SciLinux: SLSA-2021-3338-1 Low: hivex on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 hivex-1.3.10-6.12.el7_9.i686.rpm hivex-1.3.10-6.12.el7_9.x86_64.rpm hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm hivex-debuginfo-1.3.10-6.12.el7_9.x86_64 [More...]

SciLinux: SLSA-2021-3296-1 Important: libX11 on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

libX11: missing request length checks (CVE-2021-31535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 libX11-1.6.7-4.el7_9.i686.rpm libX11-1.6.7-4.el7_9.x86_64.rpm libX11-debuginfo-1.6.7-4.el7_9.i686.rpm libX11-debuginfo-1.6.7-4.el7_9.x86_64.rpm libX11-devel-1.6.7-4.el7_9.i686. [More...]

SciLinux: SLSA-2021-3234-1 Important: compat-exiv2-023 on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE7 --- SL7 x86_64 - compat-exiv2-023-0.23-2.el7_9.i686.rpm - compat-exiv2-023-0.23-2.el7_9.x86_64.rpm - compat-exiv2-023-debuginfo-0.23-2.el7_9.i686.rpm - compat- [More...]

SciLinux: SLSA-2021-3233-1 Important: compat-exiv2-026 on SL7.x x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE7 --- SL7 x86_64 - compat-exiv2-026-0.26-3.el7_9.i686.rpm - compat-exiv2-026-0.26-3.el7_9.x86_64.rpm - compat-exiv2-026-debuginfo-0.26-3.el7_9.i686.rpm - compat-e [More...]

SciLinux: SLSA-2021-3154-1 Important: firefox on x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Firefox to version 78.13.0 ESR. * Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980) * Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984) * Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986) * Mozilla: Memory corruption as a result of in [More...]

SciLinux: SLSA-2021-3160-1 Important: thunderbird on x86_64

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update upgrades Thunderbird to version 78.13.0. * Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980) * Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984) * Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986) * Mozilla: Memory corruption as a result of in [More...]

SciLinux: SLSA-2021-3173-1 Important: kernel on

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) * kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c (CVE-2021-22555) * kernel: race condition for removal of the HCI controller (CVE-2021-32399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other relate [More...]