Linux security Advisories

An out of bounds read in function QRadialFetchSimd from crafted svg file may lead to information disclosure or other potential consequences. This update includes the backported upstream fix and should resolve the security issue.

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing attacks.

An issue has been found in lxml, a pythonic binding for the libxml2 and libxslt libraries.

The 5.11.8 stable kernel update contains a number of important fixes across the tree.

Security update for CVE-2021-3443 ---- New upstream release 2.0.26

The 5.11.8 stable kernel update contains a number of important fixes across the tree.

This updates nettle to the upstream 3.7.2 release, with a security fix in ECDSA signature verification: https://lists.lysator.liu.se/pipermail/nettle- bugs/2021/009458.html

Update to the upstream 3.7.1 release, which includes fixes for CVE-2021-20231 and CVE-2021-20232, fipscheck build-dep removal, and TLS 1.3 middlebox compatibility mode fixes. ---- Fix cert chain verification if it contains duplicate certs.

Multiple security vulnerabilities were found in Imagemagick. Missing or incomplete input sanitizing may lead to undefined behavior which can result in denial of service (application crash) or other unspecified impact.

Jianjun Chen discovered that the Squid proxy caching server was susceptible to HTTP request smuggling. For the stable distribution (buster), this problem has been fixed in

An update for imgbased, redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact

An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which

The container ses/7/cephcsi/csi-snapshotter was updated. The following patches have been included in this update:

The container ses/7/cephcsi/csi-resizer was updated. The following patches have been included in this update:

The container ses/7/cephcsi/csi-provisioner was updated. The following patches have been included in this update:

The container ses/7/cephcsi/csi-attacher was updated. The following patches have been included in this update: