Scientific Linux Security is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals.
Stay Vigilant with Timely Linux Security Advisories LinuxSecurity.com is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the commu
- SciLinux: Important: python on SL7 i386/srpm/x86_64on November 13, 2023 at 7:18 pm
python: TLS handshake bypass (CVE-2023-40217) — This content is derived from https://access.redhat.com/errata/RHSA-2023:6885 SL7 srpm python-0:2.7.5-94.el7_9.src x86_64 python-0:2.7.5-94.el7_9.x86_64 i386 python-libs-0:2.7.5-94.el7_9.i686 – Scientific Linux Development Team
- SciLinux: Important: plexus-archiver on SL7 srpmon November 13, 2023 at 6:57 pm
plexus-archiver: Arbitrary File Creation in AbstractUnArchiver (CVE-2023-37460) — This content is derived from https://access.redhat.com/errata/RHSA-2023:6886 SL7 srpm plexus-archiver-0:2.4.2-6.el7_9.src noarch plexus-archiver-0:2.4.2-6.el7_9.noarch – Scientific Linux Development Team
- SciLinux: Important: bind on SL7 i386/srpm/x86_64on November 9, 2023 at 4:23 pm
bind: stack exhaustion in control channel code may lead to DoS (CVE-2023-3341) — This content is derived from https://access.redhat.com/errata/RHSA-2023:5691 SL7 srpm bind-32:9.11.4-26.P2.el7_9.15.src i386 bind-export-libs-32:9.11.4-26.P2.el7_9.15.i686 x86_64 bind-export-libs-32:9.11.4-26.P2.el7_9.15.x86_64 noarch bind-license-32:9.11.4-26.P2.el7_9.15.noarch – Scie [More…]
- SciLinux: Moderate: libssh2 on SL7 i386/srpm/x86_64on November 9, 2023 at 4:23 pm
libssh2: use-of-uninitialized-value in _libssh2_transport_read (CVE-2020-22218) — This content is derived from https://access.redhat.com/errata/RHSA-2 023:5615 SL7 srpm libssh2-0:1.8.0-4.el7_9.1.src i386 libssh2-0:1.8.0-4.el7_9.1.i686 x86_64 libssh2-0:1.8.0-4.el7_9.1.x86_64 noarch libssh2-docs-0:1.8.0- 4.el7_9.1.noarch – Scientific Linux Development Team
- SciLinux: Important: python-reportlab on SL7 srpm/x86_64on November 9, 2023 at 4:17 pm
python-reportlab: code injection in paraparser.py allows code execution (CVE-2019-19450) — This content is derived from https://access.redhat.com/errata/RHSA-2023:5616 SL7 srpm python-reportlab-0:2.5-11.el7_9.src x86_64 python-reportlab-0:2.5-11.el7_9.x86_64 – Scientific Linux Development Team
- SciLinux: Critical: squid on SL7 srpm/x86_64on November 9, 2023 at 4:15 pm
squid: Denial of Service in HTTP Digest Authentication (CVE-2023-46847) — This content is derived from https://access.redhat.com/errata/RHSA-2023:6805 SL7 srpm squid-7:3.5.20-17.el7_9.9.src x86_64 squid-7:3.5.20-17.el7_9.9.x86_64 – Scientific Linux Development Team
- SciLinux: Important: python3 on SL7 i386/srpm/x86_64on November 9, 2023 at 4:14 pm
python: TLS handshake bypass (CVE-2023-40217) — This content is derived from https://access.redhat.com/errata/RHSA-2023:6823 SL7 srpm python3-0:3.6.8-21.el7_9.src x86_64 python3-0:3.6.8-21.el7_9.x86_64 i386 python3-libs-0:3.6.8-21.el7_9.i686 – Scientific Linux Development Team
- SciLinux: Important: xorg-x11-server on SL7 i386/srpm/x86_64on November 9, 2023 at 4:14 pm
xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367) — This content is derived from https://access.redhat.com/errata/RHSA-2023:6802 SL7 srpm xorg-x11-server-0:1.20.4-24.el7_9.src x86_64 xorg-x11-server-Xephyr-0:1.20.4-24.el7_9.x86_64 i386 xorg-x11-server-devel-0:1.20.4-24.el7_9.i686 noarch xorg-x11-server-source-0:1.2 [More…]
- SciLinux: Important: thunderbird on SL7 srpm/x86_64on November 9, 2023 at 4:13 pm
This update upgrades Thunderbird to version 115.4.1. — This content is derived from https://access.redhat.com/errata/RHSA-2023:6193 SL7 srpm thunderbird-0:115.4.1-1.el7_9.src x86_64 thunderbird-0:115.4.1-1.el7_9.x86_64 – Scientific Linux Development Team