LinuxSecurity

Mageia 2021-0151: kernel security update>

Mon, 22/03/2021 - 16:18
This kernel update is based on upstream 5.10.25 and fixes atleast the following security issues: Unprivileged BPF programs running on affected systems can bypass the protection and execute speculatively out-of-bounds loads from any location
Categories: Linux, Security

openSUSE: 2021:0462-1 important: grub2>

Mon, 22/03/2021 - 13:18
An update that solves 7 vulnerabilities and has two fixes is now available.
Categories: Linux, Security

RedHat: RHSA-2021-0949:01 Low: Red Hat OpenShift Do>

Mon, 22/03/2021 - 08:13
Updated openshift/odo-init-image container image is now available for Red Hat Openshift Do 1.0. 2. Description: Red Hat OpenShift Do (odo) is a simple CLI tool for developers to create,
Categories: Linux, Security

RedHat: RHSA-2021-0948:01 Moderate: Red Hat Certificate System security and>

Mon, 22/03/2021 - 07:05
An update for pki-console, pki-core, and redhat-pki-theme is now available for Red Hat Certificate System 9.4 EUS. Red Hat Certificate System 9.4 EUS is a special channel for the delivery of Red Hat Certificate System updates. Downgrading the installed packages is
Categories: Linux, Security

Fedora 34: libtpms 2021-8b584e5ebb>

Fri, 19/03/2021 - 18:24
tpm2: CryptSym: fix AES output IV; a CVE has been filed for this issue ---- Fixed a context save and suspend/resume problem when public keys are loaded
Categories: Linux, Security

Fedora 34: privoxy 2021-250d2ca9e6>

Fri, 19/03/2021 - 18:24
3.0.32
Categories: Linux, Security

Fedora 34: x11vnc 2021-069c0c3950>

Fri, 19/03/2021 - 18:24
This release fixes an insecure permissins of shared memory semgentes created by an x11vnc server. Previously the segments were readable and writable for any local user. Now they are accessible only to the user who executed the x11vnc server.
Categories: Linux, Security

Fedora 34: wpa_supplicant 2021-9b00febe54>

Fri, 19/03/2021 - 18:23
Security fix for CVE-2021-27803
Categories: Linux, Security

Fedora 34: libebml 2021-e283997bb9>

Fri, 19/03/2021 - 18:23
Fixed several heap overflow bugs in the `ReadData` functions of various data type classes. This fixes CVE-2021-3405.
Categories: Linux, Security

Fedora 34: salt 2021-43eb5584ad>

Fri, 19/03/2021 - 18:22
Update to CVE release 3002.5-1 for Python 3 Fixed on this release: CVE-2021-25283 Fixed in 3002.3: CVE-2020-28243 CVE-2020-28972 CVE-2020-35662 CVE-2021-3148 CVE-2021-3144 CVE-2021-25281 CVE-2021-25282 CVE-2021-25283 CVE-2021-25284 CVE-2021-25284 CVE-2021-3197
Categories: Linux, Security

SUSE: 2021:79-1 suse/sle15 Security Update>

Fri, 19/03/2021 - 06:13
The container suse/sle15 was updated. The following patches have been included in this update:
Categories: Linux, Security

Debian LTS: DLA-2599-1: shibboleth-sp2 security update>

Fri, 19/03/2021 - 02:42
Toni Huttunen discovered that the Shibboleth service provider's template engine used to render error pages could be abused for phishing attacks. For additional information please refer to the upstream advisory at
Categories: Linux, Security

Debian LTS: DLA-2598-1: squid3 security update>

Fri, 19/03/2021 - 01:49
Due to improper input validation, Squid is vulnerable to an HTTP Request Smuggling attack. This problem allows a trusted client to perform HTTP Request
Categories: Linux, Security

CentOS: CESA-2021-0856: Important CentOS 7 kernel >

Thu, 18/03/2021 - 21:24
Upstream details at : https://access.redhat.com/errata/RHSA-2021:0856
Categories: Linux, Security

CentOS: CESA-2021-0808: Important CentOS 7 wpa_supplicant >

Thu, 18/03/2021 - 17:21
Upstream details at : https://access.redhat.com/errata/RHSA-2021:0808
Categories: Linux, Security

CentOS: CESA-2021-0851: Important CentOS 7 pki-core >

Thu, 18/03/2021 - 17:15
Upstream details at : https://access.redhat.com/errata/RHSA-2021:0851
Categories: Linux, Security

RedHat: RHSA-2021-0922:01 Important: bind security update>

Wed, 17/03/2021 - 12:51
An update for bind is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

SciLinux: SLSA-2021-0856-1 Important: kernel on SL7.x x86_64>

Wed, 17/03/2021 - 12:30
kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211) * kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374) * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use- after-free (CVE-2020-29661) * kernel: malicious USB devices can lead to multiple out-of-bounds write (CVE-2019-19532) [More...]
Categories: Linux, Security

SciLinux: SLSA-2021-0860-1 Important: ipa on SL7.x x86_64>

Wed, 17/03/2021 - 12:29
jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * cannot issue certs with multiple IP addresses corresponding to different hosts * CA-less install [More...]
Categories: Linux, Security

SciLinux: SLSA-2021-0851-1 Important: pki-core on SL7.x x86_64>

Wed, 17/03/2021 - 12:29
pki-core: Unprivileged users can renew any certificate (CVE-2021-20179) * pki-core: XSS in the certificate search results (CVE-2020-25715) * pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146) * pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179) * pki-core: Reflected XSS in [More...]
Categories: Linux, Security

Pages