libwmf (SL7)

Synopsis: Low: libwmf security and bug fix update Advisory ID: SLSA-2020:3943-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-6978 — Security Fix(es): * gd: double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978) — SL7 x86_64 libwmf- libwmf-lite- libwmf- libwmf-lite- … Read More

libvpx (SL7)

Synopsis: Moderate: libvpx security update Advisory ID: SLSA-2020:3876-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-9433 CVE-2019-9232 CVE-2020-0034 CVE-2017-0393 — Security Fix(es): * libvpx: Denial of service in mediaserver (CVE-2017-0393) * libvpx: Out of bounds read in vp8_norm table (CVE-2019-9232) * libvpx: … Read More

python-pillow (SL7)

Synopsis: Moderate: python-pillow security update Advisory ID: SLSA-2020:3887-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-5313 — Security Fix(es): * python-pillow: out-of-bounds read in ImagingFliDecode when loading FLI images (CVE-2020-5313) — SL7 x86_64 python-pillow-2.0.0-21.gitd1c6db8.el7.x86_64.rpm python-pillow-debuginfo-2.0.0-21.gitd1c6db8.el7.x86_64.rpm python-pillow-2.0.0-21.gitd1c6db8.el7.i686.rpm python-pillow-debuginfo-2.0.0-21.gitd1c6db8.el7.i686.rpm python-pillow-devel-2.0.0-21.gitd1c6db8.el7.i686.rpm python-pillow-devel-2.0.0-21.gitd1c6db8.el7.x86_64.rpm python-pillow-doc-2.0.0-21.gitd1c6db8.el7.x86_64.rpm python-pillow-qt-2.0.0-21.gitd1c6db8.el7.x86_64.rpm python-pillow-sane-2.0.0-21.gitd1c6db8.el7.x86_64.rpm … Read More

libssh2 (SL7)

Synopsis: Moderate: libssh2 security update Advisory ID: SLSA-2020:3915-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-17498 — Security Fix(es): * libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c (CVE-2019-17498) — SL7 x86_64 libssh2-1.8.0-4.el7.i686.rpm libssh2-1.8.0-4.el7.x86_64.rpm libssh2-debuginfo-1.8.0-4.el7.i686.rpm libssh2-debuginfo-1.8.0-4.el7.x86_64.rpm libssh2-devel-1.8.0-4.el7.i686.rpm libssh2-devel-1.8.0-4.el7.x86_64.rpm noarch libssh2-docs-1.8.0-4.el7.noarch.rpm – Scientific … Read More

bluez (SL7)

Synopsis: Moderate: bluez security update Advisory ID: SLSA-2020:4001-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-0556 — Security Fix(es): * bluez: Improper access control in subsystem could result in privilege escalation and DoS (CVE-2020-0556) — SL7 x86_64 bluez-5.44-7.el7.x86_64.rpm bluez-libs-5.44-7.el7.x86_64.rpm bluez-libs-5.44-7.el7.i686.rpm bluez-debuginfo-5.44-7.el7.i686.rpm bluez-debuginfo-5.44-7.el7.x86_64.rpm … Read More

httpd (SL7)

Synopsis: Moderate: httpd security, bug fix, and enhancement update Advisory ID: SLSA-2020:3958-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-10098 CVE-2017-15715 CVE-2020-1934 CVE-2018-1283 CVE-2018-1303 CVE-2020-1927 — Security Fix(es): * httpd: Improper handling of headers in mod_session can allow a remote user to … Read More


Synopsis: Moderate: SDL security update Advisory ID: SLSA-2020:3868-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-7572 CVE-2019-7574 CVE-2019-7578 CVE-2019-7635 CVE-2019-7577 CVE-2019-7576 CVE-2019-7637 CVE-2019-7636 CVE-2019-7573 CVE-2019-7638 CVE-2019-7575 — Security Fix(es): * SDL: buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c (CVE-2019-7572) * SDL: heap-based buffer … Read More

okular (SL7)

Synopsis: Moderate: okular security update Advisory ID: SLSA-2020:4024-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-9359 — Security Fix(es): * okular: local binary execution via specially crafted PDF files (CVE-2020-9359) — SL7 x86_64 okular-4.10.5-9.el7.x86_64.rpm okular-devel-4.10.5-9.el7.x86_64.rpm okular-libs-4.10.5-9.el7.i686.rpm okular-part-4.10.5-9.el7.x86_64.rpm okular-libs-4.10.5-9.el7.x86_64.rpm okular-devel-4.10.5-9.el7.i686.rpm okular-debuginfo-4.10.5-9.el7.i686.rpm okular-debuginfo-4.10.5-9.el7.x86_64.rpm – … Read More

glib2 and ibus (SL7)

Synopsis: Moderate: glib2 and ibus security and bug fix update Advisory ID: SLSA-2020:3978-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-14822 CVE-2019-12450 — Security Fix(es): * glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy … Read More

NetworkManager (SL7)

Synopsis: Moderate: NetworkManager security and bug fix update Advisory ID: SLSA-2020:4003-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-10754 — Security Fix(es): * NetworkManager: user configuration not honoured leaving the connection unauthenticated via insecure defaults (CVE-2020-10754) — SL7 x86_64 NetworkManager-adsl-1.18.8-1.el7.x86_64.rpm NetworkManager-wwan-1.18.8-1.el7.x86_64.rpm NetworkManager-bluetooth-1.18.8-1.el7.x86_64.rpm … Read More