Linux security Advisories

2019. június 14.

Fedora 29: php-phpmyadmin-sql-parser Security Update

Upstream announcement: Welcome to **phpMyAdmin 4.9.0.1**, a bugfix release that includes important security fixes. This release fixes two security vulnerabilities: * PMASA-2019-3 is an SQL injection flaw in the Designer feature * PMASA-2019-4 is a CSRF attack that's possible through the 'cookie' login form Upgrading is highly recommended for all users. Using the 'http'
2019. június 14.

Fedora 29: js-jquery-jstree Security Update

Update to [3.3.8](https://github.com/vakata/jstree/compare/3.3.5...3.3.8).
2019. június 13.

Slackware: 2019-164-01: mozilla-thunderbird Security Update

New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.
2019. június 13.

Fedora 30: libxslt Security Update

Update to 1.1.33 and fix CVE-2019-11068
2019. június 13.

Fedora 30: evince Security Update

Security fix for CVE-2019-11459.
2019. június 13.

Fedora 30: dovecot Security Update

dovecot updated to 2.3.6, includes several security fixes
2019. június 13.

Fedora 30: php-phpmyadmin-sql-parser Security Update

Upstream announcement: Welcome to **phpMyAdmin 4.9.0.1**, a bugfix release that includes important security fixes. This release fixes two security vulnerabilities: * PMASA-2019-3 is an SQL injection flaw in the Designer feature * PMASA-2019-4 is a CSRF attack that's possible through the 'cookie' login form Upgrading is highly recommended for all users. Using the 'http'
2019. június 13.

Fedora 30: phpMyAdmin Security Update

Upstream announcement: Welcome to **phpMyAdmin 4.9.0.1**, a bugfix release that includes important security fixes. This release fixes two security vulnerabilities: * PMASA-2019-3 is an SQL injection flaw in the Designer feature * PMASA-2019-4 is a CSRF attack that's possible through the 'cookie' login form Upgrading is highly recommended for all users. Using the 'http'
2019. június 13.

Fedora 30: js-jquery-jstree Security Update

Update to [3.3.8](https://github.com/vakata/jstree/compare/3.3.5...3.3.8).
2019. június 13.

openSUSE: 2019:1553-1: moderate: rubygem-rack

An update that solves one vulnerability and has one errata is now available.
2019. június 13.

openSUSE: 2019:1551-1: important: neovim

An update that fixes one vulnerability is now available.
2019. június 13.

SUSE: 2019:1234-2 important: containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork

An update that solves 5 vulnerabilities and has 6 fixes is now available.
2019. június 13.

Debian: DSA-4462-1: dbus security update

Joe Vennix discovered an authentication bypass vulnerability in dbus, an asynchronous inter-process communication system. The implementation of the DBUS_COOKIE_SHA1 authentication mechanism was susceptible to a symbolic link attack. A local attacker could take advantage of this flaw
2019. június 13.

SciLinux: Important: python on SL6.x i386/x86_64

python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) SL6 x86_64 python-2.6.6-68.el6_10.x86_64.rpm python-debuginfo-2.6.6-68.el6_10.i686.rpm python-debuginfo-2.6.6-68.el6_10.x86_64.rpm python-libs-2.6.6-68.el6_10.i686.rpm python-libs-2.6.6-68.el6_10.x86_64.rpm tkinter-2.6.6-68.el6_10.x86_64.rpm python-devel-2.6.6-68.el6_10.i68 [More...]
2019. június 13.

SUSE: 2019:1489-1 important: the Linux Kernel (Live Patch 0 for SLE 15)

An update that fixes one vulnerability is now available.
2019. június 13.

SUSE: 2019:1490-1 important: libvirt

An update that fixes 5 vulnerabilities is now available.
2019. június 13.

ArchLinux: 201906-7: openssl: information disclosure

The package openssl before version 1.1.1.c-1 is vulnerable to information disclosure.
2019. június 13.

ArchLinux: 201906-8: vim: arbitrary code execution

The package vim before version 8.1.1467-1 is vulnerable to arbitrary code execution.
2019. június 13.

ArchLinux: 201906-9: gvim: arbitrary code execution

The package gvim before version 8.1.1467-1 is vulnerable to arbitrary code execution.
2019. június 13.

ArchLinux: 201906-6: lib32-openssl: information disclosure

The package lib32-openssl before version 1:1.1.1.c-1 is vulnerable to information disclosure.