vitich.kiev.ua was created on Dec 15, 1999

LinuxSecurity

RedHat: RHSA-2021-3840:01 Important: thunderbird security update>

Wed, 13/10/2021 - 08:29
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

RedHat: RHSA-2021-3836:01 Important: httpd:2.4 security update>

Wed, 13/10/2021 - 06:26
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

RedHat: RHSA-2021-3837:01 Important: httpd:2.4 security update>

Wed, 13/10/2021 - 06:22
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

Fedora 33: mediawiki 2021-56d8173b5e>

Tue, 12/10/2021 - 22:47
https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.4
Categories: Linux, Security

Fedora 33: redis 2021-8913c7900c>

Tue, 12/10/2021 - 22:47
**Redis 6.0.16** - Released Mon Oct 4 12:00:00 IDT 2021 Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: * (**CVE-2021-41099**) Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured to a non-default, very large value [reported by yiyuaner]. *
Categories: Linux, Security

Fedora 33: xstream 2021-fbad11014a>

Tue, 12/10/2021 - 22:47
``` * Mon Oct 04 2021 Didik Supriadi - 1.4.18-2 - Enable activation, cglib, dom4j, jdom, and jdom2 * Fri Oct 01 2021 Didik Supriadi - 1.4.18-1 - Update to version 1.4.18 ```
Categories: Linux, Security

Fedora 34: flatpak 2021-4b201d15e6>

Tue, 12/10/2021 - 22:46
Update to 1.10.5 Fix CVE-2021-41133
Categories: Linux, Security

Fedora 34: httpd 2021-2a10bc68a4>

Tue, 12/10/2021 - 22:46
This update addresses CVE-2021-42013. It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these
Categories: Linux, Security

Fedora 34: mediawiki 2021-eee8b7514f>

Tue, 12/10/2021 - 22:45
https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.4
Categories: Linux, Security

Fedora 34: redis 2021-61c487f241>

Tue, 12/10/2021 - 22:45
**Redis 6.2.** - 6 Released Mon Oct 4 12:00:00 IDT 2021 Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: * (**CVE-2021-41099**) Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured to a non-default, very large value [reported by yiyuaner]. *
Categories: Linux, Security

Fedora 34: xstream 2021-d894ca87dc>

Tue, 12/10/2021 - 22:45
``` * Mon Oct 04 2021 Didik Supriadi - 1.4.18-2 - Enable activation, cglib, dom4j, jdom, and jdom2 * Fri Oct 01 2021 Didik Supriadi - 1.4.18-1 - Update to version 1.4.18 ```
Categories: Linux, Security

Debian: DSA-4984-1: flatpak security update>

Tue, 12/10/2021 - 20:27
It was discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could be bypassed for a Flatpak app with direct access to AF_UNIX sockets, by manipulating the VFS using mount-related syscalls that are not blocked by Flatpak's denylist
Categories: Linux, Security

openSUSE: 2021:3387-1 important: the Linux Kernel>

Tue, 12/10/2021 - 20:23
An update that solves 7 vulnerabilities and has 53 fixes is now available.
Categories: Linux, Security

SciLinux: SLSA-2021-3801-1 Important: kernel on SL7.x x86_64>

Tue, 12/10/2021 - 20:05
kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) * kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576) * kernel: SVM nested virtualization issue in KVM (AVIC support) (CVE-2021-3653) * kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656) For more details about the security issue(s), [More...]
Categories: Linux, Security

SciLinux: SLSA-2021-3810-1 Moderate: libxml2 on SL7.x x86_64>

Tue, 12/10/2021 - 20:05
libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 libxml2-2.9.1-6.el7_9.6.i686.rpm libxml2-2.9.1-6.el7_9.6.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6 [More...]
Categories: Linux, Security

SciLinux: SLSA-2021-3798-1 Moderate: openssl on x86_64>

Tue, 12/10/2021 - 20:04
openssl: integer overflow in CipherUpdate (CVE-2021-23840) * openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team
Categories: Linux, Security

SciLinux: SLSA-2021-3807-1 Low: 389-ds-base on SL7.x x86_64>

Tue, 12/10/2021 - 20:04
389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed (CVE-2021-3652) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * A plugin can create an index. Even if the index can be used immediately (for searches) the index remains offline until further rein [More...]
Categories: Linux, Security

RedHat: RHSA-2021-3819:01 Important: .NET 5.0 security and bugfix update>

Tue, 12/10/2021 - 19:02
An update for .NET 5.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
Categories: Linux, Security

RedHat: RHSA-2021-3818:01 Important: .NET 5.0 on RHEL 7 security and bugfix>

Tue, 12/10/2021 - 18:49
An update for rh-dotnet50-dotnet is now available for .NET on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
Categories: Linux, Security

openSUSE: 2021:3354-1 moderate: libqt5-qtsvg>

Tue, 12/10/2021 - 17:50
An update that fixes one vulnerability is now available.
Categories: Linux, Security

Pages