thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2023:3151-1 Issue Date: 2023-05-17 CVE Numbers: CVE-2023-32205 CVE-2023-32206 CVE-2023-32207 CVE-2023-32211 CVE-2023-32212 CVE-2023-32213 CVE-2023-32215 — This update upgrades Thunderbird to version 102.11.0. Security Fix(es): * Mozilla: Browser prompts could have been obscured by popups … Read More

apr-util (SL7)

Synopsis: Important: apr-util security update Advisory ID: SLSA-2023:3145-1 Issue Date: 2023-05-17 CVE Numbers: CVE-2022-25147 — Security Fix(es): * apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and … Read More

libwebp (SL7)

Synopsis: Important: libwebp security update Advisory ID: SLSA-2023:2077-1 Issue Date: 2023-05-02 CVE Numbers: CVE-2023-1999 — Security Fix(es): * Mozilla: libwebp: Double-free in libwebp (CVE-2023-1999) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other … Read More

kernel (SL7)

Synopsis: Moderate: kernel security and bug fix update Advisory ID: SLSA-2023:1987-1 Issue Date: 2023-04-28 CVE Numbers: CVE-2022-43750 — Security Fix(es): * kernel: memory corruption in usbmon driver (CVE-2022-43750) For more details about the security issue(s), including the impact, a CVSS … Read More

java-1.8.0-openjdk (SL7)

Synopsis: Important: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2023:1904-1 Issue Date: 2023-04-25 CVE Numbers: CVE-2023-21930 CVE-2023-21954 CVE-2023-21967 CVE-2023-21939 CVE-2023-21938 CVE-2023-21937 CVE-2023-21968 — Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML … Read More

java-11-openjdk (SL7)

Synopsis: Important: java-11-openjdk security update Advisory ID: SLSA-2023:1899-1 Issue Date: 2023-04-25 CVE Numbers: CVE-2023-21930 CVE-2023-21954 CVE-2023-21967 CVE-2023-21939 CVE-2023-21938 CVE-2023-21937 CVE-2023-21968 — Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2023:1806-1 Issue Date: 2023-04-17 CVE Numbers: CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29539 CVE-2023-29541 CVE-2023-1945 CVE-2023-29548 CVE-2023-29550 CVE-2023-28427 CVE-2023-0547 CVE-2023-29479 — This update upgrades Thunderbird to version 102.10.0. Security Fix(es): * Thunderbird: Revocation status of S/Mime … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2023:1791-1 Issue Date: 2023-04-14 CVE Numbers: CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29539 CVE-2023-29541 CVE-2023-1945 CVE-2023-29548 CVE-2023-29550 — This update upgrades Firefox to version 102.10.0 ESR. Security Fix(es): * MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp * Mozilla: … Read More

httpd (SL7)

Synopsis: Important: httpd security update Advisory ID: SLSA-2023:1593-1 Issue Date: 2023-04-04 CVE Numbers: CVE-2023-25690 — Security Fix(es): * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, … Read More

tigervnc and xorg-x11-server (SL7)

Synopsis: Important: tigervnc and xorg-x11-server security update Advisory ID: SLSA-2023:1594-1 Issue Date: 2023-04-04 CVE Numbers: CVE-2023-1393 — X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed … Read More