27.04.2020 11:04 6.2.6
27.04.2020 11:04 Update to upstream bugfix and security update 2.9.7. See https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst for a detailed list of changes.
27.04.2020 04:12 An update that solves 7 vulnerabilities and has 22 fixes is now available.
27.04.2020 04:12 An update that fixes one vulnerability is now available.
27.04.2020 04:12 Agostino Sarubbo of Gentoo discovered a heap buffer overflow write in the rzip program when uncompressing maliciously crafted files.
26.04.2020 19:31 An update that solves two vulnerabilities and has one errata is now available.
26.04.2020 19:31 Chromium-browser 81.0.4044.122 fixes security issues: Multiple flaws were found in the way Chromium 81.0.4044.92 processes various types of web content, where loading a web page containing malicious content could cause Chromium to crash, execute arbitrary code,
26.04.2020 19:31 Three issues have been found in php5, a server-side, HTML-embedded scripting language.
26.04.2020 19:31 Hanno Boeck discovered that it was possible to create a cross site scripting attack on the webarchives of the Mailman mailing list manager, by sending a special type of attachement.
26.04.2020 07:00 Update to WebKitGTK 2.28.1: * Fix position of default option element popup windows under Wayland. * Fix rendering after a cross site navigation with PSON enabled and hardware acceleration forced. * Fix a crash in nested wayland compositor when closing a tab with PSON enabled. * Update Chrome and Firefox versions in user agent quirks. * Fix several crashes and rendering issues. *
26.04.2020 07:00 Security fix for CVE-2020-5260 From the upstream : > With a crafted URL that contains a newline or empty host, or lacks > a scheme, the credential helper machinery can be fooled into > providing credential information that is not appropriate for the > protocol in use and host being
26.04.2020 07:00 Update to WebKitGTK 2.28.1: * Fix position of default option element popup windows under Wayland. * Update Chrome and Firefox versions in user agent quirks. * Fix several crashes and rendering issues. * Security fixes: CVE-2020-11793
26.04.2020 07:00 Update to version 1.26. Resolves CVE-2017-18640.
26.04.2020 07:00 Radicale, a simple calendar and addressbook server - daemon, is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method.
26.04.2020 07:00 It has been discovered a NULL pointer dereference could happen in ncmpc, an ncurses-based audio player. This could result in a crash and a denial of service.
