Linux security Advisories

2021. január 21.

Fedora 32: dotnet3.1 2021-77a4202036>

This is the January 2021 security update for .NET Core 3.1: https://github.com/dotnet/core/blob/master/release-notes/3.1/3.1.11/3.1.11.md This update includes a fix for CVE-2021-1723.
2021. január 21.

Gentoo: GLSA-202101-11: Zabbix: Root privilege escalation>

Multiple vulnerabilities were discovered in Gentoo's ebuild for Zabbix which could lead to root privilege escalation.
2021. január 21.

openSUSE: 2021:0132-1 moderate: python-autobahn>

An update that fixes one vulnerability is now available.
2021. január 20.

Fedora 33: python-pillow 2021-a8ddc1ce70>

Backport fixes for CVE-2020-35653, CVE-2020-35654, CVE-2020-35655.
2021. január 20.

Fedora 33: mingw-python-pillow 2021-a8ddc1ce70>

Backport fixes for CVE-2020-35653, CVE-2020-35654, CVE-2020-35655.
2021. január 20.

Fedora 33: libntlm 2020-8794383d6f>

Update to security fix 1.6 version. Fixes CVE-2019-17455
2021. január 20.

Debian LTS: DLA-2529-1: mutt security update>

rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups).
2021. január 20.

Fedora 32: sudo 2021-234d14bfcc>

Rebase to 1.9.5p1 - updated sudo url Resolves: rhbz#1902758 - enabled python plugin as a subpackage Resolves: rhbz#1909299 - fixed double free in sss_to_sudoers Resolves: rhbz#1885874 - fixed CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhbz#1915055 - fixed CVE-2021-23240 sudo: symbolic link attack in SELinux-
2021. január 20.

Mageia 2021-0047: kernel security update>

This kernel update is based on upstream 5.10.8 and fixes atleast the following security issue: SCSI ''EXTENDED COPY'' (XCOPY) requests sent to a Linux SCSI target (LIO) allow an attacker to read or write anywhere on any LIO backstore configured
2021. január 20.

openSUSE: 2021:0127-1 important: MozillaThunderbird>

An update that fixes one vulnerability is now available.
2021. január 20.

openSUSE: 2021:0129-1 important: dnsmasq>

An update that fixes 7 vulnerabilities is now available.
2021. január 20.

openSUSE: 2021:0128-1 important: tcmu-runner>

An update that fixes one vulnerability is now available.
2021. január 20.

RedHat: RHSA-2021-0079:01 Moderate: OpenShift Container Platform 3.11.374>

Red Hat OpenShift Container Platform release 3.11.374 is now available with updates to packages and images that fix several bugs. This release also includes a security update for Red Hat OpenShift Container Platform 3.11.
2021. január 20.

openSUSE: 2021:0124-1 important: dnsmasq>

An update that fixes 7 vulnerabilities is now available.
2021. január 20.

openSUSE: 2021:0122-1 important: vlc>

An update that solves two vulnerabilities and has one errata is now available.
2021. január 20.

openSUSE: 2021:0123-1 moderate: viewvc>

An update that fixes one vulnerability is now available.
2021. január 20.

RedHat: RHSA-2021-0034:01 Important: OpenShift Container Platform 4.5.27>

Red Hat OpenShift Container Platform release 4.5.27 is now available with updates to packages and images that fix several bugs and add enhancements. This release also includes a security update for Red Hat OpenShift Container Platform 4.5.
2021. január 19.

Fedora 33: sudo 2021-324479472c>

Rebase to 1.9.5p1 - updated sudo url Resolves: rhbz#1902758 - enabled python plugin as a subpackage Resolves: rhbz#1909299 - fixed double free in sss_to_sudoers Resolves: rhbz#1885874 - fixed CVE-2021-23239 sudo: possible directory existence test due to race condition in sudoedit Resolves: rhbz#1915055 - fixed CVE-2021-23240 sudo: symbolic link attack in SELinux-
2021. január 19.

Fedora 33: coturn 2021-dee141fc61>

Coturn 4.5.2 memory - Add prometheus metrics - Delete trailing whitespace in example configuration files - Add architecture ppc64le to travis build - Fix misleading option in doc (prometheus) - Allow RFC6062 TCP relay data to look like TLS - Add support for proxy protocol V1 - Print full date and time in
2021. január 19.

Fedora 32: glibc 2021-6e581c051a>

- x86: Check IFUNC definition in unrelocated executable [BZ #20019] - x86: Set header.feature_1 in TCB for always-on CET [BZ #27177] - x86-64: Avoid rep movsb with short distance [BZ #27130] - Fix for CVE-2019-25013 buffer overrun in EUC-KR conversion module (bz #24973) - Add NEWS entry for CVE-2020-29562 (BZ #26923) - iconv: Fix incorrect UCS4 inner loop bounds