samba (SL7)

Synopsis: Moderate: samba security, bug fix, and enhancement update Advisory ID: SLSA-2020:3981-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-14907 — Security Fix(es): * samba: Crash after failed character conversion at log level 3 or above (CVE-2019-14907) — SL7 x86_64 samba-common-4.10.16-5.el7.noarch.rpm samba-python-4.10.16-5.el7.i686.rpm … Read More

openldap (SL7)

Synopsis: Moderate: openldap security update Advisory ID: SLSA-2020:4041-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-12243 — Security Fix(es): * openldap: denial of service via nested boolean expressions in LDAP search filters (CVE-2020-12243) — SL7 x86_64 openldap-2.4.44-22.el7.x86_64.rpm openldap-servers-2.4.44-22.el7.x86_64.rpm openldap-2.4.44-22.el7.i686.rpm openldap-devel-2.4.44-22.el7.i686.rpm openldap-devel-2.4.44-22.el7.x86_64.rpm openldap-clients-2.4.44-22.el7.x86_64.rpm … Read More

libxml2 (SL7)

Synopsis: Moderate: libxml2 security and bug fix update Advisory ID: SLSA-2020:3996-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-7595 CVE-2019-20388 CVE-2019-19956 — Security Fix(es): * libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c (CVE-2019-19956) * libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388) … Read More

hunspell (SL7)

Synopsis: Low: hunspell security update Advisory ID: SLSA-2020:3971-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-16707 — Security Fix(es): * hunspell: out-of-bounds read in SuggestMgr::leftcommonsubstring in suggestmgr.cxx (CVE-2019-16707) — SL7 x86_64 hunspell-1.3.2-16.el7.i686.rpm hunspell-devel-1.3.2-16.el7.x86_64.rpm hunspell-1.3.2-16.el7.x86_64.rpm hunspell-devel-1.3.2-16.el7.i686.rpm hunspell-debuginfo-1.3.2-16.el7.i686.rpm hunspell-debuginfo-1.3.2-16.el7.x86_64.rpm – Scientific Linux Development Team

freerdp (SL7)

Synopsis: Moderate: freerdp security, bug fix, and enhancement update Advisory ID: SLSA-2020:4031-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-11088 CVE-2020-11038 CVE-2020-11042 CVE-2020-13397 CVE-2020-11085 CVE-2020-11048 CVE-2020-11086 CVE-2020-11019 CVE-2020-11522 CVE-2020-11018 CVE-2020-11525 CVE-2020-11049 CVE-2020-11039 CVE-2020-11040 CVE-2020-11089 CVE-2020-11044 CVE-2020-11087 CVE-2020-11043 CVE-2020-11046 CVE-2020-11058 CVE-2020-11526 CVE-2020-11041 CVE-2020-11047 … Read More

nss and nspr (SL7)

Synopsis: Moderate: nss and nspr security, bug fix, and enhancement update Advisory ID: SLSA-2020:4076-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-12401 CVE-2020-12403 CVE-2019-17006 CVE-2020-12402 CVE-2019-11756 CVE-2019-17023 CVE-2020-12400 CVE-2020-6829 — Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) … Read More

firefox (SL7)

Synopsis: Important: firefox security and bug fix update Advisory ID: SLSA-2020:4080-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-15677 CVE-2020-12425 CVE-2020-15673 CVE-2020-12424 CVE-2020-15658 CVE-2020-15656 CVE-2020-15648 CVE-2020-12422 CVE-2020-15653 CVE-2020-15678 CVE-2020-15654 CVE-2020-15676 — Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 81 … Read More

glibc (SL7)

Synopsis: Low: glibc security, bug fix, and enhancement update Advisory ID: SLSA-2020:3861-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-19126 — Security Fix(es): * glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries (CVE-2019-19126) — SL7 x86_64 glibc-common-2.17-317.el7.x86_64.rpm glibc-devel-2.17-317.el7.i686.rpm glibc-utils-2.17-317.el7.x86_64.rpm glibc-headers-2.17-317.el7.x86_64.rpm glibc-devel-2.17-317.el7.x86_64.rpm nscd-2.17-317.el7.x86_64.rpm glibc-2.17-317.el7.i686.rpm … Read More

python3 (SL7)

Synopsis: Moderate: python3 security update Advisory ID: SLSA-2020:3888-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-8492 — Security Fix(es): * python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935) * python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS … Read More

librabbitmq (SL7)

Synopsis: Moderate: librabbitmq security update Advisory ID: SLSA-2020:3949-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-18609 — Security Fix(es): * librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow (CVE-2019-18609) — SL7 x86_64 librabbitmq-0.8.0-3.el7.i686.rpm librabbitmq-0.8.0-3.el7.x86_64.rpm librabbitmq-debuginfo-0.8.0-3.el7.i686.rpm librabbitmq-debuginfo-0.8.0-3.el7.x86_64.rpm librabbitmq-devel-0.8.0-3.el7.i686.rpm librabbitmq-devel-0.8.0-3.el7.x86_64.rpm … Read More