Fix of CVE: CVE-2020-8517, CVE-2021-28651, CVE-2020-15049, CVE-2020-8449, CVE-2020-8450, CVE-2020-24606, CVE-2020-25097, CVE-2020-11945, CVE-2020-14058

CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack - CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-25097: fix improper input validation allowing HTTP smuggling from trusted client -...

Fix of CVE: CVE-2021-2388

Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination...

Update of nscd, glibc-headers, glibc, glibc-utils, glibc-static, glibc-static, glibc-devel, glibc-devel, glibc, glibc-common

More precise DNS name checks accepting dash-.example.com, among other things...

Fix of CVE: CVE-2021-33909

ELS-130: netfilter: xtables: add missing tables zeroing - CLKRN-800: CVE-2021-33909: seqfile: disallow extremely large seq buffer allocation...

Fix of CVE: CVE-2021-33909

ELS-130: netfilter: xtables: add missing tables zeroing - CLKRN-800: CVE-2021-33909: seqfile: disallow extremely large seq buffer allocation...

Fix of CVE: CVE-2021-22925

telnet stack contents disclosure again CVE-2021-22925...

Fix of CVE: CVE-2021-22555

ELS-130: CVE-2021-22555: netfilter: xtables: fix compat match/target pad out-of-bound write...

Fix of CVE: CVE-2021-22555

ELS-130: CVE-2021-22555: netfilter: xtables: fix compat match/target pad out-of-bound write...

Fix of CVE: CVE-2021-22898

check sscanf for correct number of matches CVE-2021-22898...

Fix of CVE: CVE-2020-29661, CVE-2019-19532, CVE-2020-25656, CVE-2020-25211

CKSIX-277: CVE-2020-29661: tty: Fix -pgrp locking in tiocspgrp - CKSIX-277: CVE-2020-25656: vt: keyboard, extend funcbuflock to readers - CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctlKDSKBSENT handler - CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vtkdgkbsent - CKSIX-277:...

Fix of CVE: CVE-2020-25211, CVE-2020-25656, CVE-2019-19532, CVE-2020-29661

CKSIX-277: CVE-2020-29661: tty: Fix -pgrp locking in tiocspgrp - CKSIX-277: CVE-2020-25656: vt: keyboard, extend funcbuflock to readers - CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctlKDSKBSENT handler - CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vtkdgkbsent - CKSIX-277:...

Fix of CVE: CVE-2021-23840

Fixed integer overflow in CipherUpdateCVE-2021-23840...

Fix of CVE: CVE-2021-23017

Update fix for CVE-2021-23017 accoding nginx.org recomendations...

Fix of CVE: CVE-2021-23017

Fixed CVE-2021-23017 : Off-by-one in ngxresolvercopy when - labels are followed by a pointer to a root domain name...

Fix of CVE: CVE-2021-25215, CVE-2021-25214, CVE-2021-25216

A broken inbound incremental zone update IXFR can cause named to terminate unexpectedly CVE-2021-25214 - An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215 - A second vulnerability in BIND's GSSAPI security...

Fix of CVE: CVE-2021-27364, CVE-2021-27363, CVE-2021-27365

CVE-2021-27365: scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE - CVE-2021-27365: scsi: iscsi: Verify lengths on passthrough PDUs - CVE-2021-27363: CVE-2021-27364: scsi: iscsi: Restrict sessions and handles to admin capabilities - sysfs: Add sysfsemit and sysfsemitat to format sysfs...

Fix of CVE: CVE-2020-8625

Fix buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation CVE-2020-8625...

Update of microcode_ctl

...

Update of openssl-static, openssl, openssl-devel, openssl-perl, openssl, openssl-devel

...

Update of kernel, kernel-debug-devel, kernel-devel, kernel-debug, kernel-debug-devel, python-perf, perf, kernel-headers

...

Update of kernel-abi-whitelists, kernel-firmware, kernel-doc

...

Fix of CVE: CVE-2021-27135

CVE-2021-27135: fix crash when processing combining characters...

Update of libcurl-devel, libcurl-devel, libcurl, curl, libcurl

...

Update of squid34

...

Fix of CVE: CVE-2020-14058, CVE-2020-15049

CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack...

Update of java-1.8.0-openjdk-devel-debug, java-1.8.0-openjdk-src, java-1.8.0-openjdk-headless, java-1.8.0-openjdk, java-1.8.0-openjdk-headless-debug, java-1.8.0-openjdk-demo, java-1.8.0-openjdk-javadoc-debug, java-1.8.0-openjdk-src-debug, java-1.8.0-openjdk-devel, java-1.8.0-openjdk-debug, java-1.8.0-openjdk-demo-debug, java-1.8.0-openjdk-javadoc

...

Fix of CVE: CVE-2021-33574, CVE-2021-35942, CVE-2021-38604

Adopt pthreadattrcopy functionality, test case is included - CVE-2021-33574: avoid use-after-free vulnerability - CVE-2021-35942: avoid out-of-bounds read via signed integer overflow in array index - CVE-2021-38604: considered. No NULL pointer dereference is possible...

Fix of CVE: CVE-2020-8450, CVE-2020-8517, CVE-2020-8449

CVE-2020-8449: fix improper HTTP request validation allowing access to resources which are prohibited by security filters - CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow - CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer and leading to...

Update of perl-Pod-Simple, perl-IO-Compress-Bzip2, perl-Log-Message, perl-CPANPLUS, perl-Parse-CPAN-Meta, perl-Archive-Tar, perl-Locale-Maketext-Simple, perl-Compress-Raw-Zlib, perl-ExtUtils-MakeMaker, perl-version, perl-Params-Check, perl-Module-CoreList, perl-parent, perl-Log-Message-Simple, perl-IO-Compress-Base, perl-Archive-Extract, perl-Test-Harness, perl-Module-Load, perl-Compress-Zlib, perl-Module-Pluggable, perl-Pod-Escapes, perl-Module-Build, perl-Module-Loaded, perl-Test-Simple, perl-Term-UI, perl-Package-Constants, perl-Object-Accessor, perl-Digest-SHA, perl-ExtUtils-ParseXS, perl-File-Fetch, perl-Time-HiRes, perl-Compress-Raw-Bzip2, perl-Time-Piece, perl-CGI, perl-ExtUtils-CBuilder, perl-IO-Zlib, perl-Module-Load-Conditional, perl-IO-Compress-Zlib, perl-ExtUtils-Embed, perl-IPC-Cmd, perl-CPAN

...

Update of nscd, glibc-headers, glibc, glibc-utils, glibc-static, glibc-static, glibc-devel, glibc-devel, glibc, glibc-common

...

Update of perl-Pod-Simple, perl-Log-Message-Simple, perl-Object-Accessor, perl-IPC-Cmd, perl-ExtUtils-MakeMaker, perl-Compress-Raw-Zlib, perl-CPAN, perl-CGI, perl-Digest-SHA, perl-Module-Loaded, perl-parent, perl-Module-CoreList, perl-Compress-Raw-Bzip2, perl-File-Fetch, perl-version, perl-ExtUtils-Embed, perl-Locale-Maketext-Simple, perl-Time-HiRes, perl-Module-Load-Conditional, perl-IO-Compress-Bzip2, perl-ExtUtils-CBuilder, perl-Term-UI, perl-Module-Build, perl-Pod-Escapes, perl-IO-Compress-Base, perl-Parse-CPAN-Meta, perl-Time-Piece, perl-Params-Check, perl-Module-Pluggable, perl-Archive-Tar, perl-IO-Compress-Zlib, perl-Package-Constants, perl-Test-Simple, perl-Test-Harness, perl-IO-Zlib, perl-ExtUtils-ParseXS, perl-Archive-Extract, perl-CPANPLUS, perl-Log-Message, perl-Module-Load, perl-Compress-Zlib

...

Update of kernel-devel, kernel-debug, kernel-debug-devel, kernel-headers, perf, kernel, kernel-debug-devel, python-perf

...

Update of kernel-doc, kernel-firmware, kernel-abi-whitelists

...

Update of libcurl, curl, libcurl-devel, libcurl-devel, libcurl

...

Update of kernel-doc, kernel-abi-whitelists, kernel-firmware

...

Update of python-perf, kernel-debug, kernel-debug-devel, kernel-headers, kernel-debug-devel, kernel, perf, kernel-devel

...

Fix of CVE: CVE-2021-28651

CVE-2021-28651: fix memory leak leading to denial of service...

Fix of CVE: CVE-2021-23240

sudo-1.8.6p3-CVE-2021-23240-2.patch: fixed issue with credentials management in sudoedit - sudo-1.8.6p3-CVE-2021-23240-3.patch: fixed issue with origin file removal in sesh...

Update of libcurl, libcurl-devel, libcurl-devel, curl, libcurl

...

Fix of CVE: CVE-2021-3504

Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950500...

Update of kernel-debug-devel, kernel-devel, python-perf, kernel-debug, perf, kernel, kernel-debug-devel, kernel-headers

...

Update of kernel-firmware, kernel-doc, kernel-abi-whitelists

...

Update of openssl-static, openssl-devel, openssl-perl, openssl, openssl, openssl-devel

...

Update of nginx-all-modules, nginx-filesystem, nginx-mod-stream, nginx-mod-http-perl, nginx-mod-http-xslt-filter, nginx-mod-http-geoip, nginx-mod-mail, nginx, nginx-mod-http-image-filter

...

Fix of CVE: CVE-2021-28153

Fixed CVE-2021-28153: gfilereplace with GFILECREATEREPLACEDESTINATION creates empty target for dangling symlink...

Fix of CVE: CVE-2021-25217

CVE-2021-25217: avoid buffer overrun...

Update of nginx-mod-http-image-filter, nginx-mod-http-geoip, nginx-mod-http-perl, nginx, nginx-filesystem, nginx-mod-stream, nginx-mod-http-xslt-filter, nginx-mod-mail, nginx-all-modules

...

Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot

...

Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot

...

Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot

...