mariadb-connector-c security, bug fix, and enhancement update

An update is available for mariadb-connector-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The MariaDB Native Client library C driver is used to connect...

RLSA-2020:5503 Moderate: mariadb-connector-c security, bug fix, and enhancement update

The MariaDB Native Client library C driver is used to connect applications developed in C/C++ to MariaDB and MySQL databases. The following packages have been upgraded to a later upstream version: mariadb-connector-c 3.1.11. BZ1898993 Security Fixes: mysql: C API unspecified vulnerability CPU Apr...

SUSE-SU-2020:3749-1 Security update for gcc7

This update for gcc7 fixes the following issues: - CVE-2020-13844: Added mitigation for aarch64 Straight Line Speculation issue bsc1172798 - Enable fortran for the nvptx offload compiler. - Update README.First-for.SuSE.packagers - avoid assembler errors with AVX512 gather and scatter instructions...

CVE-2020-26952

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...

Memory corruption

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...

CVE-2020-26952

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...

CVE-2020-26952

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...

CVE-2020-26952

Mozilla Firefox vulnerability (CVE-2020-26952) involves incorrect bookkeeping of inlined functions during JIT compilation, causing memory corruption and potentially exploitable crashes when handling out-of-memory conditions. Affected: Firefox versions earlier than 83. Root cause: mismanagement in...

SUSE SLES15 Security Update : nodejs10 (SUSE-SU-2020:2829-1)

This update for nodejs10 fixes the following issues : nodejs10 was updated to 10.22.1 LTS : - CVE-2020-8252: Fixed a buffer overflow in realpath bsc1176589. - CVE-2020-15095: Fixed an information leak through log files bsc1173937. Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation o...

Remote Code Execution

firefox is vulnerable to remote code execution. Incorrect bookkeeping of functions inlined during JIT compilation allows an attacker to execute arbitrary code in the context of the victim by tricking the user into visiting a malicious web site. The vulnerability also allows a remote attacker to...

CVE-2020-26952

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox 83...

Remote Code Execution (RCE)

oniguruma is vulnerable to remote code execution RCE. The vulnerability exists as a buffer overflow can occur through a regular expression for compilation in concatoptexactstr in src/regcomp.c...

openSUSE: Security Advisory for nodejs10 (openSUSE-SU-2020:1660-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:1644-1 Security update for nodejs8

This update for nodejs8 fixes the following issues: - CVE-2020-15095: Fixed information leak through log files bsc1173937. - Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation on Aarch64 with gcc10 bsc1172686. This update was imported from the SUSE:SLE-15:Update update project...

Security update for nodejs8 (moderate)

openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2020:1644-1 Rating: moderate References: 1172686 1173937 Cross-References: CVE-2020-15095 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...

SUSE-SU-2020:2870-1 Security update for nodejs8

This update for nodejs8 fixes the following issues: - CVE-2020-15095: Fixed information leak through log files bsc1173937. - Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation on Aarch64 with gcc10 bsc1172686...

kernel security, bug fix, and enhancement update

3.10.0-1160.OL7 - Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 = 15-2.0.3 3.10.0-1160 - kernel modsign: Add...

OPENSUSE-SU-2020:1616-1 Security update for nodejs12

This update for nodejs12 fixes the following issues: - nodejs12 was updated to 12.18.4 LTS: - CVE-2020-8201: Fixed an HTTP Request Smuggling due to CR-to-Hyphen conversion bsc1176605. - CVE-2020-8252: Fixed a buffer overflow in realpath bsc1176589. - CVE-2020-15095: Fixed an information leak...

SUSE-SU-2020:2829-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - nodejs10 was updated to 10.22.1 LTS: - CVE-2020-8252: Fixed a buffer overflow in realpath bsc1176589. - CVE-2020-15095: Fixed an information leak through log files bsc1173937. - Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation...

SUSE-SU-2020:2823-1 Security update for nodejs10

This update for nodejs10 fixes the following issues: - nodejs10 was updated to 10.22.1 LTS: - CVE-2020-8252: Fixed a buffer overflow in realpath bsc1176589. - CVE-2020-15095: Fixed an information leak through log files bsc1173937. - Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation...