okular (SL7)

Synopsis: Moderate: okular security update Advisory ID: SLSA-2020:1173-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2018-1000801 — * okular: Directory traversal in function unpackDocumentArchive() in core/document.cpp — SL7 x86_64 okular-part-4.10.5-8.el7.x86_64.rpm okular-devel-4.10.5-8.el7.i686.rpm okular-libs-4.10.5-8.el7.x86_64.rpm okular-libs-4.10.5-8.el7.i686.rpm okular-devel-4.10.5-8.el7.x86_64.rpm okular-4.10.5-8.el7.x86_64.rpm okular-debuginfo-4.10.5-8.el7.i686.rpm okular-debuginfo-4.10.5-8.el7.x86_64.rpm – Scientific Linux Development Team

unzip (SL7)

Synopsis: Low: unzip security update Advisory ID: SLSA-2020:1181-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2019-13232 — * unzip: overlapping of files in ZIP container leads to denial of service — SL7 x86_64 unzip-6.0-21.el7.x86_64.rpm unzip-debuginfo-6.0-21.el7.x86_64.rpm – Scientific Linux Development Team

advancecomp (SL7)

Synopsis: Moderate: advancecomp security update Advisory ID: SLSA-2020:1037-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2019-9210 — * advancecomp: integer overflow in png_compress in pngex.cc — SL7 x86_64 advancecomp-1.15-22.el7.x86_64.rpm advancecomp-debuginfo-1.15-22.el7.x86_64.rpm – Scientific Linux Development Team

qemu-kvm (SL7)

Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2020:1208-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2020-8608 — * QEMU: Slirp: potential OOB access due to unsafe snprintf() usages — SL7 x86_64 qemu-img-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-common-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-tools-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-1.5.3-173.el7_8.1.x86_64.rpm qemu-kvm-debuginfo-1.5.3-173.el7_8.1.x86_64.rpm – Scientific Linux Development Team

mod_auth_mellon (SL7)

Synopsis: Moderate: mod_auth_mellon security and bug fix update Advisory ID: SLSA-2020:1003-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2019-13038 — * mod_auth_mellon: Open Redirect via the login?ReturnTo= substring which could facilitate information theft — SL7 x86_64 mod_auth_mellon-diagnostics-0.14.0-8.el7.x86_64.rpm mod_auth_mellon-0.14.0-8.el7.x86_64.rpm mod_auth_mellon-debuginfo-0.14.0-8.el7.x86_64.rpm – Scientific Linux … Read More

mailman (SL7)

Synopsis: Moderate: mailman security and bug fix update Advisory ID: SLSA-2020:1054-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2018-0618 CVE-2018-13796 — * mailman: Cross-site scripting vulnerability allows malicious listowners to inject scripts into listinfo pages * mailman: Mishandled URLs in Utils.py:GetPathPieces() allows … Read More

mutt (SL7)

Synopsis: Moderate: mutt security update Advisory ID: SLSA-2020:1126-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2018-14355 — * mutt: IMAP header caching path traversal vulnerability — SL7 x86_64 mutt-1.5.21-29.el7.x86_64.rpm mutt-debuginfo-1.5.21-29.el7.x86_64.rpm – Scientific Linux Development Team

nbdkit (SL7)

Synopsis: Low: nbdkit security and bug fix update Advisory ID: SLSA-2020:1167-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2019-14850 — * nbdkit: denial of service due to premature opening of back-end connection — SL7 x86_64 nbdkit-plugin-python-common-1.8.0-3.el7.x86_64.rpm nbdkit-1.8.0-3.el7.x86_64.rpm nbdkit-plugin-vddk-1.8.0-3.el7.x86_64.rpm nbdkit-plugin-python2-1.8.0-3.el7.x86_64.rpm nbdkit-debuginfo-1.8.0-3.el7.x86_64.rpm – Scientific … Read More

bash (SL7)

Synopsis: Moderate: bash security update Advisory ID: SLSA-2020:1113-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2019-9924 — * bash: BASH_CMD is writable in restricted bash shells — SL7 x86_64 bash-4.2.46-34.el7.x86_64.rpm bash-debuginfo-4.2.46-34.el7.x86_64.rpm bash-doc-4.2.46-34.el7.x86_64.rpm – Scientific Linux Development Team

python-twisted-web (SL7)

Synopsis: Moderate: python-twisted-web security update Advisory ID: SLSA-2020:1091-1 Issue Date: 2020-04-07 CVE Numbers: CVE-2019-12387 — * python-twisted: Improper neutralization of CRLF characters in URIs and HTTP methods — SL7 x86_64 python-twisted-web-12.1.0-6.el7.x86_64.rpm – Scientific Linux Development Team