Linux security Advisories

This update disallows use of IP addresses with leading zeroes in the octet values, which could have been interpreted ambiguously as either octal or decimal values.

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Red Hat Advanced Cluster Management for Kubernetes 2.2.2 General Availability release images, which fix several bugs and security issues. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values.

libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request. (CVE-2021-22876)

Wireshark could open unsafe URLs (CVE-2021-22191). References: - https://bugs.mageia.org/show_bug.cgi?id=28687 - https://www.wireshark.org/security/wnpa-sec-2021-03

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox Apache PDFBox version 2.0.22 and prior 2.0.x versions (CVE-2021-27807). A carefully crafted PDF file can trigger an OutOfMemory-Exception while

An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2 (CVE-2020-13936).

In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3rd party .cf files from trusted places. (CVE-2020-1946)

squid: improper input validation may allow a trusted client to perform HTTP request smuggling (CVE-2020-25097) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team

nettle: Out of bounds memory access in signature verification (CVE-2021-20305) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team

samba: Out of bounds read in AD DC LDAP server (CVE-2021-20277) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team

kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) * kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) * kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Customer testing [More...]

An update that fixes three vulnerabilities is now available.

An update that solves two vulnerabilities and has 12 fixes is now available.

An update that fixes 6 vulnerabilities is now available.

An update for the virt:8.3 and virt-devel:8.3 modules is now available for Advanced Virtualization for RHEL 8.3.1. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Fix updating and support of legacy javascript extensions. ---- Update to 2.53.7 Enable support for module scripts. (To turn it off, toggle "dom.moduleScripts.enabled" in about:config). For sending mail, now "Thunderbird" is advertised in User-Agent header instead of "Firefox" (if any). Some performance fixes, including from upcoming releases.