Linux security Advisories

6 óra 23 perc

SciLinux: SLSA-2021-0699-1 Important: grub2 on SL7.x x86_64>

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2: Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memo [More...]
10 óra 50 perc

openSUSE: 2021:0377-1 moderate: ImageMagick>

An update that fixes four vulnerabilities is now available.
10 óra 51 perc

openSUSE: 2021:0376-1 important: webkit2gtk3>

An update that fixes one vulnerability is now available.
10 óra 52 perc

openSUSE: 2021:0375-1 important: bind>

An update that fixes one vulnerability is now available.
13 óra 4 perc

RedHat: RHSA-2021-0711:01 Important: virt:rhel and virt-devel:rhel security>

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
13 óra 37 perc

RedHat: RHSA-2021-0637:01 Important: OpenShift Container Platform 3.11.394>

Red Hat OpenShift Container Platform release 3.11.394 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
15 óra 37 perc

RedHat: RHSA-2021-0710:01 Important: container-tools:2.0 security update>

An update for the container-tools:2.0 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
19 óra 49 perc

openSUSE: 2021:0374-1 moderate: java-1_8_0-openjdk>

An update that fixes one vulnerability is now available.
19 óra 51 perc

openSUSE: 2021:0372-1 important: nodejs10>

An update that fixes three vulnerabilities is now available.
19 óra 52 perc

openSUSE: 2021:0373-1 important: MozillaFirefox>

An update that fixes four vulnerabilities is now available.
21 óra 9 perc

RedHat: RHSA-2021-0428:01 Important: OpenShift Container Platform 4.5.33>

Red Hat OpenShift Container Platform release 4.5.33 is now available with updates to packages and images that fix several bugs and add enhancements. This release also includes a security update for Red Hat OpenShift Container Platform 4.5.
21 óra 48 perc

RedHat: RHSA-2021-0429:01 Important: OpenShift Container Platform 4.5.33>

Red Hat OpenShift Container Platform release 4.5.33 is now available with updates to packages and images that fix several bugs. This release also includes a security update for Red Hat OpenShift Container Platform 4.5.
2021. március 2.

Debian LTS: DLA-2581-1: wpa security update>

A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range.
2021. március 2.

Debian LTS: DLA-2580-1: adminer security update>

Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected.
2021. március 2.

openSUSE: 2021:0370-1 moderate: avahi>

An update that fixes one vulnerability is now available.
2021. március 2.

Mageia 2021-0095: wpa_supplicant security update>

A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range (CVE-2021-27803).
2021. március 2.

Mageia 2021-0094: xterm security update>

xterm through Patch #365 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted UTF-8 character sequence. (CVE-2021-27135). References:
2021. március 2.

Mageia 2021-0093: openjpeg2 security update>

A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-27844).
2021. március 2.

Debian LTS: DLA-2579-1: spip security update>

It was discovered that SPIP, a website engine for publishing, would allow a malicious user to perform cross-site scripting attacks, access sensitive information, or execute arbitrary code.
2021. március 2.

RedHat: RHSA-2021-0699:01 Moderate: grub2 security update>

An update for grub2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from