723 matches found
openSUSE Security Update : freeradius-server (openSUSE-2021-428)
This update for freeradius-server fixes the following issues : - move logrotate options into specific parts for each log as 'global' options will persist past and clobber global options in the main logrotate config bsc1180525 This update was imported from the SUSE:SLE-15-SP2:Update update project...
[SECURITY] Fedora 32 Update: python3-3.8.7-2.fc32
Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the...
CentOS 8 : jbig2dec (CESA-2020:2897)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2020:2897 advisory. - jbig2dec: heap-based buffer overflow in jbig2imagecompose in jbig2image.c CVE-2020-12268 Note that Nessus has not tested for this issue but has instead relied...
glibc: Multiple vulnerabilities
Background glibc is a package that contains the GNU C library. Description Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workarou...
GLSA-202012-13 : OpenSSL: Denial of service
The remote host is affected by the vulnerability described in GLSA-202012-13 OpenSSL: Denial of service A NULL pointer dereference flaw was found in OpenSSL. Impact : A remote attacker, able to control the arguments of the GENERALNAMEcmp function in an application linked against OpenSSL, could...
Virtuozzo 6 : python / python-devel / python-libs / python-test / etc (VZLSA-2019-1467)
An update for python is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
firefox security update
78.4.1-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file Tue Nov 10 2020 [email protected] - 78.4.1-1 - Update to 78.4.1 - Filtering nss/nspr libs 78.4.0-3 -...
KPMCore: Root privilege escalation
Background KPMcore, the KDE Partition Manager core, is a library for examining and modifying partitions, disk devices, and filesystems on a Linux system. It provides a unified programming interface over top of external system-manipulation tools. Description Improper checks on the D-Bus request...
Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2020-2317)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 32 : 2:samba / krb5 (2020-939681213a)
KRB5 : - Cross-realm s4u fixes for samba 1836630 - Drop unnecessary conflict with openssl-libs = 3.0.0 - Unify kvno option documentation - Use systemctl reload to HUP the KDC during logrotate SAMBA : - Support S4U operations for Samba AD DC 1836630 - Fix lookup of users and groups when realm used...
java-11-openjdk security and bug fix update
1:11.0.9.11-0 - Update to jdk-11.0.9+11 - Update release notes for 11.0.9 release. - Add backport of JDK-8254177 to update to tzdata 2020b - Require tzdata 2020b due to resource changes in JDK-8254177 - Delay tzdata 2020b dependency until tzdata update has shipped. - This tarball is embargoed unt...
Huawei EulerOS: Security Advisory for gperftools-libs (EulerOS-SA-2020-2190)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : gperftools-libs (EulerOS-SA-2020-2190)
According to the version of the gperftools-libs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Google gperftools 2.7 has a memory leak in mallocextension.cc, related to MallocExtension::Register and InitModule. NOTE: th...
EulerOS Virtualization for ARM 64 3.0.2.0 : samba (EulerOS-SA-2020-1952)
According to the versions of the samba packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The samba-libs package contains the libraries needed by programs that link against the SMB, RPC and other protocols...
ca-certificates bug fix and enhancement update
The ca-certificates package contains a set of Certificate Authority CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure PKI. Bug Fixes and Enhancements: Annual AlmaLinux 8 ca-certificates update 2020 to nss 3.53 for Firefox 78 BZ1849732 circular...
Mozilla Network Security Service (NSS): Information disclosure
Background The Mozilla Network Security Service NSS is a library implementing security features like SSL v.2/v.3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME and X.509 certificates. Description NSS was found to not always perform constant-time operations when working with DSA key material. Impa...
GLSA-202007-43 : TRE: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202007-43 TRE: Multiple vulnerabilities Multiple vulnerabilities have been discovered in TRE. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...
RHEL 8 : jbig2dec (RHSA-2020:3043)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:3043 advisory. jbig2dec is a decoder implementation of the JBIG2 image compression format. Security Fixes: jbig2dec: heap-based buffer overflow in jbig2imagecompose...
GLSA-202006-01 : GnuTLS: Information disclosure
The remote host is affected by the vulnerability described in GLSA-202006-01 GnuTLS: Information disclosure A flaw was reported in the TLS session ticket key construction in GnuTLS. Impact : A remote attacker could recover previous conversations in TLS 1.2 and obtain sensitive information or...
GnuTLS: Information disclosure
Background GnuTLS is an Open Source implementation of the TLS and SSL protocols. Description A flaw was reported in the TLS session ticket key construction in GnuTLS. Impact A remote attacker could recover previous conversations in TLS 1.2 and obtain sensitive information or conduct a...