firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2022:6179-1 Issue Date: 2022-08-25 CVE Numbers: CVE-2022-38472 CVE-2022-38473 CVE-2022-38476 CVE-2022-38477 CVE-2022-38478 — This update upgrades Firefox to version 91.13.0 ESR. Security Fix(es): * Mozilla: Address bar spoofing via XSLT error handling (CVE-2022-38472) * … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2022:6169-1 Issue Date: 2022-08-25 CVE Numbers: CVE-2022-38472 CVE-2022-38473 CVE-2022-38476 CVE-2022-38477 CVE-2022-38478 — This update upgrades Thunderbird to version 91.13.0. Security Fix(es): * Mozilla: Address bar spoofing via XSLT error handling (CVE-2022-38472) * Mozilla: … Read More

rsync (SL7)

Synopsis: Important: rsync security update Advisory ID: SLSA-2022:6170-1 Issue Date: 2022-08-25 CVE Numbers: CVE-2022-29154 — Security Fix(es): * rsync: remote arbitrary files write inside the directories of connecting peers (CVE-2022-29154) For more details about the security issue(s), including the impact, … Read More

kernel (SL7)

Synopsis: Moderate: kernel security and bug fix update Advisory ID: SLSA-2022:5937-1 Issue Date: 2022-08-09 CVE Numbers: CVE-2022-21123 CVE-2022-21125 CVE-2022-21166 — Security Fix(es): * Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123) * Incomplete cleanup of microarchitectural fill buffers (aka … Read More

xorg-x11-server (SL7)

Synopsis: Important: xorg-x11-server security update Advisory ID: SLSA-2022:5905-1 Issue Date: 2022-08-04 CVE Numbers: CVE-2022-2319 CVE-2022-2320 — Security Fix(es): * xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319) * xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320) For … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2022:5773-1 Issue Date: 2022-08-03 CVE Numbers: CVE-2022-36319 CVE-2022-36318 CVE-2022-2505 — This update upgrades Thunderbird to version 91.12.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 (CVE-2022-2505) * Mozilla: … Read More

java-11-openjdk (SL7)

Synopsis: Important: java-11-openjdk security, bug fix, and enhancement update Advisory ID: SLSA-2022:5687-1 Issue Date: 2022-08-01 CVE Numbers: CVE-2022-21540 CVE-2022-21541 CVE-2022-34169 — The following packages have been upgraded to a later upstream version: java-11-openjdk (11.0.16.0.8). Security Fix(es): * OpenJDK: integer truncation … Read More

java-1.8.0-openjdk (SL7)

Synopsis: Important: java-1.8.0-openjdk security, bug fix, and enhancement update Advisory ID: SLSA-2022:5698-1 Issue Date: 2022-08-01 CVE Numbers: CVE-2022-21540 CVE-2022-21541 CVE-2022-34169 — The following packages have been upgraded to a later upstream version: java-1.8.0-openjdk (1.8.0.342.b07). Security Fix(es): * OpenJDK: integer truncation … Read More

squid (SL7)

Synopsis: Important: squid security update Advisory ID: SLSA-2022:5542-1 Issue Date: 2022-08-01 CVE Numbers: CVE-2021-46784 — Security Fix(es): * squid: DoS when processing gopher server responses (CVE-2021-46784) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2022:5480-1 Issue Date: 2022-07-01 CVE Numbers: CVE-2022-34479 CVE-2022-34470 CVE-2022-34468 CVE-2022-34481 CVE-2022-31744 CVE-2022-34472 CVE-2022-2200 CVE-2022-34484 CVE-2022-2226 — This update upgrades Thunderbird to version 91.11. Security Fix(es): * Mozilla: CSP sandbox header without `allow-scripts` can … Read More