NSS could be made to expose sensitive information.
Archive for July, 2020
OpenEXR could be made to crash or run programs if it opened a specially crafted file.
NSS could be made to expose sensitive information.
Several security issues were fixed in GNU C Library.
Several security issues were fixed in coTURN.
Security fix for CVE-2020-10753 ceph: radosgw: HTTP header injection via CORS ExposeHeader tag
Multiple security issues have been found in Thunderbird which could result in denial of service or potentially the execution of arbitrary code.
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or potentially the execution of arbitrary code.
The previous update for chromium released as DSA 4714-1 was mistakenly built without compiler optimizations. This caused high CPU load and frequent crashes. Updated chromium packages are now available that correct this issue.
Fix CVE-2019-12360.
https://lists.wikimedia.org/pipermail/mediawiki-announce/2020-June/000252.html
Fix CVE-2019-12360.
Update to Samba 4.12.5
Update to Samba 4.12.5
Update to latest upstream version
2.23 fixes CVE-2020-14929 (#1850048,#1850047) and new version (#1848786)
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
The web is awash with malware, and, as anyone who administers websites knows, web servers are a prime target. Malware criminals absolutely love web hosting servers because they have exploitable network resources, they attract lots of visitors, and they are a rich source of data for identity theft and credit card fraud. Servers are also targets because they host software managed by non-technical publishers and retailers that don’t prioritize security. Ignoring software updates or dealing …
Net-SNMP could be made to crash if it received specially crafted input.
Etienne Champetier discovered that Docker, a Linux container runtime, created network bridges which by default accept IPv6 router advertisements. This could allow an attacker with the CAP_NET_RAW capability in a container to spoof router advertisements, resulting in information
This update fixes multiple vulnerabilities in Imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed.
An update for rh-nginx116-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
Several security issues were fixed in Samba.
Firefox could be made to crash or run programs as your login if it opened a malicious website.
A security update is now available for Red Hat Single Sign-On 7.4.1 adapters for Red Hat JBoss Enterprise Application Platform 6 Red Hat Product Security has rated this update as having a security impact of
A security update is now available for Red Hat Single Sign-On 7.4.1 adapters for Red Hat JBoss Enterprise Application Platform 7.3 Red Hat Product Security has rated this update as having a security impact of