Security fix for CVE-2020-15917 (STARTTLS protocol violation).
Posts Tagged Fedora Linux Distribution – Security Advisories
OpenJDK 14 July security update
This update incorporates fixes from the upstream glibc 2.30 stable release branch, including a fix for a medium severity security vulnerability. (CVE-2020-6096)
Security fix for CVE-2020-15917 (STARTTLS protocol violation).
OpenJDK 14 July security update
Just enough time for one more update. Chromium 84. Fixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530
Bugfix and CVE release.
Updates the nspr and nss package to upstream NSPR 4.26 and NSS 3.54. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes: – https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.54_release_notes
– New upstream update – 79.0
Just enough time for one more update. Chromium 84. Fixes CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530
Bugfix and CVE release.
# July 2020 OpenJDK security update for OpenJDK 8. Full release notes: https://bitly.com/oj8u262 ## New features * [JDK-8223147](https://bugs.openjdk.java.net/browse/JDK-8223147): JFR Backport ## Security fixes – JDK-8028431, CVE-2020-14579: NullPointerException in DerValue.equals(DerValue) – JDK-8028591, CVE-2020-14578:
# July 2020 OpenJDK security update for OpenJDK 11 Full release notes: https://bitly.com/openjdk1108 ## Security fixes – JDK-8230613: Better ASCII conversions – JDK-8231800: Better listing of arrays – JDK-8232014: Expand DTD support – JDK-8233234: Better Zip Naming – JDK-8233239, CVE-2020-14562: Enhance TIFF support – JDK-8233255: Better Swing Buttons –
ClamAV 0.102.4 is a bug patch release to address the following issues: CVE-2020-3350
0.9.24 release
# July 2020 OpenJDK security update for OpenJDK 11 Full release notes: https://bitly.com/openjdk1108 ## Security fixes – JDK-8230613: Better ASCII conversions – JDK-8231800: Better listing of arrays – JDK-8232014: Expand DTD support – JDK-8233234: Better Zip Naming – JDK-8233239, CVE-2020-14562: Enhance TIFF support – JDK-8233255: Better Swing Buttons –
Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907)
Rebase to upstream release 1.2.1.
Add patch to bump W_MAX_BYTES to 8.
Upgrade to upstream 3.6.0. Remove patch #4679 for el8.
– Update to 2.16.7 Security advisory: https://tls.mbed.org/tech- updates/security-advisories/mbedtls-security-advisory-2020-07
– Update to 1.2.13 Release notes: https://www.cacti.net/release_notes.php?version=1.2.13
– Update to 1.2.13 Release notes: https://www.cacti.net/release_notes.php?version=1.2.13
**kronolith 4.2.29** * [mjr] Fix regresssion in event modification notifications (Bug #15022). —- **kronolith 4.2.28** * [mjr] **SECURITY**: Don’t leak private details when sending notifications for private events (Bug #15011). * [mjr] Fix regression in display of clickable event URL property (Bug #14941).
Backport fix for CVE-2020-15503.
Updates the nspr and nss package to upstream NSPR 4.26 and NSS 3.54. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes: – https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.54_release_notes
Updates the nspr and nss package to upstream NSPR 4.26 and NSS 3.54. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes: – https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.54_release_notes
This update incorporates fixes from the upstream glibc 2.31 stable release branch, including a fix for a medium severity security vulnerability. (CVE-2020-6096)
Update to Samba 4.11.11
Update to Samba 4.11.11