libexif security update

0.6.22-2 - Fix CVE-2020-0181, CVE-2020-0198, and CVE-2020-0452 - Resolves: 1902589...

CVE-2020-26965

Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remembers user input, a user typed their password and used that feature, the type of the password field wa...

CVE-2019-17450 affecting package binutils 2.32-5

CVE-2019-17450 affecting package binutils 2.32-5. A patched version of the package is available...

poppler security update

0.66.0-27 - Fix crash on broken file in tilingPatternFill - Resolves: 1801341...

expat security update

2.2.5-4 - add security fixes for CVE-2018-20843, CVE-2019-15903...

CVE-2020-15889 affecting package lua 5.3.5-9

CVE-2020-15889 affecting package lua 5.3.5-9. A patched version of the package is available...

CVE-2020-26880

Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file which is owned by sympa and parsing it through the setuid sympanewaliases-wrapper executable...

Important: Red Hat Security Advisory: libvncserver security update

An update for libvncserver is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

[SECURITY] Fedora 31 Update: ark-20.04.3-3.fc31

Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed...

CVE-2020-15778

scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a...

Important: Red Hat Security Advisory: jbig2dec security update

An update for jbig2dec is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

FreeBSD Buffer Overflow Vulnerability (CNVD-2020-38773)

FreeBSD is a type of UNIX operating system, an important branch of Unix that evolved from BSD, 386BSD and 4.4BSD. FreeBSD suffers from a posixspawnp buffer overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...

libexif security update

0.6.21-6 - Add patch for CVE-2020-13112 - Resolves: 1840948...

bind security update

32:9.11.13-5 - Limit number of queries triggered by a request CVE-2020-8616 32:9.11.13-4 - Fix invalid tsig request CVE-2020-8617...

Important: Red Hat Security Advisory: ksh security update

An update for ksh is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

tcpdump security update

4.9.2-4.0.1.el77.1 - Fix CVE-2018-14468 Orabug: 30480183...

CVE-2020-10085

Removed by vendor...

Important: Red Hat Security Advisory: ksh security update

An update for ksh is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

CVE-2019-15605

HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed...

Important: Red Hat Security Advisory: ksh security update

An update for ksh is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...