Linux security Advisories
Frissítve: 1 óra 18 perc
Fedora 32: moodle 2020-db73e37548>
Fix for multiple CVEs
Fedora 33: pam 2020-22532a1a81>
fix CVE-2020-27780: authentication bypass when the user doesn't exist
Fedora 33: asterisk 2020-6b277646c7>
Update to upstream 17.9.0 for bug and security fixes
Fedora 33: moodle 2020-304aa2c365>
Fix for multiple CVEs
Fedora 33: c-ares 2020-7473744de1>
Security fix for CVE-2020-8277.
Mageia 2020-0441: webkit2 security update>
The webkit2 package has been updated to version 2.30.3, fixing several security issues and other bugs. A type confusion issue may lead to arbitrary code execution with a maliciously crafted web content, fixed with improved memory handling (CVE-2020-9948).
Mageia 2020-0440: jruby security update>
Response Splitting attack in the HTTP server of WEBrick (CVE-2017-17742). Delete directory using symlink when decompressing tar (CVE-2019-8320). Escape sequence injection vulnerability in verbose (CVE-2019-8321).
SUSE: 2020:3552-1 moderate: binutils>
An update that solves 8 vulnerabilities, contains three features and has 6 fixes is now available.
SUSE: 2020:3551-1 moderate: libssh2_org>
An update that fixes 10 vulnerabilities, contains one feature is now available.
SUSE: 2020:3549-1 important: nodejs12>
An update that fixes one vulnerability is now available.
SUSE: 2020:3550-1 important: LibVNCServer>
An update that fixes one vulnerability is now available.
SUSE: 2020:2474-2 moderate: libX11>
An update that fixes one vulnerability is now available.
SUSE: 2020:3548-1 important: MozillaFirefox>
An update that fixes 12 vulnerabilities is now available.
Debian LTS: DLA-2466-1: drupal7 security update>
Two vulnerabilities were found in the Archive_Tar PHP module, used by Drupal, which could result in the execution of arbitrary code if a malicious user is allowed to upload tar archives.