python-reportlab (SL6)

By SL Errata on January 22, 2020

Synopsis: Important: python-reportlab security update Advisory ID: SLSA-2020:0197-1 Issue Date: 2020-01-21 CVE Numbers: CVE-2019-17626 — Security Fix(es): * python-reportlab: code injection in colors.py allows attacker to execute code (CVE-2019-17626) — SL6 x86_64 python-reportlab-2.3-3.el6_10.1.x86_64.rpm python-reportlab-debuginfo-2.3-3.el6_10.1.x86_64.rpm i386 python-reportlab-2.3-3.el6_10.1.i686.rpm python-reportlab-debuginfo-2.3-3.el6_10.1.i686.rpm noarch python-reportlab-docs-2.3-3.el6_10.1.noarch.rpm – … Read More

python-reportlab (SL7)

By SL Errata on January 22, 2020

Synopsis: Important: python-reportlab security update Advisory ID: SLSA-2020:0195-1 Issue Date: 2020-01-22 CVE Numbers: None — Security Fix(es): * python-reportlab: code injection in colors.py allows attacker to execute code (CVE-2019-17626) — SL7 x86_64 python-reportlab-2.5-9.el7_7.1.x86_64.rpm python-reportlab-debuginfo-2.5-9.el7_7.1.x86_64.rpm python-reportlab-docs-2.5-9.el7_7.1.x86_64.rpm – Scientific Linux Development Team

java-1.8.0-openjdk (SL7)

By SL Errata on January 22, 2020

Synopsis: Important: java-1.8.0-openjdk security update Advisory ID: SLSA-2020:0196-1 Issue Date: 2020-01-22 CVE Numbers: None — Security Fix(es): * OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) * OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, … Read More

java-1.8.0-openjdk (SL6)

By SL Errata on January 21, 2020

Synopsis: Important: java-1.8.0-openjdk security update Advisory ID: SLSA-2020:0157-1 Issue Date: 2020-01-21 CVE Numbers: None — Security Fix(es): * OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) * OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, … Read More

thunderbird (SL6)

By SL Errata on January 17, 2020

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:0123-1 Issue Date: 2020-01-16 CVE Numbers: None — Security Fix(es): * Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026) * Mozilla: Bypass of @namespace CSS sanitization during pasting (CVE-2019-17016) * Mozilla: Type … Read More

thunderbird (SL7)

By SL Errata on January 17, 2020

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2020:0120-1 Issue Date: 2020-01-16 CVE Numbers: None — Security Fix(es): * Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026) * Mozilla: Bypass of @namespace CSS sanitization during pasting (CVE-2019-17016) * Mozilla: Type … Read More

git (SL7)

By SL Errata on January 16, 2020

Synopsis: Important: git security update Advisory ID: SLSA-2020:0124-1 Issue Date: 2020-01-16 CVE Numbers: None — Security Fix(es): * git: Remote code execution in recursive clones with nested submodules (CVE-2019-1387) — SL7 x86_64 git-1.8.3.1-21.el7_7.x86_64.rpm git-daemon-1.8.3.1-21.el7_7.x86_64.rpm git-debuginfo-1.8.3.1-21.el7_7.x86_64.rpm git-gnome-keyring-1.8.3.1-21.el7_7.x86_64.rpm git-svn-1.8.3.1-21.el7_7.x86_64.rpm noarch emacs-git-1.8.3.1-21.el7_7.noarch.rpm emacs-git-el-1.8.3.1-21.el7_7.noarch.rpm … Read More

java-11-openjdk (SL7)

By SL Errata on January 16, 2020

Synopsis: Important: java-11-openjdk security update Advisory ID: SLSA-2020:0122-1 Issue Date: 2020-01-16 CVE Numbers: None — Security Fix(es): * OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) * OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, … Read More

firefox (SL7)

By SL Errata on January 13, 2020

Synopsis: Critical: firefox security update Advisory ID: SLSA-2020:0085-1 Issue Date: 2020-01-13 CVE Numbers: CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 — This update upgrades Firefox to version 68.4.1 ESR. Security Fix(es): * Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026) * … Read More

firefox (SL6)

By SL Errata on January 13, 2020

Synopsis: Critical: firefox security update Advisory ID: SLSA-2020:0086-1 Issue Date: 2020-01-13 CVE Numbers: CVE-2019-17016 CVE-2019-17017 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 — This update upgrades Firefox to version 68.4.1 ESR. Security Fix(es): * Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026) * … Read More