LinuxSecurity.com

Debian LTS: DLA-2180-1: file-roller security updateDebian LTS: DLA-2180-1: file-roller sec>

18.04.2020 05:01 fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the

Debian LTS: DLA-2179-1: jackson-databind security updateDebian LTS: DLA-2179-1: jackson-da>

18.04.2020 05:01 Following CVEs were reported against the jackson-databind source package :

Debian LTS: DLA-2178-1: awl security updateDebian LTS: DLA-2178-1: awl security update>

18.04.2020 05:01 Following CVEs were reported against the awl source package: CVE-2020-11728

Fedora 31: libssh FEDORA-2020-5a77f0d68fFedora 31: libssh FEDORA-2020-5a77f0d68f>

18.04.2020 05:01 Fixes CVE-2020-1730

Fedora 31: git FEDORA-2020-cdef88bb89Fedora 31: git FEDORA-2020-cdef88bb89>

18.04.2020 05:01 Security fix for CVE-2020-5260 From the upstream : > With a crafted URL that contains a newline in it, the credential > helper machinery can be fooled to give credential information for > a wrong host. The attack has been made impossible by forbidding > a newline character in any value

Fedora 31: chromium FEDORA-2020-161c87cbc7Fedora 31: chromium FEDORA-2020-161c87cbc7>

18.04.2020 05:01 Bugfix release from Google for 80.0.3987.162. ---- Update to 80.0.3987.162. Fixes the following CVEs: * CVE-2020-6450 * CVE-2020-6451 * CVE-2020-6452

openSUSE: 2020:0534-1: moderate: gnuhealthopenSUSE: 2020:0534-1: moderate: gnuhealth>

17.04.2020 21:31 An update that contains security fixes can now be installed.

SUSE: 2020:1023-1 moderate: freeradius-serverSUSE: 2020:1023-1 moderate: freeradius-server>

17.04.2020 21:31 An update that solves two vulnerabilities and has one errata is now available.

SUSE: 2020:1021-1 moderate: libqt4SUSE: 2020:1021-1 moderate: libqt4>

17.04.2020 21:31 An update that solves three vulnerabilities and has one errata is now available.

SUSE: 2020:1020-1 moderate: freeradius-serverSUSE: 2020:1020-1 moderate: freeradius-server>

17.04.2020 21:31 An update that solves two vulnerabilities and has one errata is now available.

ArchLinux: 202004-15: chromium: arbitrary code executionArchLinux: 202004-15: chromium: ar>

17.04.2020 21:31 The package chromium before version 81.0.4044.113-1 is vulnerable to arbitrary code execution.

ArchLinux: 202004-14: apache: multiple issuesArchLinux: 202004-14: apache: multiple issues>

17.04.2020 21:31 The package apache before version 2.4.43-1 is vulnerable to multiple issues including information disclosure and open redirect.

Slackware: 2020-107-01: openvpn Security UpdateSlackware: 2020-107-01: openvpn Security Up>

17.04.2020 13:31 New openvpn packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

Mageia 2020-0175: git security updateMageia 2020-0175: git security update>

17.04.2020 05:00 With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol .

Mageia 2020-0174: chromium-browser-stable security updateMageia 2020-0174: chromium-browse>

17.04.2020 05:00 Chromium-browser 81.0.4044.92 fixes security issues: Multiple flaws were found in the way Chromium 80.0.3987.149 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code,