Linux security Advisories

2021. március 24.

Fedora 34: qt5-qtsvg 2021-a95a40b78b>

An out of bounds read in function QRadialFetchSimd from crafted svg file may lead to information disclosure or other potential consequences. This update includes the backported upstream fix and should resolve the security issue.
2021. március 24.

Debian: DSA-4874-1: firefox-esr security update>

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing attacks.
2021. március 24.

Debian LTS: DLA-2606-1: lxml security update>

An issue has been found in lxml, a pythonic binding for the libxml2 and libxslt libraries.
2021. március 23.

Fedora 33: kernel 2021-e49da8a226>

The 5.11.8 stable kernel update contains a number of important fixes across the tree.
2021. március 23.

Fedora 33: jasper 2021-51b2657092>

Security update for CVE-2021-3443 ---- New upstream release 2.0.26
2021. március 23.

Fedora 34: kernel 2021-f0181b8085>

The 5.11.8 stable kernel update contains a number of important fixes across the tree.
2021. március 23.

Fedora 34: nettle 2021-dc225f3f65>

This updates nettle to the upstream 3.7.2 release, with a security fix in ECDSA signature verification: https://lists.lysator.liu.se/pipermail/nettle- bugs/2021/009458.html
2021. március 23.

Fedora 34: gnutls 2021-18bef34f05>

Update to the upstream 3.7.1 release, which includes fixes for CVE-2021-20231 and CVE-2021-20232, fipscheck build-dep removal, and TLS 1.3 middlebox compatibility mode fixes. ---- Fix cert chain verification if it contains duplicate certs.
2021. március 23.

Debian LTS: DLA-2602-1: imagemagick security update>

Multiple security vulnerabilities were found in Imagemagick. Missing or incomplete input sanitizing may lead to undefined behavior which can result in denial of service (application crash) or other unspecified impact.
2021. március 23.

Debian: DSA-4873-1: squid security update>

Jianjun Chen discovered that the Squid proxy caching server was susceptible to HTTP request smuggling. For the stable distribution (buster), this problem has been fixed in
2021. március 23.

RedHat: RHSA-2021-0976:01 Moderate: Red Hat Virtualization Host security,>

An update for imgbased, redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact
2021. március 23.

RedHat: RHSA-2021-0975:01 Important: pki-core security update>

An update for pki-core is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
2021. március 23.

RedHat: RHSA-2021-0974:01 Moderate: Red Hat Single Sign-On 7.4.6 security>

A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
2021. március 23.

RedHat: RHSA-2021-0969:01 Low: Red Hat Single Sign-On 7.4.6 security update>

New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
2021. március 23.

RedHat: RHSA-2021-0968:01 Low: Red Hat Single Sign-On 7.4.6 security update>

New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
2021. március 23.

RedHat: RHSA-2021-0967:01 Low: Red Hat Single Sign-On 7.4.6 security update>

New Red Hat Single Sign-On 7.4.6 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
2021. március 23.

SUSE: 2021:83-1 ses/7/cephcsi/csi-snapshotter Security Update>

The container ses/7/cephcsi/csi-snapshotter was updated. The following patches have been included in this update:
2021. március 23.

SUSE: 2021:82-1 ses/7/cephcsi/csi-resizer Security Update>

The container ses/7/cephcsi/csi-resizer was updated. The following patches have been included in this update:
2021. március 23.

SUSE: 2021:81-1 ses/7/cephcsi/csi-provisioner Security Update>

The container ses/7/cephcsi/csi-provisioner was updated. The following patches have been included in this update:
2021. március 23.

SUSE: 2021:80-1 ses/7/cephcsi/csi-attacher Security Update>

The container ses/7/cephcsi/csi-attacher was updated. The following patches have been included in this update: