Linux security Advisories

2021. január 15.

ArchLinux: 202101-23: wavpack: arbitrary code execution>

The package wavpack before version 5.3.0-2 is vulnerable to arbitrary code execution.
2021. január 15.

ArchLinux: 202101-22: mediawiki: multiple issues>

The package mediawiki before version 1.35.1-1 is vulnerable to multiple issues including cross-site scripting and information disclosure.
2021. január 15.

ArchLinux: 202101-21: coturn: insufficient validation>

The package coturn before version 4.5.2-1 is vulnerable to insufficient validation.
2021. január 15.

ArchLinux: 202101-20: vivaldi: multiple issues>

The package vivaldi before version 3.5.2115.87-1 is vulnerable to multiple issues including access restriction bypass, arbitrary code execution and insufficient validation.
2021. január 15.

ArchLinux: 202101-19: nvidia-utils: multiple issues>

The package nvidia-utils before version 460.32.03-1 is vulnerable to multiple issues including privilege escalation, denial of service and information disclosure.
2021. január 15.

SUSE: 2021:26-1 suse/sle15 Security Update>

The container suse/sle15 was updated. The following patches have been included in this update:
2021. január 15.

Debian LTS: DLA-2526-1: ruby-redcarpet security update>

In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions, no HTML escaping was being performed when
2021. január 15.

Debian LTS: DLA-2525-1: wavpack security update>

Multiple vulnerabilites in wavpack were found, like OOB read (which could potentially lead to a DOS attack), unexpected control flow, crashes, integer overflow, and segfaults.
2021. január 15.

openSUSE: 2021:0066-1 moderate: nodejs14>

An update that fixes three vulnerabilities is now available.
2021. január 15.

openSUSE: 2021:0065-1 moderate: nodejs10>

An update that fixes three vulnerabilities is now available.
2021. január 15.

openSUSE: 2021:0064-1 moderate: nodejs12>

An update that fixes four vulnerabilities is now available.
2021. január 15.

Mageia 2021-0031: kernel-linus security update>

This update provides an upgrade to the new upstream 5.10 longterm branch, currently based on 5.10.6, adding new features and new and improved hardware support. This update also fixes atleast the following security issues:
2021. január 15.

Mageia 2021-0030: kernel security update>

This update provides an upgrade to the new upstream 5.10 longterm branch, currently based on 5.10.6, adding new features and new and improved hardware support. This update also fixes atleast the following security issues:
2021. január 15.

Debian: DSA-4831-1: ruby-redcarpet security update>

Johan Smits discovered that ruby-redcarpet, a markdown parser, did not properly validate its input. This would allow an attacker to mount a cross-site scripting attack.
2021. január 15.

openSUSE: 2021:0063-1 important: MozillaFirefox>

An update that fixes one vulnerability is now available.
2021. január 15.

SUSE: 2021:24-1 suse/sle15 Security Update>

The container suse/sle15 was updated. The following patches have been included in this update:
2021. január 15.

SUSE: 2021:23-1 suse/sle15 Security Update>

The container suse/sle15 was updated. The following patches have been included in this update:
2021. január 15.

SUSE: 2021:22-1 suse/sles12sp5 Security Update>

The container suse/sles12sp5 was updated. The following patches have been included in this update:
2021. január 14.

openSUSE: 2021:0060-1 important: the Linux Kernel>

An update that solves 17 vulnerabilities and has 99 fixes is now available.
2021. január 14.

Fedora 33: dia 2020-1fe0e08c8d>

- Added upstream patch to avoid infinite loop on filenames with invalid encoding (CVE-2019-19451, #1778767)