Linux security Advisories
Frissítve: 1 óra 35 perc
ArchLinux: 202101-20: vivaldi: multiple issues>
The package vivaldi before version 3.5.2115.87-1 is vulnerable to multiple issues including access restriction bypass, arbitrary code execution and insufficient validation.
ArchLinux: 202101-19: nvidia-utils: multiple issues>
The package nvidia-utils before version 460.32.03-1 is vulnerable to multiple issues including privilege escalation, denial of service and information disclosure.
SUSE: 2021:26-1 suse/sle15 Security Update>
The container suse/sle15 was updated. The following patches have been included in this update:
Debian LTS: DLA-2526-1: ruby-redcarpet security update>
In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions, no HTML escaping was being performed when
Debian LTS: DLA-2525-1: wavpack security update>
Multiple vulnerabilites in wavpack were found, like OOB read (which could potentially lead to a DOS attack), unexpected control flow, crashes, integer overflow, and segfaults.
openSUSE: 2021:0066-1 moderate: nodejs14>
An update that fixes three vulnerabilities is now available.
openSUSE: 2021:0065-1 moderate: nodejs10>
An update that fixes three vulnerabilities is now available.
openSUSE: 2021:0064-1 moderate: nodejs12>
An update that fixes four vulnerabilities is now available.
Mageia 2021-0031: kernel-linus security update>
This update provides an upgrade to the new upstream 5.10 longterm branch, currently based on 5.10.6, adding new features and new and improved hardware support. This update also fixes atleast the following security issues:
Mageia 2021-0030: kernel security update>
This update provides an upgrade to the new upstream 5.10 longterm branch, currently based on 5.10.6, adding new features and new and improved hardware support. This update also fixes atleast the following security issues:
Debian: DSA-4831-1: ruby-redcarpet security update>
Johan Smits discovered that ruby-redcarpet, a markdown parser, did not properly validate its input. This would allow an attacker to mount a cross-site scripting attack.
openSUSE: 2021:0063-1 important: MozillaFirefox>
An update that fixes one vulnerability is now available.
SUSE: 2021:24-1 suse/sle15 Security Update>
The container suse/sle15 was updated. The following patches have been included in this update:
SUSE: 2021:23-1 suse/sle15 Security Update>
The container suse/sle15 was updated. The following patches have been included in this update:
SUSE: 2021:22-1 suse/sles12sp5 Security Update>
The container suse/sles12sp5 was updated. The following patches have been included in this update:
openSUSE: 2021:0060-1 important: the Linux Kernel>
An update that solves 17 vulnerabilities and has 99 fixes is now available.
Fedora 33: dia 2020-1fe0e08c8d>
- Added upstream patch to avoid infinite loop on filenames with invalid encoding (CVE-2019-19451, #1778767)
Fedora 32: openjpeg2 2020-d32853a28d>
This update backports patches for CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845. ---- This update backports patches for CVE-2020-27824 and CVE-2020-27823. ---- Backport patch for CVE-2020-27814.
Fedora 32: mingw-openjpeg2 2020-d32853a28d>
This update backports patches for CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845. ---- This update backports patches for CVE-2020-27824 and CVE-2020-27823. ---- Backport patch for CVE-2020-27814.
openSUSE: 2021:0058-1 moderate: cobbler>
An update that solves 6 vulnerabilities and has 58 fixes is now available.