Update to sympa 6.2.56. Fixes CVE-2020-10936. For details, see: – https://github.com/sympa-community/sympa/releases/tag/6.2.56 – https://sympa- community.github.io/security/2020-002.html
Comment
Posts Tagged Fedora Linux Distribution – Security Advisories
2335 results.
This is a security release, with some other minor changes. For full details, refer to the [advisory](https://github.com/PHPMailer/PHPMailer/security/advisories/GHSA-f7hx- fqxw-rvvj). * **SECURITY** Fix insufficient output escaping bug in file attachment names. **CVE-2020-13625**. Reported by Elar Lang of Clarified
This is a security release, with some other minor changes. For full details, refer to the [advisory](https://github.com/PHPMailer/PHPMailer/security/advisories/GHSA-f7hx- fqxw-rvvj). * **SECURITY** Fix insufficient output escaping bug in file attachment names. **CVE-2020-13625**. Reported by Elar Lang of Clarified
Update to upstream 3.6.14 release, and security fix for CVE-2020-13777.
Rebase to version 3.4.3
– Update to 1.2.12 Release notes: https://www.cacti.net/release_notes.php?version=1.2.12
– Firefox 68.9.0 ESR: https://www.mozilla.org/en-US/firefox/68.9.0/releasenotes/ – GJS rebuild against mozjs68-68.9.0
– Updated to latest upstream (77.0.1) —- – New upstream version (77.0) —- – Updated VA-API patches for Wayland backend – Use dmabuf WebGL backend by default on Wayland
– Updated to latest upstream (77.0.1)
– Update to 2.16.6 Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.16.6-and-2.7.15-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2020-04
– Update to 1.2.12 Release notes: https://www.cacti.net/release_notes.php?version=1.2.12
Patch for CVE-2019-20797
– New upstream version (77.0)
This update limits the number of nested MIME parts to 10 (by default), to avoid a possible memory exhaustion issue with lots of tiny MIME parts.
Bug fix and security fix for CVE-2020-12693
Rebase to version 3.32.1
Update to version 1.10.8. Resolves: CVE-2020-1945
– Update to 1.22.14 release – ifcfg-rh: handle “802-1x.{,phase2-}ca-path” (rhbz#1841395, CVE-2020-10754)
New version 3.2.4, enabled build with androiddump.
New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation.
New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation.
New version 3.2.4, enabled build with androiddump.
## Python 3.8.3 This is the third maintenance release of Python 3.8. See [the c hangelog](https://docs.python.org/release/3.8.3/whatsnew/changelog.html#changelo g) for details. Contains the security fix for CVE-2020-8492.
Fix cvws CVE-2020-10726,CVE-2020-10724,CVE-2020-10723,CVE-2020-10722,CVE-2020-10725
– fixes CVE-2020-12667
– CVE-2020-10957: lmtp/submission: A client can crash the server by sending a NOOP command with an invalid string parameter. This occurs particularly for a parameter that doesn’t start with a double quote. This applies to all SMTP services, including submission-login, which makes it possible to crash the submission service without authentication. – CVE-2020-10958: lmtp/submission:
Security fix for CVE-2020-12662 and CVE-2020-12663
Backported patch for CVE-2018-10756.
Latest upstream release fixing security issues.
Exclude arch s390x on el8 —- Update from upstream