Red Hat Security Advisory 2020-1080-01 - Evolution is a GNOME application that provides integrated email, calendar, contact management, and communications functionality. The evolution-data-server packages provide a unified back end for applications which interact with contacts, tasks and calendar information. Issues addressed include OpenPGP signature spoofing and certificate errors being ignored.
49e3527efd122fe2be90beedad548b8464347109c4a2cefa6f77b1a4439a99e4
Red Hat Security Advisory 2020-1034-01 - Doxygen can generate an online class browser and/or a reference manual from a set of documented source files. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code structure from undocumented source files. Issues addressed include a cross site scripting vulnerability.
2278e6814a47a0b4c553586fbdce7ff713ddd1f87da3ed06b0e806daab70e16a
Red Hat Security Advisory 2020-1021-01 - GNOME is the default desktop environment of Red Hat Enterprise Linux. Issues addressed include a bypass vulnerability.
e79cc42c78c4a62564485ffaf4c8a8f87efa871d62a2690e3f8dfe8167f6fd11
Red Hat Security Advisory 2020-1011-01 - Expat is a C library for parsing XML documents. Issues addressed include a buffer overflow vulnerability.
396fa45f7ff0ec496dac5d1015605f1597fe536d54ca75e4e5238df9fa0c9aeb
Red Hat Security Advisory 2020-1020-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Issues addressed include a buffer overflow vulnerability.
e42ea9865f21410f6c7489768bebc2d14c873926310715fb2301e4a04f0ffd37
Red Hat Security Advisory 2020-1003-01 - The mod_auth_mellon module for the Apache HTTP Server is an authentication service that implements the SAML 2.0 federation protocol. The module grants access based on the attributes received in assertions generated by an IdP server. An open redirection vulnerability was addressed.
4b0131611c1856e3cfb41e25c6de321c7435a965ad79574a64bc14b8508014a9
Red Hat Security Advisory 2020-1016-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.
5270d5021355b80a03bef2fa11d11ec5b8ab02fe18ec0a66da959c57bee345f6
Red Hat Security Advisory 2020-1022-01 - The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format binary files, system libraries, RPM packages, and different graphics formats. An out-of-bounds read vulnerability was addressed.
1af2533b8e22dfe621fc19a7f15a77e11ef9d5cc1a6ad8f0fae4fe5828e080c3
Red Hat Security Advisory 2020-1000-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. A heap-based overflow was addressed.
a05f2d02c4e050654376794065fcd0c944afaa09edf293301111c78112a800ec
Red Hat Security Advisory 2020-1216-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and null pointer vulnerabilities.
7021d08a29d53c69539017e8132d9093b0402844dddc4c702e79590375c6ce75
Ubuntu Security Notice 4311-1 - It was discovered that BlueZ incorrectly handled bonding HID and HOGP devices. A local attacker could possibly use this issue to impersonate non-bonded devices. It was discovered that BlueZ incorrectly handled certain commands. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.
2401291c8cfe00861ad69e1d24575c9b4a44b76e244600145ac823763df30bc5
Ubuntu Security Notice 4313-1 - Manfred Paul discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information or gain administrative privileges.
fa187c728fb6ea55e45b4e9d7eb10b0d30203f2c246d29022b946cc478f7154c
Ubuntu Security Notice 4312-1 - Matthias Gerstner discovered that Timeshift did not securely create temporary files. An attacker could exploit a race condition in Timeshift and potentially execute arbitrary commands as root.
e5a1409e9d1a412aedb562b4d151252c5a7c2be77599c7c1e42b61660d3d4f46
Gentoo Linux Security Advisory 202003-66 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.0-r2 are affected.
26d01ed289b866f334e985320e13cc92a34d670f55069043019c8c11db2221aa
Gentoo Linux Security Advisory 202003-65 - Multiple vulnerabilities have been found in FFmpeg, the worst of which allows remote attackers to execute arbitrary code. Versions greater than or equal to 4 are affected.
08bea2fea0ca58305840c700a9d387be009f877cc9024d75fa1464f89d1424b1
Gentoo Linux Security Advisory 202003-64 - Multiple vulnerabilities have been found in libxls, the worst of which could result in the arbitrary execution of code. Versions less than 1.5.2 are affected.
1a18cd954c42cd43388347d9bf3054c60fdf894469784eff535b974352d59298
Gentoo Linux Security Advisory 202003-63 - Multiple vulnerabilities have been found in GNU IDN Library 2, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.2.0 are affected.
53fb6354b0d8ed24a8a1cf0c1606c26800da39fd68fec33fe50b30cd527397ec
Gentoo Linux Security Advisory 202003-62 - A buffer overflow in GNU Screen might allow remote attackers to corrupt memory. Versions less than 4.8.0 are affected.
1adece542b013250731f7a551b384436a018e20e377848029349af3d1343d53a
Ubuntu Security Notice 4310-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
47400d1f7e7cbbdb1caa0b033a37774a32b0a0c826ca918da1deba8193be05e9
Ubuntu Security Notice 4308-2 - USN-4308-1 fixed several vulnerabilities in Twisted. This update provides the corresponding update for Ubuntu 14.04 ESM. it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. Various other issues were also addressed.
39bb858ec4921004263891b18b84c7e30cbaece7168ad65d0909bacbbf72c14e
Debian Linux Security Advisory 4637-1 - Kobus van Schoor discovered that network-manager-ssh, a plugin to provide VPN integration for SSH in NetworkManager, is prone to a privilege escalation vulnerability. A local user with privileges to modify a connection can take advantage of this flaw to execute arbitrary commands as root.
0bcfc1f9b60f364e802b9703ccd302227b82c7fc8b2a3d093b9da1fde2116589
Debian Linux Security Advisory 4638-1 - Several vulnerabilities have been discovered in the chromium web browser.
f1d7d8fc7660736bca421146ad5d260b843093a2c82bc57d8db4ffa2c3e4bbef
Debian Linux Security Advisory 4639-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
58a11b57f05936127a466550683eb0fa6f42c5d12f66fd85a10e35384557a63b
Debian Linux Security Advisory 4640-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed media files are processed.
270dc8a682bea4ac1ace4b7a2aa472c7d4bea5b4613a776864fbdf3740a2ab68
Debian Linux Security Advisory 4641-1 - Vulnerabilities have been discovered in the webkit2gtk web engine.
c9568fb73cb85d36f251d23d6552f12efcbed59af201d8213e6671351790109a