LinuxSecurity
Debian: DSA-4530-1: expat security update
It was discovered that Expat, an XML parsing C library, did not properly handled internal entities closing the doctype, potentially resulting in denial of service or information disclosure if a malformed XML file is processed.
Fedora 29: jackson-bom FEDORA-2019-fb23eccc03
- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.
Fedora 29: jackson-core FEDORA-2019-fb23eccc03
- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.
Fedora 29: jackson-databind FEDORA-2019-fb23eccc03
- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.
Fedora 29: jackson-annotations FEDORA-2019-fb23eccc03
- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.
Fedora 30: ImageMagick FEDORA-2019-612d4f64dd
Bug fixes and security fixes. Better threading compile time option set. See: https://src.fedoraproject.org/rpms/ImageMagick/pull-request/2 Additional formats enabled.
Fedora 30: rubygem-rmagick FEDORA-2019-612d4f64dd
Bug fixes and security fixes. Better threading compile time option set. See: https://src.fedoraproject.org/rpms/ImageMagick/pull-request/2 Additional formats enabled.
Fedora 30: jackson-annotations FEDORA-2019-ae6a703b8f
- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.
Fedora 30: jackson-core FEDORA-2019-ae6a703b8f
- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.
Fedora 30: jackson-bom FEDORA-2019-ae6a703b8f
- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.
Fedora 30: jackson-databind FEDORA-2019-ae6a703b8f
- Update jackson-databind to version 2.9.9.3. - Update jackson-core to version 2.9.9. - Update jackson-annotations to version 2.9.9. - Update jackson-bom to version 2.9.9. Resolves CVE-2019-12086, CVE-2019-12384, CVE-2019-12814, CVE-2019-14379, and CVE-14439.
Fedora 31: ghostscript FEDORA-2019-0a9d525d71
- rebase to latest upstream version 9.27 - security fixes added for: - CVE-2019-14811 (bug #1747908) - CVE-2019-14812 (bug #1747907) - CVE-2019-14813 (bug #1747906) - CVE-2019-14817 (bug #1747909)
Fedora 31: rubygem-rmagick FEDORA-2019-27b9b94805
Bug fixes and security fixes. Better threading compile time option set. See: https://src.fedoraproject.org/rpms/ImageMagick/pull-request/2 Additional formats enabled.
Fedora 31: ImageMagick FEDORA-2019-27b9b94805
Bug fixes and security fixes. Better threading compile time option set. See: https://src.fedoraproject.org/rpms/ImageMagick/pull-request/2 Additional formats enabled.
Mageia 2019-0288: kernel security update
This kernel update is based on the upstream 5.2.16 and fixes atleast the following security issues: There is heap-based buffer overflow in the marvell wifi chip driver that allows local users to cause a denial of service(system crash) or possibly
Mageia 2019-0287: kernel security update
This kernel update is based on the upstream 4.14.145 and fixes atleast the following security issues: There is heap-based buffer overflow in the marvell wifi chip driver that allows local users to cause a denial of service(system crash) or possibly
Mageia 2019-0286: samba security update
Updated samba packages fix security vulnerabilities: A combination of parameters and permissions in smb.conf can allow user to escape from the share path definition (CVE-2019-10197).
RedHat: RHSA-2019-2854:01 Important: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Mageia 2019-0285: thunderbird security update
The updated thunderbird packages fix security issues: Covert Content Attack on S/MIME encryption using a crafted multipart/ alternative message. (CVE-2019-11739)
Mageia 2019-0284: ibus security update
It was discovered that any unprivileged user could monitor and send method calls to the ibus bus of another user, due to a misconfiguration during the setup of the DBus server. When ibus is in use, a local attacker, who discovers the UNIX socket used by another user connected on a graphical environment, could use this flaw to intercept all keystrokes of the victim user or modify