Linux security Advisories

2021. január 18.

RedHat: RHSA-2021-0167:01 Important: postgresql:9.6 security update>

An update for the postgresql:9.6 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
2021. január 18.

RedHat: RHSA-2021-0166:01 Important: postgresql:10 security update>

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
2021. január 18.

RedHat: RHSA-2021-0165:01 Important: libpq security update>

An update for libpq is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
2021. január 18.

RedHat: RHSA-2021-0160:01 Critical: thunderbird security update>

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which
2021. január 18.

RedHat: RHSA-2021-0038:01 Important: OpenShift Container Platform 4.6.12>

Red Hat OpenShift Container Platform release 4.6.12 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.6.
2021. január 18.

openSUSE: 2021:0106-1 moderate: php7>

An update that fixes one vulnerability is now available.
2021. január 18.

RedHat: RHSA-2021-0164:01 Important: postgresql:9.6 security update>

An update for the postgresql:9.6 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
2021. január 18.

RedHat: RHSA-2021-0161:01 Important: postgresql:10 security update>

An update for the postgresql:10 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
2021. január 18.

RedHat: RHSA-2021-0163:01 Important: postgresql:12 security update>

An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
2021. január 17.

Debian LTS: DLA-2527-1: snapd security update>

golang-go.crypto was recently updated with a fix for CVE-2019-11840. This in turn requires all packages that use the affected code to be recompiled in order to pick up the security fix.
2021. január 17.

Fedora 33: glibc 2021-6feb090c97>

- x86: Check IFUNC definition in unrelocated executable [BZ #20019] - x86: Set header.feature_1 in TCB for always-on CET [BZ #27177] - Update for [BZ #27130] fix - x86-64: Avoid rep movsb with short distance [BZ #27130] - Fix for CVE-2019-25013 buffer overrun in EUC-KR conversion module (bz #24973) - tests-mcheck: New variable to run tests with MALLOC_CHECK_=3 - iconv:
2021. január 17.

openSUSE: 2021:0101-1 moderate: php7>

An update that fixes one vulnerability is now available.
2021. január 17.

openSUSE: 2021:0102-1 moderate: openldap2>

An update that fixes two vulnerabilities is now available.
2021. január 17.

Mageia 2021-0044: chromium-browser-stable security update>

The updated packages fix security vulnerabilities. See upstream releasenotes. References:
2021. január 17.

Mageia 2021-0043: caribou security update>

An issue in caribou, that was exposed by a CVE fix in X.org server, permits a screensaver-lock bypass. It is possible to crash the screensaver and unlock the desktop via the virtual keyboard. References:
2021. január 17.

Mageia 2021-0042: sudo security update>

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path. (CVE-2021-23239).
2021. január 17.

Mageia 2021-0041: p11-kit security update>

Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc (CVE-2020-29361). A heap-based buffer over-read has been discovered in the RPC protocol used by
2021. január 17.

Mageia 2021-0040: synergy security update>

In Synergy before version 1.12.0, a Synergy server can be crashed by receiving a kMsgHelloBack packet with a client name length set to 0xffffffff (4294967295) if the servers memory is less than 4 GB. It was verified that this issue does not cause a crash through the exception handler if the available memory of the Server is more than 4GB (CVE-2020-15117).
2021. január 17.

Mageia 2021-0039: resteasy security update>

A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed (CVE-2020-1695).
2021. január 16.

Fedora 33: chromium 2021-79926272ce>

Update to 87.0.4280.141. Fixes: CVE-2021-21106 CVE-2021-21107 CVE-2021-21108 CVE-2021-21109 CVE-2021-21110 CVE-2021-21111 CVE-2021-21112 CVE-2021-21113 CVE-2020-16043 CVE-2021-21114 CVE-2020-15995 CVE-2021-21115 CVE-2021-21116