Synopsis: Important: buildah security and bug fix update Advisory ID: SLSA-2020:2116-1 Issue Date: 2020-05-12 CVE Numbers: None — * buildah: Crafted input tar file may lead to local file overwrite during image build process * containers/image: Container images read entire … Read More
Synopsis: Important: kernel security update Advisory ID: SLSA-2020:2103-1 Issue Date: 2020-05-12 CVE Numbers: None — Security Fix(es): * Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711) — SL6 x86_64 kernel-2.6.32-754.29.2.el6.x86_64.rpm kernel-debug-2.6.32-754.29.2.el6.x86_64.rpm … Read More
Synopsis: Critical: thunderbird security update Advisory ID: SLSA-2020:2049-1 Issue Date: 2020-05-11 CVE Numbers: None — Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * usrsctp: … Read More
Synopsis: Critical: thunderbird security update Advisory ID: SLSA-2020:2050-1 Issue Date: 2020-05-11 CVE Numbers: None — Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * usrsctp: … Read More
Synopsis: Important: squid security update Advisory ID: SLSA-2020:2040-1 Issue Date: 2020-05-06 CVE Numbers: None — Security Fix(es): * squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow (CVE-2019-12519) * squid: improper access restriction upon Digest Authentication … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2020:2037-1 Issue Date: 2020-05-06 CVE Numbers: None — Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * Mozilla: … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2020:2036-1 Issue Date: 2020-05-06 CVE Numbers: None — Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * Mozilla: … Read More
Synopsis: Important: python-twisted-web security update Advisory ID: SLSA-2020:1962-1 Issue Date: 2020-04-29 CVE Numbers: None — Security Fix(es): * python-twisted: HTTP request smuggling when presented with two Content-Length headers (CVE-2020-10108) — SL6 x86_64 python-twisted-web-8.2.0-6.el6_10.x86_64.rpm i386 python-twisted-web-8.2.0-6.el6_10.i686.rpm – Scientific Linux Development Team
Synopsis: Important: python-twisted-web security update Advisory ID: SLSA-2020:1561-1 Issue Date: 2020-04-23 CVE Numbers: None — Security Fix(es): * python-twisted: HTTP request smuggling when presented with two Content-Length headers (CVE-2020-10108) * python-twisted: HTTP request smuggling when presented with a Content-Length and … Read More
Synopsis: Important: kernel security update Advisory ID: SLSA-2020:1524-1 Issue Date: 2020-04-22 CVE Numbers: None — Security Fix(es): * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) * kernel: offset2lib … Read More
