Red Hat Security Advisory 2019-2737-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.
da9c10b6d6ebd53b140a73576a15531540032de1ba86d3c6aaeb76c4fb7a36e6
Red Hat Security Advisory 2019-2590-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.
234bc48d41c224a36e414a4e6eaf6e56e17a3d9f680d900900e44738f1bbc2d7
Red Hat Security Advisory 2019-2592-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.
8cce86b06c59f79627522e6aee065d44b7fff974d18060c9c2f9e81f9a8163c3
Red Hat Security Advisory 2019-2585-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP40. Issues addressed include deserialization, out of bounds access, and use-after-free vulnerabilities.
0a1120d0163c943c873026b0c03f05a66ec5fbb273b0312ff57db2b1947c5c9a
Red Hat Security Advisory 2019-2494-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.
301774e4eb7fa31f05e30ee1408ff71a60bbb9a6a99b4c002a505cd5c28cc4b0
Red Hat Security Advisory 2019-2495-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP50. Issues addressed include deserialization and use-after-free vulnerabilities.
afa744f86702652e505450d7a9ebe737e7e5cc662c030d48145a4b72acddf732
Gentoo Linux Security Advisory 201908-2 - Multiple vulnerabilities have been found in libpng, the worst of which could result in a Denial of Service condition. Versions less than 1.6.37:0 are affected.
049560f96c3f453ba6e827ec0814d8153b2f4a16c5d22d9ae2dce2d80c5fcf92
Ubuntu Security Notice 4083-1 - It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. It was discovered that in some situations OpenJDK did not properly bound the amount of memory allocated during object deserialization. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.
1a9a516552f67cc0818e16bae226fc402cc11e761ed01697738ead45cac2a35f
Ubuntu Security Notice 4080-1 - Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker could use this to specially craft an object that, when deserialized, would cause a denial of service. Various other issues were also addressed.
b2f8d3392cdd91986b9855643afae96bc0a7988a22f7cd705a4412588de93bef
Ubuntu Security Notice 3991-3 - USN-3991-1 fixed vulnerabilities in Firefox, and USN-3991-2 fixed a subsequent regression. The update caused an additional regression that resulted in Firefox failing to load correctly after executing it in safe mode. This update fixes the problem. Various other issues were also addressed.
5c1699b949d86c39c9f8b65e74e1a7f1f5a61db5769f7396a87fc70f10f4d139
Ubuntu Security Notice 3991-2 - USN-3991-1 fixed vulnerabilities in Firefox. The update caused a regression which resulted in issues when upgrading between Ubuntu releases. This update fixes the problem. Multiple security issues were discovered in Firefox.
fce0fd5359a0610ee51b72fd465faebffffb5cd18c3aad0415bf99f701eb6fea
Red Hat Security Advisory 2019-1308-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.
0c666439eb0ee41187903bdf5516b4eefff1c99118131bcf0c77da4880c360a8
Red Hat Security Advisory 2019-1309-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.
38bab4a001797943b20445d6599932849ec8d17171785f3d362667a839e70bf7
Red Hat Security Advisory 2019-1310-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 60.7.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.
933c2e3d6fa11da00695be460a743aab77f1cc0a23e5598b8741cf0cacb244e8
Debian Linux Security Advisory 4451-1 - Thunderbird vulnerabilities may lead to the execution of arbitrary code or denial of service.
7c0997408a516b38bd2ff33efdab9ee1a2b6e4d2bfe479bcfc717d4f571b3aa2
Red Hat Security Advisory 2019-1269-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
fbee5170db375b3d91941cb07f2ba27bcfb9a84cf4b53b8dcccbf4fbd8716f11
Red Hat Security Advisory 2019-1267-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
c6e7155e7416cfb68cc04e1c989838cfbc3d5433f74b1b0317dbf609a6f20135
Red Hat Security Advisory 2019-1265-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.7.0 ESR. Issues addressed include buffer overflow and use-after-free vulnerabilities.
a0c42636e0c91502637faa4f359fdb2c32abbdeeebfb99420b97ed8275037807
Debian Linux Security Advisory 4448-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
d89f01da812aa3a226285e5880b87cf7b169f13f720a9c99ad5b79d20fac0109
Ubuntu Security Notice 3991-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, trick the user in to launching local executable binaries, obtain sensitive information, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.
28909dfaec423e05f4608eb048743996392be70b8be76c266a132e15a974d78b
Ubuntu Security Notice 3962-1 - It was discovered that libpng incorrectly handled certain memory operations. If a user or automated system were tricked into opening a specially crafted PNG file, a remote attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code.
052380ea1c71d02d8410070677e7a708f6a453a3153ccacfd6ed27ffef7d6d63
Debian Linux Security Advisory 4435-1 - A use-after-free vulnerability was discovered in the png_image_free() function in the libpng PNG library, which could lead to denial of service or potentially the execution of arbitrary code if a malformed image is processed.
df28c2b8fc806792950ef320b38b24112132d25d54ec04f8f3aee39e69995fc1
Slackware Security Advisory - New libpng packages are available for Slackware 14.2 and -current to fix security issues.
b4b4ff26daa8f526e4c76b925e9cc0e3c2f76e411f39dbcfe285ebe048d92080