE Numbers: CVE-2022-29599 — Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and … Read More