RHSA-2024:3980Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via RequestBackground portal (CVE-2024-32462) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section. Scientific Linux 7flatpak-builder-1.0.0-13.el7_9.x86_64.rpm4c3c8ef224b14e51d92d2a517e700660afd223d2e04db12da4dae7d610d20bfeflatpak-1.0.9-13.el7_9.x86_64.rpm9fa899d97993d2074421d0d5ea94a2be28bc9a7405a273725d5a4bed03f9d18aflatpak-libs-1.0.9-13.el7_9.x86_64.rpm1a0e87bb9526df4686c6913d11e7ce6f8ebad3b9c44746906d2467e68ac8ad23flatpak-devel-1.0.9-13.el7_9.x86_64.rpmd27f5cb0fbca6ecc57ac43aaa1b60fac929a3b99463c707edccf33b6e3ddb8a4RHSA-2024:4016Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.12.1. Security Fix(es): * thunderbird: Use-after-free in networking (CVE-2024-5702) * thunderbird: Use-after-free in JavaScript object transplant (CVE-2024-5688) * thunderbird: External protocol handlers leaked by timing attack (CVE-2024-5690) * thunderbird: Sandboxed iframes were able to bypass sandbox restrictions to open a new window (CVE-2024-5691) * thunderbird: Cross-Origin Image leak via Offscreen Canvas (CVE-2024-5693) * thunderbird: Memory Corruption in Text Fragments (CVE-2024-5696) * thunderbird: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 (CVE-2024-5700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Scientific Linux 7thunderbird-115.12.1-1.el7_9.x86_64.rpmc02679c8d3641a8061ea08965de7674c5c793a0546570d4b49ec370f87bfae28SLBA-2020:4180-1This update fixes the following bugs: * kernel: scsi: ses: don't ask for diagnostic pages repeatedly during probe * OVS drops secondary SCTP connection * Unable to insert 'i10nm_edac.ko' EDAC kernel module on JVL after CPU upgraded * File corruption when a 1 MB (or bigger) file is pulled from a container running memory mapped AF_PACKET TX ring * [mlx5] kernel crash at mlx5e_encap_take() The system must be rebooted for this update to take effect.Scientific LinuxtrueScientific Linux 7kernel-abi-whitelists-3.10.0-1160.2.1.el7.noarch.rpmee38276592d03247c195503a3a84bb788acf4f2375852d5e37e53aa10e5e14eckernel-headers-3.10.0-1160.2.1.el7.x86_64.rpm305ee7b1e141efb86dad88ce8f64d891d4499515a0b86cc2492a7afe7354f2cckernel-tools-3.10.0-1160.2.1.el7.x86_64.rpm47e102d549470ebe722222c158bf8bbe23ce7edaa9f6dbcf3ac2522f29f4f841kernel-tools-libs-devel-3.10.0-1160.2.1.el7.x86_64.rpm05238fa7733a2854c8da926c1cfc153aefeb49566288f67f02062c65d3f5d183kernel-debug-3.10.0-1160.2.1.el7.x86_64.rpm5134deda0899e9a38e7e47fd0e23fe5b02271f2c23fc669bc6716c59f0a46170kernel-3.10.0-1160.2.1.el7.x86_64.rpmf64734816b193587747ba3f6f37cef54cb714507a9a60de8dcd9de5e30f6174bkernel-debug-devel-3.10.0-1160.2.1.el7.x86_64.rpm12e0cf4a6ac5e1725da5c23f45471c5137290387f7dc775f1a3ab186307231cbbpftool-3.10.0-1160.2.1.el7.x86_64.rpmcbd170a26667e7100abca4aabfa06d0d24d6bd8ab65264cfb8e8e767de442a5ckernel-devel-3.10.0-1160.2.1.el7.x86_64.rpm72a1ee6bb71ce33bc004874f657bbdb022ac6f31d44a5f9b87164617d4693673python-perf-3.10.0-1160.2.1.el7.x86_64.rpmddca29711b7c5250cc0031df2c682dc3642d51de1ba6b31c4d3fee300d97abdekernel-tools-libs-3.10.0-1160.2.1.el7.x86_64.rpm542cbe64be29e0eee7ba6662f92806774a6f86524e5857bb9ebe2a35d9cb552dkernel-doc-3.10.0-1160.2.1.el7.noarch.rpm367bf3076424250e2b5a936305fd9d34309323521cbc12c90ccd88ec4f96a989perf-3.10.0-1160.2.1.el7.x86_64.rpme1e87432d6037c047a0c13b2fa71288d378d6cf91d2cd94f3d7298c4b980c1a1SLBA-2020:4282-1The tzdata packages have been updated to version 2020b, which addresses recent time zone changes. Notably: * Yukon timezones represented by America/Whitehorse and America/Dawson will change time zone rules from -08/-07 to permanent -07 on November 01, 2020, not on August 03, 2020, contrary to what was in the version 2020a. * The most recent winter(+08)/summer(+11) transition for Casey Station, Antarctica was on April 04, 2020 at 00:01. * Obsolete pacificnew, systemv, and yearistype.sh files have been removed from the distribution.Scientific LinuxScientific Linux 7tzdata-2020b-3.el7.noarch.rpmbae5d3ba085cab34024698659c79a9f30feb14b936052f6a4e1ad4af87ac9ce0tzdata-java-2020b-3.el7.noarch.rpme2e2a484a6f1ee84161056075eb83c7c1fb9608b45fb487cfa3ccf4623f5629cSLBA-2020:4329-1The tzdata packages have been updated to version 2020d, which addresses recent time zone changes. Notably: * Fiji starts the daylight saving time (DST) later than usual on December 20, 2020, rather than the predicted November O8, 2020. * Palestine will end summer time on October 24, 2020 rather than the predicted October 31, 2020.Scientific LinuxScientific Linux 7tzdata-java-2020d-2.el7.noarch.rpme86d66eb32256341996577a3468858f80ccc4b9e24f0049daf6bb64f596d23e6tzdata-2020d-2.el7.noarch.rpm32dcd49fca4845c52d8522bcd6ee06a92751dbd5bf2f8449c49d779f56716432SLBA-2020:5017-1Bug Fix(es) and Enhancement(s): * Huge memory leak in probe_rpmverifyfile * OpenSCAP doesn't take advantage of gzip compression when downloading remote content.Scientific LinuxScientific Linux 7openscap-engine-sce-1.2.17-13.el7_9.x86_64.rpm26a432b346c85143df5fdde282d9c47924e375ed738a6d801c45e1889c8bfbb0openscap-engine-sce-devel-1.2.17-13.el7_9.i686.rpm55deefdf2b8baccf6dcfe7257b32da1358ffad07cf45c4774b6d2da7f42958f4openscap-scanner-1.2.17-13.el7_9.x86_64.rpm88b70d5aff9e78052b1ef48e3ef10e440554a5c0306783325f1f213c1b5f2de1openscap-containers-1.2.17-13.el7_9.noarch.rpmc1ace00cb7cc2d0d459c60346f512dd63fc382408c65f15647f43f0fd262d2cdopenscap-devel-1.2.17-13.el7_9.x86_64.rpm64a29549d82f9078cb03fd0e266169dcfbab9789a34103b1a314a26944eec89aopenscap-utils-1.2.17-13.el7_9.x86_64.rpmb589b72959da4539156217de78bc14092ecd190bf5d5b9959e6850117fe6124dopenscap-engine-sce-devel-1.2.17-13.el7_9.x86_64.rpm3adb46260adf0b3729fb688454a01a951bef015104991962f74a481da3628919openscap-extra-probes-1.2.17-13.el7_9.x86_64.rpm3d8d218227e06c86640e9048c0727f9448126b03d50998f86968af7a7fba4e02openscap-devel-1.2.17-13.el7_9.i686.rpm6611815a691ea4ef9286b3dbe25ca75872e61dd1b821777aa27898bc7e926549openscap-python-1.2.17-13.el7_9.x86_64.rpm9eda95b4bf068a4dd42578893cec8d34023919dcc2d6d1e5f43e9ae2e04c3f3bopenscap-1.2.17-13.el7_9.x86_64.rpm0f431fc0de2d54d27ef73e8763305530fdafe7e75e8d14971ef6d6dd456740ecopenscap-engine-sce-1.2.17-13.el7_9.i686.rpm02a2970fe161c63ce93bba1e1800f38b3e7bf320f728029a7a08e948297071d7openscap-1.2.17-13.el7_9.i686.rpme172cb1bfb4d2cb42fdf435dbc33fce6ffb9db9419388628508591f6d41530f3SLBA-2020:5027-1Bug Fix(es) and Enhancement(s): * [SL-7.9]- Selinux policy need to be updated for RHGS to fix permission issues * Selinux prevents nss from creating directory inside the certs directory.Scientific LinuxScientific Linux 7selinux-policy-devel-3.13.1-268.el7_9.2.noarch.rpmbf544dffd42e2c80a47b65fbfb4490df371130b42ec4467e85b20839b3ffb0d0selinux-policy-doc-3.13.1-268.el7_9.2.noarch.rpmff9576077bc32507c027488b37dc29449d1687a5859e8c9dd6183804f2f65cd8selinux-policy-minimum-3.13.1-268.el7_9.2.noarch.rpm4c4425d26098ce827f3d90fb9055b74ad86caaf510c5786578f15f3e97a9ad42selinux-policy-sandbox-3.13.1-268.el7_9.2.noarch.rpmd30d91abee991346cbe1e380d0ec23b629bfe2e39cdaf821f892963542506751selinux-policy-mls-3.13.1-268.el7_9.2.noarch.rpma7e1b16a3019fe3300dafdd834094cc64b70668c4afb1e2a448a5afe3774a0b2selinux-policy-targeted-3.13.1-268.el7_9.2.noarch.rpmb55b489fad47589263e056c0967fb2386b7504d965aff36c7beb7a936e3cb5e7selinux-policy-3.13.1-268.el7_9.2.noarch.rpm57914f4194867a8f2455b8d04689c9b5b7f83402a400a1ec5183b01ff64d8533SLBA-2020:5032-1Bug Fix(es) and Enhancement(s): * Not closing the fd if blivet fails to read the deviceScientific LinuxScientific Linux 7python-blivet-0.61.15.76-1.el7_9.noarch.rpm4ae70a3b7c5aa57c7c8b891f6d4cd92afd4f8e708e75955cbc5e3414fabcc366SLBA-2020:5451-1Bug Fix(es) and Enhancement(s): * The "DISA STIG for Scientific Linux 7" profile in the SCAP Security Guide has been updated to the latest version V3R1. This update adds more coverage and fixes reference problems. The profile is now also more stable and better aligns with the SL7 STIG benchmark provided by the Defense Information Systems Agency (DISA). You should use only the current version of this profile because the older versions of this profile are no longer valid. The OVAL checks for several rules have changed, and scans using the V3R1 version will fail for systems that were hardened using older versions of SCAP Security Guide. You can fix the rules automatically by running the remediation with the new version of SCAP Security Guide. WARNING: Automatic remediation might render the system non-functional. Run the remediation in a test environment first. The following rules have been changed: CCE-80224-9:: The default value of this SSHD configuration has changed from "delayed" to "yes". You must now provide a value according to recommendations. Check the rule description for information about fixing this problem or run the remediation to fix it automatically. CCE-80393-2:: xccdf_org.ssgproject.content_rule_audit_rules_execution_chcon CCE-80394-0:: xccdf_org.ssgproject.content_rule_audit_rules_execution_restorecon CCE-80391-6:: xccdf_org.ssgproject.content_rule_audit_rules_execution_semanage CCE-80660-4:: xccdf_org.ssgproject.content_rule_audit_rules_execution_setfiles CCE-80392-4:: xccdf_org.ssgproject.content_rule_audit_rules_execution_setsebool CCE-82362-5:: xccdf_org.ssgproject.content_rule_audit_rules_execution_seunshare CCE-80398-1:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_chage CCE-80404-7:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_chsh CCE-80410-4:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_crontab CCE-80397-3:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_gpasswd CCE-80403-9:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_newgrp CCE-80411-2:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_com mands_pam_timestamp_check CCE-27437-3:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands CCE-80395-7:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_passwd CCE-80406-2:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_postdrop CCE-80407-0:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_com mands_postqueue CCE-80408-8:: xccdf_org.ssgproject.content_rule_audit_rule s_privileged_commands_ssh_keysign CCE-80402-1:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_sudoedit CCE-80401-3:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_sudo CCE-80400-5:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_su CCE-80405-4:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_commands_umount CCE-80396-5:: xccdf_org.ssgproject.content_rule_audit_rules_privileged_com mands_unix_chkpwd CCE-80399-9:: xccdf_org.ssgproject.content_rule_audit_ru les_privileged_commands_userhelperScientific LinuxScientific Linux 7scap-security-guide-doc-0.1.52-2.sl7_9.noarch.rpma76226596f9cf1af0cf1fb7a48a9bd48b064fb4ea543aa8bf5672aad2b08c5bcscap-security-guide-0.1.52-2.sl7_9.noarch.rpmc3f704db0ab1790e4b3b80c95b321134d3fd4bef2ad363890a0892ff8f12a9d2SLBA-2021:0013-1The tzdata packages have been updated to version 2020f, which addresses recent time zone changes. Notably: * Europe/Volgograd will change from UTC+04 to UTC+03 on December 27, 2020.Scientific LinuxScientific Linux 7tzdata-2020f-1.el7.noarch.rpmc37375a99001e0ec3742ba21f8b5a51f2034945b5b7e54a211166c3e76ad451dtzdata-java-2020f-1.el7.noarch.rpm8539392e7e8de6c9aecd029b448821e59301400a279fd44b232bc6f76473cfccSLBA-2021:0276-1The tzdata packages have been updated to version 2021a, which addresses recent time zone changes. Notably: * South Sudan will change from UTC+03 to UTC+02 on February 1, 2021.Scientific LinuxScientific Linux 7tzdata-2021a-1.el7.noarch.rpme4e436444c61697321d0ce5167151f9c6997ad25cbb4f76b349d4096c59d127atzdata-java-2021a-1.el7.noarch.rpm665540ad82981076b64025f9f7818c8e13241edc37cc0917f95d810de3efdccdSLBA-2021:1383The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. Bug Fix(es) and Enhancement(s): * [RFE] Add ANSSI-BP-028 to SSG (Minimal, Intermediary and Enhanced Levels) (BZ#1497415) * Remove deprecated follow argument from Ansible remediations (BZ#1890111) * Rules of type Service Disabled do not have clear description on which actions the user should take (BZ#1891435) * Latest RHEL7 STIG (V3R2) is not present in latest version of scap-security-guide. (BZ#1921643) Scientific Linux 7scap-security-guide-doc-0.1.54-3.sl7_9.noarch.rpm5a48575cc47a52dd21176c83682cf6d2b6e69970bd2f7569345a06e0ec89b86bscap-security-guide-0.1.54-3.sl7_9.noarch.rpm490f4f763d6c2bf415fa620bde6d30e05157b264820ed1e75c62f520297a507aSLBA-2021:2803The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. Bug Fix(es) and Enhancement(s): * Update ANSSI-BP-028 High level profile (BZ#1955180) * Update rhel7 DISA STIG profile to v3r3 (BZ#1958789) * dconf_gnome_login_retries remediation results in error and breaks dconf configuration file (BZ#1967566) * Add STIG variant for GUI installations (BZ#1970131) Scientific Linux 7scap-security-guide-0.1.54-7.sl7_9.noarch.rpm8584a00307740e79f24152cf8b271df7208391b14b97be9e8822560e49e0deb5scap-security-guide-rule-playbooks-0.1.54-7.sl7_9.noarch.rpmed957b3e66f6be580be168f954918d6951e1a392d9adc7585299604e799b4825scap-security-guide-doc-0.1.54-7.sl7_9.noarch.rpm1fb811204dae05a886079d275760ae5ca800b6dd46b9bb4d384e1b2a99e676fbSLBA-2021:3326GVFS is the GNOME Desktop Virtual File System layer that allows users to easily access local and remote data using File Transfer Protocol (FTP), Secure Shell File Transfer Protocol (SFTP), Web Distributed Authoring and Versioning (WebDAV), Common Internet File System (CIFS), Server Message Block (SMB), and other protocols. GVFS integrates with the GNOME I/O (GIO) abstraction layer. Bug Fix(es) and Enhancement(s): * memory leak in gvfs-udisks2-volume-monitor (BZ#1944813) Scientific Linux 7gvfs-archive-1.36.2-5.el7_9.x86_64.rpm1aca23e2697140a6da45b00779021a5b231a22b372bcc3edab121535d926fb40gvfs-fuse-1.36.2-5.el7_9.x86_64.rpm0434109b9834c6c9f679d7458edd323cc168a42c0c326e32cdeecb44cef57ee0gvfs-gphoto2-1.36.2-5.el7_9.x86_64.rpm11560e5bbd54521ea0e6bca0318491d2b8673269f5d4fdc9c084e67c90273e47gvfs-afc-1.36.2-5.el7_9.x86_64.rpmafc98b4b4e1ac910f4abefffaf5cf30cb0b545709e78fa080fa79ba7f258ed33gvfs-tests-1.36.2-5.el7_9.x86_64.rpmc4f5fa9a22e86bec97bb0afd34278b0631e8c84d6dbcdb266469105fd0cca994gvfs-smb-1.36.2-5.el7_9.x86_64.rpm8d525cd93e3ea2a99271db99f09ad4d564cb9e886613805250d55be1ad9a936dgvfs-devel-1.36.2-5.el7_9.x86_64.rpm50886aff29128c7b0486408a3b5dd822e447fb844d03755370c2c5a151dcef9egvfs-goa-1.36.2-5.el7_9.x86_64.rpm8a74d5afc3a4679e176ccc0dd4ac8142f23d75065afef64ed61368b3fdb7f559gvfs-client-1.36.2-5.el7_9.x86_64.rpm9ea4e39482d284454fc7ff5b2256de153dd924e105c3400370510a1689922337gvfs-client-1.36.2-5.el7_9.i686.rpmae3ea04777b15e748e136d4348277956668010867cb6a6fdb656ff397497801egvfs-afp-1.36.2-5.el7_9.x86_64.rpm2b7bd38e06c8d0a25e04a78ebb8d92536aa223b8d39954f117dd48e4155bb4a2gvfs-mtp-1.36.2-5.el7_9.x86_64.rpm6b2a6a73ad2c7d30b771ba301e2652e2dde4f927f70f54bc64e7fe05f162633cgvfs-1.36.2-5.el7_9.x86_64.rpmdeda765e131121c287f623ddef5a409121c54a309045dfbc75169e2da558ffb1gvfs-1.36.2-5.el7_9.i686.rpm3f349a1203324c6f5455398298324f6820f42183960f4c215f9ea981b3dc0df2gvfs-devel-1.36.2-5.el7_9.i686.rpm7a4f19f435a83650765bc7d3568d477bf165fd943c5ec2d3b3db02a753181914SLBA-2021:3790The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2021c, which addresses recent time zone changes. Notably: * Samoa does not switch to the daylight saving time (DST) in 2021. (BZ#2007732, BZ#2007785, BZ#2008251, BZ#2010126, BZ#2010127, BZ#2010312) Scientific Linux 7tzdata-java-2021c-1.el7.noarch.rpmce1f65142b07a7c2f539e818e24356a5ababcfa788fe29d9410d9ebb9ea1080ctzdata-2021c-1.el7.noarch.rpm39eb52d8920c1d74883252f632751e5fee35f70add925cbee7199855ace9e2c9SLBA-2021:3793Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. Bug Fix(es) and Enhancement(s): * Integrity protection is not active on all database fields (BZ#1879933) * NSS sometimes causes CURL deadlocks (BZ#1896808) * yum gets deadlocked/hung up (indefinitely) waiting for urlgrabber-ext-down (BZ#1909150) * Recursive locks observed in nss-3.53.1 (BZ#1909261) * Need to rebase to NSS 3.66 for Firefox 91 Release [RHEL 7.9] (BZ#1966816) * NSS cannot use SQL databases created by specific versions of NSS (BZ#1978433) * Inconsistent handling of malformed CertificateRequest messages [rhel-7.9z] (BZ#1980046) Scientific Linux 7nss-devel-3.67.0-3.el7_9.x86_64.rpm2c0f670ad48cb9ba882fdfeacdc869245ff97cb2320eb484022798efa965a473nss-devel-3.67.0-3.el7_9.i686.rpm87fd30874b2b8b6ea451e0478c5ab0f71c3357ac0524e5197f2d9171912b34d3nss-softokn-freebl-3.67.0-3.el7_9.x86_64.rpmab996e4b9cdc0e5c0495805a72d005f6bcf3e6c1b7c9f1df9c1c91b85e1ec57fnspr-devel-4.32.0-1.el7_9.i686.rpme36ace0b56dfefa947060cb4e2390383264e9d6a1c072b832cb55c35b11b8b94nss-softokn-devel-3.67.0-3.el7_9.x86_64.rpm7beddb7631518604b4e3cff8364e1ab5daff98ecae28da3b679247b241026a1cnss-util-devel-3.67.0-1.el7_9.i686.rpme2619a570f375cc27050a73e1be344665a8ec0cd78341148a74adfdbeb382b47nss-softokn-freebl-devel-3.67.0-3.el7_9.x86_64.rpm9bc2727ee996d4b8b416648ccbcc7aa3959454c3dadb7b35c6921ba4ddb73a0dnss-util-devel-3.67.0-1.el7_9.x86_64.rpm649f82efb3ff7a7b30bbb14bafad86e6003fe023b4de9813ed2525a61ee801fbnss-softokn-freebl-devel-3.67.0-3.el7_9.i686.rpme6ad52307f29b631f9c6bdb14fd5436628349a751beab2462a2b72bf55dee53bnss-util-3.67.0-1.el7_9.i686.rpmf9f20cb196069ff6fc17ded3d73b7631d948cfcfd718565148b7459eb0a3639cnss-tools-3.67.0-3.el7_9.x86_64.rpm82b5608db91380a02c78ba181395f8263fa772615f25d2dddf58193b096bac18nss-softokn-devel-3.67.0-3.el7_9.i686.rpmd1a9c51ad1cc93aa7cdef20cd6c93bf5d1da6ff3520ad02419b6f83b7cd54af2nss-3.67.0-3.el7_9.x86_64.rpmeda6cfbb071aab353de25677b3b0e107b5ad7e3f59951407bd45450effc0d453nss-pkcs11-devel-3.67.0-3.el7_9.i686.rpm6da92c396cd6ce357ecfb3faf406ee21f61118003201c1c15997a242b4425999nspr-4.32.0-1.el7_9.x86_64.rpm8f352f7a82a458922db56d82dc8d63d1b6e66069cf73a7f4a56e790945c58bd0nss-softokn-3.67.0-3.el7_9.x86_64.rpmf71e7ed72ba31abcb53eb5f0c3203e03eaafe5d7f248cd8abbf9603288dedebdnss-pkcs11-devel-3.67.0-3.el7_9.x86_64.rpm298b690f8d2735e8fe7b477ecd2defaab30edfd913e692635636320c4201f4d4nspr-4.32.0-1.el7_9.i686.rpm58b6fb3d52922d32614c80d2e4376e4bfa7cdd632cf8529cbae89ec994874dc9nss-3.67.0-3.el7_9.i686.rpm237b8d5deabaeee02c7336476b9136567cbd8f5234849d5672d36f4e98f3e894nspr-devel-4.32.0-1.el7_9.x86_64.rpm6489403e07ebd577f870a4568713fbbbb883e5a59a7d8ffe4635d32a84e02ec3nss-util-3.67.0-1.el7_9.x86_64.rpm7eafc5254ebcce4f3ed8e5a99677e1a6c714789347e30e1a288b47fac43cbf5enss-softokn-3.67.0-3.el7_9.i686.rpmec1f4772a2e82eaaf1e00b556efdf57a3d602819fb2ed1fe813d72cbe3895f71nss-sysinit-3.67.0-3.el7_9.x86_64.rpm02f8ef2ecaa45b41bbb4ac0debc3d8cddf92bd8f4c975dc8d01b3074f1c83003nss-softokn-freebl-3.67.0-3.el7_9.i686.rpm1d42d82366258ade1c349216ae1f9b90526982e2e2961cec7657a2114e1a5426SLBA-2021:3800Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Bug Fix(es) and Enhancement(s): * extdom: LDAP_INVALID_SYNTAX returned instead of LDAP_NO_SUCH_OBJECT (BZ#2000261) Scientific Linux 7python2-ipaserver-4.6.8-5.sl7_9.9.noarch.rpm41e0b47432858828cc2106f9874b762fdb184614a04f4726a4236dc8fa4dd7aaipa-client-4.6.8-5.sl7_9.9.x86_64.rpmef17cc21eec485fbe0692bc7a7590be3248479273a74a5545c4c59ac43483971python2-ipaclient-4.6.8-5.sl7_9.9.noarch.rpma0c91e360b47fb9f3c9642044c349d3b6985bde9261712151d1e2c37705c5bcdipa-server-trust-ad-4.6.8-5.sl7_9.9.x86_64.rpm95cad1c2465c7cd71b6931c1e54f48dab469d3bd75a26743d3edddadaa08c6efpython2-ipalib-4.6.8-5.sl7_9.9.noarch.rpm84d4c7cf560d79075edc1a42b6c9ddc5fa12d371ccf80d15f662efd1d209fd4cipa-python-compat-4.6.8-5.sl7_9.9.noarch.rpme4e7127bb63d889f2044cd811cff7a8d141a6f20110f919ca2332852b4e3a301ipa-server-4.6.8-5.sl7_9.9.x86_64.rpm62d0456d32a15daea2e8aed6b63d3fe97c75f82f5f11465be5331e7d25765316ipa-server-common-4.6.8-5.sl7_9.9.noarch.rpm67bc072b25687f470b5ff797415ec5e7cc911d1d31cded229a95d80450c34015ipa-client-common-4.6.8-5.sl7_9.9.noarch.rpm80f987c27a87872d59c18c0b4d98af6629791fab56c1e5c97d36a7944bb8a069ipa-common-4.6.8-5.sl7_9.9.noarch.rpmda28eee5f08704830533dcbfbe02070114d97443c679e331e87133a799f511f4ipa-server-dns-4.6.8-5.sl7_9.9.noarch.rpm6a032b03a786c53d33b95aa6f53af6c35d69b76cb6a1d25ff429b638c357b431SLBA-2021:3804The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. Bug Fix: * ipa: ERROR: Request failed with status 500: Non-2xx response from CA REST API: 500 (BZ#1958788) Scientific Linux 7pki-ca-10.5.18-17.el7_9.noarch.rpmf13c8a17bd7ad06b0ff1a7f99c4d952ce8c3d27a8439ba4b821557a3246286d7pki-javadoc-10.5.18-17.el7_9.noarch.rpm9fb683639d340b9802f01086cdb14ef026bbb4f243f14240b5b1dc4ca5fbf903pki-tools-10.5.18-17.el7_9.x86_64.rpm3761340e411df2efeb62821c5fb549f3d0ca5765d3a67dc7dbdcc874cfdc96fapki-server-10.5.18-17.el7_9.noarch.rpm3e0bc224483605ed81901ddbbaf0ab507896add15347603bdc55710f5c9714edpki-symkey-10.5.18-17.el7_9.x86_64.rpmcfad3f2a0cba4a572bfa4ed7cb7de3336c7e25dd6a44237a7c12e1e2c862445epki-base-10.5.18-17.el7_9.noarch.rpm9a69fd8ca9191ce9765dca7e90ac0d7676e0457eb56f3bbf662f528aff23200apki-base-java-10.5.18-17.el7_9.noarch.rpm293585ab40dfbecb575e73bd5834c00225d9b0168c02aad8d9852451198debccpki-kra-10.5.18-17.el7_9.noarch.rpma53dd9436b90bdfca04f79ee43c97898bcfe380022b4edfe07745b6933ecf1b4SLBA-2021:4003The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2021e, which addresses recent time zone changes. Notably: * The Pacific/Fiji timezone has suspended daylight saving time (DST) for the 2021/2022 season. * The 'zic -r' command now marks unspecified timestamps with "-00". * Palestine will end daylight saving time (DST) on October 29, 2021 at 01:00, rather than the predicted October 30, 2021. (BZ#2015242, BZ#2015246, BZ#2016369) Scientific Linux 7tzdata-java-2021e-1.el7.noarch.rpm9d885a3f4ea1b9ee78acda35303ce6d7ddc39c5414ff955017dabaa410d9b371tzdata-2021e-1.el7.noarch.rpm502a8d632f40de778a2c065bd63517e81f6afd7354c9188b9872859877f35a34SLBA-2021:4780The OpenSCAP suite enables integration of the Security Content Automation Protocol (SCAP) line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fix(es) and Enhancement(s): * Report shows "pass" while command output shows "fail" items (BZ#1858502) * Memory leaks in probe_file (BZ#1861793) * oscap dies with segfault when using --stig-viewer option and latest XML file from DoD (BZ#1911999) * probe_file consumes all the RAM of the system (128GB) (BZ#1932833) * Ansible playbooks for profiles have duplicate variable definitions (BZ#1944683) Scientific Linux 7openscap-1.2.17-14.el7_9.i686.rpmbc4661a363dab8a8c703267149be0e9218834cec03de3c7b9243f2de476c8afbopenscap-utils-1.2.17-14.el7_9.x86_64.rpm3d799ea31e47c7922e5cfe2fbbf4686e570d0a127189ea8e806604ffb3a74298openscap-engine-sce-1.2.17-14.el7_9.i686.rpm1bc26a17f1599a69c7104b9a7f02b833edbb7a3d9efe3b62e439813a1f4b39c7openscap-1.2.17-14.el7_9.x86_64.rpmbd74786e781b5514f67db81b5a657b47b2c804fb640fb1dc6481d3d1692c383eopenscap-devel-1.2.17-14.el7_9.i686.rpm1a127768c1bd492614f5bdbd5318f52cf7eafedfcdd910557915a00bcaf45a29openscap-engine-sce-devel-1.2.17-14.el7_9.i686.rpma17c9d9cc19b0a06f3d8ea7164f329b2c113e6a9ffd91a4386568ee3a6818e6fopenscap-scanner-1.2.17-14.el7_9.x86_64.rpm37f640cc29d3c6e8915c6041e8d9b4df67db84e701148845bc09bddb2f9bce79openscap-devel-1.2.17-14.el7_9.x86_64.rpm7094e2f5a6e417455d4bc02eb74f68e4b91b5239492dfd64fb32162c0c5b4f8eopenscap-python-1.2.17-14.el7_9.x86_64.rpmf405937b54e1ebb9762fcc33aa9f922e79a92c243bf92fbf46955187a02eb93fopenscap-engine-sce-devel-1.2.17-14.el7_9.x86_64.rpm4ce5595b4468787dc8e5ab4b62438002307e760a34f8e8241ba2122a68a3166fopenscap-engine-sce-1.2.17-14.el7_9.x86_64.rpm3a0a404fa4b80b779631cfeab831338037a2a4f23652bf1cbd92d28b96fb6951openscap-extra-probes-1.2.17-14.el7_9.x86_64.rpm90c44cabcea4e43996ec4a90e757d7a294f2b0b5fc5b4a1604ef1b3ad1fc0cbaopenscap-containers-1.2.17-14.el7_9.noarch.rpm78fa0b4b21a1a3642d66229f016c2db3e7dd37fa25972a201d264a4689c8d479SLBA-2021:4781The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. Bug Fix(es) and Enhancement(s): * xccdf_org.ssgproject.content_rule_package_MFEhiplsm_installed does not properly check for SELinux (BZ#1944297) * Insights does not use latest benchmark for CIS compliance (BZ#1953787) * Ansible remediations of 3 dconf_gnome related rules don't work properly (BZ#1976123) * Update rhel7 DISA STIG profile to v3r5 (BZ#1996678) Scientific Linux 7scap-security-guide-0.1.57-4.sl7_9.noarch.rpm34b51c5bc4b0fdcb126de54e516c912ae49536a750759fa5eb10b185df31f716scap-security-guide-rule-playbooks-0.1.57-4.sl7_9.noarch.rpmf9f68aa9f3fb47b03571e50bacf7d612945de926bf71212d965d2de3a973bb7escap-security-guide-doc-0.1.57-4.sl7_9.noarch.rpmb7c847545012d13dfdffe57a3189942a91879a02fae26daf176ef346382ee2f9SLBA-2022:0156OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Bug Fix(es): * httpd fails to start with double free after updating to openssl-1.0.2k-23.el7_9 (BZ#2039993) Scientific Linux 7openssl-perl-1.0.2k-24.el7_9.x86_64.rpmd1aebf2a5bc3c316d2c83ac2356bda30edc90f0bcfea12880457f2253793ac2aopenssl-static-1.0.2k-24.el7_9.i686.rpm802945ef14687804c65a5ab6575c29d1283ece79cda956a1404b811ae8edd1daopenssl-devel-1.0.2k-24.el7_9.x86_64.rpm39dc3f28c58da872fb5cfe9b993755e4b9e8e2d524d5a7c1b9707b59833830a7openssl-devel-1.0.2k-24.el7_9.i686.rpm74bacb9457163a747581bf48c74b83077f3522b3ac5b9d5bc6bdf70f29903ea7openssl-static-1.0.2k-24.el7_9.x86_64.rpm7c9b4e1adb114e8aa1863aadfe9def96e5c024e2a2b1384e35db36f8c9bfcd27openssl-libs-1.0.2k-24.el7_9.i686.rpm46836801d59aeab63ec927592fc2441705d340b49b08e6f3d6c5727a457537a5openssl-1.0.2k-24.el7_9.x86_64.rpmb2ab8b852aade7509bb4b1b3653143efdecc58c50fd9abeb3b0cb9893332fcdeopenssl-libs-1.0.2k-24.el7_9.x86_64.rpm1082492dc5c94ea8089e3109cadc6719b4dc557ce6588c4e890a2331a583c660SLBA-2022:0701The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. Bug Fix(es) and Enhancement(s): * Update RHEL7 DISA STIG profile to V3R6 (BZ#2049532) Scientific Linux 7scap-security-guide-rule-playbooks-0.1.57-6.sl7_9.noarch.rpm6cfae01e405036fc6c9bc1dad1f1b2af3cf0b0d0a3527f39a267908754069cf7scap-security-guide-doc-0.1.57-6.sl7_9.noarch.rpm3ccacefd6ea02017cec03049ebeab09181953aed25356068f40ca92f92fb8531scap-security-guide-0.1.57-6.sl7_9.noarch.rpm4df0bc8bcdcc1bea9da053779deef090e5f179f6b302c0d6d54efdef352b3a69SLBA-2022:1032The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2022a, which addresses recent time zone changes. Notably: * In Palestine the daylight saving time (DST) starts on March 27, 2022, not on March 26. * The zdump -v command now outputs better failure information. * This update provides fixes for a code that read corrupted TZif data. Scientific Linux 7tzdata-2022a-1.el7.noarch.rpm2bd81e7c3b4b394094d0ff8d122a291ca35556608f8141093ea7aaac2b16c70etzdata-java-2022a-1.el7.noarch.rpm151cfed56b482c8d1befbb66f69fe3839eee9334e1c283fbb3f6d3da36531141SLBA-2022:4647The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. Bug Fix(es) and Enhancement(s): * McAfee packages not detected properly by the RHEL7 rules (BZ#2066321) * Update RHEL7 DISA STIG profile to V3R7 (BZ#2079217) Scientific Linux 7scap-security-guide-doc-0.1.57-8.sl7_9.noarch.rpm408202f740301c34e37133d0bba9c8c79e27ea0366a76dfedd262f2bc63d5cebscap-security-guide-0.1.57-8.sl7_9.noarch.rpm208aebc50b47c17f0d0a4753624c24b0fd4ed743c6fac58bcd0d48ce3ab528fdscap-security-guide-rule-playbooks-0.1.57-8.sl7_9.noarch.rpma7d8dfb326f66727f85327ebe37848008a74d7f20797a6ece46466ad90686083SLBA-2022:6138The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2022c, which addresses recent time zone changes. Notably: * In Chile (the America/Santiago time zone), the daylight saving time (DST) starts on September 11, 2022 instead of September 4. Scientific Linux 7tzdata-2022c-1.el7.noarch.rpm2526692b84bdac51c09de6cee75a9740d154f258e3f1ad4e7c7539b537c5a510tzdata-java-2022c-1.el7.noarch.rpmdb8d6f0b1278aa4cdec8aa873f85d6fc25e37b02c372b78b01922680ef29c6f9SLBA-2022:6572The ca-certificates package contains a set of Certificate Authority (CA) certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure (PKI). Bug Fix(es) and Enhancement(s): * Annual 2022 ca-certificates update version 2.54 from NSS 3.79 for Firefox 103 (BZ#2099892) * ca-certificates need to add support for signing certs for .NET (BZ#2117796) Scientific Linux 7ca-certificates-2022.2.54-74.el7_9.noarch.rpmd7edb786d191c4fefcb03be72b64bef01cb89aac2e81f77f386986058ba9d30dSLBA-2022:6576The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. Bug Fix(es) and Enhancement(s): * Align RHEL 7 STIG profile with DISA STIG Benchmark (BZ#1967950) * content_rule_audit_basic_configuration enforces using default buffer size (8192) for audit, which isn't always suitable on busy systems (BZ#1993822) * Rule file_permissions_sshd_private_key fails after kickstart installation (BZ#2021258) * Update source of CVE data in data stream (BZ#2028432) * Remove PCI-DSS-centric XCCDF Benchmark from scap-security-guide (BZ#2038165) * Update RHEL7 DISA STIG profile to V3R8 (BZ#2112939) * Rebase scap-security-guide in Red Hat Enterprise Linux 7.9 to latest upstream version (BZ#2116359) Scientific Linux 7scap-security-guide-rule-playbooks-0.1.63-1.sl7_9.noarch.rpmf52637667eb5a2187f932a8a5a05586283f500d28d628501fcd653d4d25edec8scap-security-guide-doc-0.1.63-1.sl7_9.noarch.rpm94a85061d97a42f352b1f371ac22a05bec5536c421266a08e6361b5360d91890scap-security-guide-0.1.63-1.sl7_9.noarch.rpmdac6ee364834b698e57df24a4eccb73de0db2fe69172681f54532edaf4bfa706SLBA-2022:6577Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Bug Fix(es): * Fix possible crash bug in winbind (BZ#2119058) Scientific Linux 7samba-client-libs-4.10.16-20.el7_9.x86_64.rpmcacc282e68d55a8a4df7bdd1d389e5c33ff3eefde6ab7fa892c56f1a03c6d7f8samba-common-libs-4.10.16-20.el7_9.x86_64.rpm2a22d8bf7e49ace37c1836bb6dffc293100d603845800a5a7a00a8934d7307cdctdb-tests-4.10.16-20.el7_9.x86_64.rpmf8d3f5de5d78d57c24f877ab16955ba73987426e386f8ba993cd7c9bc7a3792asamba-pidl-4.10.16-20.el7_9.noarch.rpm09893b38eca1472f8d54d6ae51d1880e4fd68e7a4271cb71d3ae92e73e68ca8fsamba-4.10.16-20.el7_9.x86_64.rpm7ac313df927797c05b41436e42e604cbd43161be21fd68cdd96d0ecae30d9acflibwbclient-4.10.16-20.el7_9.x86_64.rpmc5d60bee506bcb302ece1a17611f829ba892e4220d5c8f9c060ff74fc230eb38samba-dc-4.10.16-20.el7_9.x86_64.rpmcec3a3e3bf74d55202d85ffb3be0f8c2456381013381e66067f6375101a942ebsamba-common-4.10.16-20.el7_9.noarch.rpm44a6459695c6006ad82c374924f9f42f0666af0ffb5ce60c07c6f4ae970bce53samba-winbind-modules-4.10.16-20.el7_9.i686.rpmdf8572b335939df919a32ef8bff3ca1b55651cc8fe2ea023eac2ca4fde67fa00samba-client-4.10.16-20.el7_9.x86_64.rpmabb13fc44bf00e6e8e05a15171a49ad22adf187e18a32c41ec75fa7f9b2048a3samba-client-libs-4.10.16-20.el7_9.i686.rpm735fb48a6b667643771efd8f4082fde5fee9571925e0b6ba0364f444c094a479samba-python-test-4.10.16-20.el7_9.x86_64.rpm84c7a9f5130dd17ef7829c5028c94134cebca4eae40d69d47f2fce2381b58eeblibwbclient-4.10.16-20.el7_9.i686.rpm19466f49d3d87d055974d9b450b0bfacca1de8a5d7e4a247488f52f48433fb8clibsmbclient-devel-4.10.16-20.el7_9.i686.rpm661414a845a083cac5b3e441a3b4d217b7f90ad66360c013ea11b525fc51d75asamba-winbind-modules-4.10.16-20.el7_9.x86_64.rpm15d8c7f0ed898c85e546550b168b365f6cf730c57f9b9986da2a1a4c29d1eff7libsmbclient-4.10.16-20.el7_9.i686.rpm6f8ce0108a5f7d6346ac6a2aff0a646978840494f6b4a74da36da7fded21c4dblibwbclient-devel-4.10.16-20.el7_9.x86_64.rpmc6e8739d3f7024b2c898c6b7d8ea9e580c0122bc467430c5ea453821822c6bfblibsmbclient-4.10.16-20.el7_9.x86_64.rpmdc1a9465eb7fb4114846196fe2e5c3d33fbc3975f899338b00ca89592e825e26samba-devel-4.10.16-20.el7_9.i686.rpm7a6b86056ceb34ad19d83caefe29f0ba504db426f62aaf5d4da89ec59db0268asamba-libs-4.10.16-20.el7_9.i686.rpm4dd2497954144c5af89e132a94c2108670d0a4c11ca680e0cabe76d4e7502333samba-vfs-glusterfs-4.10.16-20.el7_9.x86_64.rpmf397cc045c0190a87e463e87f86ae18a178e1aae0b5f60c2694a7751c84d3daflibsmbclient-devel-4.10.16-20.el7_9.x86_64.rpm3660a1bebf97db29376d4bbc2c74e9e146d91dc0f9255c9f59f9bec430ba0447samba-winbind-clients-4.10.16-20.el7_9.x86_64.rpm255996be29ce489ef14234d31a7f1bb4db363760379ad326b76900222d95030asamba-winbind-4.10.16-20.el7_9.x86_64.rpm0633bba0bdbe5435adc07edbb268e2961ea1c47533d4926264ed5861f3561ab4samba-test-4.10.16-20.el7_9.x86_64.rpma94585adfd140fc3d138f715ad7c9953a047cd8e750af9ceecd08293f1f375e4ctdb-4.10.16-20.el7_9.x86_64.rpm46a9e0c3831feec611855045a6424b31e7fd60804974f249b613de9fe2ced97dsamba-winbind-krb5-locator-4.10.16-20.el7_9.x86_64.rpm1f076b7c3d04cd7a81c3b287f238b6daf628b3adb75ec1813de275a73e4badacsamba-libs-4.10.16-20.el7_9.x86_64.rpm5a8440321cd0edde5dcd44d28dfe703e734447b3f2af301b009ffe3f85c6fb9dsamba-common-tools-4.10.16-20.el7_9.x86_64.rpm61a4a9c9929462af1d399b9fbf7974f91a67bf8506124f29447d9931c38ccb84samba-python-4.10.16-20.el7_9.x86_64.rpmf3139f49bed0ef0301fc615f023d797cd653216f38a551e6f6e4fa9e4b4d6398samba-krb5-printing-4.10.16-20.el7_9.x86_64.rpm0b38802866912cf2a4cbea96ffa954393582a6de922bb2554ed16975926eec76samba-common-libs-4.10.16-20.el7_9.i686.rpm9dbfa5fd8bb1eb6ed8b84dcd57cd0b1b71c7e20ff7f7ecd44b3b4a6f3866cfdesamba-dc-libs-4.10.16-20.el7_9.x86_64.rpmf5d8689b8fc2b40e39898be7390a5f496ed7f04cd4a2035e0456bb06344a9475samba-test-libs-4.10.16-20.el7_9.i686.rpm91e0191180ab976e905b15cf945888f31ae2a79a3e211d42d366cd23408c416alibwbclient-devel-4.10.16-20.el7_9.i686.rpm6db2d2f59f78e800c9e2e03c678771f064d1afb70b8fe9cf27edc47b94f119e0samba-test-libs-4.10.16-20.el7_9.x86_64.rpmf42aef1f809c15b39b535bd178d6a76df4068d9e4f3cc1ca9f299d6a7d36f482samba-python-4.10.16-20.el7_9.i686.rpm0f6fde71a4536f44b6dc4f43b3733a167fa2a745296da54bf854a7e5565968e2samba-devel-4.10.16-20.el7_9.x86_64.rpm7e9a75e73ebe7cea8c107131cdd29cc9dc10563c3643388bc6e049002516abefSLBA-2022:6712Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. Bug Fix(es) and Enhancement(s): * Import of PKCS#12 files with Camellia encryption is not supported (BZ#1462297) * Rebase nss to 3.79 for Firefox 103 ESR (BZ#2064364) * NSS sometimes causes hang for customer application (BZ#2066679) * Rebase nss-util to 3.79 for Firefox 103 ESR (BZ#2093506) * Rebase nss-softokn to 3.79 for Firefox 103 ESR (BZ#2093507) * Rebase nspr to 3.79 for Firefox 103 ESR (BZ#2093508) * update-ca-trust fails with /usr/bin/p11-kit extract calls getting aborted (BZ#2096268) * certmonger startup very slow using default NSS sqlite database backend (BZ#2097811) * selfserv binds on ipv6 only instead of both ipv6 and ipv4 (nss) (BZ#2097842) * selfserv binds on ipv6 only instead of both ipv6 and ipv4 (nspr) (BZ#2097904) * curl segfaults (BZ#2103706) Scientific Linux 7nss-sysinit-3.79.0-4.el7_9.x86_64.rpm717eea39d2aa9e9184975eeed842014f45b14c444f53f59de786621ab7ed2734nss-softokn-devel-3.79.0-4.el7_9.i686.rpm5476523c29380f539332b29dc5309a868c2ff52a91096115d6028f6137883294nspr-4.34.0-3.1.el7_9.i686.rpm7dbdc6ee9f0f8f77fb4b7bcd7ac52016207b3edab103060b5d61050a9c3570d2nss-softokn-freebl-3.79.0-4.el7_9.i686.rpma353095c518f10d49c7e80ea897ad387b21e25854313d534075b7b5f2f6465d2nss-3.79.0-4.el7_9.x86_64.rpm13b925723c08f99571a2097f97ee70a74fda215aee270a4c8e620242d73ee852nss-util-3.79.0-1.el7_9.i686.rpm8d197cc06e73cbe55bfd20060eacc65685601555f77dc85568f5bb490e83fe3anss-softokn-devel-3.79.0-4.el7_9.x86_64.rpm2ca839847c5550bc4f5ddf11e3535fa8e46b0943ac3a65f9b89ca157da090d26nss-softokn-3.79.0-4.el7_9.x86_64.rpm167f0a4aeb1c09264bb4ef61f7a6c59de588e06a08195ab7b3e67e52aa2cd101nspr-devel-4.34.0-3.1.el7_9.i686.rpm5402ff5f1241395f94fb3e604641b0b68ca43d1d61a08cf7f806e075df949132nspr-devel-4.34.0-3.1.el7_9.x86_64.rpm55e256f8ae60657b3a61612b1991bb4981554b794c75335970a7cb2595f4b6c1nss-util-3.79.0-1.el7_9.x86_64.rpm3142083148f43ab008bce4419a7289209620b024ee7091fa8a9d73a379f56451nss-util-devel-3.79.0-1.el7_9.x86_64.rpm6dcaeaf3e23cd6e103685d1ec84ff38d94c89e7d600bd14b87211b7390f2e222nss-tools-3.79.0-4.el7_9.x86_64.rpm1713aec9855779538668e46177c7e738d0a0892ac2078dd0c538cf154cbb3b3dnss-devel-3.79.0-4.el7_9.x86_64.rpm63584668c447eb2c6b01095d7f6aba35b6a09dac00efaee4964d5c9f0fcfe0ednss-pkcs11-devel-3.79.0-4.el7_9.x86_64.rpm9b0f709efaf08e35bb9eac6973c3d433a4b011a42b860954588e1599105d1d41nss-devel-3.79.0-4.el7_9.i686.rpm590e47b59ca6cd7241939955196bf27599dde733c01a0fc20a52c5b4861206f1nss-softokn-3.79.0-4.el7_9.i686.rpm72187c2f765bb749d6088a6446d14bbd7ba12da8774af35b2deb35d35b2abae8nss-pkcs11-devel-3.79.0-4.el7_9.i686.rpm1c83452ff7cc28a33974a11b8e12dea9218f1fd01f632307b37241a6ddf60e12nss-util-devel-3.79.0-1.el7_9.i686.rpmfff77c933cf38500888db2bf93fc4340097877874490438b3418897cc0937cb5nss-softokn-freebl-devel-3.79.0-4.el7_9.x86_64.rpmdb7bbda5be560f602b5594716e7b92829d1f1c41bd9b428eb44f00a44559b9ecnspr-4.34.0-3.1.el7_9.x86_64.rpm48b4e6653da1eb4229713d7c9241bc50f81a9d67f2a7e2e14e94d24251b331e0nss-softokn-freebl-3.79.0-4.el7_9.x86_64.rpmc911e5c946a25f1b2a978735330881ecfafd5b1f7f805b1584c866aaa076046bnss-3.79.0-4.el7_9.i686.rpmee4b3aed756beb4b69e7cf12635c63492af12edb727fc74b29f0f2ef39291190nss-softokn-freebl-devel-3.79.0-4.el7_9.i686.rpm561cba4e0ccb895de95856af3ce838de7cfabafcf6db99c36e4d74f2b4243173SLBA-2022:6827The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2022d, which addresses recent time zone changes. Notably: * Palestine will transition to daylight saving time (DST) on October 29, 2022 instead of October 28, 2022. * Europe/Uzhgorod and Europe/Zaporozhye are moved to the 'backzone' file. Scientific Linux 7tzdata-java-2022d-1.el7.noarch.rpmaa8c2791f3c77330bdde1873e5dc9aa039495379b9e49c9bd539636e1453cc3dtzdata-2022d-1.el7.noarch.rpme29657e0ab4a9adfc968a48499f95dabe2c9b1b55b91307237bd9ef79589f1d5SLBA-2022:7067The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2022e, which addresses recent time zone changes. Notably: * Jordan and Syria cancelled the daylight saving time (DST) transition planned for October 28 2022 and will remain at time offset of +03:00 from the coordinated universal time (UTC) permanently. Scientific Linux 7tzdata-2022e-1.el7.noarch.rpmbb921010ac58172a3a2ded25bde14eeb0b515ba6faef765dea2efb1e10e7256dtzdata-java-2022e-1.el7.noarch.rpmf964a856c27ee43d19659d570924fc1cfe1104b018c8e052165488217e60b08dSLBA-2022:7404The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2022f, which addresses recent time zone changes. Notably: * Mexico will stop observing daylight saving time (DST) except near the border with the United Stated of America. * Chihuahua moved to the time offset of -06:00 from the coordinated universal time (UTC) permanently starting on October 30 2022. * Fiji no longer observes daylight saving time (DST). Scientific Linux 7tzdata-java-2022f-1.el7.noarch.rpm419a66f43a09d2d55dad85fe19134693e98ea63126303accf356fbe0d2cb977etzdata-2022f-1.el7.noarch.rpm2f62960f7056adb2aa0c6f6aa3da568a6588baae81dc6de89e438d64258c0078SLBA-2022:8785The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2022g, which addresses recent time zone changes. Notably: * On November 30, 2022, the northern edge of the Mexican state of Chihuahua has changed time zone to agree with the nearby US locations. * A new Zone America/Ciudad_Juarez that splits from America/Ojinaga has been added. Scientific Linux 7tzdata-java-2022g-1.el7.noarch.rpm68f3b82080120841f4ad82d719ee4570f9fa63177d69fde1ba0aa173448abcf2tzdata-2022g-1.el7.noarch.rpmbb123b23987cd20416556db907bd9564418cfa6e78e9ed20f3a719a4eadc32a7SLBA-2023:1094The OpenSCAP suite enables integration of the Security Content Automation Protocol (SCAP) line of standards. The openscap packages provide the OpenSCAP library and the oscap utility that provides various SCAP capabilities. Bug Fix(es) and Enhancement(s): * Potential invalid scan results in OpenSCAP. (BZ#2111041) Scientific Linux 7openscap-engine-sce-devel-1.2.17-15.el7_9.i686.rpmda53f46a4c67f90b223ab07a1f586c1eba98630e728315fc0f32a28834c7c960openscap-engine-sce-1.2.17-15.el7_9.x86_64.rpm9eaffc2d4b0b1066f9fd6c24e4d8e060ead83958d736cc3079b4ed8ede000bbdopenscap-devel-1.2.17-15.el7_9.x86_64.rpmb51ca8653da9180796ccb42b29054f561c6e56bc9c4d0b56d9a4d7d36006399bopenscap-scanner-1.2.17-15.el7_9.x86_64.rpmf0261e7d1cfa92d6fe9e9abd07b22a07067312cdf0390f6a4b4240ed6e6e9545openscap-containers-1.2.17-15.el7_9.noarch.rpm501eb0d76ddd27ce2d3915947213e39cea80ebe499dc423ab3b590fcd88606b2openscap-engine-sce-devel-1.2.17-15.el7_9.x86_64.rpm2d1d4ce394f8c1b0afc66d49d335f168cab5bbd3f96425edf8698f5e2aa0de9bopenscap-python-1.2.17-15.el7_9.x86_64.rpma7d7997bc2aa8a38b5eb3b000c0b4fa96150a9658f55c84651cd6127f2bcc37fopenscap-extra-probes-1.2.17-15.el7_9.x86_64.rpm204a8cba807ba67c41efda5b48f0a2d2e7e0ff5a15688e3cbd3ad2e687735fa7openscap-utils-1.2.17-15.el7_9.x86_64.rpmdc2c0db93642b89ee53df753654d9314ae61eaeaf111f35c2d43780482928c45openscap-1.2.17-15.el7_9.x86_64.rpmc7927ed6542837c5713897ed63c49d7bbdc10e4b4713ae7a018d41c1f55d847fopenscap-engine-sce-1.2.17-15.el7_9.i686.rpm799ee42a178599fb8fabccbcb8d18289129dcd4654b8de0445f1d033046f9931openscap-1.2.17-15.el7_9.i686.rpmcfc2f5c78d541ba22f88885b732a1b652d64d330709a388aa72647fb622cb13bopenscap-devel-1.2.17-15.el7_9.i686.rpm2af9e67de95817b3a9afba1fde15e4e09e71ba5d8356417d8753ec55bd66b846SLBA-2023:1099The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. Bug Fix(es) and Enhancement(s): * file_permissions_sshd_private_key is not aligned with DISA STIG benchmark (BZ#2123284) * audit_rules_usergroup_modification_shadow don't remediate existing audit rule (BZ#2123367) * Update RHEL7 DISA STIG profile to V3R10 (BZ#2152657) * Rebase SSG to latest upstream version in RHEL 7.9 (BZ#2158410) * [SCAP] PCI-DSS Rsyslog log files related rules fails for Rsyslog 8 RainerScript syntax (BZ#2170038) Scientific Linux 7scap-security-guide-rule-playbooks-0.1.66-1.sl7_9.noarch.rpm8c896e9b2af0229b23afe8b3b521d6edecf8f758349df435ed63be14bb9a19c5scap-security-guide-0.1.66-1.sl7_9.noarch.rpm51c20f7783a416005f490dd4757723c285cbc4574923a141e6549a56996d089cscap-security-guide-doc-0.1.66-1.sl7_9.noarch.rpmc77812f9eba2fa7464fd7744d0cd653deb1014d23ec906498f320863a2c2121bSLBA-2023:1491The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2023b, which addresses recent time zone changes. Notably: * Egypt will reintroduce daylight saving time (DST) from April through October. * Morocco will observe DST from April 23, 2023 instead of April 30. * This year, Palestine is delaying the start of DST. * This year, Lebanon is delaying the start of DST until April 20. Scientific Linux 7tzdata-2023b-1.el7.noarch.rpma6eecba20da600ff330d091e2cf2a518e167cb6a256bb05c7c460e3e52e0b380tzdata-java-2023b-1.el7.noarch.rpma3326ac04c1bf1f60a6717458e915ce1d654bc263f8c2f8d0828b38f77898feeSLBA-2023:1534The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2023c, which addresses recent time zone changes. Notably: * The changes added for Lebanon in tzdata-2023b have been reversed. This update reinstates the DST change for Lebanon effective March 25. Scientific Linux 7tzdata-java-2023c-1.el7.noarch.rpmd7986e88f5938d15b2cdb0725f9baa8d5d795f83fde52f1732b3412f4448ed15tzdata-2023c-1.el7.noarch.rpmdb1001e6ec93cfa2f1804ca3e89c41cfa944eb81bdff04df3383ca1d3ba15529SLBA-2023:1991The shim package contains a first stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Bug Fix(es) and Enhancement(s): * Shim refuses to boot the system when TPM event logging fails. (BZ#2002648) * Shim loops indefinitely processing certificates when space in mok is smaller than certificate size. (BZ#2007084) Scientific Linux 7shim-unsigned-ia32-15.6-3.el7.x86_64.rpm28cad241c3839168fa5f00d1f4c70a73860eb8bb2c0e4640b3ae258c33622d5fshim-unsigned-x64-15.6-3.el7.x86_64.rpmd4e013392e4e29f8a7d58bb378abd82acb48084535a350ca8a90e591371a6403mokutil-15.6-3.sl7.x86_64.rpmd8932c49f75ea8f4f398e9eeaa80eef43d3f8e48cb174d8da9ef754a43db7cffSLBA-2023:4598Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Bug Fix: * Updating Firefox to 102.14.0 prevents all pages from loading. (BZ#2230023) Scientific Linux 7firefox-102.14.0-3.el7_9.i686.rpm8a33ccae5f36446832cdebfee806a98620b32eb271ffa4913d5dbf57cd9cd8c0firefox-102.14.0-3.el7_9.x86_64.rpmca47117b220a0bbd5c8083dada38c466ccff34032000a9c2cdd83be018c5bcccSLBA-2023:4599Mozilla Thunderbird is a standalone mail and newsgroup client. Bug Fix: * TLS broken for POP3 and SMTP connections. (BZ#2229981) Scientific Linux 7thunderbird-102.14.0-3.el7_9.x86_64.rpm950ffadc0560f6aee5fc3c3f0202ebd7023c4bc086bbbfb7af5e05fa99f89d59SLBA-2023:4824The scap-security-guide project provides a guide for configuration of the system from the final system's security point of view. The guidance is specified in the Security Content Automation Protocol (SCAP) format and constitutes a catalog of practical hardening advice, linked to government requirements where applicable. The project bridges the gap between generalized policy requirements and specific implementation guidelines. Bug Fix(es): * Update ANSSI BP-028 in RHEL7 to v2.0 (BZ#2155793) * openscap shows IPv6 as enabled even if it is disabled (BZ#2210276) * Rebase scap-security-guide in Red Hat Enterprise Linux 7.9 to latest upstream version (BZ#2221694) * Remote resource referenced from datastream is missing https://access.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml.bz2 (BZ#2223817) Scientific Linux 7scap-security-guide-0.1.69-1.sl7_9.noarch.rpmf127d4b826901e47d24dc9a99c48f66343f06f7d8a2090a14bd23c4fac296b0bscap-security-guide-rule-playbooks-0.1.69-1.sl7_9.noarch.rpm6b6f66cddc9c2482a484b76671b21ae1e39d264deca43657ab958a269f01eaadscap-security-guide-doc-0.1.69-1.sl7_9.noarch.rpm74e0ee0a5e07d64aa98a46657247ec14c067dc34caa2ea2cbc40b6d52f3d2518SLBA-2023:5478Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a later upstream version: nss (3.90), nss-softokn (3.90), nss-util (3.90), nspr (4.35). (BZ#2211859) Scientific Linux 7nss-pkcs11-devel-3.90.0-2.el7_9.x86_64.rpm833cd6c91d1a08aa3ebe685b7aea647ce01d5a1ffb483ec74587013cdcd51ad8nss-softokn-devel-3.90.0-6.el7_9.x86_64.rpme6a5c1b405b29c400e4f2d2f24853391ecb784004266e870c50e85090e570412nss-pkcs11-devel-3.90.0-2.el7_9.i686.rpm6fd9b7e03da8401e9b539f86845c53c9206853efc5b8aa081fbf7d4e9a1e57fanss-softokn-devel-3.90.0-6.el7_9.i686.rpmb00a9b8bf9847ca51a49f00b861d392d6f0f3d6b9230072a10a760e7014897e1nspr-devel-4.35.0-1.el7_9.x86_64.rpm3ec2bf3d3161853724c484fea24801c07e9d5e62428b300c5fdeafb7a4d75ce3nss-devel-3.90.0-2.el7_9.i686.rpme0a5d74373fb9ca4da0adf92664deae1f36e575acc5b7a3789b24aed50b95548nss-softokn-freebl-3.90.0-6.el7_9.x86_64.rpma9b91349cf9aff0bd4bcd70493ddbf1e17e67977c72865b1d0c6f79898778c38nspr-4.35.0-1.el7_9.x86_64.rpma8e5282a90fa724da81caf2f08726b6ef455b2249b9232d455db53a784dd92acnss-util-3.90.0-1.el7_9.x86_64.rpm7cf1a5b624097801b794c4c63213821ba51c841f207b6706ab173add0abb3759nss-sysinit-3.90.0-2.el7_9.x86_64.rpm2c506d27cf3ef2869f5aa4c98bc9fc7cc57cfc6ceb333dfad8102c1a24e1df1bnss-softokn-freebl-devel-3.90.0-6.el7_9.i686.rpm5160dd7b34539accf4e74613c5645d6999a9367c1e04fad393c8426a31876929nss-util-devel-3.90.0-1.el7_9.i686.rpm6bf03cc81b4f1241c7611802a7c7f27279e6be39ceb3f1892024fb1fd54c3fe8nss-softokn-3.90.0-6.el7_9.i686.rpm18241dca1d91129301c8556a8b62ffefb6a424b5db11c601fe0462ca61d34f85nss-3.90.0-2.el7_9.x86_64.rpm1648b5a87b74c820c9aed6eb6a1d10d1498a2bbd6976445cf34be8c657a3b32fnss-softokn-3.90.0-6.el7_9.x86_64.rpmc384ccf712d2130439a9fe5c98f3d0d73b3b0b8e603927073425a7f65197294enss-softokn-freebl-3.90.0-6.el7_9.i686.rpmfb670a39ad0ac44f9739100ef1eb8fe3dbb82c9ca6d4e874598e5597997c8a1anss-3.90.0-2.el7_9.i686.rpmd6b591087318537794a40f4dc5921268e0467eb57ccf341a78aaa01aff79228bnss-util-3.90.0-1.el7_9.i686.rpmfa85b3c8810ce262d235b22bbb0e4ede00c0aecca5772ffb60129a8c7c3b8dd1nss-util-devel-3.90.0-1.el7_9.x86_64.rpm2df03fb85e1abc6dcd8cceca2311aaa12c2c60dcc42c2228a70031b4d4f61915nss-devel-3.90.0-2.el7_9.x86_64.rpm144718bcc1de8e2e2d3933fdc91e926a0451b51102c883d7ebbc7a3ba8584519nspr-4.35.0-1.el7_9.i686.rpme7517a5cb57ad2758aa5cd91085301e4b16ae5cfe3b2e2d03cfdab3d5134f3e9nspr-devel-4.35.0-1.el7_9.i686.rpm210cdbbea75730caea5849bb61ec1926957562090f3e4259b68810f2c0070449nss-softokn-freebl-devel-3.90.0-6.el7_9.x86_64.rpm047aa93f55583f55c64b2592ba7b00f67b106f93540b1b6b0c08bba1bd1b0f10nss-tools-3.90.0-2.el7_9.x86_64.rpm0d827bd967e29c6c8012e7cf1de16fa724ba482f60039dd2578c26519e5b45e2SLBA-2023:5620The microcode_ctl packages provide microcode updates for Intel processors. Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20230808 release, which addresses CVE-2022-40982, CVE-2022-41804, and CVE-2023-23908. (BZ#2223994) Scientific Linux 7microcode_ctl-2.1-73.19.el7_9.x86_64.rpm547fb7118701708094c3b5c00ffe046269ed859553dbf86cf402c5302828f3c2SLBA-2024:0350The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol (SNMP), including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base (MIB) browser. Bug Fix(es): * net-snmp: fix a crash triggered by wrong passphrase (JIRA:RHEL-2882) Scientific Linux 7net-snmp-devel-5.7.2-49.el7_9.4.i686.rpmc658da0ffb451524e8fc09eadad31e74ce67eab1d7a25030959b1a41ba9763c1net-snmp-agent-libs-5.7.2-49.el7_9.4.i686.rpme1810e0e60ef8ff20aa9bd2dde94c85b892ec99d28be6aeac23e789a8c71a6e0net-snmp-5.7.2-49.el7_9.4.x86_64.rpmc1e7bb09e847ce3bb6c454756a753a7d4d4dad85c7906763daa6306c56563480net-snmp-devel-5.7.2-49.el7_9.4.x86_64.rpm8ec73a83612f455a74445026b1cd2daa1dfea073c7c8c2d124a3ec0af77468f2net-snmp-agent-libs-5.7.2-49.el7_9.4.x86_64.rpm671aae63d47d6e21cb4352f75ad02f588ffa53700a552842d721ab4ac3de261enet-snmp-perl-5.7.2-49.el7_9.4.x86_64.rpmba1aaf9cc68fe79d17116b8d9c12c19c8e92bf8a264baf936cb628d71e34ea88net-snmp-libs-5.7.2-49.el7_9.4.i686.rpm89c86951e7ec026c2d82738ca5c9e597ab13002e329a31e39ea7710144063363net-snmp-libs-5.7.2-49.el7_9.4.x86_64.rpm5e27b4aa992324800c76d1fad361a54d1a9d667a281fd98f24830a68c5db564enet-snmp-gui-5.7.2-49.el7_9.4.x86_64.rpm332d57d5e8b8be75894169db2389a1b5d15a86f1d8653de1449baff44b8c043bnet-snmp-sysvinit-5.7.2-49.el7_9.4.x86_64.rpmbb3fb2524a52f113142385015bd9636ef9dd05293bb0bdaf0e3194d63528b110net-snmp-utils-5.7.2-49.el7_9.4.x86_64.rpmf41bfd2bedb28d96c91a6426110db9c28e5d468234adb2a3c8c1b2d0c3fbfa36net-snmp-python-5.7.2-49.el7_9.4.x86_64.rpm77eebfe70b4d96f9e590e535bb09c068d3100e7a465e306fb0f266a9a2ec6426SLBA-2024:0762The tzdata packages contain data files with rules for various time zones. The tzdata packages have been updated to version 2024a, which addresses recent time zone changes. Notably: * Kazakhstan will transition from UTC+6 to UTC+5 on March 1 2024. * Palestine will transition to the daylight saving time (DST) a week later than previously predicted. Scientific Linux 7tzdata-java-2024a-1.el7.noarch.rpm2fbe19464f1e459fda37277248976644b1e9de5afd43ccf1c60472a896b94548tzdata-2024a-1.el7.noarch.rpm269866c2e28a43307abef7ef8968f108fbf18c61bc4da8b5fdf9cbf83425c9c6SLBA-2024:0987For detailed information on changes in this release, see the SCAP Security Guide release notes linked from the References section. Scientific Linux 7scap-security-guide-0.1.72-2.sl7_9.noarch.rpmb16440341a0b9327f3148a5ba31d74ced89f48a9706a5a62d4bf199041026f0dscap-security-guide-rule-playbooks-0.1.72-2.sl7_9.noarch.rpm9c4b957b491174811c87df2dbccc1a326f8f405d95700a2cd1bd53ebbc8fadc7scap-security-guide-doc-0.1.72-2.sl7_9.noarch.rpmc28c2c7bb50773bc3f4d71efd4dd7cc7da4a1c6aad6221ce3aeae71538c68166SLBA-2024:1274The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Scientific Linux 7fence-agents-heuristics-ping-4.2.1-41.el7_9.8.x86_64.rpm6e56f8d888db37626adf4a5cf03fa719f0d9c3ef25efd0075f1663040facf774fence-agents-lpar-4.2.1-41.el7_9.8.x86_64.rpm638d58d089706a31d2be0c25025bd35e01e7a9278ede03309aa6b85e944d5ea5fence-agents-vmware-rest-4.2.1-41.el7_9.8.x86_64.rpma871063f9cce3bcc66cd3cf2ac25c9d70bf602e25bb921155dab40ea1781c8d2fence-agents-apc-4.2.1-41.el7_9.8.x86_64.rpmd7ea45cebf43de8427192eccad9ecda108c7fd10ceeb278435d18460b45d6c50fence-agents-virsh-4.2.1-41.el7_9.8.x86_64.rpm64f37eb5102cb2d5d582cef7a63e7e0b15948d75854fdc957bb34f870bc7fa13fence-agents-ilo-moonshot-4.2.1-41.el7_9.8.x86_64.rpm6a6ad2c66b11c9cdf2ddea5bbe82370d9b6b164708b9bb7dbf9d1dac1cb7c98efence-agents-ifmib-4.2.1-41.el7_9.8.x86_64.rpmf4a1666e35f1265dd53678906f6609c66f520382785b8e1031e0dcc3a934883ffence-agents-aws-4.2.1-41.el7_9.8.x86_64.rpm729d3d4b42073cdf02f841c8576d5fad1fd8a19a3564a22769d8f85c6eb086cffence-agents-bladecenter-4.2.1-41.el7_9.8.x86_64.rpm5b60eb76228587229ca3d8e5d4d0ea90e486cba8783f40e04d11665ffa514a30fence-agents-common-4.2.1-41.el7_9.8.x86_64.rpm24fea275d60c79dce58a7176383cad072cf7c8e473d3a5ed72fda27b240c3f5bfence-agents-intelmodular-4.2.1-41.el7_9.8.x86_64.rpmb0615c8baf5e9497ae674cda01e793c1d1fc2287aa785c2167c8d820a2b152d9fence-agents-kdump-4.2.1-41.el7_9.8.x86_64.rpm6f026bb6d5cb6dd57133c3569200c8ec9ed027fcbd5ee5307cef771a6abd9292fence-agents-ibmblade-4.2.1-41.el7_9.8.x86_64.rpm093720a4cf018a240f7b3cfdf9980be6bd71ae0deb28f17c54057a497312b51efence-agents-wti-4.2.1-41.el7_9.8.x86_64.rpmc6e1df867d64b9d8c575cdc5c8f20d521fe9a480035b6efe13abab6b75d61671fence-agents-vmware-soap-4.2.1-41.el7_9.8.x86_64.rpmad313e2f86f7f9f15a30074797454e54402bdc725710b1e4d3da594ccc86572dfence-agents-ilo2-4.2.1-41.el7_9.8.x86_64.rpm1a31a065be1222982bb005b03e7bff8eeb2050ac501c0e2111029ba51597e615fence-agents-ipmilan-4.2.1-41.el7_9.8.x86_64.rpm5395bbaa7a5fb8a4da8f5653520324c9aa9900fd809ad450cc1ebacffd3c68bbfence-agents-brocade-4.2.1-41.el7_9.8.x86_64.rpmf74ccc9a9ccabc9bc94afebdaf1a5437409e45caa7dd4a6222fce6dcd87771f8fence-agents-ilo-mp-4.2.1-41.el7_9.8.x86_64.rpmfb3c799dde831fd12ff6ba60173548d714ca0efe70b2dd78a77c675b0f4d31f4fence-agents-cisco-mds-4.2.1-41.el7_9.8.x86_64.rpm2d56dca534bc0d47cbf0005dfa7f06aa5db6f605aa404644d40cabe02382d7bcfence-agents-hpblade-4.2.1-41.el7_9.8.x86_64.rpm0db1dbfebaa6b67cdaba3e67577b527b64e56698eaea4cf2a589d0df79168460fence-agents-cisco-ucs-4.2.1-41.el7_9.8.x86_64.rpm45916e68682a06cd43ddc70f88be74f3127bdb259999e8f37596f9e71a60188ffence-agents-rsb-4.2.1-41.el7_9.8.x86_64.rpm7bebb8c1064787a555a4469ff40e48554d16918a871eb16b671974aa13595ab1fence-agents-emerson-4.2.1-41.el7_9.8.x86_64.rpm3007100b95d7d09f310dce9b0c25925888df5ccb168c662b8275b29834eb2f76fence-agents-azure-arm-4.2.1-41.el7_9.8.x86_64.rpm70007684834fe70c8880f3d5c9370e618dc11ec0117a42898c52831007704510fence-agents-eps-4.2.1-41.el7_9.8.x86_64.rpm03180c0590e56a549fcaba9758a0b02f3f7e61aba1dde1b1b98ecc4d326ebfe6fence-agents-amt-ws-4.2.1-41.el7_9.8.x86_64.rpm44ddedeb3c563db97154db842d530ee79dd8722bfdb79cd38a6a47abb617bdf3fence-agents-redfish-4.2.1-41.el7_9.8.x86_64.rpm9e536929558a3814dc846afef01a0f62e69f42a7fa076dbfcc28a7a56a42198efence-agents-gce-4.2.1-41.el7_9.8.x86_64.rpm00c3412047b847277ecc5f83e6780032d98ae9542573b634509d9fedba40254dfence-agents-rhevm-4.2.1-41.el7_9.8.x86_64.rpm44d71a555f1ec4e61d0a5429eafba7110715373e8c9f50cc1e983dea5f820e99fence-agents-sbd-4.2.1-41.el7_9.8.x86_64.rpm65d81bacfec1b46c22c11750fc9f71c068c11979a038189cf443c66726b6e133fence-agents-compute-4.2.1-41.el7_9.8.x86_64.rpmbe05fc5bf2b2a646e9002fb0c6ed1addb25de9770e84e58e32629068cfc97702fence-agents-apc-snmp-4.2.1-41.el7_9.8.x86_64.rpm6e2a06f356530081982acb223a1c2be6a48bf5baed4bcfd3104b7edf13b39334fence-agents-mpath-4.2.1-41.el7_9.8.x86_64.rpm5565c5379ce59d1b14416c2451fb3378584a774e5389109fb9d2037ae638217dfence-agents-aliyun-4.2.1-41.el7_9.8.x86_64.rpmf4422b189daadf84e733ea25db0584641130f12dfc81367fa0cbf9e84235a25cfence-agents-scsi-4.2.1-41.el7_9.8.x86_64.rpmdd41cac9d96fd46b02b5cc93ec0ef4679c1a81764123f52134f9a5269efd832dfence-agents-rsa-4.2.1-41.el7_9.8.x86_64.rpm1e475576002fd26c9356e09caa762ca00dc258d81774a0fb014ed4b8a23f7eb6fence-agents-ilo-ssh-4.2.1-41.el7_9.8.x86_64.rpm8d7480844b7751c1187271ea7625d3e8c5a400ed5233bb15cba956a7793e31aefence-agents-all-4.2.1-41.el7_9.8.x86_64.rpm55862915cc9ceee1964cf8abe31bfff5ec229b4775a0c96f9f98ffa73f9b35eafence-agents-drac5-4.2.1-41.el7_9.8.x86_64.rpma508fb4976a9d173c6d4bfa170ac15e6430deebc08fee08b25012a237dee4948fence-agents-eaton-snmp-4.2.1-41.el7_9.8.x86_64.rpm514ccd0b7f308a16c1eb0ecf498ef88312dc0360ac546574b469e09db0f8ed08fence-agents-ipdu-4.2.1-41.el7_9.8.x86_64.rpm88090b817eeace0a716c473bed7160a08270a41126dba116dd8a12841e13134bSLBA-2024:1276The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability (HA) environment. Scientific Linux 7resource-agents-aliyun-4.1.1-61.el7_9.20.x86_64.rpme841523b6d12bfb7e7bf38dbce2dc0dbc0dd3aeca1c9cfe8de269ea3736577f0resource-agents-gcp-4.1.1-61.el7_9.20.x86_64.rpm92053d13004094b1d5f374d585c4b055e4de5d81c36fe8af96d84849ac02ed17resource-agents-4.1.1-61.el7_9.20.x86_64.rpmc7814974ccf16878f7a15f38101bd8cfc432a27b11ff3e7a5a316a7dd68c966bSLBA-2024:3624For detailed information on changes in this release, see the SCAP Security Guide release notes linked from the References section. Scientific Linux 7scap-security-guide-0.1.73-1.sl7_9.noarch.rpmf725062f860358a91f914178fa656fdc5b24aca28abacc677b3afad32a8193ccscap-security-guide-doc-0.1.73-1.sl7_9.noarch.rpma8e3d73c8d75b9e04ad93839e41198cd845560d7a2493c8596cbb20191324217scap-security-guide-rule-playbooks-0.1.73-1.sl7_9.noarch.rpm60111515946d2e2906b7a22343ba156c79722b74490f3df1c8268f3604240e28SLEA-2023:7283The microcode_ctl packages provide microcode updates for Intel processors. Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20231009 release, which addresses CVE-2023-23583. (RHEL-3920) Scientific Linux 7microcode_ctl-2.1-73.20.el7_9.x86_64.rpm5923cdb7d020178f9cbd103fcf7ca35481fb5db52ccfeb2fd18940c86ee0a80fSLSA-2020:4072-1Security Fix(es): * libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c (CVE-2020-12825)moderateScientific LinuxScientific Linux 7libcroco-0.6.12-6.el7_9.x86_64.rpmd87d08920dc0d6fc8115db1658235f5de735757dd37422431369a61fa249bc82libcroco-devel-0.6.12-6.el7_9.i686.rpm4b512395a6822fa76d4c0fbc4014b8f33e37eca0dd449e27b22c5393b5532837libcroco-0.6.12-6.el7_9.i686.rpm4b4a8dbf07510cc58a5400f60b2f8e517bfe51567f1cb13fc26df73e19798391libcroco-devel-0.6.12-6.el7_9.x86_64.rpmbf8fdd5833f8236b37fe8bc05897aa99e052984c436bfda0351d38cc387973bbSLSA-2020:4076-1Security Fix(es): * nss: Out-of-bounds read when importing curve25519 private key (CVE-2019-11719) * nss: Use-after-free in sftk_FreeSession due to improper refcounting (CVE-2019-11756) * nss: Check length of inputs for cryptographic primitives (CVE-2019-17006) * nss: Side channel attack on ECDSA signature generation (CVE-2020-6829) * nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400) * nss: ECDSA timing attack mitigation bypass (CVE-2020-12401) * nss: Side channel vulnerabilities during RSA key generation (CVE-2020-12402) * nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403) * nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 (CVE-2019-11727) * nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state (CVE-2019-17023)moderateScientific LinuxScientific Linux 7nss-sysinit-3.53.1-3.el7_9.x86_64.rpm15a101e35a98f34fac1b771804494d4c6301eff549833e5e78786fb9feacc8adnss-util-devel-3.53.1-1.el7_9.i686.rpm60683f92b2008461920e8aefda0a27b834a00c7faf48ecb927eaae4d44292177nspr-devel-4.25.0-2.el7_9.i686.rpm3fa4d956eae89cfce468432d9c19af7d360fe488c4e0e6f05e5afa2b9fbae8a1nss-util-3.53.1-1.el7_9.i686.rpm9262d3904ffb913894939f0d81393714589b96d493ddba11f6ef0dbf62e79022nspr-4.25.0-2.el7_9.x86_64.rpme08439dde765b18f4e224a91ae854eeae94dc7dc8f37a60fde90504ab233d7bfnss-devel-3.53.1-3.el7_9.i686.rpm0e0db7d4094860e358678dc2afd7975797eb597cee877b304953603ca2e2f5c5nss-pkcs11-devel-3.53.1-3.el7_9.x86_64.rpm6431e62f2f37e81f770ef6c16adf677c8d181bfbbd1a6751ab6852a3a42312canss-3.53.1-3.el7_9.i686.rpm5dd111c183707e7ceb015f79188e924f397b034aca7c7d274b336cf993c68b2bnss-softokn-freebl-3.53.1-6.el7_9.i686.rpmcae33d2ff8fd02ddf817a0b2ba3293d31b3d563276e4d274205aac710cd30c1bnss-softokn-freebl-3.53.1-6.el7_9.x86_64.rpm25e1bf14fd9e2ace713eb7f595db1ee2e60d6099813d5f1fcd98a9970be276acnss-softokn-freebl-devel-3.53.1-6.el7_9.i686.rpmcbcdecdc2c895a1b0fc34ae177210bbdc8a94f583f59e47c1c64b7f8db0c17b2nss-softokn-freebl-devel-3.53.1-6.el7_9.x86_64.rpmce95acdf422ce3fc7b3662005438988b14f6bcd6195a429730e16d44bec1a098nss-util-devel-3.53.1-1.el7_9.x86_64.rpm216d1def1e80a5867a486fb4d2412663739458dd2ad8b11039291f32e307265dnss-softokn-3.53.1-6.el7_9.i686.rpme96391c99b548cc3fe9f16fe843cfda2d20d5e6d39204401aafc0e1a5492f73fnss-util-3.53.1-1.el7_9.x86_64.rpmfc0d30529d44c6c4edd76892d8700f7f24074c3a0448172bc76bca0df143652cnss-softokn-devel-3.53.1-6.el7_9.i686.rpm3f1b6bf28bb95723ac1c3e7ac8b0fba7c45bb42472b4fe44bef21aaa36b48fd5nss-3.53.1-3.el7_9.x86_64.rpm50faf714fa7d06ecc9cabcfa5e31bfdd489b5a6e1a18e20736f8575c128b032bnss-softokn-devel-3.53.1-6.el7_9.x86_64.rpm0d0cac5d697578932de17afb870c3df1b9c244b0d9b718a127079b18531b3487nss-pkcs11-devel-3.53.1-3.el7_9.i686.rpm5e12474924151c097b3f2bde740bbdd83c387afd02498a1baefc13829bb7cb75nspr-4.25.0-2.el7_9.i686.rpmb2a769c0f5a9bf9cd471371b1ce23fb1db144a7fd1e4147634136668b6fd9349nss-softokn-3.53.1-6.el7_9.x86_64.rpm4875de4d0a8cda97d3e56860fbecd2284818e04a30520087d0f0e84fd958bce3nspr-devel-4.25.0-2.el7_9.x86_64.rpmdc2cbeebe55c53402d9a5a92ec9bc3f0e479b8e5b26d2fb7ab73370586edd447nss-tools-3.53.1-3.el7_9.x86_64.rpma1f9fa142ea8067c25ed2764b30e0e813ec4d1650d0fb278c73afc1f64fbc787nss-devel-3.53.1-3.el7_9.x86_64.rpm4fdcf0080023ce61c49172ad09c2e9b10d47698b82a79433039d3ff87ce3f64dSLSA-2020:4079-1Security Fix(es): * QEMU: usb: out-of-bounds r/w access issue while processing usb packets (CVE-2020-14364) * QEMU: slirp: use-after-free in ip_reass() function in ip_input.c (CVE-2020-1983)importantScientific LinuxScientific Linux 7qemu-img-1.5.3-175.el7_9.1.x86_64.rpmcc234b4588abcd0ace2c803e27f48acda0fdbd096ca6f37c4165f7b9af872a60qemu-kvm-1.5.3-175.el7_9.1.x86_64.rpm780e0463b252a18a14de1b3be1627dfd4eff587bfe3e83a798a52422463cf1f4qemu-kvm-common-1.5.3-175.el7_9.1.x86_64.rpm8176a5ae74de01a8446831210e7e4ac7d83a5eafaa628b4e447fbf28d716ba63qemu-kvm-tools-1.5.3-175.el7_9.1.x86_64.rpm6bbc2982e31448005f29f6958c4a3cf6103d542e2ae8395d4163eb14fe7cabf8SLSA-2020:4080-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 (CVE-2020-15673) * Mozilla: Integer overflow in nsJPEGEncoder::emptyOutputBuffer (CVE-2020-12422) * Mozilla: X-Frame-Options bypass using object or embed tags (CVE-2020-15648) * Mozilla: Bypassing iframe sandbox when allowing popups (CVE-2020-15653) * Mozilla: Type confusion for special arguments in IonMonkey (CVE-2020-15656) * Mozilla: XSS when pasting attacker-controlled data into a contenteditable element (CVE-2020-15676) * Mozilla: Download origin spoofing via redirect (CVE-2020-15677) * Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario (CVE-2020-15678) * Mozilla: WebRTC permission prompt could have been bypassed by a compromised content process (CVE-2020-12424) * Mozilla: Out of bound read in Date.parse() (CVE-2020-12425) * Mozilla: Custom cursor can overlay user interface (CVE-2020-15654) * Mozilla: Overriding file type when saving to disk (CVE-2020-15658)importantScientific LinuxScientific Linux 7firefox-78.3.0-1.el7_9.i686.rpm60d7ccbae0fb2e7efd40487513ffa31855c8ffc70640fa40f3fc0632303be2fdfirefox-78.3.0-1.el7_9.x86_64.rpmd32524acf8d66c8f275ec8f19eac5c77f0c48f37d45eb3086f01118fa87a5862SLSA-2020:4082-1Security Fix(es): * squid: HTTP Request Smuggling could result in cache poisoning (CVE-2020-15810) * squid: HTTP Request Splitting could result in cache poisoning (CVE-2020-15811) * squid: Information Disclosure issue in FTP Gateway (CVE-2019-12528) * squid: Improper input validation issues in HTTP Request processing (CVE-2020-8449) * squid: Buffer overflow in reverse-proxy configurations (CVE-2020-8450) * squid: Request smuggling and poisoning attack against the HTTP cache (CVE-2020-15049) * squid: Improper input validation could result in a DoS (CVE-2020-24606)importantScientific LinuxScientific Linux 7squid-migration-script-3.5.20-17.el7_9.4.x86_64.rpm8b1a3a2a254b270fd04a7dd2f33021ff52c0e5a558ad766f1130305e0b5229c8squid-3.5.20-17.el7_9.4.x86_64.rpmecd073112bc98e8306973eadf51161a824607ae734f6035cf67e1d6b648e4b1csquid-sysvinit-3.5.20-17.el7_9.4.x86_64.rpm23e389475386958ead15f709c786b5aef35748f47648d7ef0fb23fcf0b218c67SLSA-2020:4163-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 (CVE-2020-15673) * Mozilla: XSS when pasting attacker-controlled data into a contenteditable element (CVE-2020-15676) * Mozilla: Download origin spoofing via redirect (CVE-2020-15677) * Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario (CVE-2020-15678)importantScientific LinuxScientific Linux 7thunderbird-78.3.1-1.el7_9.x86_64.rpm8cb9469cd9c20428bd5bf8d36bc3fc27f29a59bb3479ebc96ab319f2ce2aabdbSLSA-2020:4187-1The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple Protocol for Independent Computing Environments (SPICE) clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Security Fix(es): * spice: multiple buffer overflow vulnerabilities in QUIC decoding code (CVE-2020-14355)importantScientific LinuxScientific Linux 7spice-server-0.14.0-9.el7_9.1.x86_64.rpm30ddab719cd3bda859be66754d7d019ffca626947b292b067a2a72dfe1a01a6dspice-gtk3-vala-0.35-5.el7_9.1.x86_64.rpm262d414824db1a2bb0e8ee584ec73af35c3c7db6055033e89edc18aa4fd668a7spice-glib-devel-0.35-5.el7_9.1.x86_64.rpm5668c3958f2bd0877b5c7434b6ecb4978e0477f7a16563bb3bfa182819435de7spice-glib-devel-0.35-5.el7_9.1.i686.rpm6b893540268d67f008da133de195375193a3762a0d193247364e5d35047c66cespice-glib-0.35-5.el7_9.1.i686.rpm9e0dabdc7afa3624b57a12126fc0ce4332d48a001957581c671df2452588e965spice-gtk3-devel-0.35-5.el7_9.1.x86_64.rpmf1e2dba59dec195d5ab66ee51017e2c82d0f693d1da1a486030708b353c79849spice-gtk3-0.35-5.el7_9.1.x86_64.rpm1d890fc3d9e7b196242546c79cfd32d16da1136b607656068dc6e494ae0432f1spice-glib-0.35-5.el7_9.1.x86_64.rpm27dac680038754a54a867169760f0bde6a9c0de366c074ba11a3316893bd5e83spice-gtk3-0.35-5.el7_9.1.i686.rpm2ff0e30297f5cc7bad06deabaf27e3f4358401c3cdb42dfefd2a15d7389efe5aspice-gtk3-devel-0.35-5.el7_9.1.i686.rpmad0df4223041cd1c29b64383f16fc2695653d6501c31ecb9bd9dce0994238855spice-gtk-tools-0.35-5.el7_9.1.x86_64.rpma689d51b6ae85dbbd313c4dd9733e45ab054009104bfd8cdd4f53ddfabe8f7d0spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm2b766e8ccc48003a1738820137238bc972b83cc48a6c1295d680c105fd7a51adSLSA-2020:4276-1Security Fix(es): * kernel: net: bluetooth: type confusion while processing AMP packets (CVE-2020-12351) * kernel: net: bluetooth: information leak when processing certain AMP packets (CVE-2020-12352)importantScientific LinuxtrueScientific Linux 7bpftool-3.10.0-1160.2.2.el7.x86_64.rpm47cc98d79612c44ee4c50be036ff1202c827bacc377befbbe255b5e964fe5134kernel-doc-3.10.0-1160.2.2.el7.noarch.rpm727a63e696b987d5633e3b1f12ac7506e0e6c8de8afa32f85e45451effb2aff2kernel-headers-3.10.0-1160.2.2.el7.x86_64.rpmda5331ece8f1ff9c937d00d93ec8c1c92274df24d1e7b195011c9bacea3a120akernel-tools-3.10.0-1160.2.2.el7.x86_64.rpm222d55b53701eb15e5f6faff4c9efbb061f6c50214ccab31f16c010eb3cc958apython-perf-3.10.0-1160.2.2.el7.x86_64.rpm0dc203103a8e108ebd3e9035912ca0c3c036b2495e563b21611cae6ce04b9ae1kernel-devel-3.10.0-1160.2.2.el7.x86_64.rpme6af572c94419b586d36fa4592d7f067100928b0977cab2367d22cdaa053678ekernel-debug-devel-3.10.0-1160.2.2.el7.x86_64.rpm243e81730c77eecf1958dcee6298e81ed0a91814ebcc940f777ac975caac5142perf-3.10.0-1160.2.2.el7.x86_64.rpm4f8c8280a6df9babc06d5b037f4e9892dd15a5814df3794afeebae843de1661ekernel-3.10.0-1160.2.2.el7.x86_64.rpm6c14fb888501068824f2ed38908bb795a5dced8da3ca3a110e10b291b79084b2kernel-debug-3.10.0-1160.2.2.el7.x86_64.rpm95227e1a8230974169c9b94c54634753c92c01eff32a5387731e006b4dceb4f8kernel-tools-libs-devel-3.10.0-1160.2.2.el7.x86_64.rpm8fc5c8d4c4b9c8824a39c471e5b7b1a7f2fbb955875cb93ee8ae5f2aa389bdb9kernel-abi-whitelists-3.10.0-1160.2.2.el7.noarch.rpm7a19019424a7b2bb7896b09adcc4e479eb6d809b7efff3d1e9387fa579f96b3fkernel-tools-libs-3.10.0-1160.2.2.el7.x86_64.rpm545d852acb5f838546dd9015a7c2dda4a03847b8fd77d35373ccbfd1ee6c50efSLSA-2020:4307-1Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792) * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797) * OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803) * OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779) * OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796)moderateScientific LinuxScientific Linux 7java-11-openjdk-static-libs-11.0.9.11-0.el7_9.x86_64.rpm7773fe9ab00a5e8c1fa37599c574b80af7c1ee660b6c99e28a71207d48ced107java-11-openjdk-src-11.0.9.11-0.el7_9.x86_64.rpm785df6e2691fd683771687fa700cff34019c9eb04cb47b8889d6ac893bb37be1java-11-openjdk-javadoc-zip-11.0.9.11-0.el7_9.i686.rpmdfdba17e9f0906b0f52585265c332e327a2a82f69723e8751c5d44cb735adb16java-11-openjdk-headless-debug-11.0.9.11-0.el7_9.x86_64.rpm4bf919398968b3130277688dc7cfcfa05884ff3075f03a968b2483ee714a7a92java-11-openjdk-javadoc-zip-11.0.9.11-0.el7_9.x86_64.rpm27f5b0fbd8d539fab8c1a4ea03126541add9095f6eb6a5117f17e91a5e89b81fjava-11-openjdk-jmods-debug-11.0.9.11-0.el7_9.x86_64.rpmfce83dfde7f0630f6f930fbd5397f0bed2fb0aa112ad8a717766dfe72382a090java-11-openjdk-devel-debug-11.0.9.11-0.el7_9.x86_64.rpm00d0710ee0f2d7fb402b45cc52980e660c7fd3c073124f5ab8d5a8c8fa1c05d2java-11-openjdk-javadoc-11.0.9.11-0.el7_9.x86_64.rpm7aaee6e13b69540fa095cf098931f029d21869f2f620cf21b8e04d1ffb78126djava-11-openjdk-jmods-debug-11.0.9.11-0.el7_9.i686.rpmb357ecf4582909f59a3c364cc226ee82afe3b3a1ff6f4640abd93163eabf7b9bjava-11-openjdk-headless-11.0.9.11-0.el7_9.x86_64.rpma00bf0b70968ee49ec3a963c94ad6ae7e3aec54b16592b9af8a7b6aae4165507java-11-openjdk-headless-debug-11.0.9.11-0.el7_9.i686.rpme454ea47a65bf2a519a48a11562b81125f4879bea34a5a8f3f06a7ad1fc4dca5java-11-openjdk-debug-11.0.9.11-0.el7_9.i686.rpmfd1c5e53b94b26df626a313c7db3b0c152f8ce9de178876b29ab259269b42341java-11-openjdk-jmods-11.0.9.11-0.el7_9.x86_64.rpm7646e5a15007012257dae0968a551100a2a1097760531d183b8028a02d41ea5ajava-11-openjdk-demo-debug-11.0.9.11-0.el7_9.x86_64.rpm6d036817e9eff8bd9ab8b2c6579e62b1bd65e5d6deb3e63e7fcb1ac58d17f54djava-11-openjdk-demo-11.0.9.11-0.el7_9.i686.rpmd62dc9f69a52e7342d29a506d12f244ff1ed71c35bb9d98e9463b80896699839java-11-openjdk-src-11.0.9.11-0.el7_9.i686.rpm843c4d95590a7a3f422307ecad5a20705513c70ea54d3c384ba0499e4423bb80java-11-openjdk-src-debug-11.0.9.11-0.el7_9.i686.rpma34d858422fd29ddaeca302b07a4ae044c1df031e7fbdd9e85d80405ebd3d84ejava-11-openjdk-demo-11.0.9.11-0.el7_9.x86_64.rpm14b2f5753b2aaa759ab0f96933f8ce6e26c91b6edd91a5545d3a2dd3ad39490ajava-11-openjdk-devel-11.0.9.11-0.el7_9.i686.rpmd6208d100a97ed19eecc9f95cca5ce4d7f635c6c4caff6805a86b34dfde8bad6java-11-openjdk-11.0.9.11-0.el7_9.x86_64.rpm980fdd5684afb67ba596416cd0ddb2883f0957474269e36b86e5063a43855b6fjava-11-openjdk-jmods-11.0.9.11-0.el7_9.i686.rpm3c57bd28c1411992c646173d8a33781d72a541ea82d98483398fef0793276115java-11-openjdk-debug-11.0.9.11-0.el7_9.x86_64.rpmc7c73df4d3bf0a3af20c68f89b944f55df8ac09ab84cb4c16c5e4b53cfe48317java-11-openjdk-javadoc-zip-debug-11.0.9.11-0.el7_9.x86_64.rpm8996bc1bf68f25eacd32125341f0fd1650b6e1ba3a7d482c77bb348c58f2a45djava-11-openjdk-javadoc-11.0.9.11-0.el7_9.i686.rpm927bcc99f1a34ca8fa03cdcd6e6adacc2443d4d20ed3a66350d6f330620c64edjava-11-openjdk-headless-11.0.9.11-0.el7_9.i686.rpm9463ccd7aefcf1ab73ae5fe04106befaeef8b28a0366ba35b2d03dc604f29bbdjava-11-openjdk-devel-debug-11.0.9.11-0.el7_9.i686.rpmf996fcb1bae7301ace4b33f230c7237d608983c1b357c30b92596293af396be9java-11-openjdk-static-libs-debug-11.0.9.11-0.el7_9.x86_64.rpm290b0863990ac66b00fb4083c4fa0cd5652aa7dd425b6d7d0125f55add12540bjava-11-openjdk-11.0.9.11-0.el7_9.i686.rpm7406a9cbd48f8589fe8d021f10a10e13087b1d25ba804f38899e45af24af7648java-11-openjdk-javadoc-zip-debug-11.0.9.11-0.el7_9.i686.rpmcf2e2b4b7d6b2a08ececc865b2db978d4c8ac3e5ab27bc1bdbb22628d6badc00java-11-openjdk-devel-11.0.9.11-0.el7_9.x86_64.rpm75b390535e29603b8704b9f7a10850d6ec91bb8513c78638bf71dac9dd29c4b0java-11-openjdk-src-debug-11.0.9.11-0.el7_9.x86_64.rpm60c79a1a8ead07a961e19e44366f566b078c1e072ed131ca67b8fb8e4c449df0java-11-openjdk-javadoc-debug-11.0.9.11-0.el7_9.i686.rpm976242e401e45c3996fceab5cdac2d634b5b8fe950e37f1702b881557951ef71java-11-openjdk-demo-debug-11.0.9.11-0.el7_9.i686.rpm2dea15a7b85e8b1588d2903733f00dcc9f960170d0e46d94cbb178e847b5205fjava-11-openjdk-javadoc-debug-11.0.9.11-0.el7_9.x86_64.rpm8f33384eb89293e170cc12a5699a793ea71f7d2bd7b116da06375d6a8062449dSLSA-2020:4310-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683) * chromium-browser: Use after free in WebRTC (CVE-2020-15969)importantScientific LinuxScientific Linux 7firefox-78.4.0-1.el7_9.x86_64.rpm0f7cecb12ce176dfe68f58e23a8658f885e895967d328d6dddf495a467874d40firefox-78.4.0-1.el7_9.i686.rpm5368bac75f97a694f3d50cc99544bb65499f5d8bc09af1b0212e2a7b49b5590dSLSA-2020:4350-1Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792) * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797) * OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803) * OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779) * OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796)moderateScientific LinuxScientific Linux 7java-1.8.0-openjdk-src-1.8.0.272.b10-1.el7_9.x86_64.rpm84315cb088343d080c977e86a915e6409155b31470e1dd809df045148936bf74java-1.8.0-openjdk-devel-debug-1.8.0.272.b10-1.el7_9.i686.rpm8e53e8a1970a57d292b99eafb9991e560ec8637365609a3beee02c75712490d3java-1.8.0-openjdk-devel-1.8.0.272.b10-1.el7_9.i686.rpm19c42b5702f1772fb858a7dd625a9b7b25ae36a5a446343251b25d688f52344ejava-1.8.0-openjdk-javadoc-debug-1.8.0.272.b10-1.el7_9.noarch.rpm1aa199552998d535623ef176edb0599d6e3ce6ea5c2b304c46e91633ca9c42ddjava-1.8.0-openjdk-debug-1.8.0.272.b10-1.el7_9.x86_64.rpm291c256aaa593a5b2fadc2c71892cc2cfd49cac62877de65c4d7333d6d1e2766java-1.8.0-openjdk-demo-debug-1.8.0.272.b10-1.el7_9.x86_64.rpm11da3b9851328b21be471ff58700b9b2f5bd82687423bb4aeff49ad5fe74bde7java-1.8.0-openjdk-src-1.8.0.272.b10-1.el7_9.i686.rpm23e32a42c36201c41a19045602fe6a68c373dc8a114ceea2847e3ff69c95af67java-1.8.0-openjdk-demo-1.8.0.272.b10-1.el7_9.i686.rpm0166f48d73f52d1b4960002169d5fdc6a3bc2dee12fb8cd565131982b16df6acjava-1.8.0-openjdk-devel-debug-1.8.0.272.b10-1.el7_9.x86_64.rpm427823d292ddc2e1912dbc3efd235617a03bcc39f55eb6ab6c73999879440526java-1.8.0-openjdk-headless-debug-1.8.0.272.b10-1.el7_9.x86_64.rpmde17e98792cf998ea57892d253aa9a014d87b676323cb00ffe23ffc808a855c1java-1.8.0-openjdk-debug-1.8.0.272.b10-1.el7_9.i686.rpm2fff35aad1f8f8087da29e944b74e864cf77a51390c4b6a8da086ea967ffb7ddjava-1.8.0-openjdk-devel-1.8.0.272.b10-1.el7_9.x86_64.rpm3e2f48307168177298cebba77c02b2add7e979bb11604f1884e6ac3e5c7ae81bjava-1.8.0-openjdk-headless-debug-1.8.0.272.b10-1.el7_9.i686.rpm75a2baf703633777a09a0843420f231b218fb5ccf667034b9217546011a5f1f4java-1.8.0-openjdk-javadoc-zip-1.8.0.272.b10-1.el7_9.noarch.rpme6a43a8ce33d46f21008e0f57a5e9274718a5846f796b6fd574fd749ad0cd256java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.272.b10-1.el7_9.noarch.rpme4ff55c6a3974510ed0d5a27e453efe217672a67b02dcaf63899407789e101aajava-1.8.0-openjdk-accessibility-1.8.0.272.b10-1.el7_9.x86_64.rpm9652581e291a509533b2e4ee788ace94e553dbaaeee77f9bea281899d9280f6bjava-1.8.0-openjdk-src-debug-1.8.0.272.b10-1.el7_9.x86_64.rpmcb363849f85f163f11d69c5721b4171bae4f79393951dd15de33b722872d9d0cjava-1.8.0-openjdk-1.8.0.272.b10-1.el7_9.i686.rpm944ae8a673c37a87563b11c7a02b258b99e4ee270605ef31999f3e742fa7b203java-1.8.0-openjdk-demo-1.8.0.272.b10-1.el7_9.x86_64.rpmf69ec149f70f7f866239649eb6f5c5a4c0b8fd826fc431f07b08aa8d93a3c054java-1.8.0-openjdk-headless-1.8.0.272.b10-1.el7_9.i686.rpmc32d7e9e4972acc71800876a40238760a778cca2fb2c037511180e03720602c8java-1.8.0-openjdk-accessibility-1.8.0.272.b10-1.el7_9.i686.rpm5f035231f2a2dfb229860b0c91dac5dc62d9fe8e22f095fc467d08875dc80a5fjava-1.8.0-openjdk-src-debug-1.8.0.272.b10-1.el7_9.i686.rpmd16c13b69c6aa06ee4183431a1edeb59292c109ae4c060ae4ad634d8edca96e3java-1.8.0-openjdk-demo-debug-1.8.0.272.b10-1.el7_9.i686.rpmdaaa6fd0a3d4bacf1db37e863d92ecee085d896317a68639f52ed55426d1581cjava-1.8.0-openjdk-accessibility-debug-1.8.0.272.b10-1.el7_9.i686.rpm42bf03a22cc2276874f1429ebc2578e1c28675d80ff51a26adcfca2400c960fcjava-1.8.0-openjdk-headless-1.8.0.272.b10-1.el7_9.x86_64.rpmccb82da1647e57bbc6d08fdc599b42fd105616c8daa1899f3729ea126caa883ajava-1.8.0-openjdk-javadoc-1.8.0.272.b10-1.el7_9.noarch.rpm9a8f96cf3e2853d9be82443633e43a8e6e6272b20a9c2d38fbb40f4621c941a5java-1.8.0-openjdk-accessibility-debug-1.8.0.272.b10-1.el7_9.x86_64.rpm787f313e98da032ef62f0dfb22807715b5919725bb31240e48f28826aeb1b884java-1.8.0-openjdk-1.8.0.272.b10-1.el7_9.x86_64.rpm4b751ddb7f6a4e3be1a7475be83045a254e457b2320ef35a477e8aa79e0c7eefSLSA-2020:4907-1Security Fix(es): * freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png (CVE-2020-15999)importantScientific LinuxScientific Linux 7freetype-demos-2.8-14.el7_9.1.x86_64.rpm4bfcf2c7e50e92c1f2d9409f26c5831b3896ec5ce1f8e47ffa61da84870812b6freetype-2.8-14.el7_9.1.i686.rpm856e5771864d72fc764d1a8042323f58fa6a121257e801239a8283d4034dd58cfreetype-devel-2.8-14.el7_9.1.x86_64.rpma55d3145c81d7f556319415342886d99a289c7a2c055ff488a8e8ec4eaeb56c3freetype-2.8-14.el7_9.1.x86_64.rpm0a2506c221bec596a80aac2b5f9956724acd36ff358e33a36d7a72ab9028ed34freetype-devel-2.8-14.el7_9.1.i686.rpmb490be3e3b925087ecd0ba1133a0fb1f6d84b413a04d69e80a0a3c4040a6d12cSLSA-2020:4908-1Security Fix(es): * libX11: integer overflow leads to double free in locale handling (CVE-2020-14363)importantScientific LinuxScientific Linux 7libX11-1.6.7-3.el7_9.x86_64.rpm6e8e14ca7f672249ccf93b21f9a05353d9f869e8c9e82c21e193d279eacf068dlibX11-devel-1.6.7-3.el7_9.x86_64.rpmf19a029ec329dc1e1243c645ea26b5a7f62dabf74c5b549969d58b13561ffacdlibX11-common-1.6.7-3.el7_9.noarch.rpm381c93461e119984e0434b571d08714051e8aa858e2e2094b1bf2d0d1edc6d75libX11-devel-1.6.7-3.el7_9.i686.rpm1dde8930cae65481b398449efa31c5cfb59d23826f5fa96d9e52cb282f70b99flibX11-1.6.7-3.el7_9.i686.rpmfafea10ff0634bedb1da4a7f7bd5dc1d0ac3b3d282e8c0db6348a5cc6311c657SLSA-2020:4909-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683) * chromium-browser: Use after free in WebRTC (CVE-2020-15969)importantScientific LinuxScientific Linux 7thunderbird-78.4.0-1.el7_9.x86_64.rpm25bc3fd79765278178210c5f457310376fb4fdc89b63a3716d1622c585ef860fSLSA-2020:4910-1Security Fix(es): * xorg-x11-server: Out-of-bounds access in XkbSetNames function (CVE-2020-14345) * xorg-x11-server: Integer underflow in the X input extension protocol (CVE-2020-14346) * xorg-x11-server: XkbSelectEvents integer underflow privilege escalation vulnerability (CVE-2020-14361) * xorg-x11-server: XRecordRegisterClients integer underflow privilege escalation vulnerability (CVE-2020-14362)importantScientific LinuxScientific Linux 7xorg-x11-server-Xvfb-1.20.4-12.el7_9.x86_64.rpmf6838ab4d46d3054257b828a7aa09da6f020cb48bf424014e1be418934f66c74xorg-x11-server-Xnest-1.20.4-12.el7_9.x86_64.rpm59a891a6804e0ea057830bf640a4a7e10fd3488c6fd198af5ff0ccaa60ebafdbxorg-x11-server-Xwayland-1.20.4-12.el7_9.x86_64.rpm5b1c4f1a7d447b4905e86e7f92cc9afe83d803cadacd5e87d2e0cbf650f0f8d9xorg-x11-server-devel-1.20.4-12.el7_9.x86_64.rpm09033bb3f0b3195c416ec4fd68f5def0470d5a45fb96b8ac599fcf8db93c9ec5xorg-x11-server-Xephyr-1.20.4-12.el7_9.x86_64.rpme030ba439f9e18e27c1304a0037acde04069f35196f4d1edcb1e520ebb5b9a56xorg-x11-server-Xorg-1.20.4-12.el7_9.x86_64.rpm9ebc5b0228dc8be2571033eb26e2cb3cee0ac8bb36f72b7366734efbf3c25748xorg-x11-server-source-1.20.4-12.el7_9.noarch.rpma61f91a5c7e074ebe99958241cf0e74824ed077b38d3eed8ce45ade8cd175ae6xorg-x11-server-common-1.20.4-12.el7_9.x86_64.rpm10e5862388d8b6540d5d679da3bdd3164dcfd8bf2f7719cdbabb6921943bc62bxorg-x11-server-Xdmx-1.20.4-12.el7_9.x86_64.rpm36769b74f79e05de43a4c183a16bcd665b4d5c8e9015f7bcebdbfbbd472521c7xorg-x11-server-devel-1.20.4-12.el7_9.i686.rpm91ea49af08c78dbd43a08054b978fc8c15fed8ff793db9324e1388e9f68989d4SLSA-2020:5002-1moderateScientific LinuxScientific Linux 7curl-7.29.0-59.el7_9.1.x86_64.rpmba54d7541f99b9c1b96d3b33b9c2e18d90849d7cb66887cc3a1bc986b7c7f482libcurl-devel-7.29.0-59.el7_9.1.i686.rpm5807aead12a31810010e2917c43ef8bc265f212fb924fb1601e9ccf1704807d8libcurl-7.29.0-59.el7_9.1.i686.rpma1e0db291e8a9c734565c398e9a27b6c860183f135ea3a9d7cc5c228584dd083libcurl-7.29.0-59.el7_9.1.x86_64.rpm10d4a066a84d6742cd80208aa0113d24ee91fa5f9920eb44afb28547ed632f79libcurl-devel-7.29.0-59.el7_9.1.x86_64.rpm498795c1e33bc252ef6ba34b65cae08deff1823ffc0ba48263b049e343cea197SLSA-2020:5003-1lowScientific LinuxScientific Linux 7fence-agents-amt-ws-4.2.1-41.el7_9.2.x86_64.rpm19c1b59f34566a07a680e1125699a5601016c4f319a0b75705d98377c2492973fence-agents-brocade-4.2.1-41.el7_9.2.x86_64.rpmf02e59eb643f3e54fc7b389da7546ae132453de6cacbde4abbd99385e56ea2e5fence-agents-heuristics-ping-4.2.1-41.el7_9.2.x86_64.rpm94d69c86f62a895488c9b506d6f5cfae82631017a45cb41c0ca9c35c8e1d215afence-agents-aws-4.2.1-41.el7_9.2.x86_64.rpm625fa195bf09fd0b2ff93c606f5a10b4b48607c4e7c658eef69c693e2a4349adfence-agents-ifmib-4.2.1-41.el7_9.2.x86_64.rpmf8f38967fe30cdad7aad67901ffaa6bf47b8469b46d6c0e1e3d11aaf7afee7b8fence-agents-apc-snmp-4.2.1-41.el7_9.2.x86_64.rpm5a6ed6aaba21a98dcdd9f4401143fc147a0c989312f25d7cbe1db6834b413402fence-agents-cisco-ucs-4.2.1-41.el7_9.2.x86_64.rpme80734486c4d4890d8320ff21ae677068bca71fe5fe2ba91ff0f5829b4940c1cfence-agents-ipmilan-4.2.1-41.el7_9.2.x86_64.rpmecf3927df5579f5a536b62f71366d279a3915439e331cd613df65b75c8a8ceedfence-agents-emerson-4.2.1-41.el7_9.2.x86_64.rpm93e973edf16a36d9dce880b159f61ff25e2e8ec26970ea2a50ddf29bc65f9b54fence-agents-eaton-snmp-4.2.1-41.el7_9.2.x86_64.rpm87cf4a8df3796539e14f2e45e097ddff5962023dab57efce4dae747dc8706a87fence-agents-bladecenter-4.2.1-41.el7_9.2.x86_64.rpm97effd14d1127ea087f512a63b22ed75bec9dc9b3cc841f314ffca633bd5a723fence-agents-ilo-mp-4.2.1-41.el7_9.2.x86_64.rpm9d8ff4d2b0dd185e45ba025d522050a6642a47d963f089b3d899c3e757e15ec8fence-agents-ipdu-4.2.1-41.el7_9.2.x86_64.rpm06e39bab1ee277ae744255675cfbb44271fd3f3c903323f1a0917f1f7c322f14fence-agents-eps-4.2.1-41.el7_9.2.x86_64.rpmacda91e12e2d0ac30de4dcf54773de27a5ddf0d8d2c59ac643733ef5d7d0d725fence-agents-ilo-ssh-4.2.1-41.el7_9.2.x86_64.rpm57abe5040417b44ca1df4883b214df169899cfd1775a2d76c76389f600741506fence-agents-hpblade-4.2.1-41.el7_9.2.x86_64.rpm21d3e84059bb8d99d386f4e742374915338e840d53b783e2f45c5bca9fd43138fence-agents-azure-arm-4.2.1-41.el7_9.2.x86_64.rpm1d8b493c7e010d1bebcde306db5209fddc3e122f7ef2ac1332d13fd044061e9efence-agents-aliyun-4.2.1-41.el7_9.2.x86_64.rpmdecc5ac47e2f630fffdbb821ca6ebf7b38269bbae0565bb8410589351ba59a31fence-agents-cisco-mds-4.2.1-41.el7_9.2.x86_64.rpm02a116fb8545da6c0b78a4c1122e6aa029ed2baded2336a6539bd3744f282103fence-agents-gce-4.2.1-41.el7_9.2.x86_64.rpm6d650ff5a7bc1d93d552eed702fb8ff4af0e255a6e012e1ddb3971204bc91755fence-agents-redfish-4.2.1-41.el7_9.2.x86_64.rpm07122c2fadde5f1434def7ae61dd0550c73eb7309b3f87b309c0a2991b14b217fence-agents-vmware-soap-4.2.1-41.el7_9.2.x86_64.rpmafac04d76ee59901927a64348eb93e4ea0c48a164cc0e2029847e8b26edc0ddcfence-agents-kdump-4.2.1-41.el7_9.2.x86_64.rpm8d6a4bc8e0c2082f7bb2fc692d41ccd385925ae94b94fe095591a846c940c7cefence-agents-rhevm-4.2.1-41.el7_9.2.x86_64.rpm798e4abc8535513ab7c780003067d0d787535100f412f57adad927899771c7c9fence-agents-rsa-4.2.1-41.el7_9.2.x86_64.rpm891ca7ba40226f9600a88b4c203b435de729c7aad318c3d08794bf769091c792fence-agents-intelmodular-4.2.1-41.el7_9.2.x86_64.rpm9d4cf92a8bd0efc8af62ffa59e709ac8ea92a414e65d08dcb1915cae96da714ffence-agents-scsi-4.2.1-41.el7_9.2.x86_64.rpm17c615fffd7a175d4158fe6c35728dd9b713c112f9e99529fc0708769b90fb70fence-agents-ilo-moonshot-4.2.1-41.el7_9.2.x86_64.rpm7a5a2b4de31ed4b73eb64ea6166a28dca4bc14a5a6ed7d2ac80c8d1e5e18260afence-agents-common-4.2.1-41.el7_9.2.x86_64.rpm3113ef7fa8701385c7a5c6f61e717ac7835c22d5799875b014af41ab19820f98fence-agents-wti-4.2.1-41.el7_9.2.x86_64.rpmc68f45aa1282b59a0f376da3c37f2f012d3bae05ea7c9c38c304b04359cb989efence-agents-sbd-4.2.1-41.el7_9.2.x86_64.rpm7d1d59df509363d91c0363179db6fcc242c229a2d617512faad157605bb5b391fence-agents-drac5-4.2.1-41.el7_9.2.x86_64.rpm39f494fb8d21bdde0e273d8a4c3110f811ba071cf2e9bb1a137ff0bc70799f05fence-agents-mpath-4.2.1-41.el7_9.2.x86_64.rpm77d14651c7a89a3873fcb841320bc6c4f37aa9bbcb4b118c292899eb16afad4bfence-agents-all-4.2.1-41.el7_9.2.x86_64.rpmaf1d5dde503828705086ed1cfd537bafb76e83b568ad1063e3ae8374cbe99153fence-agents-rsb-4.2.1-41.el7_9.2.x86_64.rpmb4ddaf6fcca6625e8b557cd3c7de1d0a230f23a22a0888d793ab0b0ebf9dbb48fence-agents-compute-4.2.1-41.el7_9.2.x86_64.rpmb1a61cc6f553521b7e4e4056b66462718b8e5b59466f1ea3d18c75603bad5cfcfence-agents-ibmblade-4.2.1-41.el7_9.2.x86_64.rpmc3cf909e55970318c1441c421986aace5355b213f0f27fd605c1929384f6d03cfence-agents-lpar-4.2.1-41.el7_9.2.x86_64.rpmb268844e144424fb2899eb26e623c12278f50a473077c04f46012cb21459cc7dfence-agents-vmware-rest-4.2.1-41.el7_9.2.x86_64.rpm9cfec09f827118a1a090fd807df6f879dc8c0c728d097cdc1c32225d4d967a25fence-agents-virsh-4.2.1-41.el7_9.2.x86_64.rpm68430c1c9dd9c303ef148a63c8ae963e773a7baad7617607883d068bb71d43a7fence-agents-ilo2-4.2.1-41.el7_9.2.x86_64.rpm41ee415447647eed027bb185416b14ded13e68e705ac15690df996d2d3c48084fence-agents-apc-4.2.1-41.el7_9.2.x86_64.rpm8d62c1b3065122e397a7cb931437908eee8860e1f8174171619a6fa1c01fe69dSLSA-2020:5004-1lowScientific LinuxScientific Linux 7resource-agents-aliyun-4.1.1-61.el7_9.4.x86_64.rpm6741e110d07ae95142ad9c8ae7ce0b4ee1d84fa4d443de2263c0efffc0faea0aresource-agents-gcp-4.1.1-61.el7_9.4.x86_64.rpm24113aaad452a826353ff1a9bb70cd501196a5e195fb1af3a339e6cbd1ab0329resource-agents-4.1.1-61.el7_9.4.x86_64.rpmc655d13e0a6b3232dcb85372644ad9a0e41bd2b42ba00a1ed919d79f31a588f4SLSA-2020:5009-1Security Fix(es): * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907)moderateScientific LinuxScientific Linux 7python-2.7.5-90.el7.x86_64.rpm4e752d78be10a3150e118f067de4a2c1741192fa3a1b1ccccc7cacb2a1d55adapython-devel-2.7.5-90.el7.x86_64.rpm6fb703ebfb6d07fc86aee57f61ebab154a48b3392f9099feb0f862c34dc60570tkinter-2.7.5-90.el7.x86_64.rpmd3887158f3657a31a93bb8a42b504368e58bd61a76a727d1c5d849cd123e8362python-test-2.7.5-90.el7.x86_64.rpm8d4fbc682f98395e2a3b2bd59bfdbc00148c0046f3a93674ef17515ecbd500depython-libs-2.7.5-90.el7.x86_64.rpmfbe061a1f6a0f7e4c2c206db5a149e0fbf9a5e07101a22c47f5850913cd6b10cpython-tools-2.7.5-90.el7.x86_64.rpm028b8c625d2bbbc8ddba8669893ce2244b9c34d746b9cd2a11d853ff0de8a2c8python-libs-2.7.5-90.el7.i686.rpm2a375c1e3a4738e095ec03be404443859dd6b779f5e580b5bc1eaf005734c925python-debug-2.7.5-90.el7.x86_64.rpmc2ff66a4cfe90e016335af67c6f9119b924f27fc10d839788bef5b13de7db1a3SLSA-2020:5010-1Security Fix(es): * python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907) * python: DoS via inefficiency in IPv{4,6}Interface classes (CVE-2020-14422)moderateScientific LinuxScientific Linux 7python3-libs-3.6.8-18.el7.i686.rpma7660e2a2f3125d61888433e08d9b119eabfbfee7814b5956f641daaac3d16e7python3-devel-3.6.8-18.el7.x86_64.rpm43aa3c0434b1412eae7822f4051ba310a53d1c3096d9758d21ff6652fbeadcc9python3-tkinter-3.6.8-18.el7.x86_64.rpme10cafc4bd4ff0c1a0ddbf36d5c7fc9446fafa85804e1ae63c8410cfe65822f2python3-tkinter-3.6.8-18.el7.i686.rpm317fd91d642bdf926eca2d224aec7b948873ca9f78379436fb32cd2d01ac63d4python3-debug-3.6.8-18.el7.x86_64.rpmc533139272942d0922d04eb19a99e44fde769aa9f76a93c0cdfa8d9fa1497d37python3-libs-3.6.8-18.el7.x86_64.rpm17b2a06a86a63c0a24c38aca3f59357bb05f561bb409f13c8092423c0084f60bpython3-idle-3.6.8-18.el7.i686.rpma59689e48b4c5506ac5031f9d6a3c4f529576283504531c5c70e9439a8cf2d9fpython3-devel-3.6.8-18.el7.i686.rpm38bfd095c97c53712cd65a01f6ec085a53ec6a7b043fad17da3a850a0584aeb8python3-3.6.8-18.el7.x86_64.rpm16d6911fd5e4e2d70be8d42e87fb416477baff5c313c3e251f010af76df67b49python3-test-3.6.8-18.el7.i686.rpm87478d3ab6ff72a3be98c75fcf0cf08a0668c71e8d030671ebeb7579ff5bfa7fpython3-test-3.6.8-18.el7.x86_64.rpm1d09983f1cf741814abec6324ed5c1e8aff39a249e854538ac774ce447973e9apython3-debug-3.6.8-18.el7.i686.rpmaed68cdc24710bf3087d20dc03abb64dbff1a5fbd9d7fa002637558108e158a7python3-3.6.8-18.el7.i686.rpm7f812c3e6f365f2e84fdbac137a6976e42f0f3a5f5c1b5fa95aed1c0a784bb15python3-idle-3.6.8-18.el7.x86_64.rpm8d4219b8ff1bc224f28bd8ad7d6bfc5c993aead45dcda9bdb2364414a3984cf0SLSA-2020:5011-1moderateScientific LinuxScientific Linux 7bind-lite-devel-9.11.4-26.P2.el7_9.2.x86_64.rpm6e55a724a60ef42a4e13b4bd0f32a3abf34323df4958482ae7662740d6d223bbbind-export-libs-9.11.4-26.P2.el7_9.2.x86_64.rpmaac0b90e4609b7004d2027c64a3e27da3b92969c8fbad97d0d053f41f8cac10dbind-export-libs-9.11.4-26.P2.el7_9.2.i686.rpmd473992a2a6512f6bd697e4200b71804f572691556f4c398170305cc7ec4223cbind-pkcs11-libs-9.11.4-26.P2.el7_9.2.i686.rpmcaea82264b0e1e6c343dccf95cc52f257fed2e135b0e15d4d3e5defbc810f433bind-pkcs11-9.11.4-26.P2.el7_9.2.x86_64.rpmed3d5cbf0009188355cb6fe08fa821cb0bb6013b6b2f560c3c28a6053f4fc0b7bind-libs-lite-9.11.4-26.P2.el7_9.2.x86_64.rpm601f32234eb3bc2aaaa8c34b7b814bca3974368c5bcd14b3b20e3391075fc37ebind-sdb-9.11.4-26.P2.el7_9.2.x86_64.rpmf209b01442c24e01c0dbf9b26af008c58b811c96f758b2e58db3985146b10a63bind-pkcs11-libs-9.11.4-26.P2.el7_9.2.x86_64.rpm2455b597f2205f173708218e701b1a898dfb109b1b3ff6a04e0808b2417d0fb9bind-utils-9.11.4-26.P2.el7_9.2.x86_64.rpmeec76e247d93cbd1f7a186b88afc0f06111d005d9a21e92861f98222488a46bcbind-pkcs11-devel-9.11.4-26.P2.el7_9.2.i686.rpmdd0ef240b3a27a372f8677ad72902b7ca400c4d6d99a8949e123b8b7fd6c09f3bind-devel-9.11.4-26.P2.el7_9.2.i686.rpm98c7ca6154305aeab368688f1c27a1e05fbc2de5e742b32ed3218bd7fc1f544cbind-libs-9.11.4-26.P2.el7_9.2.i686.rpm35c0bd5b784f981951eb890d7e96f670a92cca814aafde0c84790be6f65d2a9ebind-devel-9.11.4-26.P2.el7_9.2.x86_64.rpmb1435d0c8da81b0a72b274eca170649f9b76349b539f6421ab4a2687a8fb64a8bind-lite-devel-9.11.4-26.P2.el7_9.2.i686.rpmaf95fc594e7fd389c1077dc9950675416f28bbfef92e60bb9d1db4e8054bad3ebind-libs-lite-9.11.4-26.P2.el7_9.2.i686.rpmba84e4f9783f4a9c8e8d0314626d596326644b918391d562eab30c32a28f97bebind-export-devel-9.11.4-26.P2.el7_9.2.i686.rpm568c85d08f58ab6c94e2f8dd086448b0295ba44be1669d80600c780dad7c1831bind-pkcs11-devel-9.11.4-26.P2.el7_9.2.x86_64.rpm1137d00e19fe5e5304f4beac20b234bf52ab2cd1df0f0aecaddf6936cd14d078bind-libs-9.11.4-26.P2.el7_9.2.x86_64.rpmd6bd50edb212bde63536e11a4ca1a861fc56b7096b2ab4953614ad3de87381cabind-license-9.11.4-26.P2.el7_9.2.noarch.rpm91a402777de0497989837c462b009b8a4c06d9536038f7b2ce28ab4003396004bind-chroot-9.11.4-26.P2.el7_9.2.x86_64.rpmadfbe5e8a9b3385e09f7c2e56341682c55a23e8fe1100868dd15e08d3e5dee34bind-sdb-chroot-9.11.4-26.P2.el7_9.2.x86_64.rpma062858ee2760dc527dc773c645df312b22e5440d711a0bf9105450bd563815abind-9.11.4-26.P2.el7_9.2.x86_64.rpm273e674dedfdc72bb0c9762512c41a5ed7c3323bc79888dfd46352cd41558ff5bind-pkcs11-utils-9.11.4-26.P2.el7_9.2.x86_64.rpmb28870f9473211a5aab4761aaf1811a52d8f7d737a53892e03fb98700da4e032bind-export-devel-9.11.4-26.P2.el7_9.2.x86_64.rpm682d4b7e4aa8fe2d2eee80929a26956290c764782a27195eaa18ddb39cbabe00SLSA-2020:5012-1moderateScientific LinuxScientific Linux 7librepo-devel-1.8.1-8.el7_9.i686.rpm5e9aa35a981d2840134692f84d2e65150bd03a045a1df0f2432b0c46f8e24f44librepo-1.8.1-8.el7_9.i686.rpm54ac0b83a5980f0fe79f81d89bbc74511e224e96f3aa6acc5b69f30f2ba73f4dlibrepo-devel-1.8.1-8.el7_9.x86_64.rpm842b884bcff0768ce4bcf18fafeb9f1ab99bd8d1e6249607717fa18cd58b9109python-librepo-1.8.1-8.el7_9.x86_64.rpmb29277245dc259c20968baf397c933cc0ec2a338941c8e11b46ac3d016d038b8librepo-1.8.1-8.el7_9.x86_64.rpm818449bd35f4147b579a34e08feb2b30eccdb473abe5bcdf6a069186449e303aSLSA-2020:5020-1Security Fix(es): * tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling (CVE-2020-1935)lowScientific LinuxScientific Linux 7tomcat-admin-webapps-7.0.76-16.el7_9.noarch.rpmaa6977941c1bd2072e8fb52668afe505c2954183b66b3542044143bf50d5a61ftomcat-7.0.76-16.el7_9.noarch.rpm9278de0d20e9970c899c261f58a8f877dfda254c508e807a26543581b5f2a1cbtomcat-el-2.2-api-7.0.76-16.el7_9.noarch.rpm21603edf7a3c774277bf9bd700aa3094ba96a1202a280e3b47028eca16978998tomcat-javadoc-7.0.76-16.el7_9.noarch.rpm5cf6522a174594dc8829b733123119299d4b28d31cc1517b9ba363d2e1502949tomcat-lib-7.0.76-16.el7_9.noarch.rpm7b0ac0b8e2b581ecfcdd755f439d5d9f8d1177b580d36862164e42614f57befctomcat-jsvc-7.0.76-16.el7_9.noarch.rpmab625888831656616637f61767d19ed69855e9bc8b5613b1f2b21a614d4c9fa4tomcat-docs-webapp-7.0.76-16.el7_9.noarch.rpmf32c86c05713f79a60c47dc334f63927ee9b7e4c2882a0ec800cf568da8d75d5tomcat-servlet-3.0-api-7.0.76-16.el7_9.noarch.rpmbae2181cfc1afb37bbb46b70c86db7759a895db94e4d2532e82885dec4ad6a76tomcat-jsp-2.2-api-7.0.76-16.el7_9.noarch.rpm6d36a3c8047de2d05a4432fb9e3a2ef78553a6a23865860d8490688bd4f34d27tomcat-webapps-7.0.76-16.el7_9.noarch.rpme143514d193ed8743b67b9e1a19c66408778aa408d716b211c28a4e923a3f833SLSA-2020:5021-1Security Fix(es): * qt: buffer over-read in read_xbm_body in gui/image/qxbmhandler.cpp (CVE-2020-17507)moderateScientific LinuxScientific Linux 7qt-postgresql-4.8.7-9.el7_9.i686.rpm2f990625aac0eaefe277e1d90296642a9b1769a0ab847d974fc6286a24a7c032qt5-qtbase-5.9.7-5.el7_9.i686.rpm496b6233b011be7d3c40f8ca6ba7099784979e45792a5248866fd658d8f3e41fqt5-qtbase-doc-5.9.7-5.el7_9.x86_64.rpm2357df991d7653d7a563cff583d91c69ec6f2a4a8b540b12b8ec0fbe40647975qt-postgresql-4.8.7-9.el7_9.x86_64.rpm149eaca53c75a7f7715efa7375b2df5b9e7825188b555992a4bd55aa0d3a4b6aqt-examples-4.8.7-9.el7_9.x86_64.rpmeafba1d14ae64d4274b6c589e86ec5469654769e36a98ad2c045e854c79d627eqt5-qtbase-devel-5.9.7-5.el7_9.i686.rpm5ba87d3495269210ce50d1d1d8f9f85aca324920ec8afd356a9f1e264e0063acqt5-qtbase-postgresql-5.9.7-5.el7_9.i686.rpm0a15d3c8e425c94919803f505f5c16e79ee114bfa4a0728e8d6c5fea205dc7e6qt-4.8.7-9.el7_9.x86_64.rpmf465ebe6ef7078025b0aef2d83521766c0193731dd513dd340f86e97c40ad4b6qt-mysql-4.8.7-9.el7_9.i686.rpma929b6861f8b6c71c5b8806107be20a35a566658b50f679f7ec99a516832966dqt-doc-4.8.7-9.el7_9.noarch.rpmb1f0394efc9e9b5c449853c0a4b7985aa41366fb86f0b0a5b2a1a04c4a5e21bfqt5-qtbase-odbc-5.9.7-5.el7_9.i686.rpm39a8424c0f12bf955a09694a34d9d52554f1d69487bd25f7bfaefbea7eedf1c5qt-qdbusviewer-4.8.7-9.el7_9.x86_64.rpmc31cd6a5bc81ed156dc959959be0c07c9a77eae076fab9e71bd31c425dc9580fqt5-rpm-macros-5.9.7-5.el7_9.noarch.rpm477f92195f9f353679121b03e73d2c4b1a890938adba3e8de175814c3c5b2203qt5-qtbase-static-5.9.7-5.el7_9.x86_64.rpme6c9d053df810165e1f2ceed63ff22ffc9223f392eac16b7c0446017e7d8bad2qt-odbc-4.8.7-9.el7_9.x86_64.rpmbe734a03e61cd155d5157f9293d70582a3dec56a806f6d159263e2e43df3453bqt-devel-4.8.7-9.el7_9.i686.rpm9e89c257e4ca088f35aaa05d178f8fc7500e8aad245912921618dfad3c3f4539qt-4.8.7-9.el7_9.i686.rpm99a1970527986d3b3cf24e7c62f6b13abecc10a37afb1d5185e37f5913043a19qt5-qtbase-common-5.9.7-5.el7_9.noarch.rpm1bd4ac9a033b7f25c252543ac7663d0b33543e34b8cc11b6628e6a2535a5ac84qt-qvfb-4.8.7-9.el7_9.x86_64.rpm7c7dfcdb90154564be2c0bb73e0c60527fa1e3293115df89d59dccc529ee1f6dqt-devel-4.8.7-9.el7_9.x86_64.rpm5d24d57c02883634e33c1d9ffb5ce1b6fcb0159ad1c355eb3d49db7b325628f1qt5-qtbase-static-5.9.7-5.el7_9.i686.rpmf9be3f2d2203d1e2fcca65c02e36c78a22cecb1f9e11d8585ff624120f847bcbqt-assistant-4.8.7-9.el7_9.x86_64.rpmcb546610e2a63c8897ebbae15c0c09c5df5dd8cfc8339dee8a9697fc5b98567eqt5-qtbase-mysql-5.9.7-5.el7_9.x86_64.rpmc0e467fe03493409c25efa83cd410e575e50bf5efb6592d7548fdc194873c39dqt5-qtbase-gui-5.9.7-5.el7_9.i686.rpm8410d859b7b9b6895b658d281e39f178f170fffb144fa4a96cf695b8d3f181a2qt5-qtbase-examples-5.9.7-5.el7_9.x86_64.rpmfde83ba6b73398217a03eacb43561b1efe091402f0e46c8bafb7b2c39e129ea1qt-odbc-4.8.7-9.el7_9.i686.rpm266ec15244d156419688218c64525e94997973c67cd35fcd430cf705691701c9qt5-qtbase-odbc-5.9.7-5.el7_9.x86_64.rpmddd010fb1e2ac6f97354294d8f0b4fabbe246258d2ee3a8ebd278813a1382fd8qt-mysql-4.8.7-9.el7_9.x86_64.rpmc78b158f03cd6cd903729cce4953053c132ef22fa81777395da63ea4fbfae809qt-config-4.8.7-9.el7_9.x86_64.rpm4fd2cea00c844b2380defbe708ee6002c8a61625f882effe9faad668f8946803qt5-qtbase-gui-5.9.7-5.el7_9.x86_64.rpm1bdf02c469fd8c928c5f7bc4577cf91d538e5948c64d99dd3cce9717fa353a08qt-x11-4.8.7-9.el7_9.i686.rpm998752272c7d54ce4a591d170f4f8197ef8c7a373c5ca88230adb00b199eb56aqt5-qtbase-devel-5.9.7-5.el7_9.x86_64.rpmf88198b4c90ff9433ca2a2051df7211a64a455f9d78a234769c486c9986ac744qt5-qtbase-postgresql-5.9.7-5.el7_9.x86_64.rpmc666834945473919c0e820375fc1f95feb723453ddab373bc21413acf4056d0eqt5-qtbase-5.9.7-5.el7_9.x86_64.rpm4e32bb93412d4410552a25aee3725c4e54e83cde7570a39112c0fd22c91467f0qt-demos-4.8.7-9.el7_9.x86_64.rpmb138388f394bccf5081a71cbfe11077b9d1293aab2cfabbc8d645e828dd2fd00qt5-qtbase-mysql-5.9.7-5.el7_9.i686.rpm929dc10998613b29239d2d0c0df5ff67bfbf9ae456727ec0f4ab2ac7496a9f11qt-devel-private-4.8.7-9.el7_9.noarch.rpm5340530c5e9e64293ae99b4eec8571eb6b5bb68e23ee1e54c806ebf25a337ae1qt-x11-4.8.7-9.el7_9.x86_64.rpme6d8cf8f67ced43c167000c58fc99685d0279f60bf240565e821ecad0c1f67e7SLSA-2020:5023-1Security Fix(es): * kernel: buffer over write in vgacon_scroll (CVE-2020-14331) * kernel: net-sysfs: *_queue_add_kobject refcount issue (CVE-2019-20811) Bug Fix(es): * [OSP13,mlx5] SRIOV VF still sending traffic when PF is down * gpf panic in virtio_check_driver_offered_fxature+6 when running sg_inq on a dm map for a lost virtio_blk * GPF panic in qlt_free_session_done+626 * [ Brazos ] "Core(s) per socket" and "Socket" values are interchanged in lscpu output. (kernel) * megaraid Aero: call trace observed during reboots * Crash in mptscsih_io_done() due to buffer overrun in sense_buf_pool * The qedf driver fails to re-establish the online F/C port state when the downstream F/C port is toggled unless a LIP is forced * tcp_fragment() limit causes packet drop under normal TCP load * ip link command shows state as UNKNOWN for MACVLAN interface * Lenovo TS 7Z60 Cooper Lake: PCI BAR firmware bug * [SL-7/mlx4] ipoib_flush ipoib_ib_dev_flush_light [ib_ipoib] * Uprobes crashes processes under GDB - SIGTRAP and SIGSEGV * kernel-3.10.0-1127.19.1.el7.x86_64 crashes after an SSH connection attempt when running as a Xen PV guest on AMD Epyc Rome * Null ptr deref after nf_reinject->nf_queue_entry_release_refs hits Attempt to release error doing inet_sock_destruct()moderateScientific LinuxtrueScientific Linux 7kernel-devel-3.10.0-1160.6.1.el7.x86_64.rpmfa43ac3b28b2a8ab4caaaff4c501aaa62eb34f17d175b59668859842a2dfc67bkernel-debug-3.10.0-1160.6.1.el7.x86_64.rpmbe5779f6ededf4a8c550a4c6ed791e39823ebd7af2ee0aefa2042ae67ebb33dakernel-tools-libs-3.10.0-1160.6.1.el7.x86_64.rpmae5303acd4a7d66ac9451fd20e8165b57d9049c0ba2c78c5447419aebc511406kernel-debug-devel-3.10.0-1160.6.1.el7.x86_64.rpm6f1b80feb6f65d1f20927fce25cee1c4070164eeb39a4e0247cf7cafa574fffeperf-3.10.0-1160.6.1.el7.x86_64.rpme8d3cf4b090395d832d9b94609de61cc6e05b8882aaa11c0bce3f2467bbee963kernel-abi-whitelists-3.10.0-1160.6.1.el7.noarch.rpma22cea3e44550afadd16969a5e1e921fcb265865c06e12a02f28a45048c6c12ckernel-tools-3.10.0-1160.6.1.el7.x86_64.rpm35379a584782bb5df8ca0f8ce2d9aeab27ce17bf5c63d748d6cf49a2f4686b08kernel-3.10.0-1160.6.1.el7.x86_64.rpmb8a8c00cf831a57b9ba0ddcc51dda482b846d42992c80ae25b23f54429b4a697kernel-headers-3.10.0-1160.6.1.el7.x86_64.rpmb5cf9d49c2f50a57f515fda688ac10e942090ce5336eda682507913e9cc6692cbpftool-3.10.0-1160.6.1.el7.x86_64.rpmeb459b8bea04b524153136161e04a74bdc58d71fbbdcecf2c5312c67abac7349kernel-doc-3.10.0-1160.6.1.el7.noarch.rpm56f33f85d9f3a92f5b629f9b0e6533bcbba80e6aaf7636c660214210f6313adekernel-tools-libs-devel-3.10.0-1160.6.1.el7.x86_64.rpmf70f095585c8e87bfadb97237bf57c2bcab6d063838b2de7ed3e3bd6b07a5129python-perf-3.10.0-1160.6.1.el7.x86_64.rpm3cad1140ec4766ed2b2b01cd82d19d1f706fd5b2f813c63d97c5d804a7ab1166SLSA-2020:5040-1Security Fix(es): * libvirt: double free in qemuAgentGetInterfaces() in qemu_agent.c (CVE-2020-25637)moderateScientific LinuxScientific Linux 7libvirt-nss-4.5.0-36.el7_9.3.i686.rpm2834e674277a3d4e5c7b920b64448cd37bd2adc9ad0b75c0673a883b5cb42af0libvirt-daemon-config-network-4.5.0-36.el7_9.3.x86_64.rpme52837fd79aa0d9826502e8fc0fc99fe6040d6d83650ed563e063623cfab3276libvirt-libs-4.5.0-36.el7_9.3.i686.rpm46b60bd7c943bde038f8269c067525f00f0a93a8ba84daaadb4a8baff822fe78libvirt-nss-4.5.0-36.el7_9.3.x86_64.rpm7234513bca5e17ca7de87da8f24343e09ea045c9e45fa1349b5d391b53d046f2libvirt-daemon-4.5.0-36.el7_9.3.x86_64.rpmd39fae834251654f0e4be3f781d29f24b50126708581f7db9983f195d84debf6libvirt-daemon-driver-storage-4.5.0-36.el7_9.3.x86_64.rpmeb732df91cd5bfefea2c0e1ef932e89a2ab33cb3eb0215cbe3aa3d8175c53902libvirt-admin-4.5.0-36.el7_9.3.x86_64.rpm7aa1a1b7fd3f1ca0cf554f60e93d42021762187e81a733e813184f208e275955libvirt-daemon-driver-storage-disk-4.5.0-36.el7_9.3.x86_64.rpmba769f4988875848ca17fce27df881b29a65f835e8ac237c7f7a8575a40d7973libvirt-daemon-driver-storage-core-4.5.0-36.el7_9.3.x86_64.rpm73bf5e1ce2f47e28417ca23a447dd3bfed734385d78204c930458c3deaebeee7libvirt-client-4.5.0-36.el7_9.3.x86_64.rpmcb146dff7ec24a5bf7cd1a26acb894693db3c5edb11344ccd3c3bf945bab20a0libvirt-daemon-driver-storage-scsi-4.5.0-36.el7_9.3.x86_64.rpma02e55e98bac0ae38460a3dee0335f4c09db03805b94c3e8a5406dacdf32a152libvirt-daemon-driver-storage-logical-4.5.0-36.el7_9.3.x86_64.rpm59f3951acf83f1ec0815442186beb088b5da8c52d531f1d94816e8a300703fa3libvirt-daemon-driver-storage-gluster-4.5.0-36.el7_9.3.x86_64.rpmc029da9d94f4e235fb8c6e39e2c5bbbf7351bd2ac3393e59812213fbd7e90999libvirt-login-shell-4.5.0-36.el7_9.3.x86_64.rpm454d51418987da1014849d4132925cdef134737d1d08fb1cfa779c89c19a3924libvirt-daemon-driver-qemu-4.5.0-36.el7_9.3.x86_64.rpm050ef515b3c64595620bf6d53a462b54936c3dfe4126a4fdc609cc9a53d9dda1libvirt-client-4.5.0-36.el7_9.3.i686.rpm14bb3afa97114d6eeffeb31b1eb538b277f938a05301296d515b7678e4061d07libvirt-devel-4.5.0-36.el7_9.3.i686.rpme02dccd71df37070314abbf77e7e94e6eb1bae0729fe537cc6e981013716fa58libvirt-bash-completion-4.5.0-36.el7_9.3.x86_64.rpm3dfc31f773bb1efa5ef5e687088ab0f1b47fdaf91cd7e929a6f7c385541ccb37libvirt-daemon-driver-network-4.5.0-36.el7_9.3.x86_64.rpm0efbfbc232bcaca3fedfd060b20a8283fc7613f565f6048d0518818441c089c0libvirt-4.5.0-36.el7_9.3.x86_64.rpm157e09bbc77984eafc509c3191726f1dc17fa954ae54bdf641158f7fe20cf557libvirt-daemon-driver-storage-rbd-4.5.0-36.el7_9.3.x86_64.rpm93fbbb3a834d068f53db7b551ba09e14ecb5b2e3fd93582f968124aede4d96dclibvirt-daemon-driver-nwfilter-4.5.0-36.el7_9.3.x86_64.rpm1b59823c76125992f394d22eb838c8c0478a1f5deca52420b620ef0fcb6932f9libvirt-devel-4.5.0-36.el7_9.3.x86_64.rpm7d0ec88254e280eeb07bdf1bb1252c900681099c26df13ad3245a7e3bde7b64alibvirt-daemon-config-nwfilter-4.5.0-36.el7_9.3.x86_64.rpm57452d96f8978a1410c3ef2338fe270c97148911d03e9debba47513a2cdb9c1blibvirt-libs-4.5.0-36.el7_9.3.x86_64.rpme4860ecebc9088da31ce413a567de94ecf49d342e5bbcaae46ebe7087cface77libvirt-daemon-kvm-4.5.0-36.el7_9.3.x86_64.rpm1f62e1ba3e85b38d3025b12c077dd9caf6641a553330ddd49f01479942dfafbflibvirt-daemon-lxc-4.5.0-36.el7_9.3.x86_64.rpm505fdac487bef830c4d4567539061bf5c9fed6948c86ae44b98fd191025af572libvirt-lock-sanlock-4.5.0-36.el7_9.3.x86_64.rpm664362fcb2c8a7b8ee0bdfaf8c52138a82c9483bd9218a414850e9a21f4aaed6libvirt-daemon-driver-nodedev-4.5.0-36.el7_9.3.x86_64.rpmf5bf6a17338facb41aa3bb9612efa5e11af562e49ebfdef125efaecfa993cedblibvirt-daemon-driver-interface-4.5.0-36.el7_9.3.x86_64.rpmb83688c176dbdd74fb82d3ce011884783b08005d08bd554dffd76245bd1d5405libvirt-daemon-driver-secret-4.5.0-36.el7_9.3.x86_64.rpm5cf289a88e882a0dc6dfffd8e313c4fc5c957a4f3b4f352a04a1ae18226f94b1libvirt-daemon-driver-storage-mpath-4.5.0-36.el7_9.3.x86_64.rpm10f8c9d89b219b32a7d6f3d52e2f9431d37878c6a14c8c463148e6921bdb38ealibvirt-daemon-driver-storage-iscsi-4.5.0-36.el7_9.3.x86_64.rpm9b80a91b5a9f66eafe3468984eea8a0972f7b87dd2cc42f4c75491d687e0b1b7libvirt-daemon-driver-lxc-4.5.0-36.el7_9.3.x86_64.rpm9c92d5f80c668de652d744c66676942226c077b22154a8834a69ff2ba0d9b75flibvirt-docs-4.5.0-36.el7_9.3.x86_64.rpm0235ba04c3a98a9b5d2d31e85027b2a62fda74d77152debd17e4e99064e8a3e7SLSA-2020:5083-1Security Fix(es): * hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695) * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698)moderateScientific LinuxScientific Linux 7microcode_ctl-2.1-73.2.el7_9.x86_64.rpm69c381a9699c988fbdc4fd0b3bf8fa247e4ecd50868a7e2dda3900188d845d0eSLSA-2020:5099-1Security Fix(es): * Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950)criticalScientific LinuxScientific Linux 7firefox-78.4.1-1.el7_9.i686.rpme94ecc4b20facf2606282703cebc3026a4dedd3039002f228c9c9c7e379fb682firefox-78.4.1-1.el7_9.x86_64.rpmba519645c1953d71030a3ab3e27da0c317a547ef9d7fdd4fcb158af75e5f3fa6SLSA-2020:5163-1This update upgrades Thunderbird to version 78.4.3. Security Fix(es): * Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950)importantScientific LinuxScientific Linux 7thunderbird-78.4.3-1.el7_9.x86_64.rpm92c042553512da9c96c8ee1f78a34771072021043df5e88a87657128ef708ae9SLSA-2020:5235-1This update upgrades Thunderbird to version 78.5.0. Security Fix(es): * Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code (CVE-2020-26951) * Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 (CVE-2020-26968) * Mozilla: Variable time processing of cross-origin images during drawImage calls (CVE-2020-16012) * Mozilla: Fullscreen could be enabled without displaying the security UI (CVE-2020-26953) * Mozilla: XSS through paste (manual and clipboard API) (CVE-2020-26956) * Mozilla: Requests intercepted through ServiceWorkers lacked MIME type restrictions (CVE-2020-26958) * Mozilla: Use-after-free in WebRequestService (CVE-2020-26959) * Mozilla: Potential use-after-free in uses of nsTArray (CVE-2020-26960) * Mozilla: DoH did not filter IPv4 mapped IP Addresses (CVE-2020-26961) * Mozilla: Software keyboards may have remembered typed passwords (CVE-2020-26965)importantScientific LinuxScientific Linux 7thunderbird-78.5.0-1.el7_9.x86_64.rpm4aeda6a0fc5b123d030ff8d61dbe999dbc7911a850bd5ec4dc587824b0165205SLSA-2020:5239-1This update upgrades Firefox to version 78.5.0 ESR. Security Fix(es): * Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code (CVE-2020-26951) * Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 (CVE-2020-26968) * Mozilla: Variable time processing of cross-origin images during drawImage calls (CVE-2020-16012) * Mozilla: Fullscreen could be enabled without displaying the security UI (CVE-2020-26953) * Mozilla: XSS through paste (manual and clipboard API) (CVE-2020-26956) * Mozilla: Requests intercepted through ServiceWorkers lacked MIME type restrictions (CVE-2020-26958) * Mozilla: Use-after-free in WebRequestService (CVE-2020-26959) * Mozilla: Potential use-after-free in uses of nsTArray (CVE-2020-26960) * Mozilla: DoH did not filter IPv4 mapped IP Addresses (CVE-2020-26961) * Mozilla: Software keyboards may have remembered typed passwords (CVE-2020-26965)importantScientific LinuxScientific Linux 7firefox-78.5.0-1.el7_9.i686.rpma01136ebd107e00f13819a1ff47a00f4cbfeb618cdbf488899e2a52c75436684firefox-78.5.0-1.el7_9.x86_64.rpm2a9ea789628f4859bab83c8ccf1e5fb214ddecae7f670f550109871358f6f0c0SLSA-2020:5350-1Security Fix(es): * net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution (CVE-2020-15862)importantScientific LinuxScientific Linux 7net-snmp-5.7.2-49.el7_9.1.x86_64.rpm5f6a4f07a16a430a5b5bfba0cdb49f4bfc4d1e82080aea19d098c9b941d9dbe5net-snmp-sysvinit-5.7.2-49.el7_9.1.x86_64.rpm51b05cd2c54b3e2bd5925721e2bb6fbe877dcf442c355aeb026b2ab7ef226f1anet-snmp-devel-5.7.2-49.el7_9.1.i686.rpm28dff9113f62a657c99729c6b0820921088723d1e2e36f196f4397e59ea9ba16net-snmp-perl-5.7.2-49.el7_9.1.x86_64.rpmaacc4173eeb02c57b5cc603e87ff09dc3a4ef9e0a2a56b1c222d24ffe71d0378net-snmp-gui-5.7.2-49.el7_9.1.x86_64.rpm0ef72584b2f56c25f567db0b159846d0faf805414aa22a99d0a2a9124df784a2net-snmp-libs-5.7.2-49.el7_9.1.i686.rpm5784605d171bbbd0bd502566b65fcf1fd6a7fcd2f265986217732a1a38dbee40net-snmp-libs-5.7.2-49.el7_9.1.x86_64.rpm6413cc63e27157a63f2213d9d33f8c3d0dd24d69c57973a0c5c54bcd2b35419cnet-snmp-python-5.7.2-49.el7_9.1.x86_64.rpm8bf9e96031cfb8602feea8e199798171335e163802f8142bb6de4eadfcc732aenet-snmp-agent-libs-5.7.2-49.el7_9.1.x86_64.rpm4772c5fea319e3ef852b4455691ab029d4376fada1b836c313b524699f279811net-snmp-devel-5.7.2-49.el7_9.1.x86_64.rpm4db5985d46f717d6201094c9d68072769154cfb8cf8ad20bd8ba5483aba0c9cbnet-snmp-agent-libs-5.7.2-49.el7_9.1.i686.rpm9844acef0228629f571c059899ca877686ded22a947c3273c28ce700a142a27dnet-snmp-utils-5.7.2-49.el7_9.1.x86_64.rpm583d10cddad6c1df718a9d6240aae5d363b041f98f6297f5db023169b5cd3b93SLSA-2020:5400-1Security Fix(es): * Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970)importantScientific LinuxScientific Linux 7thunderbird-78.5.1-1.el7_9.x86_64.rpm7204232e5916e30474537b49e8e3c380d323cb508133e2a3f272e2675f6c6b17SLSA-2020:5402-1Security Fix(es): * libexif: out of bounds write due to an integer overflow in exif-entry.c (CVE-2020-0452)importantScientific LinuxScientific Linux 7libexif-0.6.22-2.el7_9.x86_64.rpmefbb1fc8a925b088d782730b192f4f3261c241540dbc16525fda27d7fef82897libexif-doc-0.6.22-2.el7_9.x86_64.rpm037a55132984a0bd769eb3194ef66167ad9badf0f745e36d5cd34f40e88b48d5libexif-0.6.22-2.el7_9.i686.rpm6dc932c606a8b0b97108d1313fe5d3b59706d7feaa9d4ea4404b25eed3b2422elibexif-devel-0.6.22-2.el7_9.x86_64.rpm390e5bc8b3656b1360b772fd168205e8632a1bbe2c3c20340e617ee5d4f9ef2dlibexif-devel-0.6.22-2.el7_9.i686.rpm2074ac598018d8710f20fde5efeef22a67981e962c305d38de81c36dfbe22cdeSLSA-2020:5408-1Security Fix(es): * xorg-x11-server: Out-of-bounds access in XkbSetMap function (CVE-2020-14360) * xorg-x11-server: XkbSetDeviceInfo heap-based buffer overflow privilege escalation vulnerability (CVE-2020-25712) * xorg-x11-server: Leak of uninitialized heap memory from the X server to clients in AllocatePixmap of dix/pixmap.c (CVE-2020-14347)importantScientific LinuxScientific Linux 7xorg-x11-server-source-1.20.4-15.el7_9.noarch.rpm28092e85516bb3ad3abaaa0a8b12b886194e9a4ab782b91d22231fecb2c2b59dxorg-x11-server-Xephyr-1.20.4-15.el7_9.x86_64.rpm1dd324a9b38007b9921ab6ca548aef439afa6b55470d00a8549f6d93eb4c43f5xorg-x11-server-Xwayland-1.20.4-15.el7_9.x86_64.rpme0ac1be16eddcef7251eab2e5914fbe32fa46053d7e52c533a3529dbf537fdf1xorg-x11-server-Xorg-1.20.4-15.el7_9.x86_64.rpmbd4762bed5392c807dfe22257611857ae4ff9775f8864505a2c88f549d561f61xorg-x11-server-Xvfb-1.20.4-15.el7_9.x86_64.rpm97c2405899a3c2cc2e38b12158a34ef817b67bc043c72a1da2b1aa67f6608699xorg-x11-server-Xnest-1.20.4-15.el7_9.x86_64.rpmb43f75f93755916cd7662809f920674ff0ee386549c0c1425cc08a180aef832bxorg-x11-server-devel-1.20.4-15.el7_9.i686.rpm21aba054790d48f8b74cd55320fea0b6b2b8bd4afde2619f98143688b977283fxorg-x11-server-Xdmx-1.20.4-15.el7_9.x86_64.rpmcccae5645a379eb7651f950e94e10ff2c9b9eb125ff58b3482125c9e41e461ecxorg-x11-server-devel-1.20.4-15.el7_9.x86_64.rpmce9b2f9a96cb6f7e910bee5639099c84ce13bb87dc6a8d001c67dccb4195668dxorg-x11-server-common-1.20.4-15.el7_9.x86_64.rpmb3c791887936cc4ae55234af68d275037b4d90c2f0823745aa024e7b6cc7b138SLSA-2020:5434-1Security Fix(es): * targetcli: weak permissions for /etc/target and backup files (CVE-2020-13867)moderateScientific LinuxScientific Linux 7targetcli-2.1.53-1.el7_9.noarch.rpmf1961207eea2a46a9b25e2d7d57195737a0fe1065b3b41498db025f6c36b0b49SLSA-2020:5435-1Security Fix(es): * python-rtslib: weak permissions for /etc/target/saveconfig.json (CVE-2020-14019)moderateScientific LinuxScientific Linux 7python-rtslib-doc-2.1.74-1.el7_9.noarch.rpm38c2d69ce491410d16dcc623d71d2ba6d7cd30792f3efd20768cbe67df54f372python-rtslib-2.1.74-1.el7_9.noarch.rpm34ed38fcd5a5d16bf9c664b9a92f7daf7464ec726c1e79df4b99d50df1737d45SLSA-2020:5437-1Security Fix(es): * kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt (CVE-2020-14385) * kernel: The flow_dissector feature allows device tracking (CVE-2019-18282) * kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned. (CVE-2020-10769) * kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314) * kernel: umask not applied on filesystem without ACL support (CVE-2020-24394) * kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212) * kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow (CVE-2020-25643)importantScientific LinuxScientific Linux 7kernel-abi-whitelists-3.10.0-1160.11.1.el7.noarch.rpm8c4901a1254d52706a8026f9afa5b964c896fa61d871a47079c886e5434978bbkernel-debug-devel-3.10.0-1160.11.1.el7.x86_64.rpm074a2ca70735365ae82e9859c9fb8820f3d264b5eebd7f7384fddb980c8d44beperf-3.10.0-1160.11.1.el7.x86_64.rpm3e60b1603a251cb4af8f03c0bc08ef03504dda7ef9e0d50efc34f888cb7bc920kernel-tools-libs-devel-3.10.0-1160.11.1.el7.x86_64.rpmf3984b7e00b733ed304ad9d2d1ad2c6d9030b3e8a3cc5430f7cf112a2ff1ce12kernel-tools-3.10.0-1160.11.1.el7.x86_64.rpm0756af1a558d435b5a1b5788bba4d62c3ce18384bea6d923907834a4d391ca89kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm18f207344f466c5b6e74407601a61ea3185e644570f53fdb7df45290e5857e99bpftool-3.10.0-1160.11.1.el7.x86_64.rpm613af626396059c1078e7f852972e17b69faf1df7b048d6b581f4298a67460f3python-perf-3.10.0-1160.11.1.el7.x86_64.rpmf074050a3bde5f5f20b5402b58a3aab71f9cb94edbd5bef991c127e9f463bde7kernel-3.10.0-1160.11.1.el7.x86_64.rpmcf318a19af37dcd5a560f417ec291a5766a60ec24e9eb2d762f936beb26e6a47kernel-tools-libs-3.10.0-1160.11.1.el7.x86_64.rpm91db286c495fd0f265c5bc0289268239c2d0303c21844bf1415b0310ca867a66kernel-devel-3.10.0-1160.11.1.el7.x86_64.rpm01b394eb16a7a6be9c376e088f71a0c44eb4249a28c05fe9a72d53631fb08a81kernel-debug-3.10.0-1160.11.1.el7.x86_64.rpm01b2018f24bebe98aa6e01b7c5459bf12743278485212b48fe8f9bddd59eb947kernel-doc-3.10.0-1160.11.1.el7.noarch.rpm4b790062be5b1197903241e00a4ce71a06e3b3952ee700a67880eebdd161b388SLSA-2020:5439-1Security Fix(es): * samba: Netlogon elevation of privilege vulnerability (Zerologon) (CVE-2020-1472) * samba: Missing handle permissions check in SMB1/2/3 ChangeNotify (CVE-2020-14318) * samba: Unprivileged user can crash winbind (CVE-2020-14323)moderateScientific LinuxScientific Linux 7libwbclient-devel-4.10.16-9.el7_9.x86_64.rpmb076a9f33db35192bbe69ddc9517f2144661cb2756de1d628b5de2ab5a334c7bsamba-pidl-4.10.16-9.el7_9.noarch.rpm3a45929ff73f086c20b0a688e69ef39579cf32ef1e9c5c96c7710496c79ffadbsamba-test-4.10.16-9.el7_9.x86_64.rpm3ab1e89086f913190e3587876a6da9484d97916ccc0302bd04884a9913c55919samba-common-tools-4.10.16-9.el7_9.x86_64.rpm00c9de7f1cee8e94b586633ba12a1646f89d9575bfc324aa6e9893adbd412b8csamba-winbind-modules-4.10.16-9.el7_9.i686.rpm2efb086f89ba6912cef4104107b9dc01431fdfa669245c1fc061a97749b406b4libwbclient-devel-4.10.16-9.el7_9.i686.rpme86d831cbb14eea16e57267c13a3bfdf06cdec971de24c476e14371a01006b89samba-devel-4.10.16-9.el7_9.x86_64.rpm38f0416a4ecb0e7ebb6bb334f9a75709e2c8e2188270fefea9966db2e6a69ffbctdb-4.10.16-9.el7_9.x86_64.rpm612a9671a5afdfbb3e174a8b747bf1c96e2c5bfb515bf7a93df196c71d5d139bsamba-krb5-printing-4.10.16-9.el7_9.x86_64.rpmd78679a5aa74bcda36d9974620f0b8cfedec6e1f47a91fbce65ae5e23d5b3490samba-test-libs-4.10.16-9.el7_9.x86_64.rpm0b91a59f9c5d32bae9d04b11b50595a48e404f15b4028c9dae01329507923dd8samba-python-4.10.16-9.el7_9.i686.rpm40217003284ac87071f9769e54b664943c738205ae94df6c9f13321692a77a04samba-4.10.16-9.el7_9.x86_64.rpmabf987af637efa73be4eac3641569c7bc4cfee8b251450d6a1370756a74cb1d2samba-winbind-krb5-locator-4.10.16-9.el7_9.x86_64.rpm031218649908fa353e5a8c2af61e9054cb39ffcfc8264ee8ac7a677440b4d9d4samba-test-libs-4.10.16-9.el7_9.i686.rpm440286e7959b0a2cf2a559cfc8bf7c5842d258b6f43a0b2a02247cb90f44d6a1samba-client-libs-4.10.16-9.el7_9.i686.rpmf80fded3dda885bdf26417baaa147b6d4d7961990adc48677e2e419d3a5b56c2samba-winbind-clients-4.10.16-9.el7_9.x86_64.rpme4fab9053b7ba9b38722867bfdfb42fe7c990e577baaedefe6b50c7e0c75dfd0samba-winbind-4.10.16-9.el7_9.x86_64.rpme3ea6c53cd4e4a8dd2ad0a380c0d55f72d28c563ff59e6cdb5464de51951d18dlibsmbclient-devel-4.10.16-9.el7_9.i686.rpm4db73018e1489cf37ea5ed6abdfc1250946046971a05741eb565a17d513c4471samba-common-libs-4.10.16-9.el7_9.x86_64.rpm46407be156046b26ccbcf0cf131c8a692ce20c4fbfd186d31939e623f5defb39samba-libs-4.10.16-9.el7_9.i686.rpm519e0a4e6bb18214cfa971b232228ff43feda3f36ed123c177ff2ce00feb5b52ctdb-tests-4.10.16-9.el7_9.x86_64.rpmb5ecc1bc7a4e2f1a0c2083725d83c7e9d14a464e2d5fe429bb516da24a5e7b6esamba-devel-4.10.16-9.el7_9.i686.rpm090851bfc72aebe18ed191ca16a3cc57251a653a9381c485872cea5f58232254samba-libs-4.10.16-9.el7_9.x86_64.rpm3920df3a2074dcb6633966fda57013415d63549b3a51e8fa993c57af2d8b0e19samba-dc-4.10.16-9.el7_9.x86_64.rpmf271d4c8fc59778b3b8546be5c012d971833fff265e96060c707ea6a9cb543ablibsmbclient-4.10.16-9.el7_9.i686.rpm56efcdcd4fe1755029a174cb76499b2bfece3ec8f226435265a7b1d18f3444besamba-common-4.10.16-9.el7_9.noarch.rpm8042e4e4498238bd6f4eeeef17522327228b39708be95839399d54209c0cf126libwbclient-4.10.16-9.el7_9.i686.rpmbfae295faf35a3784d08fd0cc0e76ab928dfe85a67e8542b97318740b7ac5cc2samba-vfs-glusterfs-4.10.16-9.el7_9.x86_64.rpm3132857bdc0fcec518e8acb2b76662447c28bc201249fa6acb401b75da54dad6libwbclient-4.10.16-9.el7_9.x86_64.rpmfacd100d567679a5e3aa45f595cedbfa4197d17c4521c3fb59dd58696491aaa1samba-winbind-modules-4.10.16-9.el7_9.x86_64.rpmefe3852c88c046489eecb30a7b8a61e8fc9f02b0115a70f058721293394c21acsamba-client-libs-4.10.16-9.el7_9.x86_64.rpme326f21e78e4f94efcd3c3d83cfc199c4e73af0b5feb4a2726c784fa11b409aasamba-python-4.10.16-9.el7_9.x86_64.rpme8cca8a7f801b65b906a85bf563bb92a26cd1f1cea813b09c411a24a6825c2desamba-dc-libs-4.10.16-9.el7_9.x86_64.rpm2909b4efe04c93c004227897e2fb7a63a02d8bf698b8ced94d01c672d69cde93samba-python-test-4.10.16-9.el7_9.x86_64.rpm2a3764105780fcec87cfc7bfd12f80e964d091148cc161ec6f2e8b8d5c6a50afsamba-client-4.10.16-9.el7_9.x86_64.rpm66843da5bf400fc5a2b51436f14a76168fe62e236105023477f2de19c4110b8dlibsmbclient-4.10.16-9.el7_9.x86_64.rpm9ffb0c883afdde797002ba30d19b5e199cbbe4c7606cbabe8b1822cb3a6d131bsamba-common-libs-4.10.16-9.el7_9.i686.rpma9501b4b0918e9be3d9fef799513020f2f61a6dac411d9c87427d70b1df1b002libsmbclient-devel-4.10.16-9.el7_9.x86_64.rpm3358e17bd6642a2f9ca9247da03aaf13d2b635b0c225a12a5a25064c0b5c8f15SLSA-2020:5443-1Security Fix(es): * gd: Integer overflow in _gd2GetHeader() resulting in heap overflow (CVE-2016-5766)moderateScientific LinuxScientific Linux 7gd-devel-2.0.35-27.el7_9.x86_64.rpm649bdfb3f448048e424b079817af7ac828e5133323f87bd84aeea5fac6c348cagd-2.0.35-27.el7_9.x86_64.rpm8b22d155263ae48053312e120ad698f6691a26cbdcb53a29352683ed3c58ef31gd-devel-2.0.35-27.el7_9.i686.rpm6098eaf3c89f9adc5feb38e58ebc2cbd2740ba4e3fc45e79edb50c313ff4fe77gd-progs-2.0.35-27.el7_9.x86_64.rpmc1a23e3027865afcf15a1d2e06244f0b21f0ce8db329622b8d14e7e81704db26gd-2.0.35-27.el7_9.i686.rpmb6a019ac8d2811b6eb3296ab2c7e6a72c0bb66a0c848d53764d54111c462c601SLSA-2020:5453-1Security Fix(es): * pacemaker: ACL restrictions bypass (CVE-2020-25654)moderateScientific LinuxScientific Linux 7pacemaker-1.1.23-1.el7_9.1.x86_64.rpmae3bba33a30bb03d79e842d929b208994522c37c9977689e76b884755b38dec6pacemaker-cts-1.1.23-1.el7_9.1.x86_64.rpmf7ab16be28c957f828ec50d955adfb38bfe761e1227191b1d0f81dd5f2ed8eb8pacemaker-cluster-libs-1.1.23-1.el7_9.1.i686.rpmb323aa8453cb317274a80e53f4b62ad3a90fc6aa19354a9f555e9c8656cacd90pacemaker-cli-1.1.23-1.el7_9.1.x86_64.rpmd0087929e1f47f53190f5fbf4d8fe27e38a25bc761ca9ba9588ea414ba4d7657pacemaker-libs-devel-1.1.23-1.el7_9.1.x86_64.rpm7cec82a8fa695ce95c8dc6a9afd2a81953378a288b588f3bc9625de7919da188pacemaker-remote-1.1.23-1.el7_9.1.x86_64.rpm51d1edcf063c3879e8ab0eea384d56bed87768ca583037f2be802612ead7bf59pacemaker-doc-1.1.23-1.el7_9.1.x86_64.rpm993efca7ba035e125ad01223a8b75047cf4db2c60a2d463655c1cbecc8e38725pacemaker-nagios-plugins-metadata-1.1.23-1.el7_9.1.x86_64.rpme0bba6c20f230d4333a2b050b2fc240886d29b28aca71b1675efe08397bd4a10pacemaker-libs-1.1.23-1.el7_9.1.i686.rpm02d2eb1cf8b91bb2e0c736fafd47e28f0f2f721980e93a7f3ac7d7ca85e10075pacemaker-libs-devel-1.1.23-1.el7_9.1.i686.rpme31001032b9a817b564d4c6c391c732fcce21415a6286678668fef5a87b0e9eapacemaker-libs-1.1.23-1.el7_9.1.x86_64.rpma0ea29234910e70b9d1fa10fd7f12dab0a432c90dd75fc5c556e5e83c131253fpacemaker-cluster-libs-1.1.23-1.el7_9.1.x86_64.rpm83b6faf7f1326a0139ff3b89a28d8e314962a83618d819a1fd9033638c3b020aSLSA-2020:5561-1Security Fix(es): * chromium-browser: Uninitialized Use in V8 (CVE-2020-16042) * Mozilla: Heap buffer overflow in WebGL (CVE-2020-26971) * Mozilla: CSS Sanitizer performed incorrect sanitization (CVE-2020-26973) * Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free (CVE-2020-26974) * Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 (CVE-2020-35113) * Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2020-26978) * Mozilla: The proxy.onRequest API did not catch view-source URLs (CVE-2020-35111)importantScientific LinuxScientific Linux 7firefox-78.6.0-1.el7_9.x86_64.rpm0d6c4bd288c7d0a631ae8312388c5237d3f3d49d362067931f0c964cbac8b520firefox-78.6.0-1.el7_9.i686.rpm5c1c1f487c0ee722a18c9d0a2d1773a488d2035cd91be329429dfc49017c2fffSLSA-2020:5566-1Security Fix(es): * openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)importantScientific LinuxScientific Linux 7openssl-libs-1.0.2k-21.el7_9.x86_64.rpm4ab783a4b56a43eaa048038f945673f33909a21827029d5ee93b4c81b2f4d92eopenssl-static-1.0.2k-21.el7_9.i686.rpm5324134a3422bb4d2e370d8fd60b425f256ffce1ca7b2f9b5f1766915a5ae87bopenssl-static-1.0.2k-21.el7_9.x86_64.rpm25730dc215dab87a5e0cba02d8dc32feb2ad2b924d97e568eb75d86c2377ab8dopenssl-1.0.2k-21.el7_9.x86_64.rpm4099de643d8ffb0d9d7adfd5fcd3b57be8aa259b40a444e71e2bdbfe398ec449openssl-libs-1.0.2k-21.el7_9.i686.rpm2f99416e28a3c658927d78ec90fccfc640eb34bc303f9fa15688a0f049acfb86openssl-devel-1.0.2k-21.el7_9.i686.rpm6b0eba3b5d8c40fc55a6cbb70138d15c50baf2325cf5f637ff2696afcda2d7a0openssl-devel-1.0.2k-21.el7_9.x86_64.rpm2ff54248f85df13efadba6fe2669cfb9cbc7cfd6901218fb56f02821dc6255c7openssl-perl-1.0.2k-21.el7_9.x86_64.rpmd3f15aa14d37b7458ce9c8f81ad92b40434161a838e064006949813cadecffc1SLSA-2020:5618-1This update upgrades Thunderbird to version 78.6.0. Security Fix(es): * chromium-browser: Uninitialized Use in V8 (CVE-2020-16042) * Mozilla: Heap buffer overflow in WebGL (CVE-2020-26971) * Mozilla: CSS Sanitizer performed incorrect sanitization (CVE-2020-26973) * Mozilla: Incorrect cast of StyleGenericFlexBasis resulted in a heap use- after-free (CVE-2020-26974) * Mozilla: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 (CVE-2020-35113) * Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2020-26978) * Mozilla: The proxy.onRequest API did not catch view-source URLs (CVE-2020-35111)importantScientific LinuxScientific Linux 7thunderbird-78.6.0-1.el7_9.x86_64.rpm24422101a4101285534840c54c1008ac45327f0e93b99ebec74e41c60d009b27SLSA-2021:0024-1Security Fix(es): * ImageMagick: Shell injection via PDF password could result in arbitrary code execution (CVE-2020-29599)importantScientific LinuxScientific Linux 7ImageMagick-perl-6.9.10.68-5.el7_9.x86_64.rpm35ed20c4a1405b7be51394d2770f8a6cb1ce8727ae75d6d3dd7e11d21181344bImageMagick-devel-6.9.10.68-5.el7_9.i686.rpm38a5bc8854084aea0e436621674b7342c734829122be1f2058521c6a81b1df89ImageMagick-c++-devel-6.9.10.68-5.el7_9.x86_64.rpmc2557d70027530bb4e624c9789ba066907eb63145e00bcc4191d80800f6f14a9ImageMagick-devel-6.9.10.68-5.el7_9.x86_64.rpm263a8c54000db5a2c00dc0d1c8c6eb6c498857eaa6dfcc32979da35f66bdbaa7ImageMagick-doc-6.9.10.68-5.el7_9.x86_64.rpm1902faa24f58f417c8470021e076e97d10952b55e960a365d261c3badc438d29ImageMagick-6.9.10.68-5.el7_9.x86_64.rpm007a874cbb5e96e0ec9d091dc1e1375f5163bc7b51fb924b588b4a9e89693d33ImageMagick-c++-devel-6.9.10.68-5.el7_9.i686.rpmb456d51876febb32c76dac09baa9c049c2a05189e8faf5b3b031170cf506b943ImageMagick-6.9.10.68-5.el7_9.i686.rpm962a00fd6dd0394c38fa745e7b153b4fc4604d16450524ee89d4c89d2c4ae7dfImageMagick-c++-6.9.10.68-5.el7_9.i686.rpm8c7cb49693f69f88cfce4cee36178f33bbb1569e4f2b33f3c279dfffc162bf40ImageMagick-c++-6.9.10.68-5.el7_9.x86_64.rpm203e4810eb5b87904246399de6deec2bb5476e647432cc3fb3cb783a63f969f2SLSA-2021:0053-1This update upgrades Firefox to version 78.6.1 ESR. Security Fix(es): * Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)criticalScientific LinuxScientific Linux 7firefox-78.6.1-1.el7_9.i686.rpm4f8f75fe33d42ec9e805e56187ee91e42c099a99a22371bdd370f5acdf4717a0firefox-78.6.1-1.el7_9.x86_64.rpm8b08548589ca2d090a5090b87ad796bc4b16114224126f9945f0c0f89a03a6deSLSA-2021:0087-1This update upgrades Thunderbird to version 78.6.1. Security Fix(es): * Mozilla: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk (CVE-2020-16044)criticalScientific LinuxScientific Linux 7thunderbird-78.6.1-1.el7_9.x86_64.rpma9297af8abb6b9ee3f7c109429da762fde47e129d27893f0aec68f2cfb840ce8SLSA-2021:0153-1Security Fix(es): * dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684) * dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685) * dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)moderateScientific LinuxScientific Linux 7dnsmasq-2.76-16.el7_9.1.x86_64.rpm6729ababc68f71a67e57ee1a7c0b81375a2804a4081a054fa0f8d03fcdcc046bdnsmasq-utils-2.76-16.el7_9.1.x86_64.rpmd6187f9c7b3e1aab9110e2fd2a764e32f9e4e46af3419d745a1c54aa6423e585SLSA-2021:0162-1Security Fix(es): * XStream: remote code execution due to insecure XML deserialization when relying on blocklists (CVE-2020-26217)importantScientific LinuxScientific Linux 7xstream-javadoc-1.3.1-12.el7_9.noarch.rpmd1c3984fcbe1a1b24baec7263e375eadc97b343c9a463f934c92e43a4e1cf0ffxstream-1.3.1-12.el7_9.noarch.rpm72fb816c08d0492a3c4beddb831f9b13718f36bd9c071a40576baebea1d75bfdSLSA-2021:0221-1Security Fix(es): * sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)importantScientific LinuxScientific Linux 7sudo-1.8.23-10.el7_9.1.x86_64.rpm5423b800533b588b826b3262e43317d7483ded52bec632b31e2ad6a7196959a3sudo-devel-1.8.23-10.el7_9.1.x86_64.rpm70d08e1e1e5a472c05109310f94e7080642cb63861cf299c0c4461b4a0fdd814SLSA-2021:0290-1This update upgrades Firefox to version 78.7.0 ESR. Security Fix(es): * Mozilla: Cross-origin information leakage via redirected PDF requests (CVE-2021-23953) * Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements (CVE-2021-23954) * Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 (CVE-2021-23964) * Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been (CVE-2020-26976) * Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables during GC (CVE-2021-23960)importantScientific LinuxScientific Linux 7firefox-78.7.0-2.el7_9.x86_64.rpmaefb9ecf93045e1f02b4d18b8454ea6a069d36374d511813302be771e372b6cafirefox-78.7.0-2.el7_9.i686.rpmfcf145cb6953a4256c0a7ee96f328579e3a0f81fc046931f75aabff454ec4dadSLSA-2021:0297-1This update upgrades Thunderbird to version 78.7.0. Security Fix(es): * Mozilla: Cross-origin information leakage via redirected PDF requests (CVE-2021-23953) * Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements (CVE-2021-23954) * Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 (CVE-2021-23964) * Mozilla: IMAP Response Injection when using STARTTLS (CVE-2020-15685) * Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been (CVE-2020-26976) * Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables during GC (CVE-2021-23960)importantScientific LinuxScientific Linux 7thunderbird-78.7.0-1.el7_9.x86_64.rpmda24d84fbba521a1fd1d55d856a97ac7be93b07dd9850ee602f76e37e112e419SLSA-2021:0336-1Security Fix(es): * kernel: use-after-free in fs/block_dev.c (CVE-2020-15436) * kernel: Nfsd failure to clear umask after processing an open or create (CVE-2020-35513) Bug Fix(es): * double free issue in filelayout_alloc_commit_info * Regression: Plantronics Device SHS2355-11 PTT button does not work after update to 7.7 * Openstack network node reports unregister_netdevice: waiting for qr- 3cec0c92-9a to become free. Usage count = 1 * dlm: add ability to interrupt waiting for acquire POSIX lock * [Azure][SL7] soft lockups and performance loss occurring during final fsync with parallel dd writes to xfs filesystem in azure instance * Guest crashed when hotplug vcpus on booting kernel stage * soft lockup occurs while a thread group leader is waiting on tasklist_waiters in mm_update_next_owner() where a huge number of the thread group members are exiting and trying to take the tasklist_lock. * [DELL EMC 7.6 BUG] Kioxia CM6 NVMe drive fails to enumerate * [Hyper-V][SL7] Request to included a commit that adds a timeout to vmbus_wait_for_unload * Unable to discover the LUNs from new storage port * SL 7.9 Kernel panic at ceph_put_snap_realm+0x21 * A hard lockup occurrs where one task is looping in an sk_lock spinlock that has been taken by another task running timespec64_add_ns(). * ethtool/mlx5_core provides incorrect SFP module info * SL7.7 - zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl * SL7.7 - s390/dasd: Fix zero write for FBA devices * [Azure]IP forwarding issue in netvsc[7.9.z] * Security patch for CVE-2020-25212 breaks directory listings via 'ls' on NFS V4.2 shares mounted with selinux enabled labels Enhancement(s): * RFE : handle better ERRbaduid on SMB1moderateScientific LinuxScientific Linux 7kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm4819a3eb9dca66f723dfa5c13d6373518d260cde9d2c6f060a94d0b1e77b0b3ebpftool-3.10.0-1160.15.2.el7.x86_64.rpmf157c6631d357e858553558139fb5cb505ca50b43e3602c2d0736df2c18bed82python-perf-3.10.0-1160.15.2.el7.x86_64.rpm641f97a285f424556bbe68a21bf178e0ef2ef20905b29aab3210af75d103fe47kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpmfe660577b9eaf88827f03c8381566415ad8e1bb3f1650e927c13ecbec550cbd2kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm6e2d1b4c71950f840f62fc5181b4b8896f0715df42b1776df145f66fc8807109kernel-3.10.0-1160.15.2.el7.x86_64.rpm220521bb5eac456a87ce0f75842a5f6e283dd26f69ebc503e9a2fa145c185884kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpme5e98d69d8bf787726353d7de45385c0473b6d619cfd0231181dd27fa36eb526kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpmf68403ea1737e930fb238d3bf1366df3b6427cedc9549ee2d921d114ba1574dfkernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm05e3ce588d2f58ff8b8657f7f34d05ae57d7c27621e6186af6ecf4ccc23e8566kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm366f98be9c759b1a0c83154a9e3a2de474e4afbf6600c12149628ed46f2e14a2kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm011bf1357ed906b856da1da696aa34b0363f0eded1c76a912905c9eed2072391kernel-doc-3.10.0-1160.15.2.el7.noarch.rpma403da577d61eca9239b730a897039157a0631dcb86dca6f68feb8fdc21a0282perf-3.10.0-1160.15.2.el7.x86_64.rpm90114f195d468dfecac0fb18a9ce5729b7d851a4cb0bcf939bf32d5a58dfdfcdSLSA-2021:0339-1Security Fix(es): * hardware: buffer overflow in bluetooth firmware (CVE-2020-12321)importantScientific LinuxScientific Linux 7linux-firmware-20200421-80.git78c0348.el7_9.noarch.rpma04f0ec2d675e33d01959e1a83242c245a2d39a7a2c944c9ff1009cdf6e45167iwl105-firmware-18.168.6.1-80.el7_9.noarch.rpm6c35d887982d431759d462240adc49e8ee0cf75846a4cadbda700b42ea88d394iwl6050-firmware-41.28.5.1-80.el7_9.noarch.rpm09990683afec4d460dac7bfe114f290ebc74fa8713f0ac58085a21e7f86c6998iwl6000g2a-firmware-18.168.6.1-80.el7_9.noarch.rpm4fa1b02c8567b22d22a9160f692c5bf1964b5b6ce2c69247a257dcb5e95848aciwl3160-firmware-25.30.13.0-80.el7_9.noarch.rpmb441c460e2aff73fff57433dc2c1a269499d061e7824dcc3a5f7e4776093ad9diwl5150-firmware-8.24.2.2-80.el7_9.noarch.rpm1309fbd237fcad5bbaf316bc5374f2020ab43416535194e4fac7404730bd0895iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch.rpma7da327f21ce36292d130875344e0e8a29685864c119177b2416a80190b9efdeiwl7260-firmware-25.30.13.0-80.el7_9.noarch.rpm50f87a1a5e9d58a92daf1f05b74d1eb117127a54d0d2da5c7c507619612af72fiwl1000-firmware-39.31.5.1-80.el7_9.noarch.rpmc639d41f580e6ba17208031184ec07414e2e09241967dce78acfc1036386bab2iwl2000-firmware-18.168.6.1-80.el7_9.noarch.rpmb2376b69963be7591f80ee41efad20b6c7001d42d260ab5d229287d2ec8d3ae0iwl6000-firmware-9.221.4.1-80.el7_9.noarch.rpmbf625e797575121e1d90ab40d4487d83578daf2dc8ee043453b4bd44c8cfdb21iwl100-firmware-39.31.5.1-80.el7_9.noarch.rpm707ce9d9cea1f66a7bb4e3c721711e9575cb5a927ec6644fedbbb30de12dd413iwl2030-firmware-18.168.6.1-80.el7_9.noarch.rpm0ccc1eeceda14b1c43ec3ba8060a006c0baa36948c3b6c13f60ab3342c7bc2f0iwl135-firmware-18.168.6.1-80.el7_9.noarch.rpmd7440a356a4d6c9feb4a573c817eb1e3dbcb37f4dc94dbdfeb6600e6f53f003ciwl3945-firmware-15.32.2.9-80.el7_9.noarch.rpm359d7aad7d2f44daf6f9f5e8fb3a227f45b7aba607138f749fc647b09297c245iwl6000g2b-firmware-18.168.6.1-80.el7_9.noarch.rpm61fac0b0aa5a70b9407d35efa59114947ff835794f071a1db6c66302b83e6115iwl4965-firmware-228.61.2.24-80.el7_9.noarch.rpm3ff0d2ff99bfb7b9d6e7ea6f3159545ee33521dea7558a0f2a8ffa9e75898c93SLSA-2021:0343-1Security Fix(es): * perl: heap-based buffer overflow in regular expression compiler leads to DoS (CVE-2020-10543) * perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (CVE-2020-10878) * perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723)moderateScientific LinuxScientific Linux 7perl-macros-5.16.3-299.el7_9.x86_64.rpma879c7b50bb471730f8ee371ff90439aa238254bacf7b8cd7873afbe3b42538bperl-Object-Accessor-0.42-299.el7_9.noarch.rpmd64afc4f611b5fadf848454ebc5d24ba6d29fad9eceb01e1b1eb9ef47f82d186perl-IO-Zlib-1.10-299.el7_9.noarch.rpm696a5ac2086dab867d43a0f6a9a8ed324d0887e3acf41c5a064c2c41122ac2b4perl-devel-5.16.3-299.el7_9.x86_64.rpm96de282bb6995063683f9a9e03302fcc8e3259ad67bf4023f8d20ab9793f6a02perl-5.16.3-299.el7_9.x86_64.rpm8a1ebda5a8b0d73310ce9a196fa387435c6c86e2b570476b10f055c13481c86dperl-Pod-Escapes-1.04-299.el7_9.noarch.rpm068db7d933a580c661090d8a379621bcee2d174b33a1d8976f5317b2ff59df6eperl-libs-5.16.3-299.el7_9.x86_64.rpm04d5bc27c7b13d66e657fd814dcbbe926f96552aa5805972137ccec6b9a23965perl-Module-CoreList-2.76.02-299.el7_9.noarch.rpmeb4fb6d9d0878452d5ffaeeec24440164ac1ad7ed67c47c6b0daaea384ebeeb6perl-Locale-Maketext-Simple-0.21-299.el7_9.noarch.rpm77c4bcc8c9ef5781b764dd9542a1596e8cf1b6a50edaaf11ca3a1b102aa2cc25perl-devel-5.16.3-299.el7_9.i686.rpm5ab0659408b632e1c380e0a22f046b28275a2ea546300491de5294deb3914044perl-Module-Loaded-0.08-299.el7_9.noarch.rpm75b836eb19a38795869ec7bed3116c6ff0ffd00da7ca9ff9821e8ca47839b359perl-ExtUtils-CBuilder-0.28.2.6-299.el7_9.noarch.rpm85e6da0f6a6dd62d6dc5e93f54aadeb0132ce1a8be521478e0e0dc004bb20763perl-Package-Constants-0.02-299.el7_9.noarch.rpmc6625ac445d3b437ea31e7828492f99e7a9db3ab7edf9de0b9b24402756a989fperl-ExtUtils-Install-1.58-299.el7_9.noarch.rpm37c2112c1518ee42c1df7e6f8fe87e262117d4f6ad41932686a04edc1b8ceea8perl-tests-5.16.3-299.el7_9.x86_64.rpm592b542b405321165353857c4695891647bc7a67673d5c68676e60b0fdcaa4c9perl-core-5.16.3-299.el7_9.x86_64.rpm1da5c538c63a3ecaa62da94d0bdc5d44ecc3f690ec2dda0632e2590c28092eddperl-libs-5.16.3-299.el7_9.i686.rpmac2d5dac30d4a5ce7ba68f7945408344ab95816306be5e169da469e58c0d7c5cperl-CPAN-1.9800-299.el7_9.noarch.rpme3c5ea3f13c03a16f5e33e284e704abdb353679e0cc3a4efd49921c39b8d867fperl-ExtUtils-Embed-1.30-299.el7_9.noarch.rpme89ea9809b4a2d6e54e5beff03ee40da52b44c48e659e0f85f239db2841bf276perl-Time-Piece-1.20.1-299.el7_9.x86_64.rpm43c6481cdb21258a36f8c8ecdb8a4512cb899ea3d99c5fd5709a1cee4e004463SLSA-2021:0347-1Security Fix(es): * QEMU: loader: OOB access while loading registered ROM may lead to code execution (CVE-2020-13765) * QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c (CVE-2020-16092) Bug Fix(es): * qemu-kvm FTBFS on rhel7.9moderateScientific LinuxScientific Linux 7qemu-kvm-common-1.5.3-175.el7_9.3.x86_64.rpm3d983d02fae65d5d2d794245897da2c827f12948c7a4ee123f80ca80ae9aceccqemu-kvm-tools-1.5.3-175.el7_9.3.x86_64.rpma5d343cba227c6c6f03908786c70e3da960559910b7c92460d14db8c2a4c0f2aqemu-img-1.5.3-175.el7_9.3.x86_64.rpmc63f9feea8f5a3ed3c274cf5193209dd2390dbc612b647c2ea50e74c3442d4f2qemu-kvm-1.5.3-175.el7_9.3.x86_64.rpm3e53c4a294b534c01ee62b3f8659b72b3f66297c9fef4145c78ffe5d9e5e2929SLSA-2021:0348-1Security Fix(es): * glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013) * glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions (CVE-2020-10029) * glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern (CVE-2020-29573) Bug Fix(es): * glibc: 64bit_strstr_via_64bit_strstr_sse2_unaligned detection fails with large device and inode numbers * glibc: Performance regression in ebizzy benchmarkmoderateScientific LinuxScientific Linux 7glibc-2.17-322.el7_9.i686.rpmeacc8efa6a1535da6f99f937267659b1ec828fcc3fa4a56f47093a9a8315a0caglibc-utils-2.17-322.el7_9.x86_64.rpma155c586e5c649ea52af5ef4ff5dc331be482d4a9e5c4ab76cf7a5288dd9b444nscd-2.17-322.el7_9.x86_64.rpmf75977b94de6357ed40a544a2303b9c7b8718902a93c2167721c2afcc9838949glibc-headers-2.17-322.el7_9.x86_64.rpm08a987cadf27a5435d8396d0aab85bc190e0c769adebb5d12441a18c54f5a6eeglibc-2.17-322.el7_9.x86_64.rpm7313f96fbe52fdf0ebe11d6f4104839038daa082391d8cebd0ce2ea53feaf182glibc-common-2.17-322.el7_9.x86_64.rpm8cbea99ed186c6a595b589a89239605dbf2e938c91f7c4163a3048d4e1e74e96glibc-static-2.17-322.el7_9.x86_64.rpm15893bf07ed763152dc3095f86c85e9d53b6fa08a4b88bd34ec084179d8c9f9bglibc-static-2.17-322.el7_9.i686.rpmc0ddb6b8b1d2c5a02c0430a5c0f7e13c771bdc14316e37090c97beaea11feeffglibc-devel-2.17-322.el7_9.x86_64.rpmc7e682d49ec90a9e70349e91dffb34b3e5542f8bde9305784e05b6e5988c9ea1glibc-devel-2.17-322.el7_9.i686.rpmf1012e0c66ae6b9a3d92cb167dd69f5096c1a450369f4bbdc677e3a52ffcfcf2SLSA-2021:0411-1Security Fix(es): * flatpak: sandbox escape via spawn portal (CVE-2021-21261)importantScientific LinuxScientific Linux 7flatpak-builder-1.0.0-10.el7_9.x86_64.rpm66b166ee3a30969fcbfd740f8798191aaf894a4056c4c2a7f7042a9669e71c5fflatpak-1.0.9-10.el7_9.x86_64.rpmd0145d8c5521f572cee69348e00b09664808dac4e662590d902cde19fa22ddedflatpak-devel-1.0.9-10.el7_9.x86_64.rpmc61b58e307ac1e785724862fa5f80d57d397110acfe5376f714c6d64087cb797flatpak-libs-1.0.9-10.el7_9.x86_64.rpm53e599519edd6b04990f2649ab7bf1bde929af36f047272d2e76b9b41697686bSLSA-2021:0617-1Security Fix(es): * xterm: crash when processing combining characters (CVE-2021-27135) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7xterm-295-3.el7_9.1.x86_64.rpm448e8b7f54e28e5c9703d5229aee2e63307a6bea9d70f84bd855c88859fc5a8cSLSA-2021:0656-1This update upgrades Firefox to version 78.8.0 ESR. Security Fix(es): * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23968) * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23969) * Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 (CVE-2021-23978) * Mozilla: MediaError message property could have leaked information about cross-origin resources (CVE-2021-23973) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEcriticalScientific LinuxScientific Linux 7firefox-78.8.0-1.el7_9.x86_64.rpmbffabc0d15725ce0f2db7e29a57216be2d3b29e90cf0e23635a246d57c21c2cafirefox-78.8.0-1.el7_9.i686.rpm538a8b1e2d4d02551f4ad78f403e7084b8f3fd3f64f30bc3365faba14fe7b146SLSA-2021:0661-1This update upgrades Thunderbird to version 78.8.0. Security Fix(es): * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23968) * Mozilla: Content Security Policy violation report could have contained the destination of a redirect (CVE-2021-23969) * Mozilla: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 (CVE-2021-23978) * Mozilla: MediaError message property could have leaked information about cross-origin resources (CVE-2021-23973) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-78.8.0-1.el7_9.x86_64.rpm1aa130714f02d6a5c556311988160f3c524434952a6b6e37c8b5523300e692e3SLSA-2021:0671-1Security Fix(es): * bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7bind-libs-9.11.4-26.P2.el7_9.4.x86_64.rpm9e5b6954ca3d6c7894e4f201dc81b3a44cc8cf313cb643ca80993250d9547edbbind-license-9.11.4-26.P2.el7_9.4.noarch.rpmd81fadde04be1fafc43fab22dc897c12cbb19a14fc937003d8d95ba767f91843bind-9.11.4-26.P2.el7_9.4.x86_64.rpm155fb158aedbbfa4309a2fc1adf9a9254c1e72832ec0430dbde5fd8000939dcbbind-pkcs11-9.11.4-26.P2.el7_9.4.x86_64.rpm38346b34188c8f02e33be391b9c1028daff131a0a07eb929d74946b40509a22cbind-devel-9.11.4-26.P2.el7_9.4.i686.rpmb41e52f3edca20a46f973b6dd81fd78b02a2d0c135774557825a882f2af91f13bind-sdb-chroot-9.11.4-26.P2.el7_9.4.x86_64.rpm75de22a7c836f42186a20178c133abd0833d0c7f608cb1872a24ead5ae2b0596bind-export-libs-9.11.4-26.P2.el7_9.4.i686.rpm3b21ac1132c5ac0564d420000174627746983bb56597497b7afa20ea1b190d44bind-lite-devel-9.11.4-26.P2.el7_9.4.i686.rpmea67cc77ffa069331349999858a7be56379764c27f50aa00f11994ed1db6fa60bind-pkcs11-utils-9.11.4-26.P2.el7_9.4.x86_64.rpm8ce0b348fce9caddf37e20278fe63d1e4bac52334a6403f1c4b4cb898d8d7eeabind-export-devel-9.11.4-26.P2.el7_9.4.i686.rpm5f919bfe6e9caae3aeb37ac98f75fb8e1dd268d48a739a6f26e988f9cb5ffcdbbind-export-libs-9.11.4-26.P2.el7_9.4.x86_64.rpm0e77cacde069f2e0f0d7cfd869a9bd2d68b63c6590cff598244fedf369b126efbind-pkcs11-libs-9.11.4-26.P2.el7_9.4.i686.rpma5b9ea01e6d83a3239e98c5c2e8e6ca8197a99b540fd9892eadbac9228b5e94bbind-pkcs11-devel-9.11.4-26.P2.el7_9.4.i686.rpm66663a2950103cfddb2b2f82893add4ddc1d4fb874136a91225bf566acb6d3adbind-devel-9.11.4-26.P2.el7_9.4.x86_64.rpm75a0b671d85195099bb672d52ce7bf7fb374f2def8985d6f2c8ad1be6185b8acbind-export-devel-9.11.4-26.P2.el7_9.4.x86_64.rpm3ddbdf296547fabaacae407f196f83ca4e63c7ce59bf70b98d7d54611641957ebind-pkcs11-devel-9.11.4-26.P2.el7_9.4.x86_64.rpm0cb5b1e3f2f602e1b5303ccfc199c83effa19de2cecccb547d247f0c4184a099bind-libs-lite-9.11.4-26.P2.el7_9.4.x86_64.rpme1645fffa1754662ae830cc70dea4f10d4b8bc0118a0418d0fb520dc4215eac5bind-chroot-9.11.4-26.P2.el7_9.4.x86_64.rpmc3863f0ffda833af04d3aabbb71c6855ecdb162552dbe1bb9a0909b2dd8d3a88bind-libs-9.11.4-26.P2.el7_9.4.i686.rpm23d6d30f7a3e3d1a5ce04d5dca4b240fbac6e2ba56d0b5fc4f50706aa9f82cc7bind-pkcs11-libs-9.11.4-26.P2.el7_9.4.x86_64.rpm82e44e5a3424840261903624d40dab0f3bef3083778f2b39620e718284f247f3bind-sdb-9.11.4-26.P2.el7_9.4.x86_64.rpm6ff982494cc963eca0c9b8829b0c2e54bb1c40f199bb66e79111c7f17169a152bind-utils-9.11.4-26.P2.el7_9.4.x86_64.rpmb2c9ec7a5b017591dbec8b4ce004c08404f77f88b6b86bab6a7425de98e969b7bind-lite-devel-9.11.4-26.P2.el7_9.4.x86_64.rpm1fa6d5cfee562631a69c72c711493521bb2ee0ce0781c824a931813e133eb96ebind-libs-lite-9.11.4-26.P2.el7_9.4.i686.rpmb6310e106c6c0a80ef9e0f873a5e7a774de6d8f5cba6ca65cb9e7abd23c62b60SLSA-2021:0699-1Security Fix(es): * grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled (CVE-2020-14372) * grub2: Use-after-free in rmmod command (CVE-2020-25632) * grub2: Out-of-bounds write in grub_usb_device_initialize() (CVE-2020-25647) * grub2: Stack buffer overflow in grub_parser_split_cmdline() (CVE-2020-27749) * grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled (CVE-2020-27779) * grub2: Heap out-of-bounds write in short form option parser (CVE-2021-20225) * grub2: Heap out-of-bounds write due to miscalculation of space required for quoting (CVE-2021-20233) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7grub2-efi-ia32-cdboot-2.02-0.87.sl7_9.2.x86_64.rpm211792b09de5351782267910616b09be86c67abe554507762bc029ab89f713ffgrub2-efi-ia32-modules-2.02-0.87.sl7_9.2.noarch.rpm91c1cbec8dedb06f74858471953cc877a5897595d67ccdfcf76ec92f57f75a4cgrub2-tools-extra-2.02-0.87.sl7_9.2.x86_64.rpmc999bc78e1c7d24ce12dff9c26b89727827463f3ee2f11ad6ad55695ac479321grub2-efi-ia32-2.02-0.87.sl7_9.2.x86_64.rpmd9d357ee4502829702d4de4272c92a61df523bd845e715f0f95ba8a04b68357dgrub2-common-2.02-0.87.sl7_9.2.noarch.rpma610c089ce1abe1c02eb23d1a75f32d70130c8670f7e8e6b751b6f1d80988078grub2-tools-2.02-0.87.sl7_9.2.x86_64.rpm9be8073a973b51f8bf465f1ba7c590e9068250fd7379e83ca46bd83a52f5d2f3grub2-pc-modules-2.02-0.87.sl7_9.2.noarch.rpmaf47dfa3848878a70d820bf584b6e27b477adfc7101a848e174f2a863fd0593dgrub2-efi-x64-2.02-0.87.sl7_9.2.x86_64.rpmbebee412feb48e7dd3053fe1436ae36d8dcb365da4e707c6e277d3510339dc66grub2-pc-2.02-0.87.sl7_9.2.x86_64.rpmf2b308408f69ad224c62a000f51ee6113a732caa79e13f048c6ca0dc3f3f9ec3grub2-efi-x64-cdboot-2.02-0.87.sl7_9.2.x86_64.rpmb7e8bbde9b06adc5a0547bc1a3eeaf5fd036048fd4b3f69ac9a6b5b4f4cd94dbgrub2-tools-minimal-2.02-0.87.sl7_9.2.x86_64.rpmbfd4e691d2d6adfe6486f9b58b48dad5c0f08ae2e264704e14be52fd9806a2ecgrub2-2.02-0.87.sl7_9.2.x86_64.rpma5cce68e0bdd981b7e54b89917843063ffb01baa386511f618d6b3d3c7022d7bgrub2-efi-x64-modules-2.02-0.87.sl7_9.2.noarch.rpm0ff26046d5996a5ff945f544bbdf505d6c8486faa7944e7efefa2fa7fd15a66bSLSA-2021:0742-1Security Fix(es): * screen: crash when processing combining chars (CVE-2021-26937) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7screen-4.1.0-0.27.20120314git3c2946.el7_9.x86_64.rpm04b381686a62e297500b1341fea5c3bc9d8d3c2a9d9708a47b83290754881a02SLSA-2021:0808-1Security Fix(es): * wpa_supplicant: Use-after-free in P2P provision discovery processing (CVE-2021-27803) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7wpa_supplicant-2.6-12.el7_9.2.x86_64.rpm9dc31d95856d46cb6ea4112361e906f5810c2e5fb807ed3171c9959c5764c7ffSLSA-2021:0851-1Security Fix(es): * pki-core: Unprivileged users can renew any certificate (CVE-2021-20179) * pki-core: XSS in the certificate search results (CVE-2020-25715) * pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146) * pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179) * pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221) * pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Add KRA Transport and Storage Certificates profiles, audit for IPAimportantScientific LinuxScientific Linux 7pki-server-10.5.18-12.el7_9.noarch.rpm27fbad63d48e3e5d745e3fa7226c4ff0c35826d1c159730c9dab129f41446f32pki-symkey-10.5.18-12.el7_9.x86_64.rpme8b4db9bf26442f9289a6ade6e8d75677b468c723c62a78555fef78dac9a052bpki-tools-10.5.18-12.el7_9.x86_64.rpmecd82e0ce19a61c9f8e51befbcb13609b71dd3297b543dff15cd31a7c738bd75pki-base-java-10.5.18-12.el7_9.noarch.rpmb667db533d0b0466cd9a7f191ed2f46ff7b6343365895224fdc58b4ccfdf8dbbpki-javadoc-10.5.18-12.el7_9.noarch.rpmbdd7527f205895ae73cada65090a85605f39ab7185d081b4d36572e13e0b01c2pki-kra-10.5.18-12.el7_9.noarch.rpm7f670bc1e1e47d342b2576e33faa19251ea3b33eac328048705c167d0e486a4epki-base-10.5.18-12.el7_9.noarch.rpm0650738faad52eaabc98983e443017fb63828e5b482060b4c112d7c239c9f00bpki-ca-10.5.18-12.el7_9.noarch.rpmb25de0464afb617728604cf1bc4f9918c412182ca2720ef7f00193e098eaf5a4SLSA-2021:0856-1Security Fix(es): * kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211) * kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374) * kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use- after-free (CVE-2020-29661) * kernel: malicious USB devices can lead to multiple out-of-bounds write (CVE-2019-19532) * kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427) * kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c (CVE-2020-7053) * kernel: performance counters race condition use-after-free (CVE-2020-14351) * kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints (CVE-2020-25645) * kernel: use-after-free in read in vt_do_kdgkb_ioctl (CVE-2020-25656) * kernel: ICMP rate limiting can be used for DNS poisoning attack (CVE-2020-25705) * kernel: increase slab leak leads to DoS (CVE-2021-20265) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * BUG: scheduling while atomic: memory allocation under spinlock in scsi_register_device_handler() * WARNING in __iscsit_free_cmd during recovery Abort * lpfc does not issue adisc to fcp-2 devices, does not respond to nvme targer that send an adisc. * Panic in semctl_nolock.constprop.15+0x25b * [SL 7.7][md]Crash due to invalid pool workqueue pointer, work queue race * Guest crash on intel CPU with -cpu host,-spec-ctrl,+ibpb * SL7.9 - kernel/uv: handle length extension properly * Commit b144f013fc16a06d7a4b9a4be668a3583fafeda2 'i40e: don't report link up for a VF who hasn't enabled queues' introducing issues with VM using DPDK * writing to /sys/devices/(...)/net/eno49/queues/tx-16/xps_cpus triggers kernel panic * [Hyper-V][SL-7.9]video: hyperv_fb: Fix the cache type when mapping the VRAM Edit * kvm-rhel7.9 [AMD] - system crash observed while powering on virtual machine with attached VF interfaces. * kernel: nvme nvme7: Connect command failed, error wo/DNR bit: 2 * dm-mirror crashes from assuming underlying storage will have a non-NULL merge_bvec_fn * watchdog: use nmi registers snapshot in hardlockup handler * [DELL EMC 7.9 BUG] - Intel E810 NIC interfaces are not functional in SL 7.9 on system with AMD Rome CPUs * [DELL EMC BUG] SL system log shows AMD-Vi error when system connected with Gen 4 NVMe drives.importantScientific LinuxScientific Linux 7kernel-abi-whitelists-3.10.0-1160.21.1.el7.noarch.rpm6094e9603b4da2bd6f6ba4f79b712d16a8d14b56191887cfcc8d668c5e2362d3python-perf-3.10.0-1160.21.1.el7.x86_64.rpm038ef49230c56246614a9e976d4e48bf691c27dd1babf0c510652da1ecda040fkernel-debug-devel-3.10.0-1160.21.1.el7.x86_64.rpm0100ae043f3b4577d767caf812e96a0c2347a2d109e71d143e3bc254b9b10ddbkernel-3.10.0-1160.21.1.el7.x86_64.rpmef252a2debd82692426f4c01bf78fbc47a5fd2373952a6843a3bb47333493e49kernel-tools-libs-devel-3.10.0-1160.21.1.el7.x86_64.rpm62d08da1cc34e06dd21140d6be0ca0f6e7869848011f83c5a23144333caf3a2ekernel-tools-3.10.0-1160.21.1.el7.x86_64.rpmd48e0daae8ef795b5f3cf826a5881096543adf966c215e3388fa49de360c058fbpftool-3.10.0-1160.21.1.el7.x86_64.rpmf4f24d0198c3147ef985fad6a6f613c5aa3129c52651d6c13beb40148b07493fkernel-tools-libs-3.10.0-1160.21.1.el7.x86_64.rpm8f972059f758fb7bee95648c26a782e740d4fdfa4df401a6a1148e86a46d9871perf-3.10.0-1160.21.1.el7.x86_64.rpm6ffd6ee9056d8b8f8c7239bb253fd49c4e0a57d1dce37430e7feb045b84e089bkernel-debug-3.10.0-1160.21.1.el7.x86_64.rpma287d94257eaa061dbe260bb586cba664091cb667304204191a35dd9db5978aakernel-devel-3.10.0-1160.21.1.el7.x86_64.rpmff02f6293b776f7974a19d1df5e50d274398f2b81212892aa18f9004c1920919kernel-headers-3.10.0-1160.21.1.el7.x86_64.rpm9aaef01ecab63328e3ee79422bf5342559480ec96b42b3e1ebf609a58030336ekernel-doc-3.10.0-1160.21.1.el7.noarch.rpmadfcbf58602c4b3dbbd37b346c6368af906a4c0af87daa81824d1135b0976a3dSLSA-2021:0860Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * jquery: Passing HTML containing &lt;option&gt; elements to manipulation methods could result in untrusted code execution (CVE-2020-11023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * cannot issue certs with multiple IP addresses corresponding to different hosts (BZ#1846349) * CA-less install does not set required permissions on KDC certificate (BZ#1863619) * IdM Web UI shows users as disabled (BZ#1884819) * Authentication and login times are over several seconds due to unindexed ipaExternalMember (BZ#1892793) * improve IPA PKI susbsystem detection by other means than a directory presence, use pki-server subsystem-find (BZ#1895197) * IPA WebUI inaccessible after upgrading to RHEL 8.3 - idoverride-memberof.js missing (BZ#1897253) moderateScientific Linux 7ipa-client-4.6.8-5.sl7_9.4.x86_64.rpm1ed4bf14bd52dc244d62b6916df8470e09377e46366a271670570b0061ae62d0ipa-python-compat-4.6.8-5.sl7_9.4.noarch.rpmaeffe6fb3d8ef7a95f472e281a7cfdeede480ba3e6f5c08565584bb163a5f20dpython2-ipaclient-4.6.8-5.sl7_9.4.noarch.rpm9ff8b4cb8abe9ed22d2ccbc4fc24bf9f5c69da12e614592e1128d818280a7085ipa-common-4.6.8-5.sl7_9.4.noarch.rpmd4febde3124992711419e10f72a60fed11bd033cab1c426a6b9cb7a0a862cc42ipa-server-4.6.8-5.sl7_9.4.x86_64.rpm3bc5d8e6824bcb898657402f40baa86030f2ed3eff94f1ff0b806f58b69f9aaapython2-ipaserver-4.6.8-5.sl7_9.4.noarch.rpm9b29cedcbaed715cc305adfb56233bfada6d59d95e46d69f348ea4f78c904993ipa-server-trust-ad-4.6.8-5.sl7_9.4.x86_64.rpmb1ffa453b3b8caee571c289db11631bdcaf82a08b717da819c84bcfececb7493python2-ipalib-4.6.8-5.sl7_9.4.noarch.rpm8136719389c6e1ad756cefa0e711d90ed61d67b9d8957f5b473daf227e478eabipa-client-common-4.6.8-5.sl7_9.4.noarch.rpmf22012aec24260700ec750141870e1af40568ead8cac252af493ae9124daf9b7ipa-server-dns-4.6.8-5.sl7_9.4.noarch.rpmf915a15b5337d345c496b3db7f86bff99fb018766ed8a2892868bdcbfdc6f7e8ipa-server-common-4.6.8-5.sl7_9.4.noarch.rpm4f3b2a4c67baf3947332d06ac24edffb730353ea58514553191762376a3db5f5SLSA-2021:0992-1This update upgrades Firefox to version 78.9.0 ESR. Security Fix(es): * Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981) * Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987) * Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982) * Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-78.9.0-1.el7_9.i686.rpm449df14cbc360743a3ab34d43f07a97ec2ae373f63491b35c475434ecfb308c5firefox-78.9.0-1.el7_9.x86_64.rpmad40a8508cce4f79864e7962536bb3f03c4fabb32ecc482d6995b438af64895fSLSA-2021:0996-1This update upgrades Thunderbird to version 78.9.0. Security Fix(es): * Mozilla: Texture upload into an unbound backing buffer resulted in an out-of-bound read (CVE-2021-23981) * Mozilla: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9 (CVE-2021-23987) * Mozilla: Internal network hosts could have been probed by a malicious webpage (CVE-2021-23982) * Mozilla: Malicious extensions could have spoofed popup information (CVE-2021-23984) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-78.9.0-3.el7_9.x86_64.rpm9166b8b1c37e08b4a4701b5003444858ecacb6bcdc9d9b193f7e4d3b351b924aSLSA-2021:1002-1Security Fix(es): * flatpak: "file forwarding" feature can be used to gain unprivileged access to files (CVE-2021-21381) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7flatpak-libs-1.0.9-11.el7_9.x86_64.rpma0c8d1985df717702a00c219b1dfd9411914253a7af93163f746b240db61095cflatpak-builder-1.0.0-11.el7_9.x86_64.rpm00b6c14edd3fba4506b7a3230dca8b89b5540cebc377e2a51f7db1bd3ca4597bflatpak-1.0.9-11.el7_9.x86_64.rpmcf33c9234e001b7606a40cc1b452c7b75d25d06e6005bde9a65aa998a9ad0676flatpak-devel-1.0.9-11.el7_9.x86_64.rpm6521ddac74e82ae43234671eddc5f24b795a47e80b72b9e7a97ff01c824d8094SLSA-2021:1071-1Security Fix(es): * kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) * kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) * kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Customer testing eMMC sees and intermittent boot problem on 7.8+, was not seen on 7.3 * tcm loopback driver causes double-start of scsi command when work is delayed * [Azure][SL-7]Mellanox Patches To Prevent Kernel Hang In MLX4 * A patch from upstream c365c292d059 causes us to end up leaving rt_nr_boosted in an inconsistent state, which causes a hard lockup. * [SL7.9.z] Add fix to update snd_wl1 in bulk receiver fast pathimportantScientific LinuxScientific Linux 7python-perf-3.10.0-1160.24.1.el7.x86_64.rpm2f2fd4117c14eeede25c4093b900d7201919a46389f10857579254ea0eff776bkernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpmcb76211b757a3cd464b24f2d7060fe2d0e72afa9d11fc8f3469391eb16fde71ckernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpmf1afb9b8996e3da3191f1c34adc71dc6a7647897dec1cfc5f1d92b0de7032716kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm656c38db2453c891ad2c45f9cfb9e74539e60e77471f2bd16c7825c9ec494794kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpme8adb9705ab08223016f1a2d3f3bbe7cc9527178c1416d3e9701c563b42fc66dperf-3.10.0-1160.24.1.el7.x86_64.rpmaa3218f14b92997019671e64c7e60538305d57e6c18be05678bb7221b3a44707kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm45e0d2a3eec5f01530801e319c16cf353c1f4f01e2f671899c1538957580233dkernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm2a5af3560c0d2b58d3e92e072f21cbac7d005054e5669bb750df3ad80e342df9kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm40794e52ae66c3260a991b1ec548f180df2c79ae3be19e9ae2469ce661494ff0kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm4e1999914ac5f99b35772588a3724ac771e06bf70bccb969b19a7f947346c40dkernel-3.10.0-1160.24.1.el7.x86_64.rpm8b02c778e6f475a8c05a6fd907f4a30cbf2b398de2db16b774c0e8f80dbf7639kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpmaf70c25c4ef9a8ad37b20d2897f7284b9821b5f051e96e2323c73913435c71e1bpftool-3.10.0-1160.24.1.el7.x86_64.rpme8937433e163b569db4594a6ef9ca6282fc9d0a4c26320c2b8ad3fa4594bdc77SLSA-2021:1072-1Security Fix(es): * samba: Out of bounds read in AD DC LDAP server (CVE-2021-20277) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7libldb-1.5.4-2.el7_9.i686.rpmc8d61843617f2cb1f30708c3766acab28cf3322cd4463a6440845f80e58e0006ldb-tools-1.5.4-2.el7_9.x86_64.rpm5a30e6206b96aa941cf5bc0787be552ed795b37a5bcaa3a6c566e416ae0cdeaclibldb-devel-1.5.4-2.el7_9.x86_64.rpmf075bcf6db662ef2ff6165da440e97f8d5daf699c0ca75a1429fc2ae623a0680pyldb-devel-1.5.4-2.el7_9.i686.rpm49a598cb1f95a358da7e166ce9e7e42690b515c9300f27f66e3348c87bbccf6bpyldb-1.5.4-2.el7_9.i686.rpm592e2a51c0c0d2c9a8cbb6ec431564ac5672d3b5cf36c580ed538c146e63b7eblibldb-1.5.4-2.el7_9.x86_64.rpm35c4dfcc466c55a684cde022968cfdc5ed8f6a7908615dacf8de89abead874b5pyldb-devel-1.5.4-2.el7_9.x86_64.rpm0b05d33f911795ff1eed0b117ae6d8f659ca91a120a52db97b25120f8ad1055dpyldb-1.5.4-2.el7_9.x86_64.rpm81b3e1a7462a0ab7d801d10d06cdb7ed1bab30a7ecce8be02a42815c88acb34elibldb-devel-1.5.4-2.el7_9.i686.rpm459a9a0a10f37d4d5422f8b7bd6395b4812e62746ceb5112c9e4686a45100076SLSA-2021:1135-1Security Fix(es): * squid: improper input validation may allow a trusted client to perform HTTP request smuggling (CVE-2020-25097) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7squid-migration-script-3.5.20-17.el7_9.6.x86_64.rpm5f4efbb47e4ef8bbc123c76ee5739139033149ca48f605398cce3d283a615c5csquid-3.5.20-17.el7_9.6.x86_64.rpm01e8917843e5d9f7a76ba9ed41ea78f043ea28b08aa9d34e1f89abae28a4f03csquid-sysvinit-3.5.20-17.el7_9.6.x86_64.rpm51672f3d8d35b136ea56a3926eb0d200f56f7a2a7323edc37fb2a2367a10748eSLSA-2021:1145-1Security Fix(es): * nettle: Out of bounds memory access in signature verification (CVE-2021-20305) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7nettle-2.7.1-9.el7_9.i686.rpm3a8ab2056c7e273d4f5e3b312f3cae6e1231f8f22fd6e4c7e7a7a47b33230b87nettle-devel-2.7.1-9.el7_9.i686.rpma6ee2bc74687ca5ddc54502f97621d44d3b20108dc5bb3fce0b5199f5f156d72nettle-devel-2.7.1-9.el7_9.x86_64.rpmed4b165b6393d04c01395bbffabde34c663918d165af9a17d15c8ffc49829fc9nettle-2.7.1-9.el7_9.x86_64.rpm631114eff14ce13570db80ea06c014964225734de427b1f5ed72f06315e9985dSLSA-2021:1192-1This update upgrades Thunderbird to version 78.9.1. Security Fix(es): * Mozilla: An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991) * Mozilla: A crafted OpenPGP key with an invalid user ID could be used to confuse the user (CVE-2021-23992) * Mozilla: Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key (CVE-2021-23993) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7thunderbird-78.9.1-1.el7_9.x86_64.rpm15b668cdfd777d49d74ef2aa02560696e79393a9ea3435db1cd9eca0c1112f0aSLSA-2021:1297-1Security Fix(es): * OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (8249906) (CVE-2021-2163) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * JNI local refs exceeds capacity warning in NetworkInterface::getAllmoderateScientific LinuxScientific Linux 7java-11-openjdk-devel-11.0.11.0.9-1.el7_9.x86_64.rpm0034ea4bb6360a4195b2e893473abe05a4caa5d3fba1bb2f947031a3a0fb23bdjava-11-openjdk-11.0.11.0.9-1.el7_9.i686.rpm3ba7659fe7c21237ddda65067f9bb0890b009f76b99da806d44b95de2f97090djava-11-openjdk-src-11.0.11.0.9-1.el7_9.i686.rpm4f998f3be20e475b38d401b610ce40fc3075b39248e60e4b0e45f67c11a6805bjava-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.i686.rpm8c32b31903c528c50a3c9f314fc80503666bdde1e27c87f65b8f07b22fbe9558java-11-openjdk-demo-11.0.11.0.9-1.el7_9.i686.rpm2eddd05a74f9ce62bca7c94ecb11d6e12d0625b51b7d497c3b1f0b24fb3b82d8java-11-openjdk-headless-11.0.11.0.9-1.el7_9.i686.rpmb831a9d9f5307edb419c8930fd5099ddfbaaf35b776a30084af53e8cd977e1d8java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.x86_64.rpma92890f9b8897ff784d2e09cde43a32bcefc529e957334f81ad717bdf0ef804ajava-11-openjdk-javadoc-zip-11.0.11.0.9-1.el7_9.x86_64.rpm81ff8c66823e9f782647553c4a9813a7c6bfe157175608311fc2b820f514483bjava-11-openjdk-jmods-11.0.11.0.9-1.el7_9.x86_64.rpm3b832771787ee5616db81159d8160c2730f7ffbb49acef711362ecf717af0062java-11-openjdk-jmods-11.0.11.0.9-1.el7_9.i686.rpm063d70c16819779f8dd01c87fed8f1414af2f4e4e6170fa8589352be7a259200java-11-openjdk-src-11.0.11.0.9-1.el7_9.x86_64.rpmdacfb2f2f25e11ffa8ee9bf607585542ad824f662579fdb8c497a98b80f7e706java-11-openjdk-devel-11.0.11.0.9-1.el7_9.i686.rpmd5a59b97373234482ec6638e3c0f5b8e6634b1a516221f18411c301d78b93cf2java-11-openjdk-11.0.11.0.9-1.el7_9.x86_64.rpm792639abaff2f0c400ac29f6632604909863bc86c812ffb374b0cdd78172eef7java-11-openjdk-static-libs-11.0.11.0.9-1.el7_9.x86_64.rpma8ad8dd549b80506f39dd78eb7a580a83f13b05f9e4e20b17746ffe9fb940ab6java-11-openjdk-javadoc-11.0.11.0.9-1.el7_9.i686.rpm80c07f488b277fe77a6804f464351a593c6eec64ccd99cc9625c423fa316d30cjava-11-openjdk-headless-11.0.11.0.9-1.el7_9.x86_64.rpm2ad3fb50999eb4448ecaa27c4c74e591a26a89d8afb93a3664485d53d4265d48java-11-openjdk-demo-11.0.11.0.9-1.el7_9.x86_64.rpm2fd6b328021bbc7b816576def60e0caeb865777f0a739f8bf42ba154122d2340SLSA-2021:1298The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (8249906) (CVE-2021-2163) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7java-11-openjdk-debug-11.0.11.0.9-1.el7_9.x86_64.rpm20f1ecd8e9bf9493f51e9e3e4ad46f03716f572e0d03aa6ed89bcb0422a736d5java-11-openjdk-devel-debug-11.0.11.0.9-1.el7_9.x86_64.rpmb1707f74e24c39439f064c2c0608d13521966668120480c3a0e392511838f7d3java-1.8.0-openjdk-src-debug-1.8.0.292.b10-1.el7_9.x86_64.rpm0497048dabe9d531c1ec54f14cdbcb011ac31893866ef21176a3776c93fc86b6java-1.8.0-openjdk-debug-1.8.0.292.b10-1.el7_9.i686.rpmc9ecdbedd7a440f9e6e1502dacbdd2ca61a677acc91882764ec9728f61020162java-1.8.0-openjdk-debug-1.8.0.292.b10-1.el7_9.x86_64.rpm755ab6e8a59dc81a4d169f0795737c1eb5efa94ff5da876423486843206c50c0java-11-openjdk-headless-debug-11.0.11.0.9-1.el7_9.x86_64.rpm90c0f00388fc9e9eac0870a6558600244a789e5527841d0441099baf08764adbjava-1.8.0-openjdk-devel-debug-1.8.0.292.b10-1.el7_9.x86_64.rpm48bcc55e3c9f9449e580635946425f8e9913b40d6a1d772c01ee6bd8545145c0java-1.8.0-openjdk-headless-debug-1.8.0.292.b10-1.el7_9.x86_64.rpm6f1c618f7b579e38486cf7ef243f41eafce72022a794e139d8163c2abcb1f737java-1.8.0-openjdk-src-debug-1.8.0.292.b10-1.el7_9.i686.rpm7a37644b790d36eebc1a9ef0d0ddb8856db0c32523139b8be8cd1a31b9ccab1ajava-11-openjdk-src-debug-11.0.11.0.9-1.el7_9.i686.rpmca7ea3307804ce88ab2f3fccd44456f9cdc9828683df5cf677c636ac8d01ddb1java-11-openjdk-javadoc-zip-debug-11.0.11.0.9-1.el7_9.i686.rpmd12b1cb6a0c7d32067a6dfd14876769e23d5b384c6edadbce494b24eca63d328java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.292.b10-1.el7_9.noarch.rpm09cd33f2498b4600c66a4b50b804b380bf784fa1a8c0eb3f92ec6156b74e310ejava-11-openjdk-demo-debug-11.0.11.0.9-1.el7_9.x86_64.rpm3d7626bbf610ca3321dbbe2f152ce1080dda51c998b72bcbbdc9deedd3994f50java-1.8.0-openjdk-headless-debug-1.8.0.292.b10-1.el7_9.i686.rpm025f84677045b1bc006ff4fb9b94d983e93bbafb5c5227c155801e50cee9a69fjava-11-openjdk-demo-debug-11.0.11.0.9-1.el7_9.i686.rpm4e2b3380bfbe792c3dc17ec39c66108b64fd7d6268873a85c9507dc39c817823java-1.8.0-openjdk-demo-debug-1.8.0.292.b10-1.el7_9.x86_64.rpmfe3d03c7aa5b25bbbba8bbfec4966633a33aa87bd64561c061609c0cd98cb7a1java-11-openjdk-static-libs-debug-11.0.11.0.9-1.el7_9.x86_64.rpmd5a2b4ebf25305d2d76e406d8c7425458f422b7a082c2abe2542d5304fbb9f76java-1.8.0-openjdk-devel-debug-1.8.0.292.b10-1.el7_9.i686.rpm24e32f28858eac569e35cea1acfad83e9778475a851a563f6243ebf7583b8f78java-11-openjdk-jmods-debug-11.0.11.0.9-1.el7_9.i686.rpm0d4f527254b81660e0c00bd87b366e7d938b953f30a37bc2a819f4a596a14dabjava-11-openjdk-src-debug-11.0.11.0.9-1.el7_9.x86_64.rpm12a30ec6773dd5188740529f8a94d3fa98311a5609376c0f73a079eb63ef905ajava-11-openjdk-headless-debug-11.0.11.0.9-1.el7_9.i686.rpmea7f20e35d355ba99ac2c946c02a7c2f8ce5a4d445825c5ad3929c0dac8138eajava-11-openjdk-debug-11.0.11.0.9-1.el7_9.i686.rpma2d0c0863c67920e8212c5175b77d34a9210a5febc07280fcbbc4f2b323d5a93java-11-openjdk-javadoc-debug-11.0.11.0.9-1.el7_9.i686.rpm82ebb5ea88130b5baccde7fb30ab71a4ce8e87394a7fd4c09d94ea03590eee12java-11-openjdk-javadoc-debug-11.0.11.0.9-1.el7_9.x86_64.rpm807f249ef9285c017d4dfee5c2e940521554d6c8378206c08d3cc4b1095b6aadjava-11-openjdk-devel-debug-11.0.11.0.9-1.el7_9.i686.rpmbca96f85c4ef034058789f509a0d5bb4b6677339dfdf275cdf1cfebf14239580java-1.8.0-openjdk-javadoc-debug-1.8.0.292.b10-1.el7_9.noarch.rpme8f5ec498e68ffd8e77385a6f7666685c600940e1b7c66a577294259d5a43066java-1.8.0-openjdk-accessibility-debug-1.8.0.292.b10-1.el7_9.i686.rpm1fb515ba0185aa49efac841b994ee51361d81257bc667d3674e4609211e715aajava-11-openjdk-jmods-debug-11.0.11.0.9-1.el7_9.x86_64.rpm2bdcbc12db372cf829c93a6fa9cb4b88acf5e3a49d80a069d05213adc493bfe7java-1.8.0-openjdk-demo-debug-1.8.0.292.b10-1.el7_9.i686.rpm0a1c20ad5252902044a839f3c8263fff1d22f7ea5cf00046b9cc6491932c1408java-1.8.0-openjdk-accessibility-debug-1.8.0.292.b10-1.el7_9.x86_64.rpm910eb565d7499e6844c58b3773f584cc6e0e2c05d3750de5452e9e2471a87507java-11-openjdk-javadoc-zip-debug-11.0.11.0.9-1.el7_9.x86_64.rpm1060c8a7f5760644787be8e5ee05857ff13a5300c3823256589628ca2a701d2fSLSA-2021:1298-1Security Fix(es): * OpenJDK: Incomplete enforcement of JAR signing disabled algorithms (8249906) (CVE-2021-2163) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7java-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.x86_64.rpm6edeaf04168713d76c97ac60d7d99896e8c692e4aa5d0cd60229911165f2d729java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.x86_64.rpmadbacd36f4f9b5815f023d1a88175b6c1e014528885323bd2d05bfb02ae9f28ejava-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.x86_64.rpm8f1e47839e3931532edd0952d2dd654a0ab2a021655e0ab0c01a2e0ab3c8e228java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.x86_64.rpm087265fadbbacc30a0aa9e3b485705ca587ead4d557bc9244d30c797c9b5b7fbjava-1.8.0-openjdk-headless-1.8.0.292.b10-1.el7_9.i686.rpm7284648b1cfbdcf5702d0ae9bf0ecf10dd9128adcbdc0cf3b951b5ff24b9b064java-1.8.0-openjdk-javadoc-1.8.0.292.b10-1.el7_9.noarch.rpmca42c18ea84acad61b4d70f3092f9a7ece7183a707fdf308926585290aab5dddjava-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.x86_64.rpmd03c8ce0b348dd6928c11d3dfb645d2a4657f44f170706201fc479d8a627cb42java-1.8.0-openjdk-accessibility-1.8.0.292.b10-1.el7_9.i686.rpmd77c4ada5fda9a0850e0d37927c004f34a5b595a9da58dcf9a3b432ff325a164java-1.8.0-openjdk-demo-1.8.0.292.b10-1.el7_9.i686.rpmdcf161f4074c15ee5784e48bbe788ea29a66a3826a3d5f9fcc2a0100baceb2dfjava-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.i686.rpm623d9d3fedf80e8038397f5569802131699c05b528dbec27d9893875c316c419java-1.8.0-openjdk-javadoc-zip-1.8.0.292.b10-1.el7_9.noarch.rpmadf23389a8a04651ea763f3883c9f77bc38564835bf1bb76599423a1071f66c2java-1.8.0-openjdk-src-1.8.0.292.b10-1.el7_9.i686.rpm7213a69373655871bf60b0bc346bb499a8329615a5516b39f1daec67a15d1ebdjava-1.8.0-openjdk-1.8.0.292.b10-1.el7_9.x86_64.rpm729ea2ffc7c834f188bd8afb5aacc960a453e5542edde397ac1eebc821ac7ab5java-1.8.0-openjdk-devel-1.8.0.292.b10-1.el7_9.i686.rpma5bb2b2a2acf5261549aba3fa664dd82c550f31a4e3ffc8bbe1f1cb52ebd4a6aSLSA-2021:1350-1This update upgrades Thunderbird to version 78.10.0. Security Fix(es): * Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) * Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) * Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) * Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) * Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) * Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) * Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) * Mozilla: Port blocking could be bypassed (CVE-2021-29946) * Mozilla: Race condition when reading from disk while verifying signatures (CVE-2021-29948) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - thunderbird-78.10.0-1.el7_9.x86_64.rpm - thunderbird-debuginfo-78.10.0-1.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7thunderbird-78.10.0-1.el7_9.x86_64.rpm27ff7bb70e8a0f52811bae4fed2444655d1143c8e82d93338a5c3a20588f2fc6SLSA-2021:1354-1Security Fix(es): * XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet (CVE-2021-21344) * XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry (CVE-2021-21345) * XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue (CVE-2021-21346) * XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator (CVE-2021-21347) * XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader (CVE-2021-21350) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 noarch - xstream-1.3.1-13.el7_9.noarch.rpm - xstream-javadoc-1.3.1-13.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7xstream-javadoc-1.3.1-13.el7_9.noarch.rpm2ecc7fa6ee2bb422a255f7346c1a40b982110351e3e3d93daa2dcbc7ec134fb2xstream-1.3.1-13.el7_9.noarch.rpm9002183ae963575c82637c92eaf93e240c2fae160ecf24a6e2913de1a5d8637dSLSA-2021:1363-1This update upgrades Firefox to version 78.10.0 ESR. Security Fix(es): * Mozilla: Out of bound write due to lazy initialization (CVE-2021-23994) * Mozilla: Use-after-free in Responsive Design Mode (CVE-2021-23995) * Mozilla: More internal network hosts could have been probed by a malicious webpage (CVE-2021-23961) * Mozilla: Secure Lock icon could have been spoofed (CVE-2021-23998) * Mozilla: Blob URLs may have been granted additional privileges (CVE-2021-23999) * Mozilla: Arbitrary FTP command execution on FTP servers using an encoded URL (CVE-2021-24002) * Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads (CVE-2021-29945) * Mozilla: Port blocking could be bypassed (CVE-2021-29946) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - firefox-78.10.0-1.el7_9.i686.rpm - firefox-78.10.0-1.el7_9.x86_64.rpm - firefox-debuginfo-78.10.0-1.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7firefox-78.10.0-1.el7_9.i686.rpmdbeaf4541e0a177fed5c3a943650a1c55f6c5ca4be2278bf258e750e8da3258bfirefox-78.10.0-1.el7_9.x86_64.rpm668cd09b9146cfe77e64f0561ed96cc794dde90f1c701d4eaf63ae128e432131SLSA-2021:1384-1Security Fix(es): * nss: TLS 1.3 CCS flood remote DoS Attack (CVE-2020-25648) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * FTBFS: Paypal Cert expired * FTBFS: IKE CLASS_1563 fails gtest * Cannot compile code with nss headers and -Werror=strict-prototypes * CA HSM ncipher token disabled after SL-7.9 update --- SL7 x86_64 - nss-3.53.1-7.el7_9.i686.rpm - nss-3.53.1-7.el7_9.x86_64.rpm - nss-debuginfo-3.53.1-7.el7_9.i686.rpm - nss-debuginfo-3.53.1-7.el7_9.x86_64.rpm - nss-devel-3.53.1-7.el7_9.i686.rpm - nss-devel-3.53.1-7.el7_9.x86_64.rpm - nss-pkcs11-devel-3.53.1-7.el7_9.i686.rpm - nss-pkcs11-devel-3.53.1-7.el7_9.x86_64.rpm - nss-sysinit-3.53.1-7.el7_9.x86_64.rpm - nss-tools-3.53.1-7.el7_9.x86_64.rpmmoderateScientific LinuxScientific Linux 7nss-pkcs11-devel-3.53.1-7.el7_9.x86_64.rpm9de797b2cfcdc8cc229ef47fb4ec244a8feaab780959d0be0ac2e754a7965709nss-pkcs11-devel-3.53.1-7.el7_9.i686.rpm2a04e2b686baf9f3095fb36281f181cac13d70033a54c2c6478cfcde3edd16b8nss-tools-3.53.1-7.el7_9.x86_64.rpm64916d0f417c88546d00651592a19f62947019455574ac2f7b04887a6934868dnss-3.53.1-7.el7_9.i686.rpm46fa84cb2dca239707b5af9e20f16ccc5d9294315fe37e9b522bf89800dbcb3enss-devel-3.53.1-7.el7_9.i686.rpm92efd45efbd9743b4c1338be321742f0ffc9b0c2f3dc9423d465909e0891587cnss-3.53.1-7.el7_9.x86_64.rpm8a388e9732a15b191de402c4877cd8f4a610ae3f6b531180147ca991458310e4nss-devel-3.53.1-7.el7_9.x86_64.rpmc7e84f4e7bce7eaa95ae02f5ada3ca4674e75b25f31695be6fcc139129f18567nss-sysinit-3.53.1-7.el7_9.x86_64.rpm944e84dff5016a57957f4fd0e4f7ac40d2b03659d269083286aa3cc20749fabeSLSA-2021:1389-1Security Fix(es): * openldap: NULL pointer dereference for unauthenticated packet in slapd (CVE-2020-25692) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - openldap-2.4.44-23.el7_9.i686.rpm - openldap-2.4.44-23.el7_9.x86_64.rpm - openldap-clients-2.4.44-23.el7_9.x86_64.rpm - openldap-debuginfo-2.4.44-23.el7_9.i686.rpm - openldap-debuginfo-2.4.44-23.el7_9.x86_64.rpm - openldap-devel-2.4.44-23.el7_9.i686.rpm - openldap-devel-2.4.44-23.el7_9.x86_64.rpm - openldap-servers-2.4.44-23.el7_9.x86_64.rpm - openldap-servers-sql-2.4.44-23.el7_9.x86_64.rpmmoderateScientific LinuxScientific Linux 7openldap-devel-2.4.44-23.el7_9.x86_64.rpmc4ab39a53ed3b7bb4f40dc04dcb331d76549a4e65f7f0b133ce34c3ad4929f6dopenldap-2.4.44-23.el7_9.x86_64.rpm7d1b468fd544df1619789b5b84c2e9bbc652e6b5b28bdc697819b0d9cc7e94b8openldap-clients-2.4.44-23.el7_9.x86_64.rpmc8b54025ff6c00c6b495fc954f5b7df7858a05b302acd95c0e9898863aa85ac9openldap-2.4.44-23.el7_9.i686.rpmfd10af55c5e2b360e0ee4415366c8a70c20d17bee41f8fba730521a9f5087edeopenldap-servers-2.4.44-23.el7_9.x86_64.rpma2a6a577481dfc70c41991fcd7fc83d5f9ef43bf8858b216813cf13e3bdd56d9openldap-servers-sql-2.4.44-23.el7_9.x86_64.rpm85aecde5a653c61d7d092db4c474810a86c2a72839d3d618dcea9e943f0d568copenldap-devel-2.4.44-23.el7_9.i686.rpm148afb143da738103e79fa5ef8fd77a8967b0badc3662c6b1a0d0705527fb980SLSA-2021:1469-1Security Fix(es): * bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself (CVE-2021-25215) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - bind-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-chroot-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-debuginfo-9.11.4-26.P2.el7_9.5.i686.rpm - bind-debuginfo-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-devel-9.11.4-26.P2.el7_9.5.i686.rpm - bind-devel-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-export-devel-9.11.4-26.P2.el7_9.5.i686.rpm - bind-export-devel-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-export-libs-9.11.4-26.P2.el7_9.5.i686.rpm - bind-export-libs-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-libs-9.11.4-26.P2.el7_9.5.i686.rpm - bind-libs-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-libs-lite-9.11.4-26.P2.el7_9.5.i686.rpm - bind-libs-lite-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-lite-devel-9.11.4-26.P2.el7_9.5.i686.rpm - bind-lite-devel-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-pkcs11-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-pkcs11-devel-9.11.4-26.P2.el7_9.5.i686.rpm - bind-pkcs11-devel-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-pkcs11-libs-9.11.4-26.P2.el7_9.5.i686.rpm - bind-pkcs11-libs-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-pkcs11-utils-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-sdb-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-sdb-chroot-9.11.4-26.P2.el7_9.5.x86_64.rpm - bind-utils-9.11.4-26.P2.el7_9.5.x86_64.rpm noarch - bind-license-9.11.4-26.P2.el7_9.5.noarch.rpmimportantScientific LinuxScientific Linux 7bind-export-libs-9.11.4-26.P2.el7_9.5.x86_64.rpm5f12080002eed2b3d0a5fe0d6ba3ae0e493c0381fa9774ffdd5cee036061a661bind-utils-9.11.4-26.P2.el7_9.5.x86_64.rpm774c99015bc2d7baa39bd1348801f0737353305e3111a2e54c4d246721f9b918bind-devel-9.11.4-26.P2.el7_9.5.x86_64.rpm5ac89251e16484e5d8d51ec3ec74b8593b1f7e44421a4c2c2c12c739c424198abind-libs-9.11.4-26.P2.el7_9.5.x86_64.rpm04d776e8211418700d08b85c04ec9a87f114ad6aff51b5af0f8245a9bd0ebf4bbind-9.11.4-26.P2.el7_9.5.x86_64.rpm52932470558a95a9898dd936150ba8d7d5d1494fd33b28e0fb7e3cc876e85827bind-libs-lite-9.11.4-26.P2.el7_9.5.i686.rpme09f37081e387b39c847460852f1f063d2bf45b1eb51a5faa7b908e3b1692f17bind-lite-devel-9.11.4-26.P2.el7_9.5.i686.rpm93b73fa12dd56caed82ccac43a574078149254704f2bc72a0470c26dc276ac6dbind-devel-9.11.4-26.P2.el7_9.5.i686.rpmda50831ec3b2b0082f6afb1063c471e85c72a7f9625e037f481a6ebd16df6ec8bind-libs-9.11.4-26.P2.el7_9.5.i686.rpm2434d790ef2452f0887d8bb623d4e64057327d9b96e9fc87c347075ae9a31436bind-pkcs11-libs-9.11.4-26.P2.el7_9.5.i686.rpmc1853aeb2a81d958cce56306aa4add20566b32e562c0d813dbd7a54c72265db0bind-export-devel-9.11.4-26.P2.el7_9.5.i686.rpmdd979fdb8a371cfaf0e06724b90691e2dc742dab923870ca92f84600ac103a19bind-chroot-9.11.4-26.P2.el7_9.5.x86_64.rpm1ddb59ec131528bb776e435125a5117d5a42dbf4ccde72580fa129dc95b7f998bind-pkcs11-devel-9.11.4-26.P2.el7_9.5.x86_64.rpm1adbfc28887c4de3d43e936db64d8e7b29ba01f03ad1087ae3b6ca4c2eb6a715bind-pkcs11-9.11.4-26.P2.el7_9.5.x86_64.rpm3519feefe599d74baeb7cc28541296e856f7c5ca3ba404acf4e8c0ae0f83a248bind-pkcs11-libs-9.11.4-26.P2.el7_9.5.x86_64.rpmdd9591546ab81de27fd16f3f509dda1250c4eec929644d02aa9f3603f8116d81bind-sdb-chroot-9.11.4-26.P2.el7_9.5.x86_64.rpm7e0d29db6cb6308fe03e6db8b4701e2ee5d392a0d28a1bc266b4017a8af9ad62bind-pkcs11-devel-9.11.4-26.P2.el7_9.5.i686.rpm65cd52b5f02b1cfbc2c72d324520e3e1c45762ba676522175fb1c889f682c0a2bind-sdb-9.11.4-26.P2.el7_9.5.x86_64.rpm1a54382277a41b4d57517df82f5ce170034b915e91f2e46349f10c019c3b35e6bind-license-9.11.4-26.P2.el7_9.5.noarch.rpm937c00c41008fa6a8771e1b421b4fc0d85fd86dea954d9543eb489091019d111bind-pkcs11-utils-9.11.4-26.P2.el7_9.5.x86_64.rpm1c2bc6b788dbd7703f88045376009b98493a97ca155af266dd3ffb8a6d80481ebind-export-devel-9.11.4-26.P2.el7_9.5.x86_64.rpm3a08818423154fa939cc02b2acfb974d8fdd7d9a6bdeb3a98cf0ac1e6aa3efe6bind-lite-devel-9.11.4-26.P2.el7_9.5.x86_64.rpm51cea52e6d70ec317d51e8fe2e80f3b77cadb97ba8b32c168e190f9b1cc42df4bind-export-libs-9.11.4-26.P2.el7_9.5.i686.rpm5c4745efc2fba02f614bc1d5f9e45ac28360f9033761a90666e03575e78c59f6bind-libs-lite-9.11.4-26.P2.el7_9.5.x86_64.rpm7445a4d51ed6814795bc41931485e412959d1cf7e5ec5c73e6df210edb3df949SLSA-2021:1512-1Security Fix(es): * postgresql: Reconnection can downgrade connection security settings (CVE-2020-25694) * postgresql: Multiple features escape "security restricted operation" sandbox (CVE-2020-25695) * postgresql: TYPE in pg_temp executes arbitrary SQL during SECURITY DEFINER execution (CVE-2019-10208) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - postgresql-9.2.24-6.el7_9.i686.rpm - postgresql-9.2.24-6.el7_9.x86_64.rpm - postgresql-contrib-9.2.24-6.el7_9.x86_64.rpm - postgresql-debuginfo-9.2.24-6.el7_9.i686.rpm - postgresql-debuginfo-9.2.24-6.el7_9.x86_64.rpm - postgresql-devel-9.2.24-6.el7_9.i686.rpm - postgresql-devel-9.2.24-6.el7_9.x86_64.rpm - postgresql-docs-9.2.24-6.el7_9.x86_64.rpm - postgresql-libs-9.2.24-6.el7_9.i686.rpm - postgresql-libs-9.2.24-6.el7_9.x86_64.rpm - postgresql-plperl-9.2.24-6.el7_9.x86_64.rpm - postgresql-plpython-9.2.24-6.el7_9.x86_64.rpm - postgresql-pltcl-9.2.24-6.el7_9.x86_64.rpm - postgresql-server-9.2.24-6.el7_9.x86_64.rpm - postgresql-static-9.2.24-6.el7_9.i686.rpm - postgresql-static-9.2.24-6.el7_9.x86_64.rpm - postgresql-test-9.2.24-6.el7_9.x86_64.rpm - postgresql-upgrade-9.2.24-6.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7postgresql-server-9.2.24-6.el7_9.x86_64.rpm13a43265d2a3f0399dbeb8650fd44ce7cf064a5082a1a13ee263a4e5b2f2017apostgresql-devel-9.2.24-6.el7_9.x86_64.rpma46b2709b9a06be227d0a9504dc34592f8c0cc5495d41a52ad85f67d3bb4cdc4postgresql-pltcl-9.2.24-6.el7_9.x86_64.rpmdeac119a80db8d2e3c3d75857be661445fc171e4bc4aaa76595a053295bd093fpostgresql-upgrade-9.2.24-6.el7_9.x86_64.rpma1f9e294cf6a6b0dbf5472ffc42946c8eb7f6f6b999de851d7eb2f06b5b9848bpostgresql-9.2.24-6.el7_9.i686.rpm8b554d1337699f1a83589a30e426978094fc7483066b317095e3501bcca3453epostgresql-devel-9.2.24-6.el7_9.i686.rpm24e50e2bcbcd328ac72503f34bc8a23d9a680df300ad6b7c2c0feeeb4cf1129dpostgresql-9.2.24-6.el7_9.x86_64.rpmb54b8faa628b7928240cc047de9648888f6834e88fd302e1ea19e4526df7b47dpostgresql-static-9.2.24-6.el7_9.i686.rpm35c129497e7c62242bdfe8cfd5ac8ce7b3341c94bcc30ce5931ab5dbeb375552postgresql-docs-9.2.24-6.el7_9.x86_64.rpm88664b6db2f6bf2e9d987f0310bdf165b0b334591e5dcaa442ff7177a388de4epostgresql-plpython-9.2.24-6.el7_9.x86_64.rpm1dd1e6e73a83e66cd49691e2ff5d2bb0a78cafab2d756031de3a1357bfb3670epostgresql-test-9.2.24-6.el7_9.x86_64.rpm002be0d729f775fd923898a302d85600951ccbbeb44be32ad2a4839c726d6d26postgresql-plperl-9.2.24-6.el7_9.x86_64.rpma7f95a93113c7bf49d560e2e2d7f25381263e9c3e8db95bde96f3b21d0fea763postgresql-static-9.2.24-6.el7_9.x86_64.rpmb4a8eb4283bfdae2206f4419c69bf49236f8358dc7cb7728882d30bfc3f8b7bbpostgresql-libs-9.2.24-6.el7_9.x86_64.rpm477b5f0b7e2864b6503c2f5fb08b852b34dbb7eceaa411e471235aaae2a64f8apostgresql-libs-9.2.24-6.el7_9.i686.rpmd929748c04c4fc3d85556033ca3b3b50e454fee4c67ee56bfbfb64d30371a0c3postgresql-contrib-9.2.24-6.el7_9.x86_64.rpmecc7664978f843392d0baeb80516fa54aad6913d69bf6e8b5cd69bc92061020fSLSA-2021:2032-1Security Fix(es): * slapi-nis: NULL dereference (DoS) with specially crafted Binding DN (CVE-2021-3480) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - slapi-nis-0.56.5-4.el7_9.x86_64.rpm - slapi-nis-debuginfo-0.56.5-4.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7slapi-nis-0.56.5-4.el7_9.x86_64.rpm6dfcfec44b8eae028e7946736c04aa975f5c9a2b13e5400da680b1c9f9caf52bSLSA-2021:2033-1Security Fix(es): * xorg-x11-server: XChangeFeedbackControl integer underflow leads to privilege escalation (CVE-2021-3472) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - xorg-x11-server-Xdmx-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-Xephyr-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-Xnest-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-Xorg-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-Xvfb-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-Xwayland-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-common-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-debuginfo-1.20.4-16.el7_9.i686.rpm - xorg-x11-server-debuginfo-1.20.4-16.el7_9.x86_64.rpm - xorg-x11-server-devel-1.20.4-16.el7_9.i686.rpm - xorg-x11-server-devel-1.20.4-16.el7_9.x86_64.rpm noarch - xorg-x11-server-source-1.20.4-16.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7xorg-x11-server-devel-1.20.4-16.el7_9.x86_64.rpmee7a8ed348dab7340c8d5207228f6e2bd64e0e046d079d7714ffc986001873d7xorg-x11-server-Xdmx-1.20.4-16.el7_9.x86_64.rpm6a2a64f392461a3b1798f2c302639c694ce80af3c9c8400fd6a4b48bd2d07f54xorg-x11-server-devel-1.20.4-16.el7_9.i686.rpm0cddf15d75c07eb4495bafc2e68800bc009c65ec332c60b48f6cc11276437422xorg-x11-server-Xorg-1.20.4-16.el7_9.x86_64.rpm3d263b42fd00a1bc625a17575b763e61b0e44d3770ddd403473adfa1f608602bxorg-x11-server-Xvfb-1.20.4-16.el7_9.x86_64.rpm93ed5a11123ff02f577e4714f6ee7b6948362b95c6cdae9501006c6de7567654xorg-x11-server-Xephyr-1.20.4-16.el7_9.x86_64.rpmab7c5ecda7303df4af58245291daef6c585fb946a021a625899271b965112f8exorg-x11-server-common-1.20.4-16.el7_9.x86_64.rpm20e2e6671dd40ce6f5709f9f9ca380787fee0a3b7a6c8a796bdf946b59258a58xorg-x11-server-Xwayland-1.20.4-16.el7_9.x86_64.rpm79a98194010cfed4a7a94c41206fedd321efa41aec8b350e841bcc81640e0388xorg-x11-server-Xnest-1.20.4-16.el7_9.x86_64.rpmdba96725be36791a883264af65d73262f268d36501250f164888631570cfb6d4xorg-x11-server-source-1.20.4-16.el7_9.noarch.rpmec17ae4c7d16c6c046921d42d4155b519290c9e019f112cc3165b805c7744778SLSA-2021:2147-1Security Fix(es): * glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (CVE-2021-27219) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ----- SL7 x86_64 - glib2-2.56.1-9.el7_9.i686.rpm - glib2-2.56.1-9.el7_9.x86_64.rpm - glib2-debuginfo-2.56.1-9.el7_9.i686.rpm - glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm - glib2-devel-2.56.1-9.el7_9.i686.rpm - glib2-devel-2.56.1-9.el7_9.x86_64.rpm - glib2-fam-2.56.1-9.el7_9.x86_64.rpm - glib2-static-2.56.1-9.el7_9.i686.rpm - glib2-static-2.56.1-9.el7_9.x86_64.rpm - glib2-tests-2.56.1-9.el7_9.x86_64.rpm noarch - glib2-doc-2.56.1-9.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7glib2-tests-2.56.1-9.el7_9.x86_64.rpm02520b0ebb0cf7e0a5e9397fb4daa2545702764867693f2deeb5b132fa2cb0c8glib2-doc-2.56.1-9.el7_9.noarch.rpm71008da68cdfc784b6dc939ea17a2de7e7e34db0694983f4e87dba4ae175bc3eglib2-2.56.1-9.el7_9.i686.rpm7c88e4ba0edbbb2d5831e0d90860a239c1b0b104ca9558ad1c1524c8cb37ce9fglib2-static-2.56.1-9.el7_9.i686.rpme455d5f1b61eb74b40d4f9dcea43818954ec8e8bbb640101a6f382e56f118061glib2-devel-2.56.1-9.el7_9.x86_64.rpmc30ed59651df9ad80a6770b71379384b5efe926628fbf4692c2bd8e8c88e52c6glib2-2.56.1-9.el7_9.x86_64.rpm7e8632f2c3557076b52c2bcd40f6e8c8799af61e4dd641a7a82a04074f453059glib2-fam-2.56.1-9.el7_9.x86_64.rpmf20e6e399f5ce60cb494f80096222050f02bc70e181261b2ba342171674e85fcglib2-static-2.56.1-9.el7_9.x86_64.rpm97ce77b9c203931971627d4b79e4a79e618a5aed74a76f464ad4596e3cfaae3cglib2-devel-2.56.1-9.el7_9.i686.rpmf5b6e9f7130c9060ead03a9eccce33b0217f061be640ed896034f10f969290ecSLSA-2021:2206-1This update upgrades Firefox to version 78.11.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - firefox-78.11.0-3.el7_9.i686.rpm - firefox-78.11.0-3.el7_9.x86_64.rpm - firefox-debuginfo-78.11.0-3.el7_9.x86_64.rpmcriticalScientific LinuxScientific Linux 7firefox-78.11.0-3.el7_9.x86_64.rpm460e9b9d43dff32fec92291d72995fcc32837e1eff428ffaa799376b642c971cfirefox-78.11.0-3.el7_9.i686.rpmffa44d31cf931ba3ee78db4b3eb806f2ecd97561508a84053ab3bf7897661fdbSLSA-2021:2260-1Security Fix(es): * libwebp: heap-based buffer overflow in PutLE16() (CVE-2018-25011) * libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328) * libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c (CVE-2020-36329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - libwebp-0.3.0-10.el7_9.i686.rpm - libwebp-0.3.0-10.el7_9.x86_64.rpm - libwebp-debuginfo-0.3.0-10.el7_9.i686.rpm - libwebp-debuginfo-0.3.0-10.el7_9.x86_64.rpm - libwebp-devel-0.3.0-10.el7_9.i686.rpm - libwebp-devel-0.3.0-10.el7_9.x86_64.rpm - libwebp-java-0.3.0-10.el7_9.x86_64.rpm - libwebp-tools-0.3.0-10.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7libwebp-tools-0.3.0-10.el7_9.x86_64.rpmc45e7e543b9e9122850a55e5e94f14c3c555539e4238d302d71509fb5c558c83libwebp-devel-0.3.0-10.el7_9.x86_64.rpm0e9dea5793b1620cf4b8947c70e5b15d5e56f4b10b342d9ff46bf9cad44aa3f7libwebp-0.3.0-10.el7_9.i686.rpmc7c8944319977c15afb204ecae3b947eeaf258f7c7435675a6f8e7974029a5b2libwebp-devel-0.3.0-10.el7_9.i686.rpmab915f9d617061e7465a1e70e84cc78e43359dce1e5a44fbcedbc1c3636dd0f0libwebp-0.3.0-10.el7_9.x86_64.rpmeec5495efec86d0c336291e4b4a8529f0fc2c4b58c94dc9d397d3e20f261cf2flibwebp-java-0.3.0-10.el7_9.x86_64.rpm3052051d8334ead45132328c82d330d98df5f11bd6919b90bbdde3ffaa08263dSLSA-2021:2263-1This update upgrades Thunderbird to version 78.11.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 (CVE-2021-29967) * Mozilla: Thunderbird stored OpenPGP secret keys without master password protection (CVE-2021-29956) * Mozilla: Partial protection of inline OpenPGP message not indicated (CVE-2021-29957) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - thunderbird-78.11.0-1.el7_9.x86_64.rpm - thunderbird-debuginfo-78.11.0-1.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7thunderbird-78.11.0-1.el7_9.x86_64.rpm14a6750cef537a37e7a776f11d13460260cb59d4cdd01c5d92b8eaa134dc1b10SLSA-2021:2305-1Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release --- SL7 x86_64 microcode_ctl-2.1-73.9.el7_9.x86_64.rpm microcode_ctl-debuginfo-2.1-73.9.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7microcode_ctl-2.1-73.9.el7_9.x86_64.rpm8a41f6c98891c5e2891129fbcaa9cc7ef5d648a0c4e84107665486b80a36c569SLSA-2021:2313Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token (CVE-2021-20254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * smb.service stops when samba rpms are updated (BZ#1930747) * samba printing dumps core (BZ#1937867) moderateScientific Linux 7ctdb-tests-4.10.16-15.el7_9.x86_64.rpm2528a7abd08712c2e83b2d01510bf14e8f036bf31c2adfaa29f9f4ad9aa971d8ctdb-4.10.16-15.el7_9.x86_64.rpm69326f1343382296243313ccb2c28e33cd1f41edd81337f9b06c7f14c92a3417SLSA-2021:2313-1Security Fix(es): * samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token (CVE-2021-20254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * smb.service stops when samba rpms are updated * samba printing dumps core --- SL7 x86_64 libsmbclient-4.10.16-15.el7_9.i686.rpm libsmbclient-4.10.16-15.el7_9.x86_64.rpm libsmbclient-devel-4.10.16-15.el7_9.i686.rpm libsmbclient-devel-4.10.16-15.el7_9.x86_64.rpm libwbclient-4.10.16-15.el7_9.i686.rpm libwbclient-4.10.16-15.el7_9.x86_64.rpm libwbclient-devel-4.10.16-15.el7_9.i686.rpm libwbclient-devel-4.10.16-15.el7_9.x86_64.rpm samba-4.10.16-15.el7_9.x86_64.rpm samba-client-4.10.16-15.el7_9.x86_64.rpm samba-client-libs-4.10.16-15.el7_9.i686.rpm samba-client-libs-4.10.16-15.el7_9.x86_64.rpm samba-common-libs-4.10.16-15.el7_9.i686.rpm samba-common-libs-4.10.16-15.el7_9.x86_64.rpm samba-common-tools-4.10.16-15.el7_9.x86_64.rpm samba-dc-4.10.16-15.el7_9.x86_64.rpm samba-dc-libs-4.10.16-15.el7_9.x86_64.rpm samba-debuginfo-4.10.16-15.el7_9.i686.rpm samba-debuginfo-4.10.16-15.el7_9.x86_64.rpm samba-devel-4.10.16-15.el7_9.i686.rpm samba-devel-4.10.16-15.el7_9.x86_64.rpm samba-krb5-printing-4.10.16-15.el7_9.x86_64.rpm samba-libs-4.10.16-15.el7_9.i686.rpm samba-libs-4.10.16-15.el7_9.x86_64.rpm samba-python-4.10.16-15.el7_9.i686.rpm samba-python-4.10.16-15.el7_9.x86_64.rpm samba-python-test-4.10.16-15.el7_9.x86_64.rpm samba-test-4.10.16-15.el7_9.x86_64.rpm samba-test-libs-4.10.16-15.el7_9.i686.rpm samba-test-libs-4.10.16-15.el7_9.x86_64.rpm samba-vfs-glusterfs-4.10.16-15.el7_9.x86_64.rpm samba-winbind-4.10.16-15.el7_9.x86_64.rpm samba-winbind-clients-4.10.16-15.el7_9.x86_64.rpm samba-winbind-krb5-locator-4.10.16-15.el7_9.x86_64.rpm samba-winbind-modules-4.10.16-15.el7_9.i686.rpm samba-winbind-modules-4.10.16-15.el7_9.x86_64.rpm noarch samba-common-4.10.16-15.el7_9.noarch.rpm samba-pidl-4.10.16-15.el7_9.noarch.rpmmoderateScientific LinuxScientific Linux 7libwbclient-devel-4.10.16-15.el7_9.x86_64.rpm541d45d9952b27d8aae45dfee62461b9ef0522eb86c1c9a86b8c33c587869b9bsamba-libs-4.10.16-15.el7_9.x86_64.rpm963af811ad5dba4265daa8f8a64eb47b8f4125e26ecaa248ac83546b80d8777csamba-winbind-modules-4.10.16-15.el7_9.x86_64.rpma0077b3516a5ec8cef57b138f6161f2d1ac71edb9a0700dc84f990a5a0c93a6flibwbclient-devel-4.10.16-15.el7_9.i686.rpmfcb4911e26b223e9506ac04519eeb4e8a757270d4e51cc5f25a2de47ca037163samba-client-libs-4.10.16-15.el7_9.x86_64.rpm5d04a03b32a375baf0ae04d00724f2f0f6b75995aa54c3dd03f94264517cf6f5samba-common-libs-4.10.16-15.el7_9.x86_64.rpm9522acf0e649723e808fc7a15aa11f4047696074b59c08216271a8843bcd5da9samba-python-4.10.16-15.el7_9.x86_64.rpm1b4b8e88dc3795e20dcea916964ef368b00aa0f4de34fd51416dbb69135c0880samba-python-4.10.16-15.el7_9.i686.rpm3bf08c96289e6609050edc7e544893b1c9a5e09067ac53e9c6c4635bd3ffb766samba-libs-4.10.16-15.el7_9.i686.rpm8b27e9c6089087bd6f05226f64bab1d7a45403695e4c9fdfdabf89ceadd0e02dsamba-test-libs-4.10.16-15.el7_9.i686.rpm9b0fe9fb48ddda3ed0f438b7ba79a3b88b1154bb9971bf3e222b55cc26c30ca4samba-dc-libs-4.10.16-15.el7_9.x86_64.rpm5e97176ca96821cf7b2987ad6778852edeefa029247ea222f178224454936116samba-test-libs-4.10.16-15.el7_9.x86_64.rpm4693eda3daca745d78f4a07bc36c41d7d1cbc6113b521d604472a8675a6d43c4samba-devel-4.10.16-15.el7_9.x86_64.rpm4ea0d60644619ed6909a51a0d3872b005f554c96c57e86400dcb53c168ce0b65samba-python-test-4.10.16-15.el7_9.x86_64.rpmc02fa36775cde71f0544da4873695f57a7f8b3eab8db8159734475cc3011ba67samba-common-libs-4.10.16-15.el7_9.i686.rpm28fdbfa6a292b8f48ad831e6bfba4f6a7b16ba2c39c064679a1335d9201e6da7libwbclient-4.10.16-15.el7_9.x86_64.rpm45f6edf64767adcab7ad34a3ad7c63d0c4719d398df338dc169219806e1d7018samba-winbind-modules-4.10.16-15.el7_9.i686.rpm1fa938d059993bfc45d595574c6999fd4f061684fdf951118a6e83020d1416aclibwbclient-4.10.16-15.el7_9.i686.rpm0027f30c8daa1b1244fb454bb207a937744c0fe26441cd9f202eb4aba5cb7e06samba-vfs-glusterfs-4.10.16-15.el7_9.x86_64.rpmaa3617c92e2f894b6d62ade87fc696e02387bb5bc58a31accbc7ebce985ca9f0samba-common-4.10.16-15.el7_9.noarch.rpm4fb374a6298799a03fff8eab3a1b72575e00874d3de4eb9fb6902b8e34ea5bb0samba-devel-4.10.16-15.el7_9.i686.rpm5dcd901abf67c55779f7d66b45042221c291f91b06dcdd52987586c0a189b277samba-pidl-4.10.16-15.el7_9.noarch.rpma91fbce57c5064ae71882789184f99f7243d33673cc2b408d18c7067b49c0f27samba-client-libs-4.10.16-15.el7_9.i686.rpm5800750cc72e98dca3f66cffcd98de3cdc4956705b7d15defa356a15bd0c2ab0libsmbclient-devel-4.10.16-15.el7_9.x86_64.rpm13fca3c22d89f209c28012214df13cdc52972f9572afbb7da8bc1118d70edefdsamba-client-4.10.16-15.el7_9.x86_64.rpmc87e85699cd76dd6849214745a5bc836fdc9402ed58ccc7c5fd317505d1c7fb7samba-dc-4.10.16-15.el7_9.x86_64.rpm1bb49aca0d1c28f45c006f4481d6f3d2addcbcf2c03fb18da465a0c482a09a9dsamba-common-tools-4.10.16-15.el7_9.x86_64.rpmecf340838f6a535449d829827da7ecaf25b83e51529a606f4754c8c4eb7d2f31libsmbclient-4.10.16-15.el7_9.i686.rpma1d617af8ba3c59a4c1374e93e31276ef7701468d90b52d93ca3a511476042f3samba-winbind-clients-4.10.16-15.el7_9.x86_64.rpm42cc740c2b2a91a831f7bdc3230194787daa79abf26b1365e848d170de97ecbalibsmbclient-4.10.16-15.el7_9.x86_64.rpm38fcc3da40f8d15fffd50868e35dd44de40449b82a3133cf2c8ae6c624180f4dsamba-winbind-4.10.16-15.el7_9.x86_64.rpm8c73518a4061449bdcf6ea0a7b6068f710b2098d4ee1768dbc7f46ce97c33a1csamba-winbind-krb5-locator-4.10.16-15.el7_9.x86_64.rpm077416a1636d36455d70022191d90ef391f7afb49da60fb87bba6c8fc0fe9fbcsamba-4.10.16-15.el7_9.x86_64.rpm0199d755d8c5759035e92e83969a69b1bb0e6f70c63f61f61fa51d82d20f1bf3samba-krb5-printing-4.10.16-15.el7_9.x86_64.rpm3086146d97fbd2fa391f0df8be69d3bb0bcb6558f8f0720e036a046f2b05a7e5libsmbclient-devel-4.10.16-15.el7_9.i686.rpm41060951f6192311613b9ab0b609916c5704ea15f3d586f9f790133820855594samba-test-4.10.16-15.el7_9.x86_64.rpm6fe9c97b1783752e9919df0798864794c9e8394b4f21566eeb0fc3e66194d19aSLSA-2021:2314-1Security Fix(es): * kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362) * kernel: Use after free via PI futex state (CVE-2021-3347) * kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648) * kernel: Improper input validation in some Intel(R) Graphics Drivers (CVE-2020-12363) * kernel: Null pointer dereference in some Intel(R) Graphics Drivers (CVE-2020-12364) * kernel: Speculation on pointer arithmetic against bpf_context pointer (CVE-2020-27170) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * kernel crash when call the timer function (sctp_generate_proto_unreach_event) of sctp module * SCSI error handling process on HP P440ar controller gets stuck indefinitely in device reset operation * netfilter: reproducible deadlock on nft_log module autoload * netfilter: NULL pointer dereference in nf_tables_set_lookup() * [DELL EMC 7.9 Bug]: No acpi_pad threads on top command for "power cap policy equal to 0 watts" * A race between i40e_ndo_set_vf_mac() and i40e_vsi_clear() in the i40e driver causes a use after free condition of the kmalloc-4096 slab cache. * netxen driver performs poorly with RT kernel * gendisk->disk_part_tbl->last_lookup retains pointer after partition deletion * Kernel experiences panic in update_group_power() due to division error even with Bug 1701115 fix * SL7.9 - zfcp: fix handling of FCP_RESID_OVER bit in fcp ingress path * SL7.9 - mm/THP: do not access vma->vm_mm after calling handle_userfault * raid: wrong raid io account * qla2x00_status_cont_entry() missing upstream patch that prevents unnecessary ABRT/warnings * SL 7.9.z - System hang caused by workqueue stall in qla2xxx driver * selinux: setsebool can trigger a deadlock * [Hyper-V][SL-7] Cannot boot kernel 3.10.0-1160.21.1.el7.x86_64 on Hyper-V --- SL7 x86_64 - bpftool-3.10.0-1160.31.1.el7.x86_64.rpm - bpftool-debuginfo-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-debug-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-debug-debuginfo-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-debug-devel-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-debuginfo-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-debuginfo-common-x86_64-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-devel-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-headers-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-tools-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-tools-debuginfo-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-tools-libs-3.10.0-1160.31.1.el7.x86_64.rpm - kernel-tools-libs-devel-3.10.0-1160.31.1.el7.x86_64.rpm - perf-3.10.0-1160.31.1.el7.x86_64.rpm - perf-debuginfo-3.10.0-1160.31.1.el7.x86_64.rpm - python-perf-3.10.0-1160.31.1.el7.x86_64.rpm - python-perf-debuginfo-3.10.0-1160.31.1.el7.x86_64.rpm noarch - kernel-abi-whitelists-3.10.0-1160.31.1.el7.noarch.rpm - kernel-doc-3.10.0-1160.31.1.el7.noarch.rpmimportantScientific LinuxScientific Linux 7kernel-tools-3.10.0-1160.31.1.el7.x86_64.rpmf146169c2e1e2682199b5c6bd03bbe577981645ee5d6b934fd9e1398b794d803kernel-devel-3.10.0-1160.31.1.el7.x86_64.rpm001620ea5a1a14ea9a67858d93fdf75581592c8fb1b41b955ca9f515cd900840kernel-3.10.0-1160.31.1.el7.x86_64.rpm33b83b872b03d304dffd44ca8c30ad2ae1b11a7eef719a275521dd71211c6368kernel-headers-3.10.0-1160.31.1.el7.x86_64.rpmb20c4f7db9b6e2720919e918298cee1a16cde0d8bb7cf6d1e8b8bec836f3551apython-perf-3.10.0-1160.31.1.el7.x86_64.rpme3b8261de98a47a78985ee7c714b02bb06d4be508fdcca23466d188ca191cc05kernel-debug-3.10.0-1160.31.1.el7.x86_64.rpmf43dec0a3daa151b602415f6509ac6b62c604bca386112bc506124a347208b71kernel-tools-libs-3.10.0-1160.31.1.el7.x86_64.rpm0a87d41078aad213f57ca583375d11182452104cca0b6c0a889b1183605a791cbpftool-3.10.0-1160.31.1.el7.x86_64.rpm19bb2ab022c1b5baa08e787b3b0491a830396095772e3535f8410cf775016cbbkernel-abi-whitelists-3.10.0-1160.31.1.el7.noarch.rpm15a4b566b7e4fb25a5d6f195d3301d27c7d69db5eaddf72dc0db5907a2aa903eperf-3.10.0-1160.31.1.el7.x86_64.rpmed9b20cf0449eec46adff1d83a44d964feec09ac1aea06b6eebd432a85ae4e0ekernel-tools-libs-devel-3.10.0-1160.31.1.el7.x86_64.rpm4de8770b19792d3525e3a44c54654d8e56a3c66606f4b8f6982673989e65de84kernel-debug-devel-3.10.0-1160.31.1.el7.x86_64.rpm2d242882671570f55531142c32916b7679bd8a6c8c8790de86ee3c86ae0c4bb5kernel-doc-3.10.0-1160.31.1.el7.noarch.rpm4d6aadaec334fc5b5f1cfce3ff588e6af061c3b86948b1201e7b1e282949bcc2SLSA-2021:2318-1Security Fix(es): * hivex: Buffer overflow when provided invalid node key length (CVE-2021-3504) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 hivex-1.3.10-6.11.el7_9.i686.rpm hivex-1.3.10-6.11.el7_9.x86_64.rpm hivex-debuginfo-1.3.10-6.11.el7_9.i686.rpm hivex-debuginfo-1.3.10-6.11.el7_9.x86_64.rpm hivex-devel-1.3.10-6.11.el7_9.i686.rpm hivex-devel-1.3.10-6.11.el7_9.x86_64.rpm ocaml-hivex-1.3.10-6.11.el7_9.x86_64.rpm ocaml-hivex-devel-1.3.10-6.11.el7_9.x86_64.rpm perl-hivex-1.3.10-6.11.el7_9.x86_64.rpm python-hivex-1.3.10-6.11.el7_9.x86_64.rpm ruby-hivex-1.3.10-6.11.el7_9.x86_64.rpmmoderateScientific LinuxScientific Linux 7ruby-hivex-1.3.10-6.11.el7_9.x86_64.rpm70ff83bd89b3a516c62a82ca22036e00b35f6d738a21541f6cfb28c336321c50ocaml-hivex-devel-1.3.10-6.11.el7_9.x86_64.rpm7922ba897f8ba607bf961263e17cea88351ded69ff9ffb523ddc3d7a6f5d5cefhivex-1.3.10-6.11.el7_9.x86_64.rpmb4bc08184a6fcbfcf3fc701eae65c5401c847cbf052fed4c5036c7d49efdd443perl-hivex-1.3.10-6.11.el7_9.x86_64.rpm927ae1e774035bec849f0847ad3d315c9dfe5c5b859dbf4306b6ac603b45cec7ocaml-hivex-1.3.10-6.11.el7_9.x86_64.rpm9a4dc3d3fc98a74dc47aba35c26e4c41b17e28e5b0536ff2dcf64c4284a9fb8dhivex-devel-1.3.10-6.11.el7_9.x86_64.rpm774709ff3467b495de350f692372acc34009f17b08ef11a6b2a67cf4501f7daepython-hivex-1.3.10-6.11.el7_9.x86_64.rpmcd86f76c5c12683ceb78941a9d1af7fd142bfac23d2eb19c789ffd56e416c23ahivex-devel-1.3.10-6.11.el7_9.i686.rpma3ba7c6fbac4ec4872695e6a866e3e6e6a2f0c9ce3a0086e83fee3c06d9c38behivex-1.3.10-6.11.el7_9.i686.rpma68119a2bc76e35331c85acf2974fbe9d0c93026c4c64174b1bca8e5fbb465edSLSA-2021:2322-1Security Fix(es): * QEMU: ide: atapi: OOB access while processing read commands (CVE-2020-29443) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 qemu-img-1.5.3-175.el7_9.4.x86_64.rpm qemu-kvm-1.5.3-175.el7_9.4.x86_64.rpm qemu-kvm-common-1.5.3-175.el7_9.4.x86_64.rpm qemu-kvm-debuginfo-1.5.3-175.el7_9.4.x86_64.rpm qemu-kvm-tools-1.5.3-175.el7_9.4.x86_64.rpmmoderateScientific LinuxScientific Linux 7qemu-kvm-common-1.5.3-175.el7_9.4.x86_64.rpm4aa234a0664bcf8dde65870311bce96b737b9220f914667bafe5ea22b5418114qemu-kvm-tools-1.5.3-175.el7_9.4.x86_64.rpme537aa8950b76e2290bc2ae1a8a1d399e59c2423bb14751ad1f6fe5c323dc692qemu-kvm-1.5.3-175.el7_9.4.x86_64.rpmc9072966f802b13c51cc26cad520ba4de9a77f2725322d2c18cde51b47f50d0bqemu-img-1.5.3-175.el7_9.4.x86_64.rpm364a06918e63444100221d6472bbda6129b9b69703f44e360c611d5e55f11106SLSA-2021:2323-1Security Fix(es): * 389-ds-base: information disclosure during the binding of a DN (CVE-2020-35518) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Add new access log keywords for time spent in work queue and actual operation time --- SL7 x86_64 389-ds-base-1.3.10.2-12.el7_9.x86_64.rpm 389-ds-base-debuginfo-1.3.10.2-12.el7_9.x86_64.rpm 389-ds-base-devel-1.3.10.2-12.el7_9.x86_64.rpm 389-ds-base-libs-1.3.10.2-12.el7_9.x86_64.rpm 389-ds-base-snmp-1.3.10.2-12.el7_9.x86_64.rpmmoderateScientific LinuxScientific Linux 7389-ds-base-snmp-1.3.10.2-12.el7_9.x86_64.rpmbb65147d453338e7cca13421f947e9ebfc5949e1a34e3829745aafa0a071be5e389-ds-base-1.3.10.2-12.el7_9.x86_64.rpm7b3d1df912cf00d8fc800b3f6caf477abfa0325dc1ff603b5a921cdda3c98533389-ds-base-libs-1.3.10.2-12.el7_9.x86_64.rpmd717f396ae302b7ca1392319957a4b31d2c9fa8253000a12ffe78743b8ceaa01389-ds-base-devel-1.3.10.2-12.el7_9.x86_64.rpmfbe5956bda164c7d8b150849c61601a3e104c3d7d63e15b8b3aa773a5da8ced1SLSA-2021:2328-1Security Fix(es): * libwebp: heap-based buffer overflow in PutLE16() (CVE-2018-25011) * libwebp: use of uninitialized value in ReadSymbol() (CVE-2018-25014) * libwebp: heap-based buffer overflow in WebPDecode*Into functions (CVE-2020-36328) * libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c (CVE-2020-36329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 qt5-qtimageformats-5.9.7-2.el7_9.i686.rpm qt5-qtimageformats-5.9.7-2.el7_9.x86_64.rpm qt5-qtimageformats-debuginfo-5.9.7-2.el7_9.i686.rpm qt5-qtimageformats-debuginfo-5.9.7-2.el7_9.x86_64.rpm noarch qt5-qtimageformats-doc-5.9.7-2.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7qt5-qtimageformats-5.9.7-2.el7_9.i686.rpm3ae2e559638d0781783b638233cef303a46eaf2dde1f2c7ba68ca6c4db3ab4a3qt5-qtimageformats-doc-5.9.7-2.el7_9.noarch.rpm682d1477d439225104ba4f3a5749071cebddefddb4119c83b6d896a4c18d6375qt5-qtimageformats-5.9.7-2.el7_9.x86_64.rpm4fdab3f7df2e30a71dbc732a5be85d3dfda87518d11f8c37c3defcc6517e00e7SLSA-2021:2357The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * dhcp: stack-based buffer overflow when parsing statements with colon-separated hex digits in config or lease files in dhcpd and dhclient (CVE-2021-25217) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7dhcp-4.2.5-83.sl7_9.1.x86_64.rpmb287c98b390f00cbb5ebc28a9d5389e387cd1b86e3ae24b20c907aa6e80e1811dhcp-devel-4.2.5-83.sl7_9.1.x86_64.rpme4c7db95a5e4d4ca0c18209014b43b8c2d0dbcdafe4ca27e5e1c0ef8cc13bb4ddhcp-devel-4.2.5-83.sl7_9.1.i686.rpmbc9e52b40a91c46f225d2ef5033505d49d1ffbe9ea59353c7b7dc0695aa335efdhclient-4.2.5-83.sl7_9.1.x86_64.rpm8949ed6e47882dea0ea828752573794a630e70d8760ea7cb03323ceaac492d0edhcp-common-4.2.5-83.sl7_9.1.x86_64.rpm3d5dd700d355b3bdeb1501218cce589e0577778e0760e1814a4072a2cae8729fdhcp-libs-4.2.5-83.sl7_9.1.i686.rpm6aa8ea106a32c5eb0beaf64acae8951f4a0a12c7501069e3503d8d9b069db3a9dhcp-libs-4.2.5-83.sl7_9.1.x86_64.rpmc76788b9c008cf2b5b9542e4cedb2c9cbb5acd81eeae9cbf259cf1687a3566efSLSA-2021:2397-1Security Fix(es): * postgresql: Buffer overrun from integer overflow in array subscripting calculations (CVE-2021-32027) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 postgresql-9.2.24-7.el7_9.i686.rpm postgresql-9.2.24-7.el7_9.x86_64.rpm postgresql-contrib-9.2.24-7.el7_9.x86_64.rpm postgresql-debuginfo-9.2.24-7.el7_9.i686.rpm postgresql-debuginfo-9.2.24-7.el7_9.x86_64.rpm postgresql-devel-9.2.24-7.el7_9.i686.rpm postgresql-devel-9.2.24-7.el7_9.x86_64.rpm postgresql-docs-9.2.24-7.el7_9.x86_64.rpm postgresql-libs-9.2.24-7.el7_9.i686.rpm postgresql-libs-9.2.24-7.el7_9.x86_64.rpm postgresql-plperl-9.2.24-7.el7_9.x86_64.rpm postgresql-plpython-9.2.24-7.el7_9.x86_64.rpm postgresql-pltcl-9.2.24-7.el7_9.x86_64.rpm postgresql-server-9.2.24-7.el7_9.x86_64.rpm postgresql-static-9.2.24-7.el7_9.i686.rpm postgresql-static-9.2.24-7.el7_9.x86_64.rpm postgresql-test-9.2.24-7.el7_9.x86_64.rpm postgresql-upgrade-9.2.24-7.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7postgresql-libs-9.2.24-7.el7_9.x86_64.rpm3bf162c4a94a11e0b6ed4a37bf05afd25f7f0281ea35f708b088abff5cfd1c50postgresql-libs-9.2.24-7.el7_9.i686.rpmd6ebaeddc43cc67b36b83283043b378120e53eb79abfc77187671ed411226640postgresql-server-9.2.24-7.el7_9.x86_64.rpm3f94ec32306530e799b50ff670aaf6809399d1135a67a516498250689e1c8624postgresql-9.2.24-7.el7_9.x86_64.rpmf938f0b97b430cbd251a0f036e4214199df561c5dfd2f478143e5edd5bc12283postgresql-plperl-9.2.24-7.el7_9.x86_64.rpm926162483eb35a1d39e1c0e2b56b7c196697ade56bd8fb38870cff629baa3231postgresql-test-9.2.24-7.el7_9.x86_64.rpmc28b40c3f00cf23e22de580966ecd38e277a70732a7625e9da129475c056d4aapostgresql-9.2.24-7.el7_9.i686.rpmf5515ecf51a202879d66c91312b10c4214cc3995591a34391b472d601aa12775postgresql-pltcl-9.2.24-7.el7_9.x86_64.rpmfe84b2c10cc2ffc47245014647c21768c6ff7dbc3d9f0d9ac9e255700474c202postgresql-docs-9.2.24-7.el7_9.x86_64.rpm4dd6a639a699788e8a6812c960e672544e99bad708395f8a188704004044347epostgresql-static-9.2.24-7.el7_9.i686.rpm7c9e5ef8fb7eff7cb672225f57ed5c8762f3958652a4498f947e119bcc35783epostgresql-plpython-9.2.24-7.el7_9.x86_64.rpm835629aec9a254e10435f3c461b887e2a7f76e5aa91750febadffba0b0da188bpostgresql-static-9.2.24-7.el7_9.x86_64.rpm74afa4f5df7a224a93ccb22c9d8f8e7358c965e69dccae53925f169486c5faf9postgresql-upgrade-9.2.24-7.el7_9.x86_64.rpmb9ecb9b5b59a17c92985c06291051d1834f718be392b5c58f3f2aa58a1437173postgresql-devel-9.2.24-7.el7_9.x86_64.rpm78a04399dfdcc47c4302e4cf573ee64a388a3bb57a39d1ed3fd0647fbf0d6182postgresql-contrib-9.2.24-7.el7_9.x86_64.rpmd2b36cd2421c1d0cbf6d7d31daf716c8c32478593f4b1d1106cdb15afd8637cepostgresql-devel-9.2.24-7.el7_9.i686.rpmdbec064f8fdc17ab8c066186122b31b0648554619f7191ed7705d43596786098SLSA-2021:2417-1Security Fix(es): * gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services (CVE-2021-33516) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 gupnp-1.0.2-6.el7_9.i686.rpm gupnp-1.0.2-6.el7_9.x86_64.rpm gupnp-debuginfo-1.0.2-6.el7_9.i686.rpm gupnp-debuginfo-1.0.2-6.el7_9.x86_64.rpm gupnp-devel-1.0.2-6.el7_9.i686.rpm gupnp-devel-1.0.2-6.el7_9.x86_64.rpm noarch gupnp-docs-1.0.2-6.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7gupnp-devel-1.0.2-6.el7_9.i686.rpm7f37ce90a108e6ee1e8079e3721e199777ec5a118f40cf4052e8e8f14021dc4fgupnp-1.0.2-6.el7_9.i686.rpm2b8140194eac42849f0413eb49061b72f2bb83a3997b578451c551e39570b21agupnp-devel-1.0.2-6.el7_9.x86_64.rpmc5a7092395429e4b142cb998cc71b239d7ba6018b75fe99366f3431b97faeb61gupnp-docs-1.0.2-6.el7_9.noarch.rpm3ad612ae1e816a0cffcfc500d66b0de0598f332d4159db09e9acaab30343318fgupnp-1.0.2-6.el7_9.x86_64.rpm588c939f7fe4121ee36f425753647b2bee628fcb30a0b919cfd00b1196ecf1faSLSA-2021:2658-1Security Fix(es): * linuxptp: missing length check of forwarded messages (CVE-2021-3570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - linuxptp-2.0-2.el7_9.1.x86_64.rpm - linuxptp-debuginfo-2.0-2.el7_9.1.x86_64.rpmimportantScientific LinuxScientific Linux 7linuxptp-2.0-2.el7_9.1.x86_64.rpmcd19472fe3908a41310e91a23e649c7c8aa1c93c58af619542a150c80a6286f8SLSA-2021:2683-1Security Fix(es): * XStream: remote command execution attack by manipulating the processed input stream (CVE-2021-29505) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 noarch - xstream-1.3.1-14.el7_9.noarch.rpm - xstream-javadoc-1.3.1-14.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7xstream-1.3.1-14.el7_9.noarch.rpm4c0d1e279f58b3c5fc61212ae542c273a87ad83e762cf82d968befffc234abc7xstream-javadoc-1.3.1-14.el7_9.noarch.rpm5df6f91d53d3443b4aab2e3cf697e3d6a0e734dae4e6adea1b7540c6425285bcSLSA-2021:2725-1Security Fix(es): * kernel: size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034) * kernel: use-after-free in show_numa_stats function (CVE-2019-20934) * kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c (CVE-2020-11668) * kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c (CVE-2021-33033) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * [SL7.9.z] n_tty_open: "BUG: unable to handle kernel paging request" * [ESXi][SL7.8]"qp_alloc_hypercall result = -20" / "Could not attach to queue pair with -20" with vSphere Fault Tolerance enabled * [SL7.9][s390x][Regression] Sino Nomine swapgen IBM z/VM emulated DASD with DIAG driver returns EOPNOTSUPP * False-positive hard lockup detected while processing the thread state information (SysRq-T) * SL7.9 zstream - s390x LPAR with NVMe SSD will panic when it has 32 or more IFL (pci) * The NMI watchdog detected a hard lockup while printing RCU CPU stall warning messages to the serial console * nvme hangs when trying to allocate reserved tag * [REGRESSION] "call into AER handling regardless of severity" triggers do_recovery() unnecessarily on correctable PCIe errors * Module nvme_core: A double free of the kmalloc-512 cache between nvme_trans_log_temperature() and nvme_get_log_page(). * sctp - SCTP_CMD_TIMER_START queues active timer kernel BUG at kernel/timer.c:1000! * [Hyper-V][SL-7]When CONFIG_NET_POLL_CONTROLLER is set, mainline commit 2a7f8c3b1d3fee is needed * Kernel panic at cgroup_is_descendant * [Hyper-V][SL-7]Commits To Fix Kdump Failures * IGMPv2 JOIN packets incorrectly routed to loopback * [CKI kernel builds]: x86 binaries in non-x86 kernel rpms breaks systemtap [7.9.z] * mlx4: Fix memory allocation in mlx4_buddy_init needed * incorrect assertion on pi_state->pi_mutex.wait_lock from pi_state_update_owner() --- SL7 x86_64 bpftool-3.10.0-1160.36.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.36.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm perf-3.10.0-1160.36.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-3.10.0-1160.36.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.36.2.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm kernel-doc-3.10.0-1160.36.2.el7.noarch.rpmimportantScientific LinuxScientific Linux 7kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm7d8ecb4acaea932f0c8952ee9af2eacba520a527bfe920b669c922ce4c52d3a9kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpmd693cdb4cf9f6b10fc9e8ed2d32390fc1d4d1a1874ab6e847afd0829cb96000akernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpmd6ae76ca47e20b280316d8ff71851d7c3a20fa3cee111d25aa2a0dd0eff7cbcckernel-doc-3.10.0-1160.36.2.el7.noarch.rpmf8e09350909d363258cabab3a793867b6f775381e1653a0be9386ad2bc9daac0kernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm2aa5e3f4679a1935ddbf5185667ca13e950c2a02f8967b58f681108ca2c06314perf-3.10.0-1160.36.2.el7.x86_64.rpmfc1a425560686ecd1aeda5561dd9e31caed3feb6d9ac2290016c5f13eecaae62kernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm417ba353631eb370a626496cf0124bda27d15332b74275b31f4d2b0250fb1396python-perf-3.10.0-1160.36.2.el7.x86_64.rpm04dd3ebe74791e117d40c57d072cfc09cb1769bcfd9e12019543fc850cb8d73bkernel-headers-3.10.0-1160.36.2.el7.x86_64.rpme553a94a8a993338ae132e222b1046da227d9601de7743906d1faea33856aedekernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpmb49834e7c0c65269e6ad42c1fc17aa1fdd56d4e7d76bc15bcb1f5d1efe761b4ckernel-3.10.0-1160.36.2.el7.x86_64.rpmb63017d77d981063372bbc92dc6423e9387c01668ee7c70963ff3d886ee46b19bpftool-3.10.0-1160.36.2.el7.x86_64.rpm991736f4f2fe98ff1f6740177e2ce530640dc5f9e8f866280f8db303594e1eddkernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm4fb494afeb8ebe56bdd8add70251c529ab5b5772f941d4cd6e79f9033df73acdSLSA-2021:2741-1This update upgrades Firefox to version 78.12.0 ESR. Security Fix(es): * Mozilla: Use-after-free in accessibility features of a document (CVE-2021-29970) * Mozilla: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12 (CVE-2021-29976) * chromium-browser: Out of bounds write in ANGLE (CVE-2021-30547) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - firefox-78.12.0-1.el7_9.x86_64.rpm - firefox-debuginfo-78.12.0-1.el7_9.x86_64.rpm - firefox-78.12.0-1.el7_9.i686.rpmimportantScientific LinuxScientific Linux 7firefox-78.12.0-1.el7_9.i686.rpm5072673f08d52e0ced6ac477f677481000537be1557c181c8d3483adee4f3c43firefox-78.12.0-1.el7_9.x86_64.rpm6bd823c34deaa1a1e06b0c6665122b3dc08984c22bb398d0ebbec8407e00709dSLSA-2021:2784-1Security Fix(es): * OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) * OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341) * OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 java-11-openjdk-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-demo-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-devel-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-headless-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-src-11.0.12.0.7-0.el7_9.x86_64.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.i686.rpm java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.x86_64.rpm40ed18b4d88296b926addc5f3488e95a532af2616b339fb470ab89efe9b33978java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.i686.rpmad15ee4fde1e323fd53ad78545605a445f954b03c5f105e5b1277a3a7afde34bjava-11-openjdk-devel-11.0.12.0.7-0.el7_9.i686.rpm25687ef939eaf8b30fa0c0abbf000d50a7de09a91672fd87c0acc078480323eajava-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.i686.rpmd6f8f6df281e2bcb246d37938461a2d8541f5b9288a859dbab42031c82a6c13ejava-11-openjdk-11.0.12.0.7-0.el7_9.x86_64.rpm2cfbae8b8d3476eb614c43a6af638d7bc64cdeeb8dfe3afa59727780cbfc3dbejava-11-openjdk-demo-11.0.12.0.7-0.el7_9.i686.rpmd1c61bdfaf082840c4a026ce0ca27e5060094208f3c94057873b29510fefac34java-11-openjdk-headless-11.0.12.0.7-0.el7_9.i686.rpm580feb4e2aee7dc454c0d87c538e9940ec312de05a735fba275f9a8c8073e486java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.x86_64.rpm150df06bfcf5cf74bd9f22ae934021ae13d6fcd08072d6384ee375cab8df06ddjava-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.i686.rpm746780768d85f21edc8db369296a7d42784cf171564bf91a58a9abcbf2bd3524java-11-openjdk-demo-11.0.12.0.7-0.el7_9.x86_64.rpm6184086c04b7d5ae668b69ea271b49b1ff9356adc659f3eadbce14734e4a87b6java-11-openjdk-src-11.0.12.0.7-0.el7_9.x86_64.rpm4d750ffee5def8f1e7d24404502ed102a8d97ebfa149fdd56cf181143601b41bjava-11-openjdk-devel-11.0.12.0.7-0.el7_9.x86_64.rpm187524191dca7a5b7755f688d53c427c6adfd6f9ee6e62f30dd05a9c970286bajava-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.x86_64.rpmb6a9d24c04f3d17ad62478855251401aa36facff2e016c9422088886e7f1b9c2java-11-openjdk-headless-11.0.12.0.7-0.el7_9.x86_64.rpm2526e65ef5fe50f6864eaeebbfcc62e9010ec568c8d08efb4a466522cdaab033java-11-openjdk-11.0.12.0.7-0.el7_9.i686.rpm1dbca9adc5784430935d62f33177b1aa29a37c6e8c592daa40f3af23eca1fcbajava-11-openjdk-src-11.0.12.0.7-0.el7_9.i686.rpm2c55847b071127c9c423665e36666ad4b0cc399fa8e157ae742a593d32f26999java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.x86_64.rpm397dc94ccadf1cc07ed6b9eec704486ee3e120916bf81bf6301f464245b85f13SLSA-2021:2845The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) * OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341) * OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * JDK-8266279: 8u292 NoSuchAlgorithmException unrecognized algorithm name: PBEWithSHA1AndDESede (BZ#1960024) importantScientific Linux 7java-1.8.0-openjdk-accessibility-debug-1.8.0.302.b08-0.el7_9.i686.rpm503e87717a057cf98c785b42ef1384df5b43e070f134568c9763153dfdab5d51java-1.8.0-openjdk-src-debug-1.8.0.302.b08-0.el7_9.i686.rpm259e7edd8a077d3d9ce857d1824f5b35ec233b0e3612791cdd16f353ff338365java-11-openjdk-javadoc-zip-debug-11.0.12.0.7-0.el7_9.x86_64.rpma226ad0efd2ba486b68d189957ded0cfeda686213b2a9dc7cc8c484b476fdb26java-11-openjdk-jmods-debug-11.0.12.0.7-0.el7_9.x86_64.rpmb644e8d999f05d3ed440a9c478aade5487b180429bcfccda9c3d52d58b7c65eajava-11-openjdk-devel-debug-11.0.12.0.7-0.el7_9.i686.rpm6941da52a5e6aeb5a9ca86d8e02521978761a2c026daea27977be3f54b37b769java-1.8.0-openjdk-demo-debug-1.8.0.302.b08-0.el7_9.x86_64.rpm541dfc3f577bd50b00f3f67b7a7ecadfaeabbef5d8016103c289ef48f2dd44c8java-1.8.0-openjdk-javadoc-debug-1.8.0.302.b08-0.el7_9.noarch.rpm9fb2415f774c0bf1bf64e3ca720709260ba99b60591718237bcfbcf330134281java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.302.b08-0.el7_9.noarch.rpm4deef6abdb8819c181e3e10bd2bc1435ce2d3ca77b1e543189d7780b4d42cffajava-11-openjdk-jmods-debug-11.0.12.0.7-0.el7_9.i686.rpm2a668ff27d9a45507afe1c7daa7c2115814b968bcf1d54de45261aa379fa2476java-1.8.0-openjdk-demo-debug-1.8.0.302.b08-0.el7_9.i686.rpmb66530714e9689b2d24e88327a6116eece12fdfbb14e0a237e28595634cc2643java-11-openjdk-debug-11.0.12.0.7-0.el7_9.x86_64.rpm5545de2e2433d0b52c06f627eef8279a858657c96b833013c9c704cbbfd42034java-1.8.0-openjdk-src-debug-1.8.0.302.b08-0.el7_9.x86_64.rpme9bca973fbcf25a83c3a27cef032e16a667633b886f58940d0129888264db818java-1.8.0-openjdk-debug-1.8.0.302.b08-0.el7_9.x86_64.rpma5dd961b429af5889ef9d24cc0c2ca22f97a260e4e2d06d09fec06babd6ddd6ejava-11-openjdk-debug-11.0.12.0.7-0.el7_9.i686.rpm0c1e27807db8a30ef27d4000333703e9e134efc0ccd79de0845cf4fdc5db3307java-11-openjdk-src-debug-11.0.12.0.7-0.el7_9.i686.rpmd1251ab40d2373fde3711c8dc81bd3fca599f1bffa6888ec1ab546723259bff1java-11-openjdk-src-debug-11.0.12.0.7-0.el7_9.x86_64.rpm572292710adf20d1d3e3f646d3e469df5e23a2707f6969b99cad7eadba74ae0cjava-11-openjdk-demo-debug-11.0.12.0.7-0.el7_9.i686.rpm82b8c2cf3276139d9c1e7009866560a1d932d1582c115b8c6ba832eb3a434f0djava-11-openjdk-headless-debug-11.0.12.0.7-0.el7_9.x86_64.rpm313bc9f9712f72a4998b928f92c3061c467de050947f6bb6d354070e7159a3a4java-11-openjdk-javadoc-debug-11.0.12.0.7-0.el7_9.i686.rpm2fb087a780d001dd55ac9e2193645a69bd55386d1fc74fc3ae9e8d28919f3005java-1.8.0-openjdk-devel-debug-1.8.0.302.b08-0.el7_9.i686.rpmf2f4bf7e53f3bfefdc14a881813f261aae9ecd7b7e65e40ae410beb7ea6e6f40java-11-openjdk-javadoc-zip-debug-11.0.12.0.7-0.el7_9.i686.rpm1d2354f323d57fe9229b7afa9293317af44c9ba4e5b5b289591ba50eb7e962a7java-1.8.0-openjdk-headless-debug-1.8.0.302.b08-0.el7_9.i686.rpmd6ae82ec8de7558797b089df7750c7d8043ff0fd895722fadce95d404a16e422java-11-openjdk-static-libs-debug-11.0.12.0.7-0.el7_9.x86_64.rpm2b750a81c4d4f4daeb1ba6aa6a7deccd4325451b3d5736ad9ad981d8bdf54f7ejava-11-openjdk-demo-debug-11.0.12.0.7-0.el7_9.x86_64.rpma87d815fcd33fd6689134ad748c41768af50ed81f886369c84fb7a8ca248a8e8java-11-openjdk-devel-debug-11.0.12.0.7-0.el7_9.x86_64.rpm95512f993250891c7b8d2bd6a28bce89ef846eac9aab79b6b9548aaeef057d63java-11-openjdk-headless-debug-11.0.12.0.7-0.el7_9.i686.rpmb84bed334da15fc88b6068df346078fe950ec81cf592cee0939e8d4edf4dd106java-11-openjdk-javadoc-debug-11.0.12.0.7-0.el7_9.x86_64.rpme107bf56f04db02fae2ca8d6c7291540e124e4584ac0b79ece4e20ca22d47139java-1.8.0-openjdk-debug-1.8.0.302.b08-0.el7_9.i686.rpm0c476704f8568af73f4fd8241fd3cf6717eb3984305f8da7e27cc0c9e813e1bajava-1.8.0-openjdk-headless-debug-1.8.0.302.b08-0.el7_9.x86_64.rpm7f2476266ea1139f00956d3018d57d890711b16f79f7d1522d804bbb1bde309bjava-1.8.0-openjdk-devel-debug-1.8.0.302.b08-0.el7_9.x86_64.rpm45ab1bf63c939aae68e150fd5c785298bacd2f38655484d1377f65ce487cfa61java-1.8.0-openjdk-accessibility-debug-1.8.0.302.b08-0.el7_9.x86_64.rpmc71f143b109dbc85c5c4a2574e09c4cde1039b780420e71eae2ccaceaa7c0764SLSA-2021:2845-1Security Fix(es): * OpenJDK: Incorrect comparison during range check elimination (Hotspot, 8264066) (CVE-2021-2388) * OpenJDK: FTP PASV command response can cause FtpClient to connect to arbitrary host (Networking, 8258432) (CVE-2021-2341) * OpenJDK: Incorrect verification of JAR files with multiple MANIFEST.MF files (Library, 8260967) (CVE-2021-2369) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * JDK-8266279: 8u292 NoSuchAlgorithmException unrecognized algorithm name: PBEWithSHA1AndDESede --- SL7 x86_64 java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.x86_64.rpm noarch java-1.8.0-openjdk-javadoc-1.8.0.302.b08-0.el7_9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.302.b08-0.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.i686.rpm39f9af7346d534f2002887db9f4ff695de79b3ad2499d212e2a0e45eb9fb92bcjava-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.i686.rpm7f3321a3d27853c3087f2e2bca65e30dcaabcbba6169ac009e11cecbda85b476java-1.8.0-openjdk-javadoc-1.8.0.302.b08-0.el7_9.noarch.rpm28f81e124f6d9bb59da40a64297d73b483a577f19c24f1eeba78d08ca6e03146java-1.8.0-openjdk-javadoc-zip-1.8.0.302.b08-0.el7_9.noarch.rpm9c576e635bfce44eda493bd2d4537d0285dcf6e5ad65ec6921bdb827b568cd56java-1.8.0-openjdk-demo-1.8.0.302.b08-0.el7_9.x86_64.rpm06df563cb9a22f4fb86978044e3ccd7fc77e0045f8d0b6bde77bf762d86ab6eejava-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.x86_64.rpmfe7868ec6c87bbfa14b5dbcb2c0c2f62890dfe9bf9908960fdaad79c3309bc90java-1.8.0-openjdk-src-1.8.0.302.b08-0.el7_9.i686.rpmc421080fae04fe01329bad7393633aecec64a7007bca4156f48610dba07dde8fjava-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.i686.rpme115f53dc308a75e1993d8ac0442465084d4f7798612b77bc490d389a5f53e61java-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.x86_64.rpm3964f8ce990919fe3aad915412fa4e49987fffd234eefc1564a40b1aace539b8java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.i686.rpmed38b6dd0cdd0699af0fd65385edc050199398f3907f853a84a7b243aa4d7f52java-1.8.0-openjdk-accessibility-1.8.0.302.b08-0.el7_9.x86_64.rpm72e7ced455969605907a30370a3ead4e2d3a45236aa28550ceff34ccabda5eacjava-1.8.0-openjdk-1.8.0.302.b08-0.el7_9.i686.rpm4cf1b2f740d587ce33a1a07625b21d3eb96a97cb3f66c14776a435fa3af479e5java-1.8.0-openjdk-devel-1.8.0.302.b08-0.el7_9.x86_64.rpm5e8345b76c0310784eba308e4f94cfb60c33984b23bd62bde384e85997279035java-1.8.0-openjdk-headless-1.8.0.302.b08-0.el7_9.x86_64.rpmb519d21b168768ab0745f0f53f5288f58bbb7f070944c8e7dce3d5a0be6bd5e4SLSA-2021:2881-1This update upgrades Thunderbird to version 78.12.0. Security Fix(es): * Mozilla: IMAP server responses sent by a MITM prior to STARTTLS could be processed (CVE-2021-29969) * Mozilla: Use-after-free in accessibility features of a document (CVE-2021-29970) * Mozilla: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12 (CVE-2021-29976) * chromium-browser: Out of bounds write in ANGLE (CVE-2021-30547) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - thunderbird-78.12.0-2.el7_9.x86_64.rpm - thunderbird-debuginfo-78.12.0-2.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7thunderbird-78.12.0-2.el7_9.x86_64.rpm91806481c6fc65fcd2f5ae3c3fff8150b7982eb1f02226c2f8681d50cb369576SLSA-2021:2989-1Security Fix(es): * lasso: XML signature wrapping vulnerability when parsing SAML responses (CVE-2021-28091) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - lasso-2.5.1-8.el7_9.i686.rpm - lasso-2.5.1-8.el7_9.x86_64.rpm - lasso-debuginfo-2.5.1-8.el7_9.i686.rpm - lasso-debuginfo-2.5.1-8.el7_9.x86_64.rpm - lasso-devel-2.5.1-8.el7_9.i686.rpm - lasso-devel-2.5.1-8.el7_9.x86_64.rpm - lasso-python-2.5.1-8.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7lasso-2.5.1-8.el7_9.i686.rpm98e13a86c7880b2fbe273dfbf02fe9588b53ea0a7308376a53cd6989eda2f856lasso-2.5.1-8.el7_9.x86_64.rpmcf2896c9af6e17896a050bac5d3866525ed0e43c7f50fd394c1d969edab0acc0lasso-devel-2.5.1-8.el7_9.x86_64.rpm682530e22a43541c96014fca60914ed9c36f229b28084a66b91e2cc6875ffc50lasso-python-2.5.1-8.el7_9.x86_64.rpmbfefa00287b78344a058232d34d74688113e0715f55b2f550cd5b7989d83c7dalasso-devel-2.5.1-8.el7_9.i686.rpm619d5eda91dfad8c51da2b01d131aa662754e2d057ba75501cec5e9e572d32fdSLSA-2021:3028-1Security Fix(es): * hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: Vector Register Data Sampling (CVE-2020-0548) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors (CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors (CVE-2020-24512) * hw: Information disclosure issue in Intel SGX via RAPL interface (CVE-2020-8695) * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698) --- SL7 x86_64 - microcode_ctl-2.1-73.11.el7_9.x86_64.rpm - microcode_ctl-debuginfo-2.1-73.11.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7microcode_ctl-2.1-73.11.el7_9.x86_64.rpm88a9b7faaa2f8bcfa45c883d79da8855fedf161b102a41ba91c8e7a8cda723dbSLSA-2021:3154-1This update upgrades Firefox to version 78.13.0 ESR. Security Fix(es): * Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980) * Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984) * Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986) * Mozilla: Memory corruption as a result of incorrect style treatment (CVE-2021-29988) * Mozilla: Memory safety bugs fixed in Thunderbird 78.13 (CVE-2021-29989) * Mozilla: Use-after-free media channels (CVE-2021-29985) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-78.13.0-2.el7_9.x86_64.rpmbc41b16a9bca16b2a8ce95bcdc37b7988f20720b9cd4f7c0f2e74ed0bd1803d2firefox-78.13.0-2.el7_9.i686.rpmd8449a4c77bed4b52ed6429f3ec3079091b241740fd34a67fbf54e789db5c80aSLSA-2021:3158-1Security Fix(es): * exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7exiv2-libs-0.27.0-4.el7_8.i686.rpm6e1655bac655b79fcef547510c9571d75eed3867a13c3c1df24e9ebb7f488e88exiv2-libs-0.27.0-4.el7_8.x86_64.rpmc80106ec40162ef5482829b34e6a1f488a5896145e62988f50069d3a7a3ca99dexiv2-devel-0.27.0-4.el7_8.i686.rpm4c33360ef1a27e17ecb897829b29dcc92ede55fed680d7ecae084ecf15a751f5exiv2-0.27.0-4.el7_8.x86_64.rpm2ad983d2240087ea19daa9c8345c687256c2dfbd767739c4dac6868e3a2800cfexiv2-doc-0.27.0-4.el7_8.noarch.rpm72bbcd2f72146fc524ea043f551cadd8cc7a3b6757fada666865e346171d71a3exiv2-devel-0.27.0-4.el7_8.x86_64.rpm6a7ed5be881d54c881fdb41359fa7b90c508fef7321cf4f588e72503777795e6SLSA-2021:3160-1This update upgrades Thunderbird to version 78.13.0. Security Fix(es): * Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980) * Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984) * Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986) * Mozilla: Memory corruption as a result of incorrect style treatment (CVE-2021-29988) * Mozilla: Memory safety bugs fixed in Thunderbird 78.13 (CVE-2021-29989) * Mozilla: Use-after-free media channels (CVE-2021-29985) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-78.13.0-1.el7_9.x86_64.rpma1c089fd6ce1fef0bef27a525a9745cc2d310cf48d4b9483805b199e86ed5edaSLSA-2021:3233-1Security Fix(es): * exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE7 --- SL7 x86_64 - compat-exiv2-026-0.26-3.el7_9.i686.rpm - compat-exiv2-026-0.26-3.el7_9.x86_64.rpm - compat-exiv2-026-debuginfo-0.26-3.el7_9.i686.rpm - compat-exiv2-026-debuginfo-0.26-3.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7compat-exiv2-026-0.26-3.el7_9.i686.rpm9a34a4f44f655124edba74a73224379e4b27c9deb32651cf533c6a61f5086f19compat-exiv2-026-0.26-3.el7_9.x86_64.rpm0033a683cc63d68e7a84dec2d25b02285145f3fb9df32a933ba26d0b87176ee6SLSA-2021:3234-1Security Fix(es): * exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE7 --- SL7 x86_64 - compat-exiv2-023-0.23-2.el7_9.i686.rpm - compat-exiv2-023-0.23-2.el7_9.x86_64.rpm - compat-exiv2-023-debuginfo-0.23-2.el7_9.i686.rpm - compat-exiv2-023-debuginfo-0.23-2.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7compat-exiv2-023-0.23-2.el7_9.i686.rpm234b3ac49dc1dedc349059d07f01a8eabf9899d69b359b6979ecd193a1ebc096compat-exiv2-023-0.23-2.el7_9.x86_64.rpme99bc81d83364f6f684739c64f04bf3cece758e5bea3d7a2e61ddb943dae32cbSLSA-2021:3295-1Security Fix(es): * libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution (CVE-2021-3246) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 libsndfile-1.0.25-12.el7_9.1.i686.rpm libsndfile-1.0.25-12.el7_9.1.x86_64.rpm libsndfile-debuginfo-1.0.25-12.el7_9.1.i686.rpm libsndfile-debuginfo-1.0.25-12.el7_9.1.x86_64.rpm libsndfile-devel-1.0.25-12.el7_9.1.i686.rpm libsndfile-devel-1.0.25-12.el7_9.1.x86_64.rpm libsndfile-utils-1.0.25-12.el7_9.1.x86_64.rpmimportantScientific LinuxScientific Linux 7libsndfile-devel-1.0.25-12.el7_9.1.i686.rpmb3910769e141cfeeab716a19e97939dd241377aaf55821ec9c642af011d0c59clibsndfile-utils-1.0.25-12.el7_9.1.x86_64.rpmd15484d0294af5ee8e1392da70f43fa812df27b7c642d79aa0ce936fea1678delibsndfile-1.0.25-12.el7_9.1.x86_64.rpmac61969886fb56f38f2e298136eeb397bee1a22271feeefdb8aed0fbe2a47fealibsndfile-devel-1.0.25-12.el7_9.1.x86_64.rpme117477a7875c688069d8b033df530da34e18628510e18d2921cf3760f13ef08libsndfile-1.0.25-12.el7_9.1.i686.rpm5bab9fed88e6b7fc23592c9da41f699d431160f44e271d4f2fb1b1f2865ba15cSLSA-2021:3296-1Security Fix(es): * libX11: missing request length checks (CVE-2021-31535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 libX11-1.6.7-4.el7_9.i686.rpm libX11-1.6.7-4.el7_9.x86_64.rpm libX11-debuginfo-1.6.7-4.el7_9.i686.rpm libX11-debuginfo-1.6.7-4.el7_9.x86_64.rpm libX11-devel-1.6.7-4.el7_9.i686.rpm libX11-devel-1.6.7-4.el7_9.x86_64.rpm noarch libX11-common-1.6.7-4.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7libX11-devel-1.6.7-4.el7_9.i686.rpm4f1dc1fb871116b82794ae3b0432e5ac521ed6811611740cac68e62621e8665elibX11-1.6.7-4.el7_9.x86_64.rpm805486b69ea140fa070aa6e28a15a8eb5519e592811c4325acd906d695829340libX11-common-1.6.7-4.el7_9.noarch.rpmff2dbbb2c0c4168eb25f248e7952404ca464f7fbd7974343f2412003abeefd84libX11-1.6.7-4.el7_9.i686.rpm6ff763fc3c4042a91cdf2b63763bc28f35cea891d46a78da3f6198bfeb148d9dlibX11-devel-1.6.7-4.el7_9.x86_64.rpm6be63062aaaf4e8d6329b503577de87342b48cc2acfe3cd690e80f83f1c465e9SLSA-2021:3325-1Security Fix(es): * bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly (CVE-2021-25214) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 bind-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-chroot-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-debuginfo-9.11.4-26.P2.el7_9.7.i686.rpm bind-debuginfo-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-devel-9.11.4-26.P2.el7_9.7.i686.rpm bind-devel-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-export-devel-9.11.4-26.P2.el7_9.7.i686.rpm bind-export-devel-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-export-libs-9.11.4-26.P2.el7_9.7.i686.rpm bind-export-libs-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-libs-9.11.4-26.P2.el7_9.7.i686.rpm bind-libs-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-libs-lite-9.11.4-26.P2.el7_9.7.i686.rpm bind-libs-lite-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-lite-devel-9.11.4-26.P2.el7_9.7.i686.rpm bind-lite-devel-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-pkcs11-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.7.i686.rpm bind-pkcs11-devel-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.i686.rpm bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-pkcs11-utils-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-sdb-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-sdb-chroot-9.11.4-26.P2.el7_9.7.x86_64.rpm bind-utils-9.11.4-26.P2.el7_9.7.x86_64.rpm noarch bind-license-9.11.4-26.P2.el7_9.7.noarch.rpmmoderateScientific LinuxScientific Linux 7bind-pkcs11-devel-9.11.4-26.P2.el7_9.7.x86_64.rpm0f664c4582d87086632bceea130dad5c9230205974fc1fd51d574d14c36ab72dbind-export-libs-9.11.4-26.P2.el7_9.7.i686.rpm1cd8a4c5be34e924728330c8921f4c162287c484621027417858c3183977b943bind-export-libs-9.11.4-26.P2.el7_9.7.x86_64.rpm40e8e2e47fe864b27bdff476ba1dad290b8b84e1d5e837d5a301928cd4e9b22dbind-libs-lite-9.11.4-26.P2.el7_9.7.x86_64.rpm99baf1d0b90af916bf4caabeadbbe04b73fd490b2a3d0b0d12dba8142c111475bind-devel-9.11.4-26.P2.el7_9.7.x86_64.rpmad423e367926bac84af867f8282f16fc859526a6d503174c675ce8daeb36ff20bind-export-devel-9.11.4-26.P2.el7_9.7.x86_64.rpme5a515e291fab1fa300a30f05511e81411bf61fffd47380944fe4ef5f4693f55bind-lite-devel-9.11.4-26.P2.el7_9.7.x86_64.rpm0253dfb5a08f373842c240c84f0c1eb9171f2ab8e08eeb5126ed3e70a8871921bind-sdb-chroot-9.11.4-26.P2.el7_9.7.x86_64.rpmfa207b6f9321b18c5f525bbb91903bcefa94e530f6c5f17a191925f8cca21681bind-pkcs11-devel-9.11.4-26.P2.el7_9.7.i686.rpmffb34baf93dc78b8c3204a0dfc3e40e5309b130a02aca8e9884ad591b9fd2b61bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.x86_64.rpma6bdf31288be4ca1ee0031c86acb9a40d3258e3d5ba84c431ce77712557534c3bind-libs-lite-9.11.4-26.P2.el7_9.7.i686.rpmb28cab1232e3b1c4c311f24af1f39361f4226651a3061082343f922b856a78b6bind-9.11.4-26.P2.el7_9.7.x86_64.rpm2cf14f362fac3cec4e32deaa2a6ddbcb64700936117dae0cdbbb64f007552d0cbind-lite-devel-9.11.4-26.P2.el7_9.7.i686.rpmf22a802c9f3559615c63df34546aec823b984569735e37463de73ccbfbe9c868bind-chroot-9.11.4-26.P2.el7_9.7.x86_64.rpme50f60168b6033107d65d1dc2047d457f4aaa792d2c8ca4435aff8fb3d7f2395bind-sdb-9.11.4-26.P2.el7_9.7.x86_64.rpm99f00d3261d884dc7d8d6ebc32efa082e4187ecddb4ccfcf9231f9ac35560b64bind-license-9.11.4-26.P2.el7_9.7.noarch.rpm422f7a25a275aa9ef9fe2d98e9f90d28648c8e18d6fb337841fd12b2e16a4f44bind-export-devel-9.11.4-26.P2.el7_9.7.i686.rpmfdee061bae052b6d4d5a92910f14a1633cec37d16509a941cff19cb6e1930ffdbind-libs-9.11.4-26.P2.el7_9.7.i686.rpm034fe87eea2d8b5a2124400aae03a472c9a0d622fb25800e6fbbcd5259e30557bind-libs-9.11.4-26.P2.el7_9.7.x86_64.rpm193531fe7702ea7dda0cb4ef0d7b32d6a503d4d2a96b684a9b4859207e7e66f7bind-pkcs11-utils-9.11.4-26.P2.el7_9.7.x86_64.rpm229169f1dcd87871c084babd1b0c907de4221b2ec3e89d5083a01689da89a197bind-pkcs11-9.11.4-26.P2.el7_9.7.x86_64.rpm327434f2010bf6e5d1eff08dcaaaa092d11d21299aa111e62ff028d204436379bind-pkcs11-libs-9.11.4-26.P2.el7_9.7.i686.rpmfc2533dea2c78321b310a83c63524e905b24276818acd9ae171bb5b96cc1efddbind-devel-9.11.4-26.P2.el7_9.7.i686.rpm69df49b5752140ef781df58fd756fbba32875b4988a055c654dab339bbf8cacfbind-utils-9.11.4-26.P2.el7_9.7.x86_64.rpm8176d6c537943acedcdfa817652ed8ce382144a789085c0227d8563c6836cb37SLSA-2021:3327-1Security Fix(es): * kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c (CVE-2021-22555) * kernel: race condition for removal of the HCI controller (CVE-2021-32399) * kernel: powerpc: RTAS calls can be used to compromise kernel integrity (CVE-2020-27777) * kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154) * kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS (CVE-2021-29650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * SAN Switch rebooted and caused (?) OpenStack compute node to reboot * sysfs: cannot create duplicate filename '/class/mdio_bus/ixgbe-8100 * XFS: read-only recovery does not update free space accounting in superblock * The memcg_params field of kmem_cache struct contains an old slab address that is to small for the current size of memcg_limited_groups_array_size. * Backport of upstream patch "net: Update window_clamp if SOCK_RCVBUF is set " into rhel-7 * Kernel panic in init_cq_frag_buf * futex: futex_requeue can potentially free the pi_state structure twice * be_poll lockup doing ifenslave when netconsole using bond * OCP4.7 nodes panic at BUG_ON in nf_nat_setup_info() --- SL7 x86_64 bpftool-3.10.0-1160.41.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.41.1.el7.x86_64.rpm kernel-3.10.0-1160.41.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.41.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.41.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.41.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.41.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.41.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.41.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.41.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.41.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.41.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.41.1.el7.x86_64.rpm perf-3.10.0-1160.41.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.41.1.el7.x86_64.rpm python-perf-3.10.0-1160.41.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.41.1.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1160.41.1.el7.noarch.rpm kernel-doc-3.10.0-1160.41.1.el7.noarch.rpmimportantScientific LinuxScientific Linux 7kernel-debug-3.10.0-1160.41.1.el7.x86_64.rpm5bcfdad599b44925e1230949969a60903487c392b6e40aa5c2d725271d6f82d3kernel-doc-3.10.0-1160.41.1.el7.noarch.rpmc5910ab8910fff70be6016751415352f55198ccdc8e11735da61c6775f76b8eaperf-3.10.0-1160.41.1.el7.x86_64.rpm53538846f19e0fecbbfc76ea664e44b0a60c548785d2d331086baf4ef3b998c9bpftool-3.10.0-1160.41.1.el7.x86_64.rpm5115b684a64e594c10a8202c5e951f143eac59a7f75382e2d65c9104202df150kernel-devel-3.10.0-1160.41.1.el7.x86_64.rpmf16c223fe64df7ea47ff1eed29a0833e150e50412c49e240397c13d1df363847kernel-tools-3.10.0-1160.41.1.el7.x86_64.rpmd250b4cdfb1d8ea7986d3dee2694eb112445103c3fd9f7e633ed1565034b8190python-perf-3.10.0-1160.41.1.el7.x86_64.rpmd1df2230944d9712346af10fc36e683be7ed322084d36ca609f13f7c15bc4450kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64.rpm5a2b5d848316fbd08d1315a721b6875c2c9d367307e5b52ed148f2dfdb396b8akernel-3.10.0-1160.41.1.el7.x86_64.rpm324b80fdf429db9c8c98848d4d3c5e453165c7fa6e8860df88383454c6f60123kernel-headers-3.10.0-1160.41.1.el7.x86_64.rpm7929926bcb7e8857a134ae7c4e173c7ff2387cad23370fecf0118c7351b545aakernel-tools-libs-devel-3.10.0-1160.41.1.el7.x86_64.rpm5c891a7b590d142e84b1a975f57cc6192bc5e4f116fb485c5b7d1d367822a486kernel-debug-devel-3.10.0-1160.41.1.el7.x86_64.rpm5a2fc8257aecdaf5d27f57952b69b2b1cd42f8472842e3647c5a3ac9e0ca1e6bkernel-abi-whitelists-3.10.0-1160.41.1.el7.noarch.rpm8d9bf7379a529f839def865bd2276337a3154d516043688b9669a388309e171dSLSA-2021:3336-1Security Fix(es): * sssd: shell command injection in sssctl (CVE-2021-3621) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Memory leak in the simple access provider * id lookup is failing intermittently * SSSD is NOT able to contact the Global Catalog when local site is down * Missing search index for `originalADgidNumber` --- SL7 x86_64 libipa_hbac-1.16.5-10.el7_9.10.i686.rpm libipa_hbac-1.16.5-10.el7_9.10.x86_64.rpm libipa_hbac-devel-1.16.5-10.el7_9.10.i686.rpm libipa_hbac-devel-1.16.5-10.el7_9.10.x86_64.rpm libsss_autofs-1.16.5-10.el7_9.10.x86_64.rpm libsss_certmap-1.16.5-10.el7_9.10.i686.rpm libsss_certmap-1.16.5-10.el7_9.10.x86_64.rpm libsss_certmap-devel-1.16.5-10.el7_9.10.i686.rpm libsss_certmap-devel-1.16.5-10.el7_9.10.x86_64.rpm libsss_idmap-1.16.5-10.el7_9.10.i686.rpm libsss_idmap-1.16.5-10.el7_9.10.x86_64.rpm libsss_idmap-devel-1.16.5-10.el7_9.10.i686.rpm libsss_idmap-devel-1.16.5-10.el7_9.10.x86_64.rpm libsss_nss_idmap-1.16.5-10.el7_9.10.i686.rpm libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64.rpm libsss_nss_idmap-devel-1.16.5-10.el7_9.10.i686.rpm libsss_nss_idmap-devel-1.16.5-10.el7_9.10.x86_64.rpm libsss_simpleifp-1.16.5-10.el7_9.10.i686.rpm libsss_simpleifp-1.16.5-10.el7_9.10.x86_64.rpm libsss_simpleifp-devel-1.16.5-10.el7_9.10.i686.rpm libsss_simpleifp-devel-1.16.5-10.el7_9.10.x86_64.rpm libsss_sudo-1.16.5-10.el7_9.10.x86_64.rpm python-libipa_hbac-1.16.5-10.el7_9.10.x86_64.rpm python-libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64.rpm python-sss-1.16.5-10.el7_9.10.x86_64.rpm python-sss-murmur-1.16.5-10.el7_9.10.x86_64.rpm sssd-1.16.5-10.el7_9.10.x86_64.rpm sssd-ad-1.16.5-10.el7_9.10.x86_64.rpm sssd-client-1.16.5-10.el7_9.10.i686.rpm sssd-client-1.16.5-10.el7_9.10.x86_64.rpm sssd-common-1.16.5-10.el7_9.10.x86_64.rpm sssd-common-pac-1.16.5-10.el7_9.10.x86_64.rpm sssd-dbus-1.16.5-10.el7_9.10.x86_64.rpm sssd-debuginfo-1.16.5-10.el7_9.10.i686.rpm sssd-debuginfo-1.16.5-10.el7_9.10.x86_64.rpm sssd-ipa-1.16.5-10.el7_9.10.x86_64.rpm sssd-kcm-1.16.5-10.el7_9.10.x86_64.rpm sssd-krb5-1.16.5-10.el7_9.10.x86_64.rpm sssd-krb5-common-1.16.5-10.el7_9.10.x86_64.rpm sssd-ldap-1.16.5-10.el7_9.10.x86_64.rpm sssd-libwbclient-1.16.5-10.el7_9.10.x86_64.rpm sssd-libwbclient-devel-1.16.5-10.el7_9.10.i686.rpm sssd-libwbclient-devel-1.16.5-10.el7_9.10.x86_64.rpm sssd-polkit-rules-1.16.5-10.el7_9.10.x86_64.rpm sssd-proxy-1.16.5-10.el7_9.10.x86_64.rpm sssd-tools-1.16.5-10.el7_9.10.x86_64.rpm sssd-winbind-idmap-1.16.5-10.el7_9.10.x86_64.rpm noarch python-sssdconfig-1.16.5-10.el7_9.10.noarch.rpmimportantScientific LinuxScientific Linux 7sssd-dbus-1.16.5-10.el7_9.10.x86_64.rpmebb500e796d30ffc9ae912ac078355a34859ccf1d9c9943c71bc45092fd12807sssd-common-pac-1.16.5-10.el7_9.10.x86_64.rpm0f1d572f4ca4496b4a6f74c90afd87bf42b343ff9f79a250754fc95a4af48de8sssd-ipa-1.16.5-10.el7_9.10.x86_64.rpm76508a713e696581eb1ee4c0ba6d0d9592f2b556016c9355fbc7bf70996c394fsssd-ldap-1.16.5-10.el7_9.10.x86_64.rpm7fb5e25b4f03d4489ec688e682425380885ba49c76de9e762c8a81eae88fdfc9libsss_simpleifp-devel-1.16.5-10.el7_9.10.i686.rpm8cdffd4f636e874abb4110c23062d2ebce093fd02f87da5a87475c850d4604e6sssd-kcm-1.16.5-10.el7_9.10.x86_64.rpm7245184b18feab0c075c6ca5d1d5079d2717f7b12750783548737d42b150b642libsss_simpleifp-1.16.5-10.el7_9.10.i686.rpmaf1a1ac20c407907416e0be39c90ad91aedf44f51b44d33e60c6702d68a06a40libsss_simpleifp-devel-1.16.5-10.el7_9.10.x86_64.rpmbfefb570ae1a9957ca8e43705108387e0a14e3f7f4611f67b813db9c11a701dfpython-sssdconfig-1.16.5-10.el7_9.10.noarch.rpm6b4d7c87a9ff71f3b8d1d4067556d7662ab771ac880d3b53f221709398d60844sssd-krb5-common-1.16.5-10.el7_9.10.x86_64.rpmbd26b00fcbb063337b26d054ad72e0cf9cb0796bed0c3ed6e5ac1eb641cc5bdelibsss_idmap-1.16.5-10.el7_9.10.x86_64.rpm4877e9a2a3274b5db35d2999ef1827fb03c941516b9f055c936f0797e659815elibsss_autofs-1.16.5-10.el7_9.10.x86_64.rpm34810b9bfaf523bc510c3fde66eacd512f7f44639585db09c2fb5259edf6fc03libipa_hbac-devel-1.16.5-10.el7_9.10.i686.rpm48bf468fa6075da60c140bae64400741d3c858f72cb9842f6a58b6683a80e119python-sss-1.16.5-10.el7_9.10.x86_64.rpm6f0917b948a1f3cdd4653cc8b5cf7286eca4114dad2fb958e4a8f9c434bf7f59libsss_nss_idmap-devel-1.16.5-10.el7_9.10.i686.rpmce516026800a8ce723d4cb667c391e353f61fbe2415518d1274210ea72ae79a5sssd-libwbclient-devel-1.16.5-10.el7_9.10.x86_64.rpm9047dbc282b156b53582dc43090e0f8afe87cf64f53ba5525dc26b285f138fd0sssd-winbind-idmap-1.16.5-10.el7_9.10.x86_64.rpm99a3b8b9bff033a5bcdffa7cc798b359778a9e72a882843e4ab56335045499a4sssd-common-1.16.5-10.el7_9.10.x86_64.rpmcc88d2d2ec3ba8cabfd75a9664233edde6b813716e2f9c0ef0c1e181a806473cpython-libipa_hbac-1.16.5-10.el7_9.10.x86_64.rpm3e2050e95d1f3ebbb8271671852b412420ea280154df550e557cc7f7dec227a3sssd-1.16.5-10.el7_9.10.x86_64.rpm15cd608affb1ee07c97297add43aafc5c12fa8cee1d6ad26a618e3d72aaa3291libsss_certmap-devel-1.16.5-10.el7_9.10.i686.rpm379d8186fb9607a0a36cd209d7704770971bea0dd0ef16f3d8fefe992109f4f0libsss_certmap-1.16.5-10.el7_9.10.x86_64.rpm4e025c3b36f5b6f679e88cc79168c081cb78f1f235f10f1e8d37aed8602a634bsssd-krb5-1.16.5-10.el7_9.10.x86_64.rpm36a63b1132197ae7bd592a61dfb846cff68e23dcda1cc4623d84200c94d038d8libipa_hbac-1.16.5-10.el7_9.10.i686.rpm807c8cc510ed682e3823d46990f8e72acecb1417e972c3e30c168060d13e6e2flibsss_certmap-devel-1.16.5-10.el7_9.10.x86_64.rpmde583697d68e9965964e9b776b04b04e5497fb7337c9df6803840102a27239a5libsss_certmap-1.16.5-10.el7_9.10.i686.rpmc84815e08ae58422387429c8933f097cdc4e277f386afcc44bab10a18fb59082sssd-ad-1.16.5-10.el7_9.10.x86_64.rpm7c1858cf98f7e0c684e8561240fe8b02219b8105a2a6ce8eeca431a157560750sssd-libwbclient-1.16.5-10.el7_9.10.x86_64.rpmb3fb83eb2abe7d757f8b314a4507a8f738c3d40f6de155254c6feabfe35f2000sssd-proxy-1.16.5-10.el7_9.10.x86_64.rpm6d788f7682ea53cead8d82d111cab5a27d60169689d666156f5d2ad7b2cec3eblibsss_sudo-1.16.5-10.el7_9.10.x86_64.rpm408a18a3a1ccb71703651ac59e843baaf3085340c36ce4a70cf45103bfb2d2cclibipa_hbac-1.16.5-10.el7_9.10.x86_64.rpm73855f072f1a2432c650112e27ca2bd1ed03371c2a2910a23a3b84ba863319d4libsss_nss_idmap-1.16.5-10.el7_9.10.i686.rpm28817330e3e6957966737b5798daa8bfa63a3992552f571539cd15fd298ae433libsss_idmap-devel-1.16.5-10.el7_9.10.i686.rpm11fc647330d60e502d86007060e468d67cff2a79c650936210e1603a791a9220sssd-client-1.16.5-10.el7_9.10.i686.rpm379b3eabff1bebbd09397d8b0516cea1c38d05c4e689db04882a8c2019983271sssd-client-1.16.5-10.el7_9.10.x86_64.rpm2d916950378d815c659a2d9c847a7ba230752158d2ea248f0c981e110d8d2d76sssd-tools-1.16.5-10.el7_9.10.x86_64.rpm75cf819b5199bbd7cce944ba7023e307dd27b5fb5e85a0be1a3739f3f5f50e1clibsss_simpleifp-1.16.5-10.el7_9.10.x86_64.rpm11cfb2cd085d2dc80886ae324e199be7f5b15dbd244a8526505e875de391782epython-libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64.rpm67e116b5fdfdf6518a66aeb1a31fed3d6ca6c5257244b27f5a3f830011ee0926libipa_hbac-devel-1.16.5-10.el7_9.10.x86_64.rpm7e0638a0bcf9fe4ef12289b5ded49df445de1cacb9468952f6ab74433d2352edsssd-libwbclient-devel-1.16.5-10.el7_9.10.i686.rpm0e19ac9b1062ea74de9da9ec9b9563254e29e618e6a5d9ef638827fafa967191python-sss-murmur-1.16.5-10.el7_9.10.x86_64.rpm8d3cf5f00e6b887d17584b95d1664335f1d493f4719111f66504e4f365b57cf2libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64.rpm525085aee2a090f378c368427732381827fcd95155c317fa4e41b730e19a8fa2libsss_idmap-devel-1.16.5-10.el7_9.10.x86_64.rpm9868ad8377d3a7ea59527e8386e69e201eea9b7d4433abe3dee365061863798asssd-polkit-rules-1.16.5-10.el7_9.10.x86_64.rpm15ecfd87feb56508a001d086c9cab4cb011fef0349b3644bfa20aa190c9e2c5blibsss_nss_idmap-devel-1.16.5-10.el7_9.10.x86_64.rpm21634c7c16563a1ca96bebeff099b00a9b6cb46712fa13da41aa91dec1bfeed4libsss_idmap-1.16.5-10.el7_9.10.i686.rpm2d7c9988bdb0402e3052117ceccea2bb0f3d6143c34bfacf4c2f4981bc8fe7a7SLSA-2021:3338-1Security Fix(es): * hivex: stack overflow due to recursive call of _get_children() (CVE-2021-3622) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 hivex-1.3.10-6.12.el7_9.i686.rpm hivex-1.3.10-6.12.el7_9.x86_64.rpm hivex-debuginfo-1.3.10-6.12.el7_9.i686.rpm hivex-debuginfo-1.3.10-6.12.el7_9.x86_64.rpm hivex-devel-1.3.10-6.12.el7_9.i686.rpm hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm ocaml-hivex-1.3.10-6.12.el7_9.x86_64.rpm ocaml-hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm perl-hivex-1.3.10-6.12.el7_9.x86_64.rpm python-hivex-1.3.10-6.12.el7_9.x86_64.rpm ruby-hivex-1.3.10-6.12.el7_9.x86_64.rpmlowScientific LinuxScientific Linux 7hivex-1.3.10-6.12.el7_9.i686.rpm1caee1ae63b7e789e9e44bbb1cd42157e6cfc808a461b98227f6c107cbd09c5dhivex-devel-1.3.10-6.12.el7_9.x86_64.rpmd228ff112d6a9331cbb0ffb928122eb5756419ec3aaee85fdcebc10b6f0e37b6ocaml-hivex-1.3.10-6.12.el7_9.x86_64.rpm1f3ef43f71673df625ca2714b1cfd8fd96af7bba80cc8d8c01e9cd5b9d3812ffhivex-1.3.10-6.12.el7_9.x86_64.rpm42dc380b24339b64af4aa373ec67103bba53f1684c3eeb4c31e852135521d66epython-hivex-1.3.10-6.12.el7_9.x86_64.rpme3904da15f8fc7f82cabcb789626a88699cda81f2a0fd02eaeb9c91139e252f2ruby-hivex-1.3.10-6.12.el7_9.x86_64.rpmaa2def395f6c510a1eac7868e33809287cd65c0d17d32dcf5784ea47c183cb2fperl-hivex-1.3.10-6.12.el7_9.x86_64.rpm0f51f73587a33aaf290265edb03d75c08b04d3b84f55871129c44fc4334b7050ocaml-hivex-devel-1.3.10-6.12.el7_9.x86_64.rpm8019f3839747ef54278da82fc0bebc35dd32e461cbb7990ba3c54cb489aca7bahivex-devel-1.3.10-6.12.el7_9.i686.rpma3ecd9709faa50747e5115d83097da32e8d473787ef46e0fba22a07cf083738eSLSA-2021:3438-1Security Fix(es): * kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * [SL 7.8][s390x][DASD]Crash in __list_del_entry, alias_pav_group list corrupt when running dasd_alias_remove_device() * EMBARGOED CVE-2021-3715 kernel: use-after-free in route4_change() in net/sched/cls_route.c --- SL7 x86_64 - bpftool-3.10.0-1160.42.2.el7.x86_64.rpm - bpftool-debuginfo-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-debug-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-debug-debuginfo-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-debug-devel-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-debuginfo-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-debuginfo-common-x86_64-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-devel-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-headers-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-tools-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-tools-debuginfo-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-tools-libs-3.10.0-1160.42.2.el7.x86_64.rpm - kernel-tools-libs-devel-3.10.0-1160.42.2.el7.x86_64.rpm - perf-3.10.0-1160.42.2.el7.x86_64.rpm - perf-debuginfo-3.10.0-1160.42.2.el7.x86_64.rpm - python-perf-3.10.0-1160.42.2.el7.x86_64.rpm - python-perf-debuginfo-3.10.0-1160.42.2.el7.x86_64.rpm noarch - kernel-abi-whitelists-3.10.0-1160.42.2.el7.noarch.rpm - kernel-doc-3.10.0-1160.42.2.el7.noarch.rpmmoderateScientific LinuxScientific Linux 7kernel-tools-libs-devel-3.10.0-1160.42.2.el7.x86_64.rpmd54bdec26ae4df8b37939e59e6849e140a44e6b10116ae474f0610f1d67dc5ddkernel-tools-3.10.0-1160.42.2.el7.x86_64.rpm0536a7838973ea4c7f8a98cbe918932752f68ccff105c5cb9a831b8530780e51kernel-tools-libs-3.10.0-1160.42.2.el7.x86_64.rpm3bb0a406631f9d6f4c62895475c8500d34c7662730877d1e58be135a065631e5kernel-doc-3.10.0-1160.42.2.el7.noarch.rpmfc6715e90285c83bf4bfacdd56b2a1290ab2ff4295c6b9947354b817500be560kernel-debug-devel-3.10.0-1160.42.2.el7.x86_64.rpm82e800cfca360f81cefd59ca89458c715f091daa55f2f525f17e299544d13f51kernel-headers-3.10.0-1160.42.2.el7.x86_64.rpmdcc57a5759566c840f2804d055b6aca5173e5ab30c1dce27cc5f0a92354990fapython-perf-3.10.0-1160.42.2.el7.x86_64.rpm5f67cbf8f2b09ea18a760128f1e73c0df3e407707aaed177cd25529997a944f9kernel-abi-whitelists-3.10.0-1160.42.2.el7.noarch.rpm33196a3bce35e239045eaeaa537781170a5753215a4570d261b39d6c98042849kernel-3.10.0-1160.42.2.el7.x86_64.rpm84b30ca068c91fe02952ba36a0dce83ba0e41c0ff77ebdb0df95ee3f69feaeaakernel-devel-3.10.0-1160.42.2.el7.x86_64.rpm411ac1452d7827e069b871ef3a260b1d98506eb9baa22c65cac994e99760f2d8perf-3.10.0-1160.42.2.el7.x86_64.rpm12bbbe03c2e6eed4a5c5bd5de4d10abe7f59c1733fcd30e1491b77a4d439cad6bpftool-3.10.0-1160.42.2.el7.x86_64.rpm126127eaeb11dd1e67eff118aebcc7b9606b8d20589fc270ad1a3b7199128a83kernel-debug-3.10.0-1160.42.2.el7.x86_64.rpmc867dab9d6e5db66d4d046ab28da10a58620cf9ea6df3d1afc75fe089e79f01dSLSA-2021:3494-1This update upgrades Thunderbird to version 78.14.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 (CVE-2021-38493) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - thunderbird-78.14.0-1.el7_9.x86_64.rpm - thunderbird-debuginfo-78.14.0-1.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7thunderbird-78.14.0-1.el7_9.x86_64.rpm850f8afd9d801282a58ba0918d138946e44798cae9b087bb575ed7673eab6106SLSA-2021:3498-1This update upgrades Firefox to version 78.14.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1 (CVE-2021-38493) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - firefox-78.14.0-1.el7_9.i686.rpm - firefox-78.14.0-1.el7_9.x86_64.rpm - firefox-debuginfo-78.14.0-1.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7firefox-78.14.0-1.el7_9.x86_64.rpmc35becc58f8d5211ced2d834c117fa17e93125a0fcab7b44d9f8e96dcbeac3d3firefox-78.14.0-1.el7_9.i686.rpm5f1d800c81d82afb56f6c64e087f9fec6caebbb16d6d095f223dbc44403b55bbSLSA-2021:3791-1This update upgrades Firefox to version 91.2.0 ESR. Security Fix(es): * Mozilla: Use-after-free in MessageTask (CVE-2021-38496) * Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) * Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) * rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) * Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) * Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 firefox-91.2.0-4.el7_9.i686.rpm firefox-91.2.0-4.el7_9.x86_64.rpm firefox-debuginfo-91.2.0-4.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7firefox-91.2.0-4.el7_9.x86_64.rpm2108beff106b3a505077f48f3daaccbebe0cb5e0580119fbe631427f4a6e8cebfirefox-91.2.0-4.el7_9.i686.rpme75a8f263454f13e27fd080a3ff5eb5355a6cd833f60c361aae5b08c667f5c4aSLSA-2021:3798-1Security Fix(es): * openssl: integer overflow in CipherUpdate (CVE-2021-23840) * openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7openssl-libs-1.0.2k-22.el7_9.x86_64.rpmd440e6dd5875b7f851b77504780b3d836c6046550d8d21a27057fc172c2e6d7eopenssl-perl-1.0.2k-22.el7_9.x86_64.rpm0896832e03341d76521c42f7b1b2e5353404a29cf1a7e0218e5130549352f670openssl-static-1.0.2k-22.el7_9.i686.rpm5a1bd652238c1bf6f4f249c115d9161468e9ff363d5bcd8e0241b5d77c3a1eaeopenssl-devel-1.0.2k-22.el7_9.i686.rpmb8c85d6360fb785fac3bfc3aaf63442a5257a27325c3426b0d8d9fff2623b3e2openssl-libs-1.0.2k-22.el7_9.i686.rpm326fe4fe4832c1312b334c1553e1c9623543ee6bbd1beb068276e6b5fa81f8e9openssl-devel-1.0.2k-22.el7_9.x86_64.rpm4ac584b2648ef5b2947325914d5bc645a4a4a4bc72ffa4f0d7ff4bd7f289da45openssl-static-1.0.2k-22.el7_9.x86_64.rpm6d732ebba370c1094b6bbcdfd0baa398c8f6e393d25ea7c5df63ef9e63e48345openssl-1.0.2k-22.el7_9.x86_64.rpm625bcddd9f6faea4ca2dd3750620adcc5a77693e36d43026654c853cc40fb95dSLSA-2021:3801-1Security Fix(es): * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) * kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576) * kernel: SVM nested virtualization issue in KVM (AVIC support) (CVE-2021-3653) * kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Kernel panic due to double fault with DLM reporting for socket error "sk_err=32/0" * "MFW indication via attention" message getting logged frequently after every 5 minutes * lpfc fails to discovery in pt2pt with "2754 PRLI failure DID:0000EF Status:x9/x91e00, data: x0" * pcpu_get_vm_areas using most memory from VmallocUsed * SL 7.9.z [qedf driver] Racing condition between qedf_cleanup_fcport and releasing command after timeout * [Azure] SL 7.9 reports GPU/IB topology incorrectly on some Azure SKUs * [stable guest ABI]Hot add CPU after migration cause guest hang * i40e driver crash at RIP: i40e_config_vf_promiscuous_mode+0x165 * [nfs] Performance issue since commit 5a4f6f11951e * [kernel] Indefinite waiting for RCU callback while removing cgroup --- SL7 x86_64 bpftool-3.10.0-1160.45.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-abi-whitelists-3.10.0-1160.45.1.el7.noarch.rpm kernel-debug-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.45.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.45.1.el7.x86_64.rpm kernel-doc-3.10.0-1160.45.1.el7.noarch.rpm kernel-headers-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.45.1.el7.x86_64.rpm perf-3.10.0-1160.45.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-3.10.0-1160.45.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.45.1.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1160.45.1.el7.noarch.rpm kernel-doc-3.10.0-1160.45.1.el7.noarch.rpmimportantScientific LinuxScientific Linux 7kernel-headers-3.10.0-1160.45.1.el7.x86_64.rpm867fdd6e332efbd4cea7bacdb32374f632ca50f3c27b115367c5bceaf950023aperf-3.10.0-1160.45.1.el7.x86_64.rpm4ee7937dec998d123d775db2e2a905e3baff41861e97ef4835f4bd7f9b1d139ekernel-abi-whitelists-3.10.0-1160.45.1.el7.noarch.rpmba563855289df621120ac2ff431b1a133af48779619476660eead751240e58d3kernel-debug-3.10.0-1160.45.1.el7.x86_64.rpm484a818618e60b5d7cc3bdeb2f7f30cb261533f3eee672e0ab234d71713f7e2akernel-debug-devel-3.10.0-1160.45.1.el7.x86_64.rpm0b3b808b3e34bd6a6a80f40cd0283e05c73143fc8134ba6a05a4204471bbfaf2kernel-tools-libs-devel-3.10.0-1160.45.1.el7.x86_64.rpmb86d2bcc3e17d97f11c8b38b05a6c48a62abdca41fa488cbe52c529344d71621kernel-doc-3.10.0-1160.45.1.el7.noarch.rpmc0adc04226bfa29b938ad285aa99f5f2e153031beca278eb46f94b600e11e7fdbpftool-3.10.0-1160.45.1.el7.x86_64.rpm525b3f26666c486a0870cb41de14c0ce3da96d1d688c62b63d45b74077bd9222kernel-tools-3.10.0-1160.45.1.el7.x86_64.rpmb6778bbd766fab3ba47aeaffd8dfec93f818b50cf3bc2777a8f4a04a73fcbcbdpython-perf-3.10.0-1160.45.1.el7.x86_64.rpm6ee9f492b7ac9d6a9572dabbbe6e1ecf0fe2d1e2c7b571078795f900b19bba80kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64.rpm923405a988634c32c71fed69171e958b1c0c06b356b2ba0dd5efbef3366c3646kernel-devel-3.10.0-1160.45.1.el7.x86_64.rpm8e8fee1867e2a9134f4323f10f6986eb549df5f416b503a3169784d72c582209kernel-3.10.0-1160.45.1.el7.x86_64.rpmf10179e6528536565797b6977ef373f2bcc93de865490fd71c807743026e493bSLSA-2021:3807-1Security Fix(es): * 389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed (CVE-2021-3652) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * A plugin can create an index. Even if the index can be used immediately (for searches) the index remains offline until further reindex * In some rare case, a replication connection may be treated as a regular connection and ACIs evaluated even if they should not. * A regular connection can be erroneously flagged replication connection --- SL7 x86_64 389-ds-base-1.3.10.2-13.el7_9.x86_64.rpm 389-ds-base-debuginfo-1.3.10.2-13.el7_9.x86_64.rpm 389-ds-base-devel-1.3.10.2-13.el7_9.x86_64.rpm 389-ds-base-libs-1.3.10.2-13.el7_9.x86_64.rpm 389-ds-base-snmp-1.3.10.2-13.el7_9.x86_64.rpmlowScientific LinuxScientific Linux 7389-ds-base-devel-1.3.10.2-13.el7_9.x86_64.rpmaec7abb1ea3f088e1fb0844c076f8a2b3a7f94ad9b2eed3384702f32ba7fa86a389-ds-base-libs-1.3.10.2-13.el7_9.x86_64.rpm9a701e7781a327bcf458ded4c0578fcec25e88ea744a5aaa40e74d5f93596929389-ds-base-1.3.10.2-13.el7_9.x86_64.rpme5b1cd1a816777e3910d687b4acc55ce2558fbce0e44e41f74223fd315f366a6389-ds-base-snmp-1.3.10.2-13.el7_9.x86_64.rpm138cc1e3a0c9dfa5610aeed6db70927895f5acf90bcf3242054e5fad1caae504SLSA-2021:3810-1Security Fix(es): * libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 libxml2-2.9.1-6.el7_9.6.i686.rpm libxml2-2.9.1-6.el7_9.6.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.x86_64.rpm libxml2-devel-2.9.1-6.el7_9.6.i686.rpm libxml2-devel-2.9.1-6.el7_9.6.x86_64.rpm libxml2-python-2.9.1-6.el7_9.6.x86_64.rpm libxml2-static-2.9.1-6.el7_9.6.i686.rpm libxml2-static-2.9.1-6.el7_9.6.x86_64.rpmmoderateScientific LinuxScientific Linux 7libxml2-static-2.9.1-6.el7_9.6.i686.rpm8a59d382b30319d0ff690e40222edb29c738c9ca34cf444404e96aa775067b80libxml2-devel-2.9.1-6.el7_9.6.i686.rpmaca8e9ea39cb10f330355ffc3f46dff2698f681dfdddda2ecf987339aaa73f66libxml2-2.9.1-6.el7_9.6.i686.rpmf87f59a8af354ebd01bf4fe2763aa8ad246912a21c096ce4bc27b22f53d1f608libxml2-devel-2.9.1-6.el7_9.6.x86_64.rpmd9968fe93e5c1af2ccbe30d3a4cb1ae2523e454717b0d6dc762d01aacca2547blibxml2-static-2.9.1-6.el7_9.6.x86_64.rpm66674b9b2caa4763602e3e5ae5cc79704358c65ac092fc65bfc153c54aa5a32blibxml2-python-2.9.1-6.el7_9.6.x86_64.rpm8f07c25339c6fde873b15392514b0344ba7b22b46ca088cf46874535e1f906b7libxml2-2.9.1-6.el7_9.6.x86_64.rpmf4c797e76f3851b1071a8583855370125721551c43ccc91477b77c7b06ad401aSLSA-2021:3841-1This update upgrades Thunderbird to version 91.2.0. Security Fix(es): * Mozilla: Use-after-free in MessageTask (CVE-2021-38496) * Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 (CVE-2021-38500) * Mozilla: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 (CVE-2021-38501) * Mozilla: Downgrade attack on SMTP STARTTLS connections (CVE-2021-38502) * rust-crossbeam-deque: race condition may lead to double free (CVE-2021-32810) * Mozilla: Validation message could have been overlaid on another origin (CVE-2021-38497) * Mozilla: Use-after-free of nsLanguageAtomService object (CVE-2021-38498) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 thunderbird-91.2.0-1.el7_9.x86_64.rpm thunderbird-debuginfo-91.2.0-1.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7thunderbird-91.2.0-1.el7_9.x86_64.rpmca7ecb224d07e0dd1409860349eb0eb01188050739568942bf50e43875e78b75SLSA-2021:3856The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" (CVE-2021-40438) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7httpd-tools-2.4.6-97.sl7_9.1.x86_64.rpm9581a172adb312e7e316a2f5ba812b21cdc7464e98af2e92ec9620f12d3bb4c6mod_session-2.4.6-97.sl7_9.1.x86_64.rpm7c721f5a5df540461d2710cce4802bd4b75820fd70ab4fb6f7d03991a5ef2214mod_proxy_html-2.4.6-97.sl7_9.1.x86_64.rpm6f5b0e6091bd251d553a697848d55e871eb7ca33a2d0ad8d6c3de18536e36b6ahttpd-devel-2.4.6-97.sl7_9.1.x86_64.rpm29ecb6fcc01aba2a3d3a2d341fa19e2975d17fb725e5eaa3496b69cddcc55e97httpd-manual-2.4.6-97.sl7_9.1.noarch.rpm1794f9ab5b5a11081fa9978bdd1af37ccf839681cf4bc003e56399f8458feb65mod_ssl-2.4.6-97.sl7_9.1.x86_64.rpmdcd70d4f19c36d40e2a23a2227ba722e869141b9efdfcea1919dc921b3eca1e2httpd-2.4.6-97.sl7_9.1.x86_64.rpm5fc596869c32f29d76b23ea0cd05e38c7cf75c7b9fa861431268266be6905a2cmod_ldap-2.4.6-97.sl7_9.1.x86_64.rpma6adbd702164e543182a0a32f3b1a7f7a4fa75f4e43ec6a8048cc535de40631bSLSA-2021:3889The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967) (CVE-2021-35565) * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation (Libraries, 8266689) (CVE-2021-35567) * OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210) (CVE-2021-35550) * OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) (CVE-2021-35556) * OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) (CVE-2021-35559) * OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097) (CVE-2021-35561) * OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137) (CVE-2021-35564) * OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729) (CVE-2021-35578) * OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735) (CVE-2021-35586) * OpenJDK: Incomplete validation of inner class references in ClassFileParser (Hotspot, 8268071) (CVE-2021-35588) * OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618) (CVE-2021-35603) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * A defensive security change in an earlier OpenJDK update led to a performance degradation when using the Scanner class. This was due to the change being applied to many common cases that did not need this protection. With this update, we provide the original behaviour for these cases. (RHBZ#1862929) importantScientific Linux 7java-11-openjdk-javadoc-debug-11.0.13.0.8-1.el7_9.i686.rpmf3f4387ab91c214f9dd86464a31e3414b74492361737b221816178c571941c48java-1.8.0-openjdk-headless-debug-1.8.0.312.b07-1.el7_9.i686.rpm185e6681a034b8fb8d4418f512e628f3b385294a5532ece494895abe7551cdfcjava-1.8.0-openjdk-accessibility-debug-1.8.0.312.b07-1.el7_9.x86_64.rpm318dd320b0c51f88be77b97acf3d8c0c3aa22e410b3290fee5c7c860196ba162java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.312.b07-1.el7_9.noarch.rpmb8e041ae56a3b6f55f91e35e550c91c79a5f7663521a4821b54286b5349d4587java-1.8.0-openjdk-headless-debug-1.8.0.312.b07-1.el7_9.x86_64.rpmfe3fc45668fa2d1e847ee3f529c8016bcf9e0bc66bc60e823b890407369a58b3java-1.8.0-openjdk-accessibility-debug-1.8.0.312.b07-1.el7_9.i686.rpm2c065ede1975c9b4714b4598a5ba351b0f5798441e3bf526a339f4ea04617faajava-11-openjdk-headless-debug-11.0.13.0.8-1.el7_9.i686.rpm97eb31f1ef863866ea004512db55576c813f0d9ca733cdc02c73c15a72c3a264java-1.8.0-openjdk-demo-debug-1.8.0.312.b07-1.el7_9.x86_64.rpm613ca8a7e3e8c2af0b551f7f23b47fe6181517b3925ce98577d40bb76eaa88a0java-11-openjdk-devel-debug-11.0.13.0.8-1.el7_9.i686.rpmc12fe1fbe90dcc0bd4be61d229ac2cbd97879d417447bf7f36440318c10d9681java-11-openjdk-headless-debug-11.0.13.0.8-1.el7_9.x86_64.rpm2eeacab36ce271803ecfc626ed5b1855bfbae454c38aedc1d6c587c4a630267fjava-11-openjdk-javadoc-debug-11.0.13.0.8-1.el7_9.x86_64.rpme90a511e21be6f399a142c7c844768cf9cd5fbf3fe7c60eea4ca2a7e3bc31d32java-11-openjdk-javadoc-zip-debug-11.0.13.0.8-1.el7_9.x86_64.rpm0c7554936b512c3be2b5f0072c3f419f5278b7c27a4d9140c049a8f0d9e3c051java-1.8.0-openjdk-javadoc-debug-1.8.0.312.b07-1.el7_9.noarch.rpm6d49108d4429403240621882e8e762435eca92d61ec7ac01c4a7ecc2d3463301java-11-openjdk-devel-debug-11.0.13.0.8-1.el7_9.x86_64.rpmf86980e699225cd91a39abe0a293a42179db3b72f366266539584c35cda107cajava-11-openjdk-jmods-debug-11.0.13.0.8-1.el7_9.i686.rpm5a5972bf73572ba1ed7673b859557be68d9da5c91c0cd6b97f88e421e8059310java-1.8.0-openjdk-demo-debug-1.8.0.312.b07-1.el7_9.i686.rpmbe18bb19a976d1fc42494fcb27a048dd7204bed976708e61d91e3171ae2506f9java-1.8.0-openjdk-debug-1.8.0.312.b07-1.el7_9.i686.rpmbadbefa4886b2f0e02af3920674721ae6dd20cd40550b38fd6350778949da252java-1.8.0-openjdk-src-debug-1.8.0.312.b07-1.el7_9.x86_64.rpm8650d36c04fb12c4e51aed57461a16733b7f785a43e2d7905679168cf742c93ejava-11-openjdk-src-debug-11.0.13.0.8-1.el7_9.x86_64.rpm90eea65199aaf18e400556e0d11fc55978450bd3cf312b35b5c4630a42a32f83java-1.8.0-openjdk-devel-debug-1.8.0.312.b07-1.el7_9.i686.rpm815bda03a742f2b7e1f10b785b398d227fee602872bdea6ea51d143348922521java-11-openjdk-debug-11.0.13.0.8-1.el7_9.i686.rpmd2ef3fdae6a8002640cd022b6440975cea9f7bd2c5d50ef58609d37cc065a5dejava-11-openjdk-javadoc-zip-debug-11.0.13.0.8-1.el7_9.i686.rpm944c237e8e0efc48143d3a1f430cd3b3c316e143542a263dde4120d5594a9761java-11-openjdk-debug-11.0.13.0.8-1.el7_9.x86_64.rpm2986a8d4690f34dd30e269cce43aeff99afc0f9c0d79794071bdd20840f1a0e0java-1.8.0-openjdk-debug-1.8.0.312.b07-1.el7_9.x86_64.rpm06e676bb945720a776d4e3450adc46c75e0bc27e4b9d876a940be5be10633f05java-11-openjdk-demo-debug-11.0.13.0.8-1.el7_9.x86_64.rpme07bfd456b04754c02ed825e5dacd707f2ab07351552b940cf8a106122da4901java-11-openjdk-src-debug-11.0.13.0.8-1.el7_9.i686.rpm485a53dcbfce50300ce2b08423f653c90d91f068efcbd527b1d05443be6e758djava-1.8.0-openjdk-src-debug-1.8.0.312.b07-1.el7_9.i686.rpmca5e16a6456f3cb50263ff94a90ac206afddf4a8aeb5ef3a5dc7a467378f61edjava-11-openjdk-static-libs-debug-11.0.13.0.8-1.el7_9.x86_64.rpmccbff3e9c5546692b8ca43756439d1837893f6127de9635f490bae72668f7f4ajava-11-openjdk-jmods-debug-11.0.13.0.8-1.el7_9.x86_64.rpm6dbb3dca7fa74b6378c7d8c1cb6e589d9c76cf90c4d69375eede2a4d1f32d37bjava-11-openjdk-demo-debug-11.0.13.0.8-1.el7_9.i686.rpma9ddfa9caef1859a580fff96b0d152ff2371b203894ea91c8e2eefbf6a20c951java-1.8.0-openjdk-devel-debug-1.8.0.312.b07-1.el7_9.x86_64.rpm87efefa8960f6579e5731b72101f67e7cf282f7f6a43d58b073c60d8f5a947cdSLSA-2021:3889-1Security Fix(es): * OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967) (CVE-2021-35565) * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation (Libraries, 8266689) (CVE-2021-35567) * OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210) (CVE-2021-35550) * OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) (CVE-2021-35556) * OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) (CVE-2021-35559) * OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097) (CVE-2021-35561) * OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137) (CVE-2021-35564) * OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729) (CVE-2021-35578) * OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735) (CVE-2021-35586) * OpenJDK: Incomplete validation of inner class references in ClassFileParser (Hotspot, 8268071) (CVE-2021-35588) * OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618) (CVE-2021-35603) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * A defensive security change in an earlier OpenJDK update led to a performance degradation when using the Scanner class. This was due to the change being applied to many common cases that did not need this protection. With this update, we provide the original behaviour for these cases. (RHBZ#1862929) --- SL7 x86_64 java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.312.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.312.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.312.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.312.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.312.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-demo-1.8.0.312.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.312.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-devel-1.8.0.312.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.312.b07-1.el7_9.i686.rpm java-1.8.0-openjdk-src-1.8.0.312.b07-1.el7_9.x86_64.rpm noarch java-1.8.0-openjdk-javadoc-1.8.0.312.b07-1.el7_9.noarch.rpm java-1.8.0-openjdk-javadoc-zip-1.8.0.312.b07-1.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.x86_64.rpm96becc4df530dcbb300a3ee87e56d7d557d982f3a05a6e13bdf0f173c321ab98java-1.8.0-openjdk-accessibility-1.8.0.312.b07-1.el7_9.i686.rpm8053e3d59d91fa2565831d5591d2bea43d763da33cf9d69e8205aa1c2563e506java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.i686.rpm08274409df9aa67ba85ec46e67c03b74360b3553d9b2d66921632e287b145223java-1.8.0-openjdk-devel-1.8.0.312.b07-1.el7_9.i686.rpm7e5737cdd00f317e6fe853678e470966df3db388539749132381d3731894ab2fjava-1.8.0-openjdk-javadoc-zip-1.8.0.312.b07-1.el7_9.noarch.rpm75c9b6a586b9e3d8e08bd1a9808ded2153d35a74d9ba19a418473f04fbbfcba7java-1.8.0-openjdk-src-1.8.0.312.b07-1.el7_9.i686.rpm06b10b389e6da269004a11f8c8e7d2c98a931309b739bb16d8bbf2e79031b9ffjava-1.8.0-openjdk-javadoc-1.8.0.312.b07-1.el7_9.noarch.rpm35d2a9fd1ecb1c7e2c93bbedf92a66bddef3fd81ef5bb8d52264eecb297cee41java-1.8.0-openjdk-accessibility-1.8.0.312.b07-1.el7_9.x86_64.rpmd1f3f237c4290a03682bb672e5a734917de05866edf597726e1be0ed77c43422java-1.8.0-openjdk-demo-1.8.0.312.b07-1.el7_9.i686.rpme7a0e52a0cc34f69a2c1e8f959fd064ac6770cbbe9114be3efef465def119cc0java-1.8.0-openjdk-src-1.8.0.312.b07-1.el7_9.x86_64.rpm83d558c3b78820fb00cf5ca98fb3763617c578826bd25eb84ab77196ed330d8ejava-1.8.0-openjdk-demo-1.8.0.312.b07-1.el7_9.x86_64.rpm904e67fa5443bdcc8c1d21217e278c8c4ffd4f9f37e189b7acc46cbc4c514039java-1.8.0-openjdk-1.8.0.312.b07-1.el7_9.i686.rpmac3569fd519415e34c1f9f87bfe90a825a1d2fada013b0e2667aa41a541f2f73java-1.8.0-openjdk-headless-1.8.0.312.b07-1.el7_9.x86_64.rpm27ee4919633d5efccefc730781dc6bf03c1bdd255584f54640513fa3cf2408c5java-1.8.0-openjdk-devel-1.8.0.312.b07-1.el7_9.x86_64.rpmdde358379e51deb289aecf16e04be1d2a7d803ae6c6e47b1969ab1cd425a30fbSLSA-2021:3892-1Security Fix(es): * OpenJDK: Loop in HttpsServer triggered during TLS session close (JSSE, 8254967) (CVE-2021-35565) * OpenJDK: Incorrect principal selection when using Kerberos Constrained Delegation (Libraries, 8266689) (CVE-2021-35567) * OpenJDK: Weak ciphers preferred over stronger ones for TLS (JSSE, 8264210) (CVE-2021-35550) * OpenJDK: Excessive memory allocation in RTFParser (Swing, 8265167) (CVE-2021-35556) * OpenJDK: Excessive memory allocation in RTFReader (Swing, 8265580) (CVE-2021-35559) * OpenJDK: Excessive memory allocation in HashMap and HashSet (Utility, 8266097) (CVE-2021-35561) * OpenJDK: Certificates with end dates too far in the future can corrupt keystore (Keytool, 8266137) (CVE-2021-35564) * OpenJDK: Unexpected exception raised during TLS handshake (JSSE, 8267729) (CVE-2021-35578) * OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8267735) (CVE-2021-35586) * OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618) (CVE-2021-35603) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Previously, uninstalling the OpenJDK RPMs attempted to remove a client directory that did not exist. This directory is no longer used in java-11-openjdk and all references to it have now been removed. (RHBZ#1698873) --- SL7 x86_64 java-11-openjdk-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-11.0.13.0.8-1.el7_9.x86_64.rpm java-11-openjdk-debuginfo-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-debuginfo-11.0.13.0.8-1.el7_9.x86_64.rpm java-11-openjdk-demo-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-demo-11.0.13.0.8-1.el7_9.x86_64.rpm java-11-openjdk-devel-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-devel-11.0.13.0.8-1.el7_9.x86_64.rpm java-11-openjdk-headless-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-headless-11.0.13.0.8-1.el7_9.x86_64.rpm java-11-openjdk-javadoc-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-javadoc-11.0.13.0.8-1.el7_9.x86_64.rpm java-11-openjdk-javadoc-zip-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-javadoc-zip-11.0.13.0.8-1.el7_9.x86_64.rpm java-11-openjdk-jmods-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-jmods-11.0.13.0.8-1.el7_9.x86_64.rpm java-11-openjdk-src-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-src-11.0.13.0.8-1.el7_9.x86_64.rpm java-11-openjdk-static-libs-11.0.13.0.8-1.el7_9.i686.rpm java-11-openjdk-static-libs-11.0.13.0.8-1.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7java-11-openjdk-demo-11.0.13.0.8-1.el7_9.i686.rpme33b167c32960ebe864e3298c0806fef44326dbf2e60f5fd6de9a64787630e47java-11-openjdk-src-11.0.13.0.8-1.el7_9.x86_64.rpm605d9de79b1e7b66b8a678a32d3662f6024308b0d8efe4212832a6e3696c990fjava-11-openjdk-jmods-11.0.13.0.8-1.el7_9.x86_64.rpm47f96da1d5218fca5cb8492684bc3375eb0562b5d3a2b9d4c04b86be92305609java-11-openjdk-headless-11.0.13.0.8-1.el7_9.i686.rpmcc8f5858a5ef7c4e422c8ac9478b19571d12c9ea62b65b204afba187f834ad3fjava-11-openjdk-11.0.13.0.8-1.el7_9.i686.rpm0818aa1117445013eb4f0ad45b312d1e54ac8c922ceffe90e7674a643eea5788java-11-openjdk-javadoc-zip-11.0.13.0.8-1.el7_9.x86_64.rpmfc46580e7be7714628c10b0e0e9fb0ee34b25b3912fa5a599bf77715b069f65bjava-11-openjdk-11.0.13.0.8-1.el7_9.x86_64.rpmbebb84bedcb3c512d2a0bfeeb8b4db7b60ec32b5815d7de7edf819d3b2ffde24java-11-openjdk-jmods-11.0.13.0.8-1.el7_9.i686.rpmf6fdc5145a6147d28ca9a6eba36ce56aac8e01286353c367a91c4cb2b14cbe31java-11-openjdk-demo-11.0.13.0.8-1.el7_9.x86_64.rpmcf3f5bdb45ebfa36350f721c37429c0ec2b0e08e7fb8cd0835ad0b04831c170djava-11-openjdk-javadoc-11.0.13.0.8-1.el7_9.i686.rpm04cdecef944c4d0caec49c21edb6897edeaee502b5aff9086123a3715ff51fd9java-11-openjdk-devel-11.0.13.0.8-1.el7_9.i686.rpm67fc4f3c7e2f848a74b162d8b863b37d8f7198885a1c0642d27a0bf2e52e1e4bjava-11-openjdk-headless-11.0.13.0.8-1.el7_9.x86_64.rpm378bee12136df9aa9fe80bff862d608232d45449a532cbf404db7357f3314623java-11-openjdk-javadoc-zip-11.0.13.0.8-1.el7_9.i686.rpm3d3be31a498e5596c6ec12383fb0cbdbfe7d7577e3ad628f63325b34808717c7java-11-openjdk-static-libs-11.0.13.0.8-1.el7_9.x86_64.rpm452cbaf81da20d0b10d5cc951fa527304a7e306f64193c11f9c28c9e60e74c4cjava-11-openjdk-devel-11.0.13.0.8-1.el7_9.x86_64.rpm1d1b99c75a03c26401710fec1fa91024ab5f78e37a1a21c599ccea4061b052c7java-11-openjdk-javadoc-11.0.13.0.8-1.el7_9.x86_64.rpm2657fc9170f55acff762e78c6b324cbcf7671e37196f15cce4046d1d34570290java-11-openjdk-src-11.0.13.0.8-1.el7_9.i686.rpm064608eff6a661e8ecd966c80bce8fa37071a8ea30c87741dd144573b073a1d9SLSA-2021:3956-1Security Fix(es): * xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl (CVE-2021-39139) * xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* (CVE-2021-39141) * xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.* (CVE-2021-39144) * xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39145) * xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39146) * xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration (CVE-2021-39147) * xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator (CVE-2021-39148) * xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.* (CVE-2021-39149) * xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* (CVE-2021-39150) * xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration (CVE-2021-39151) * xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData (CVE-2021-39152) * xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl (CVE-2021-39153) * xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue (CVE-2021-39154) * xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler (CVE-2021-39140) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 noarch - xstream-1.3.1-16.el7_9.noarch.rpm - xstream-javadoc-1.3.1-16.el7_9.noarch.rpmimportantScientific LinuxScientific Linux 7xstream-javadoc-1.3.1-16.el7_9.noarch.rpm721d4a42d6144450ca7a9d9a3346ea70c1c2cd3e659be4498547a45c905ad650xstream-1.3.1-16.el7_9.noarch.rpm18234f1e80c5362d2f18e4c98af1b3ad30f317728f614a810542f5013260471dSLSA-2021:4033-1Security Fix(es): * Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (CVE-2021-42574) The following changes were introduced in binutils in order to facilitate detection of BiDi Unicode characters: Tools which display names or strings (readelf, strings, nm, objdump) have a new command line option --unicode / -U which controls how Unicode characters are handled. Using "--unicode=default" will treat them as normal for the tool. This is the default behaviour when --unicode option is not used. Using "-- unicode=locale" will display them according to the current locale. Using "--unicode=hex" will display them as hex byte values. Using "-- unicode=escape" will display them as Unicode escape sequences. Using "-- unicode=highlight" will display them as Unicode escape sequences highlighted in red, if supported by the output device. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - binutils-2.27-44.base.el7_9.1.x86_64.rpm - binutils-debuginfo-2.27-44.base.el7_9.1.i686.rpm - binutils-debuginfo-2.27-44.base.el7_9.1.x86_64.rpm - binutils-devel-2.27-44.base.el7_9.1.i686.rpm - binutils-devel-2.27-44.base.el7_9.1.x86_64.rpmmoderateScientific LinuxScientific Linux 7binutils-devel-2.27-44.base.el7_9.1.i686.rpmfb6f39677f4dfcd8081f6c7255d6b3290a7bb59c19bc49777ff53ab5d326d9f8binutils-2.27-44.base.el7_9.1.x86_64.rpmf734e06cf2c45618f88fc22efa5888844a886d627cf2c73b505c16287fd0ef3fbinutils-devel-2.27-44.base.el7_9.1.x86_64.rpmb86b196eb77c5dfcbd607eaea01c7b8cf538def86cc0c047c72004f9fecef54cSLSA-2021:4044-1Security Fix(es): * flatpak: Sandbox bypass via recent VFS-manipulating syscalls (CVE-2021-41133) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 -flatpak-1.0.9-12.el7_9.x86_64.rpm - flatpak-builder-1.0.0-12.el7_9.x86_64.rpm - flatpak-debuginfo-1.0.9-12.el7_9.x86_64.rpm - flatpak-devel-1.0.9-12.el7_9.x86_64.rpm - flatpak-libs-1.0.9-12.el7_9.x86_64.rpmimportantScientific LinuxScientific Linux 7flatpak-libs-1.0.9-12.el7_9.x86_64.rpm58e3c1f8dd1fa2e042593af0ee4e645190955b33c3399cf72ebb0a2eee668351flatpak-devel-1.0.9-12.el7_9.x86_64.rpm1764362a0c1f11a79eeca38eeffc989f49059b37c95500454fda35278377b209flatpak-builder-1.0.0-12.el7_9.x86_64.rpm22067faaaeb7791e013f2978eaa4812a0c98185e7379c24d625cc3669e1c929eflatpak-1.0.9-12.el7_9.x86_64.rpm9eb7d9ef146c06f180f0b37e746cf2d2237d458853a34eb8f91d5914b96f3fbeSLSA-2021:4116-1This update upgrades Firefox to version 91.3.0 ESR. Security Fix(es): * Mozilla: Use-after-free in HTTP2 Session object * Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 * Mozilla: iframe sandbox rules did not apply to XSLT stylesheets (CVE-2021-38503) * Mozilla: Use-after-free in file picker dialog (CVE-2021-38504) * Mozilla: Firefox could be coaxed into going into fullscreen mode without notification or warning (CVE-2021-38506) * Mozilla: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports (CVE-2021-38507) * Mozilla: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing (CVE-2021-38508) * Mozilla: Javascript alert box could have been spoofed onto an arbitrary domain (CVE-2021-38509) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-91.3.0-1.el7_9.x86_64.rpmd240ca41ca7b893bf6dfe675cc0570479cd65e03efd623d8a49f34eaaa5e3b63firefox-91.3.0-1.el7_9.i686.rpm8c6d8cc7b4a69ef5cbd1426523aa2b250928f0c44478c8020e085e6333a1370cSLSA-2021:4134-1This update upgrades Thunderbird to version 91.3.0. Security Fix(es): * Mozilla: Use-after-free in HTTP2 Session object * Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 * Mozilla: iframe sandbox rules did not apply to XSLT stylesheets (CVE-2021-38503) * Mozilla: Use-after-free in file picker dialog (CVE-2021-38504) * Mozilla: Firefox could be coaxed into going into fullscreen mode without notification or warning (CVE-2021-38506) * Mozilla: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports (CVE-2021-38507) * Mozilla: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing (CVE-2021-38508) * Mozilla: Javascript alert box could have been spoofed onto an arbitrary domain (CVE-2021-38509) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.3.0-2.el7_9.x86_64.rpm4c8ed042fda855710d18116d76d222179772e50d5b378b3830c92bb8ddf6626aSLSA-2021:4619-1Security Fix(es): * freerdp: improper client input validation for gateway connections allows to overwrite memory (CVE-2021-41159) * freerdp: improper region checks in all clients allow out of bound write to memory (CVE-2021-41160) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7libwinpr-2.1.1-5.el7_9.x86_64.rpm77239c60301bfd4569a632c262051c21eec79b1ea830b546779d5084aab7d084freerdp-devel-2.1.1-5.el7_9.i686.rpm00fac61464c5480ec91e302fb37991b75d4f2f69bdd93d0fbddd5e29dcf7fdd5libwinpr-devel-2.1.1-5.el7_9.x86_64.rpm623433c0ea6efa7207d361905f8f4f211d28def2609e49c1fbc4745d35594620freerdp-libs-2.1.1-5.el7_9.i686.rpm685bc3857c0a1c7357e7ed1e99a2c3943005b17e0f0ad29461b131cb283d3c75freerdp-libs-2.1.1-5.el7_9.x86_64.rpm16ff1cf1e8b791b72f404683e1b09ca183c1b923bfd7a40bde144c0a011097a0libwinpr-devel-2.1.1-5.el7_9.i686.rpm4f0aa642e193199463b076ab85aa95c6471db5c0015ffec54a485eb2df6dce37freerdp-devel-2.1.1-5.el7_9.x86_64.rpmf6315426a81bea92b151c19b92dd73abf7785c2c5f38326a7dd87edf9cebd623freerdp-2.1.1-5.el7_9.x86_64.rpm425ec2b695d055f02fad6b19a925aefe72b42a728f5188beca945ea774551522libwinpr-2.1.1-5.el7_9.i686.rpm3ee37c0c201ef2fe982a344d953ffa8ea29a8c96200396163702500be4efe67aSLSA-2021:4777-1Security Fix(es): * kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after- free (CVE-2020-36385) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * scsi: ibmvfc: Avoid link down on FS9100 canister reboot * crash in qla2x00_status_entry() because of corrupt srb * qedf driver: race condition between qedf's completion work task and another work item tearing down an fcport with qedf_cleanup_fcport * The kernel crashes in hv_pci_remove_slots() upon hv device removal. A possible race between hv_pci_remove_slots() and pci_devices_present_work(). * I/O delays incorrectly handled in the NVMe stack * Data corruption in NFS client reusing slotid/seqid due to an interrupted slotimportantScientific LinuxScientific Linux 7kernel-devel-3.10.0-1160.49.1.el7.x86_64.rpmc59bd6ad8b0ba335b1a88bffbcf8ef268d3df29a96d7b7b995d30b8c305939dekernel-tools-libs-devel-3.10.0-1160.49.1.el7.x86_64.rpm6e4c1d649dde4da6699c3f05acb8e7ef57f58b8e98dd9d3f197804e05169011ckernel-tools-3.10.0-1160.49.1.el7.x86_64.rpm76e9b04a0a7c47f25152f16f92dd7c8cb609e4558c0616d4f261870ac288b993kernel-tools-libs-3.10.0-1160.49.1.el7.x86_64.rpm85effede8b93bcb34e01c1154c8bb0c9aefc896e7cd9c4809290bfde34d14e6fkernel-3.10.0-1160.49.1.el7.x86_64.rpmaa36c535e415cd33f65a061cdef6ff3fb12a14214d7614ab7cc113412933ff4bkernel-debug-devel-3.10.0-1160.49.1.el7.x86_64.rpmae36099deb7aa92ef933e33052f63aa483b8755c5b63b0360840bc48f1914469kernel-abi-whitelists-3.10.0-1160.49.1.el7.noarch.rpm6c4f2476de1b18214e0d474570a7e21b0d4139c347b674cd0b78836ae5320907bpftool-3.10.0-1160.49.1.el7.x86_64.rpm73b93162d0e202f228b3157df9b278ea9944b817dc7489af189b682b5f0dfd3dkernel-debug-3.10.0-1160.49.1.el7.x86_64.rpm20261f01313111e42969541ffdb4b19cafd855d6294a3ac64481a5edeb8f2a50kernel-doc-3.10.0-1160.49.1.el7.noarch.rpm82e0747f69c44a4d7b658707d6ee95cbb91f67f734e768d03dec121eec1624aakernel-headers-3.10.0-1160.49.1.el7.x86_64.rpm90f2afa509798753be07a36e1c0bca62c2a505ee3f9206d908fadfd437273edfperf-3.10.0-1160.49.1.el7.x86_64.rpm4620413535aa12eddad10c9fa5e0468cd8a8bb4cd7b0523d27959c47fb896295python-perf-3.10.0-1160.49.1.el7.x86_64.rpm255a4e7fe3d8b457d6e51b5df869cf53e6c73f383acdd0b1573161541c9c9ee1SLSA-2021:4782-1Security Fix(es): * openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured (CVE-2021-41617) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7openssh-keycat-7.4p1-22.el7_9.x86_64.rpm1335e1327219cdfad2139a4e7eaa935f3c4c420449714d6a512d2ad7e6a795bbpam_ssh_agent_auth-0.10.3-2.22.el7_9.x86_64.rpm49828810f0d5030b8669f601621777242386c6f46b9bd24b8dd9e4ca8385d786openssh-server-sysvinit-7.4p1-22.el7_9.x86_64.rpm27656905c453087fb4326a46ae20f69ad6f7d15dc57ac689aebaa67cc3af2f94openssh-askpass-7.4p1-22.el7_9.x86_64.rpm75a95101038a61ef81f8bc905cca421e78a765ad8ec724b14df9f60dafa4100fopenssh-cavs-7.4p1-22.el7_9.x86_64.rpmd30c8c5057e3ac699638dc6131d01513da36d2ff21ad586caf8b1db7245f854bpam_ssh_agent_auth-0.10.3-2.22.el7_9.i686.rpm9a85d8a27fbec1addee6044fee82166d543cda136dd0f8fc573ca74c5603bab0openssh-server-7.4p1-22.el7_9.x86_64.rpm21c4cdb91e7b33fb22d39d57323aabd8e3c4fb3e247c96e350f6524439410552openssh-7.4p1-22.el7_9.x86_64.rpm09b902fcc03fa2ff326c9f6534af56d52092119319689489dffb5a5712b7c975openssh-clients-7.4p1-22.el7_9.x86_64.rpmb9995430cbc9a2437eceddfaa6d5543cb9cbd27b88a6088bd12e826497f390efopenssh-ldap-7.4p1-22.el7_9.x86_64.rpm56b9b8f33bd2f38acc39a956c5707e609a788f202e7bb1ef7bb1d94e97f0a875SLSA-2021:4785-1Security Fix(es): * rpm: Signature checks bypass via corrupted rpm package (CVE-2021-20271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7rpm-4.11.3-48.el7_9.x86_64.rpmf7034a7d37716143df45fce93a7db04674d4c0a11744c6eb7350d3e1a60eb9dbrpm-sign-4.11.3-48.el7_9.x86_64.rpm2148e0ff7f1fb45bfbe7001dbe9999f9cc16425e4b449ed0f28ea41f97160d4brpm-libs-4.11.3-48.el7_9.i686.rpm7c92bfe62ed2e6ef2cb5e34cf60d7b4aa3caf175bba0fe317879b73b083aae0frpm-plugin-systemd-inhibit-4.11.3-48.el7_9.x86_64.rpmf3591c4301390b93035418fd9355051df0c9d22533775c0db02f26f09cfeb039rpm-devel-4.11.3-48.el7_9.i686.rpm6d05f18d940eead5c800f05dead657010bd1c5a78757f1f01327e008248045a0rpm-apidocs-4.11.3-48.el7_9.noarch.rpmdc4d8039966f057bf378f252329a1b26c6ed9b5a59a03a821ec82d8bde9747farpm-build-libs-4.11.3-48.el7_9.x86_64.rpme4ab10a468a9fcf6885626b9045f3268ef3701f891ba304325e720ce57edc005rpm-devel-4.11.3-48.el7_9.x86_64.rpm58728c0ff5dbe6ddf05dfe74e314a78fff2c53bad686f11f69bff0b570716884rpm-build-libs-4.11.3-48.el7_9.i686.rpm773c74a13a8be6aa2766b718b53e89e53c3775a190f09a90445d2f137ce8eea8rpm-python-4.11.3-48.el7_9.x86_64.rpm6473424fa421cf2f447521a64a754fa76d07ca4d2690ec10f946d50a02507554rpm-cron-4.11.3-48.el7_9.noarch.rpmcc1922c981027ee30335ca2191a223e6f40ecee1aa27e7947e200aba8cac9c80rpm-build-4.11.3-48.el7_9.x86_64.rpmbfdfa81bef912c168e7a5e4efdb859656050c1d0919b9a919d4c220eff2a4a06rpm-libs-4.11.3-48.el7_9.x86_64.rpmd13ab2c849e7ef85d698c599f8393fe1b58c118eea4106a8822f496de2f3e097SLSA-2021:4788-1Security Fix(es): * krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field (CVE-2021-37750) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7libkadm5-1.15.1-51.el7_9.x86_64.rpm657875b63fe49b17f6d97ccfbd08597596af7bc12197093ebe1f5da0d1baf3b8krb5-pkinit-1.15.1-51.el7_9.x86_64.rpme6ef83a4934b858afe592fb93a7365e981aafa924b55b6d515ce30fdd084bc99krb5-libs-1.15.1-51.el7_9.x86_64.rpm0b5693f5de9bae23654703f65e36c84e2787e104908f8c171faefffd3bf3caeckrb5-libs-1.15.1-51.el7_9.i686.rpm8c4a640ef705264b41a8b8406ba75dac8812c740b23bacc3cb755b7db5d9e5d6libkadm5-1.15.1-51.el7_9.i686.rpm8ecd0dda63f8fdef85f3be10611b669d2dc8f8820c41e51929957203919c59c6krb5-server-1.15.1-51.el7_9.x86_64.rpmedbefd5f50c0ab6f8f347753a30e6cabb9e3a9a91e3edb0140a39c295c478976krb5-server-ldap-1.15.1-51.el7_9.x86_64.rpm2736348c2e593224a35ad17d2baba550a0f3f9d925bb28687786378dafabf2aekrb5-devel-1.15.1-51.el7_9.x86_64.rpmecdf5093b38c12d3549c5c3ac6069737e21d8645f28c6a7a47243443f5a9ecf9krb5-devel-1.15.1-51.el7_9.i686.rpmb17db7a9e0d3401fff1a6973e133a3b97a5a42ec6e9f4e54e4533c6d67dd503fkrb5-workstation-1.15.1-51.el7_9.x86_64.rpm518e643fae6225e2a0bf9f417845ac6057b93e97fd4db403cd1264f533781d7eSLSA-2021:4904-1Security Fix(es): * nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS) (CVE-2021-43527) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEcriticalScientific LinuxScientific Linux 7nss-3.67.0-4.el7_9.i686.rpm8b39d7bbdd0b7c87e89fa90555935b23723b4de00bcb3c620b9244d895da45aanss-pkcs11-devel-3.67.0-4.el7_9.i686.rpmd80c7a1e8ecfa6c65521a83cc7d8145ef3b8cf9624d3ccb14ffb2dd5a7d06b5fnss-3.67.0-4.el7_9.x86_64.rpm9fa543b38cbcd32000f90732cd5dc04f7e6bddcfeaf65b2e1563f345ed58a0bdnss-sysinit-3.67.0-4.el7_9.x86_64.rpmb66372dc9a21d68aeaf19da7827403ad84fa245fa8e22058d891106701661d8bnss-devel-3.67.0-4.el7_9.i686.rpm96ac14ca35823c9a4ac7663af959bef6f678a125fd197e01b94d15df2335cfa4nss-pkcs11-devel-3.67.0-4.el7_9.x86_64.rpmfd5c09387dabef2c766f98684d44e391053a13a1b9c4bfb7baa704ea908d3431nss-devel-3.67.0-4.el7_9.x86_64.rpme37be7a62e6a240e35e8b7fb7ac856bcdae43d435bf76244e80e800210210b1enss-tools-3.67.0-4.el7_9.x86_64.rpmb53f0ac22d348471aaf4297e58721ca11ae4f57122869e47dc1d51bababbcdafSLSA-2021:4913-1Security Fix(es): * mailman: CSRF token bypass allows to perform CSRF attacks and account takeover (CVE-2021-42097) * mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover (CVE-2021-44227) * mailman: CSRF protection missing in the user options page (CVE-2016-6893) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7mailman-2.1.15-30.el7_9.2.x86_64.rpma6d403a8414332a58f7713c4db942ad7216a5f34f7c6a7e1d4dcfe28cb8bd819SLSA-2021:5014-1This update upgrades Firefox to version 91.4.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 * Mozilla: URL leakage when navigating while executing asynchronous function (CVE-2021-43536) * Mozilla: Heap buffer overflow when using structured clone (CVE-2021-43537) * Mozilla: Missing fullscreen and pointer lock notification when requesting both (CVE-2021-43538) * Mozilla: GC rooting failure when calling wasm instance methods (CVE-2021-43539) * Mozilla: External protocol handler parameters were unescaped (CVE-2021-43541) * Mozilla: XMLHttpRequest error codes could have leaked the existence of an external protocol handler (CVE-2021-43542) * Mozilla: Bypass of CSP sandbox directive when embedding (CVE-2021-43543) * Mozilla: Denial of Service when using the Location API in a loop (CVE-2021-43545) * Mozilla: Cursor spoofing could overlay user interface when native cursor is zoomed (CVE-2021-43546) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-91.4.0-1.el7_9.x86_64.rpm74b34b94c0496a052d766ef75b3959f4f21d66d466f6f73698d6bb9397a1ea3bfirefox-91.4.0-1.el7_9.i686.rpm47df76129a2edadd96529cb6ecc6a39c43c555f5ec0932f3f345fdca39a68cddSLSA-2021:5046-1This update upgrades Thunderbird to version 91.4.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 * Mozilla: URL leakage when navigating while executing asynchronous function (CVE-2021-43536) * Mozilla: Heap buffer overflow when using structured clone (CVE-2021-43537) * Mozilla: Missing fullscreen and pointer lock notification when requesting both (CVE-2021-43538) * Mozilla: GC rooting failure when calling wasm instance methods (CVE-2021-43539) * Mozilla: External protocol handler parameters were unescaped (CVE-2021-43541) * Mozilla: XMLHttpRequest error codes could have leaked the existence of an external protocol handler (CVE-2021-43542) * Mozilla: Bypass of CSP sandbox directive when embedding (CVE-2021-43543) * Mozilla: JavaScript unexpectedly enabled for the composition area (CVE-2021-43528) * Mozilla: Denial of Service when using the Location API in a loop (CVE-2021-43545) * Mozilla: Cursor spoofing could overlay user interface when native cursor is zoomed (CVE-2021-43546) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.4.0-3.el7_9.x86_64.rpm6d5614c26c0384912aebe50dc573bc0865fb463afb90ed78e385c01d485f905eSLSA-2021:5192Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: Active Directory (AD) domain user could become root on domain members (CVE-2020-25717) * samba: SMB1 client connections can be downgraded to plaintext authentication (CVE-2016-2124) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Backport IDL changes to harden Kerberos communication (BZ#2021428) importantScientific Linux 7ctdb-4.10.16-17.el7_9.x86_64.rpmca4344699b290998b563050811d67e398006832a01d730ad20eb66ca9aedccc6ctdb-tests-4.10.16-17.el7_9.x86_64.rpm8c8da384268bf5fccba4ff8f4c52f415a39ff3b3e604d09c753e64e63ed19f0bSLSA-2021:5192-1Security Fix(es): * samba: Active Directory (AD) domain user could become root on domain members (CVE-2020-25717) * samba: SMB1 client connections can be downgraded to plaintext authentication (CVE-2016-2124) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Backport IDL changes to harden Kerberos communicationimportantScientific LinuxScientific Linux 7samba-krb5-printing-4.10.16-17.el7_9.x86_64.rpm76c22fc6f283b0abb8ce92e3a40f5caf50817a1dfcf37895835e1b5ed36900e2samba-winbind-krb5-locator-4.10.16-17.el7_9.x86_64.rpmfccd7fac0b4e430d2265335820d03a03444d1e394c6c12895b62940562f6325elibwbclient-devel-4.10.16-17.el7_9.x86_64.rpm77f6e67d80e62266c9f6edc5a7c0eb4ac0abc20201b3b0cee0944a0eb661cdfesamba-client-4.10.16-17.el7_9.x86_64.rpm83f58f79e439d0f5d99de769d791288e5777785799f835f872bf72a6341ce621samba-test-4.10.16-17.el7_9.x86_64.rpm58ebd96e52fbc22359938a509237c70a35cd6cedcca2010c4dd62f96fa8acca9samba-dc-libs-4.10.16-17.el7_9.x86_64.rpm8b8242d3d2b9651ca69ed606b593554940a9da7af796f5e5866f0fda5b911185libwbclient-4.10.16-17.el7_9.i686.rpm40d1c0855c8259f9bbfd4f2f45b239b79c8d5101f2df884d86853c1abbf6af4bsamba-4.10.16-17.el7_9.x86_64.rpmd3727b6c48f0a4f9d908e8b6e3427846e6a80c5377ef0e40301e5a9e7df0b642samba-vfs-glusterfs-4.10.16-17.el7_9.x86_64.rpme9f03c3e2696c8256a55a620360f0cd4c4a8b1e70b6b7d4e664648685f58c246samba-devel-4.10.16-17.el7_9.i686.rpma56816dfaf5e2c393a7679576aeb6cc71251b81d1270e49c1f0f695c5cbe8e3bsamba-winbind-modules-4.10.16-17.el7_9.x86_64.rpmdd3a2f088f535f905a65bea23360486fe6e6a11d2749465eeebbd0ccdc1bfc14samba-dc-4.10.16-17.el7_9.x86_64.rpm7a05cc305cfdb6a7a873e3293a8e8ecc20f0ce56143be6a169128e274fe98076samba-common-libs-4.10.16-17.el7_9.i686.rpm40bde39bd1fa9e632258146bb71fa6fa62cb8bc173df3bbfc4fb3814230c232flibsmbclient-devel-4.10.16-17.el7_9.x86_64.rpmf2900e10160efa1fa6da0fd4cbb2306141c66e646a071c4429432aae2b178992samba-common-tools-4.10.16-17.el7_9.x86_64.rpm37508a8a808cd8d930f62f8983ee6ee2e8543745cae73cf163d31fd448aa7906samba-client-libs-4.10.16-17.el7_9.x86_64.rpm59b11d7dca5070f0ab7f07fe1e2d366d35e089ef6fde9e652920bce0784b6a14samba-python-4.10.16-17.el7_9.x86_64.rpm226f20e710f0dba58f76df93ede8175a3f7218e2a450678dcce302aa7a77568bsamba-test-libs-4.10.16-17.el7_9.x86_64.rpm8b9125573a1c10f278cafe10823e8638d0d6d3fa8721edff72ee250d1745ce7flibwbclient-4.10.16-17.el7_9.x86_64.rpm11aa4dd9f1070cdccbef45593aa5eb8d11820e0a343f0365224725c2ee6c6052samba-devel-4.10.16-17.el7_9.x86_64.rpm7451c9daf89660e83e84d2e64c25253c6c1eaa71907a8b9a084dfac0f83d1224samba-pidl-4.10.16-17.el7_9.noarch.rpm006b198f8d806c3728f5028d288a95f9a4929068b54635abc2aa1bb22bd2098csamba-libs-4.10.16-17.el7_9.i686.rpm20421f25bfb9f83da767bc8bad49e16734ccea5cb08d6be240ecc216c1c13151samba-test-libs-4.10.16-17.el7_9.i686.rpmd2cea758a40b3c562a7e1701a61791a582d91409b79cdc5bec48a26f4ab4ddbasamba-libs-4.10.16-17.el7_9.x86_64.rpm3cdbb5d29cf8a9de05a3ea1e3ed041f63ace5c469c6214e1a816a6962d9a5f16samba-python-test-4.10.16-17.el7_9.x86_64.rpm885931f0c44184190ab523e79e44757c7e4994ab059d8d66906a695fecc68691libwbclient-devel-4.10.16-17.el7_9.i686.rpma993a893e2c3b713749c49f8fd13e03fe56eb514b45e6b84a7d608baf8248361libsmbclient-4.10.16-17.el7_9.x86_64.rpmd82ae98bd60973a99849a035947c743e3b1bdf17777141b2c91e4015b00d9444samba-common-4.10.16-17.el7_9.noarch.rpm0a5637aac7e2ebbbb6d8f624450c071ab61caa086eecec041becd1520c4cacdesamba-winbind-4.10.16-17.el7_9.x86_64.rpm9a52b6824a9124e6c234bf305315ff6530e5057c88159a3306840461f7c19985samba-client-libs-4.10.16-17.el7_9.i686.rpm91ef15b825a8a5d761cfc6a0ddbf3e48758b34e51feaf904413244d9d7708562samba-winbind-clients-4.10.16-17.el7_9.x86_64.rpm71b55f6e1c2158774b901d97db832afc225ba2882d88b13945557ae7a2e820dasamba-python-4.10.16-17.el7_9.i686.rpm1c50d68275ae3e786b12ed0941a5c865dbcae209edfc6da0b1c4062fae0671aasamba-winbind-modules-4.10.16-17.el7_9.i686.rpm0a4d62969165153d51f06cbf88222fa0a88533589740e2e7b6da6a7395b1be82samba-common-libs-4.10.16-17.el7_9.x86_64.rpm91f4fae3ae01f88dd4c5667b02cbe12fc81ce1878891b1f39708aa228f3ca2a9libsmbclient-4.10.16-17.el7_9.i686.rpmaea5935636f86272694d14548ee666e2d1eba32ca6bf57b762132eff600405eclibsmbclient-devel-4.10.16-17.el7_9.i686.rpmd2c8370a21a41827d547e2fb4461cc544a60eb49e696fb1f72367057fe00be37SLSA-2021:5195Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * samba: Samba AD DC did not always rely on the SID and PAC in Kerberos tickets (CVE-2020-25719) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * RHEL 8.6 IPA Replica Failed to configure PKINIT setup against a RHEL 7.9 IPA server (BZ#2025848) moderateScientific Linux 7ipa-client-common-4.6.8-5.sl7_9.10.noarch.rpmba3e65b75de0615b30f31251addbebf9a381c5752ce35c0c8a85890b19805a65ipa-server-dns-4.6.8-5.sl7_9.10.noarch.rpm8a1a1d7f5a6a84ea98aedaa19e07359a51a29a38e53fcb4cf267c116c5935f31python2-ipaclient-4.6.8-5.sl7_9.10.noarch.rpmdcd33ccebd465c4e937987026c0aac5c208598b470112e953f5a7741b41e54f6ipa-server-common-4.6.8-5.sl7_9.10.noarch.rpmb9172dd5d1dca7fe8e6849ebb3f238b45232c929509e28d9c9e7249fe8a7e1cbipa-client-4.6.8-5.sl7_9.10.x86_64.rpm4416f3ec1635682299d01ba62964a7f2eee00c3e1a9e659b724a44935cc91f2apython2-ipalib-4.6.8-5.sl7_9.10.noarch.rpmdfa9f7b90e8b4377d664998d7a0a31f0703626732069b265b202764c8ca2af1fipa-common-4.6.8-5.sl7_9.10.noarch.rpm0fb158bf0f87a788649c85f3f6ee3c6e56d6139d057da35d182da389253ac3e2ipa-server-4.6.8-5.sl7_9.10.x86_64.rpme96afb955b6d688374ff418cd38f41fc4308c48b8b3fa2bd2ec2e00e78be45eapython2-ipaserver-4.6.8-5.sl7_9.10.noarch.rpmb0562c5297aa37456cdcec9b40950cfadd9daac380e45107705d9b9faa4ac73aipa-python-compat-4.6.8-5.sl7_9.10.noarch.rpmd3e8bcdc368785fe79dc0c38fcd468781d6518e60ce4d76b62b2e335f834feb2ipa-server-trust-ad-4.6.8-5.sl7_9.10.x86_64.rpma253d56aeba91f49e9be09abdc6d8f19f1798d24adeb6e1d78400025bd5d965cSLSA-2021:5206-1Security Fix(es): * log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender (CVE-2021-4104) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7log4j-javadoc-1.2.17-17.el7_4.noarch.rpm7f8dcfcca0c95f2356405ffbe58f163d9ae1e29fe844c9c35cf72582717a9086log4j-1.2.17-17.el7_4.noarch.rpm51f4e6b324089f9d26b9d4c167770f5ae0f9302e00e36a9a1b7db5c7431ca091log4j-manual-1.2.17-17.el7_4.noarch.rpm4ce766ab47665d246a4f108b603d6d797967629d900cf570617727d883ddd1a2SLSA-2022:0003-1Security Fix(es): * xorg-x11-server: SProcRenderCompositeGlyphs out-of-bounds access (CVE-2021-4008) * xorg-x11-server: SProcXFixesCreatePointerBarrier out-of-bounds access (CVE-2021-4009) * xorg-x11-server: SProcScreenSaverSuspend out-of-bounds access (CVE-2021-4010) * xorg-x11-server: SwapCreateRegister out-of-bounds access (CVE-2021-4011) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7xorg-x11-server-devel-1.20.4-17.el7_9.x86_64.rpm98268e97294e5e61cd5ae9724a60f2d86fdb78bfad8b96a6d4cebe683dc5f506xorg-x11-server-Xwayland-1.20.4-17.el7_9.x86_64.rpmfbd34b80cced270b813bbef467a2d12255003967620e2c28bf4de0741c79225bxorg-x11-server-common-1.20.4-17.el7_9.x86_64.rpm2e1018a8d0bd51dff6d83ef948418f762c203d239f0020269fee7500538ab40dxorg-x11-server-source-1.20.4-17.el7_9.noarch.rpm7f5af24d0f6249d57137eb7f5f380a7f13c8aa5cfd9a914b8c5eff9df5c764d7xorg-x11-server-Xvfb-1.20.4-17.el7_9.x86_64.rpmfce562c16c7cdf9d0f147b567379b38071b0d934b574fa1d04007d19ddccc0b4xorg-x11-server-Xdmx-1.20.4-17.el7_9.x86_64.rpmefd6b680b414d75f5dee35c343ddf2e3ee2b0587adf5694202a130037cee4454xorg-x11-server-devel-1.20.4-17.el7_9.i686.rpmd100a533e292e9d1465d3b4238aaadd6e2075b81b3500f467bb26ae697b23fe5xorg-x11-server-Xorg-1.20.4-17.el7_9.x86_64.rpmb5e7aa52ca58da7977f27f333a17e9eacfc6fb54dd54d3390556009264f92652xorg-x11-server-Xephyr-1.20.4-17.el7_9.x86_64.rpm983e196d913b2396c61c6ac75d70687482dd096698a372f2f6ece8cd8f1cbeecxorg-x11-server-Xnest-1.20.4-17.el7_9.x86_64.rpmb01cce56ff3e9feb30957a95d43de3e6e97a9a2181e69dbf4048888095225636SLSA-2022:0059-1Security Fix(es): * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30858) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7webkitgtk4-devel-2.28.2-3.el7.i686.rpm2534a83763bd174b50e81a306838d5b1006a9b89f35e76680ee67f4df97cac7cwebkitgtk4-jsc-2.28.2-3.el7.x86_64.rpm218df31a4ff2a0a7c341dc484c2c348e8a2205db49147ccd5448a78cb5e6d78dwebkitgtk4-jsc-2.28.2-3.el7.i686.rpmef77d62e815cf45cec69e28567cd8079f03beeb766ce1c1d846dafb56a016f2dwebkitgtk4-devel-2.28.2-3.el7.x86_64.rpm6c3714b086b57365575f5ab43c8aa2a05af23e0346f9ec215cb71c79098d07b5webkitgtk4-jsc-devel-2.28.2-3.el7.x86_64.rpmca992fdc96462b479e549876ac8e275a99e37a6add39225543c90ba2d0e27493webkitgtk4-2.28.2-3.el7.i686.rpmeda71bba7578ebc4415bbfd8c43813920c6be2f8bba1fbc14c0d39a8b5c3222bwebkitgtk4-2.28.2-3.el7.x86_64.rpm643bdebe39d488dd7e5e47699ed2d8ae3227bd5f7d2a182385b9c73152180c5ewebkitgtk4-jsc-devel-2.28.2-3.el7.i686.rpm0e22c4a0c88f6a07e46cbb0c1b090888a8ceb611667f8cdba8d5f6303987644dwebkitgtk4-doc-2.28.2-3.el7.noarch.rpm953e6f26fc29f36acfa9015d8c95a5e41f4cac5622b8b90ce20ddbdfd957da6fSLSA-2022:0063-1Security Fix(es): * kernel: perf_event_parse_addr_filter memory (CVE-2020-25704) * kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations (CVE-2020-36322) * kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * A gfs2 withdrawal occurs function = gfs2_setbit, file = fs/gfs2/rgrp.c, line = 109 * i40e SR-IOV TX driver issue detected on VF 7 - VF connectivity loose after VF down/up duplicate ACK not sent when expected * [kernel-debug] BUG: bad unlock balance detected! when running LTP read_all * Rudimentary support for AMD Milan - Call init_amd_zn() om Family 19h processors * A VM with <=8 CPUs handles all the Mellanox NIC interrupts on CPU0 only, causing low performance * fix _PSD override quirk for AMD family 19h+ * generic_file_aio_read returns 0 when interrupted early with a fatal signalimportantScientific LinuxScientific Linux 7kernel-tools-libs-devel-3.10.0-1160.53.1.el7.x86_64.rpme1b4eb8495df8c8e404e29027bf75bfcf446e9c72f4cdce9e885ad4c0f84c74ckernel-tools-libs-3.10.0-1160.53.1.el7.x86_64.rpmfc7930b80c5c957b3c11ca0a8fdc8253b5c592005218c195013b5af27ad52fe0python-perf-3.10.0-1160.53.1.el7.x86_64.rpm5a97314cb3e63a379d542f48205763959151da815d6b1663057b2eda47725517kernel-abi-whitelists-3.10.0-1160.53.1.el7.noarch.rpma4e8fae7b13733df408e4e6b47ed996d16189f5d7fcad211b6cdbc1b3f21dfd0kernel-doc-3.10.0-1160.53.1.el7.noarch.rpm530aea97981d5feda154cd41631c4a1220b291e183601d7ab2456dae5d5dc721perf-3.10.0-1160.53.1.el7.x86_64.rpm3bf6fe2ebcdec2cd7c6947ca654995807dbd5079be69a53f4dd4e83bbde2ce4akernel-headers-3.10.0-1160.53.1.el7.x86_64.rpmdd7cdc23048dcb8f3deb188047954c6e8a860ec543c1141af80401bcbb544cb9kernel-devel-3.10.0-1160.53.1.el7.x86_64.rpmefe2465efe72478457ad7248132950834a973a31d7e32dd72bd6bb7a5af678d1kernel-tools-3.10.0-1160.53.1.el7.x86_64.rpm72148e3dc5d1b8f06e71978c4d49a61a9afb83ba56f2b1c4528c0fb9d07714cakernel-debug-3.10.0-1160.53.1.el7.x86_64.rpmb7cbee4f83236379820e3ad7c8c99517ac58062735b6b92fee460df377354e5akernel-debug-devel-3.10.0-1160.53.1.el7.x86_64.rpmd1e6c49f3b347b404269e242437ec0ca7f365b201170769917b0b0cc96a0e02abpftool-3.10.0-1160.53.1.el7.x86_64.rpm643ad950e55e74f544c41b24cd7c4a2e1baf65a5802de9e20573f45b31bb27d8kernel-3.10.0-1160.53.1.el7.x86_64.rpm50fa58d82abc229771879df7ea1c31833d20c8e5648aaca94f796d4454ce47d9SLSA-2022:0064-1Security Fix(es): * openssl: Read buffer overruns processing ASN.1 strings (CVE-2021-3712) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7openssl-1.0.2k-23.el7_9.x86_64.rpm4b7e5233f1ef54c5a49a2e7ef776b6555b7cbb9d2b310f9697923d9b7c7f25fbopenssl-perl-1.0.2k-23.el7_9.x86_64.rpme6618c1e128f8765d85a14ea2e693bc8fc06c837542ed5c30d7df96c37104bb7openssl-devel-1.0.2k-23.el7_9.x86_64.rpmf3f92393d8ac5d161e7460d7e50d01802e498cfe55855bcc1a7f58bab0580a3aopenssl-devel-1.0.2k-23.el7_9.i686.rpm93769ab70815d8a8cdc9f8edf4f90ad61eb40cee4bd092b8c89a511d0de01274openssl-libs-1.0.2k-23.el7_9.i686.rpmfb34c957a261788fe6457be8bf0ce1f77c970e8132ab509e1dda887884c7b0d9openssl-static-1.0.2k-23.el7_9.x86_64.rpmf40c92173b08ccc3db38d78bbeb03120d0b043bbb4deaa2d423b9e981c0490d0openssl-libs-1.0.2k-23.el7_9.x86_64.rpmc39581eaf6d8a28a5b3af447d4a0a83cdf236803fecf60172074131740c9412copenssl-static-1.0.2k-23.el7_9.i686.rpm5f5d16a031e480a292463d7c1aa64a083d69f8ba617332518b5480af9e558384SLSA-2022:0124-1This update upgrades Firefox to version 91.5.0 ESR. Security Fix(es): * Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140) * Mozilla: Race condition when playing audio files (CVE-2022-22737) * Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738) * Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740) * Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741) * Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742) * Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22743) * Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751) * Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745) * Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748) * Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739) * Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747importantScientific LinuxScientific Linux 7firefox-91.5.0-1.el7_9.x86_64.rpmb24cd7262ae038465b552c404eea1adce86219ff96ba1b00bfde6c71fb4d708ffirefox-91.5.0-1.el7_9.i686.rpm52541ab3a9f02cf7b7362cb6b02574c833e661eeb9c14539f3811c03c8b83738SLSA-2022:0127-1This update upgrades Thunderbird to version 91.5.0. Security Fix(es): * Mozilla: Iframe sandbox bypass with XSLT (CVE-2021-4140) * Mozilla: Race condition when playing audio files (CVE-2022-22737) * Mozilla: Heap-buffer-overflow in blendGaussianBlur (CVE-2022-22738) * Mozilla: Use-after-free of ChannelEventQueue::mOwner (CVE-2022-22740) * Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22741) * Mozilla: Out-of-bounds memory access when inserting text in edit mode (CVE-2022-22742) * Mozilla: Browser window spoof using fullscreen mode (CVE-2022-22743) * Mozilla: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5 (CVE-2022-22751) * Mozilla: Leaking cross-origin URLs through securitypolicyviolation event (CVE-2022-22745) * Mozilla: Spoofed origin on external protocol launch dialog (CVE-2022-22748) * Mozilla: Missing throttling on external protocol launch dialog (CVE-2022-22739) * Mozilla: Crash when handling empty pkcs7 sequence (CVE-2022-22747)importantScientific LinuxScientific Linux 7thunderbird-91.5.0-1.el7_9.x86_64.rpm3cb0a76f2c45fa9cd11c3b908892dfb10fd1f7030c243a18fe0b6e92849b3352SLSA-2022:0143The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790) * httpd: mod_session: Heap overflow via a crafted SessionHeader value (CVE-2021-26691) * httpd: NULL pointer dereference via malformed requests (CVE-2021-34798) * httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7mod_session-2.4.6-97.sl7_9.4.x86_64.rpmf6d50a70e34d90f430a16387e36ce6c3c58fe33c52432ccfc433c32203ade455httpd-manual-2.4.6-97.sl7_9.4.noarch.rpm8a49f246b504b1bd850314a39faadadeaef3a6cfe23bb67c6774d71e3c5fb8e7mod_proxy_html-2.4.6-97.sl7_9.4.x86_64.rpmb0fd2d6d5a89ba32d563573c3bb8be4c58e28e13e3eed53052af8899509aa4ffhttpd-devel-2.4.6-97.sl7_9.4.x86_64.rpmbd85ba1c0745e459eef961ae53126bb0796a3235ca3dd6539f089add38513004httpd-tools-2.4.6-97.sl7_9.4.x86_64.rpm4c7abdd81e62ca20befa0591ebeff2685f0aa76633a726a99e56fc7bd005b062httpd-2.4.6-97.sl7_9.4.x86_64.rpmf2be60c4f22fff3a82e3b7d590f13ec8ccc695bdfbe7f949bd74d0bcf76ae197mod_ssl-2.4.6-97.sl7_9.4.x86_64.rpm19c13172d628ab4ee8f43bbe35b7bcfcc2f7eaa13ce09c7699f0652025fe5ba1mod_ldap-2.4.6-97.sl7_9.4.x86_64.rpmf2d94441192f13f6930c986ef6b676ff097f35f978363b34e63829aaba93855aSLSA-2022:0162-1Security Fix(es): * gegl: shell expansion via a crafted pathname (CVE-2021-45463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7gegl-devel-0.2.0-19.el7_9.1.i686.rpm1026ad809317760b0d4aabbe6b6e860534b665a242954df648017d26425f395agegl-0.2.0-19.el7_9.1.i686.rpmb1f3ba7fcda7b41faeac20f54e467969a03dff3c82d44d92e0b84c0b659c1140gegl-0.2.0-19.el7_9.1.x86_64.rpmef02317437aeae99e92e18ccacfeaf9171450113cc41ba989318f5fcc0c41436gegl-devel-0.2.0-19.el7_9.1.x86_64.rpmb6ac02e80d0cc53efc5d041e39652cef7a249221c39f729b7b8cd0d63ff85226SLSA-2022:0204The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248) * OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) (CVE-2022-21277) * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) (CVE-2022-21282) * OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813) (CVE-2022-21283) * OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386) (CVE-2022-21291) * OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293) * OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294) * OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498) (CVE-2022-21296) * OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299) * OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014) (CVE-2022-21305) * OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340) * OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341) * OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360) * OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365) * OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096) (CVE-2022-21366) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7java-11-openjdk-devel-debug-11.0.14.0.9-1.el7_9.x86_64.rpm54e94a49f94c000311fd8d9e5b97e53301facf3f4124087671061204158dd262java-1.8.0-openjdk-devel-debug-1.8.0.322.b06-1.el7_9.i686.rpm22abc18d93f07f90e6b42ddbd5093a801bf7e3f3015e8cd27f3c4e26c0da2eb7java-11-openjdk-headless-debug-11.0.14.0.9-1.el7_9.x86_64.rpma2a1d79c7ddac04304f1eca9f9d18c82864f1870988c40e6528c4f9bf46d9b68java-11-openjdk-demo-debug-11.0.14.0.9-1.el7_9.i686.rpm3a4aea36b0f4e25a3ed5cf94e0f7386ab5f1d45e3823fec31de7e02212022fadjava-1.8.0-openjdk-headless-debug-1.8.0.322.b06-1.el7_9.x86_64.rpm4f2b655d843d01abe1db3f8e10e173d042dcb42d4bcbafbf32069ccf6cc12dadjava-1.8.0-openjdk-accessibility-debug-1.8.0.322.b06-1.el7_9.i686.rpm250e0a7cad249a45617d83f6b5150b91cc908568fa58912282ccbf9e3614298djava-11-openjdk-javadoc-zip-debug-11.0.14.0.9-1.el7_9.x86_64.rpm7a2935078143afd2685722413322ae84fb00eeb85c730ffaf5d8132439a0cae2java-11-openjdk-headless-debug-11.0.14.0.9-1.el7_9.i686.rpm30a6882e26f722d5d52e51dfb475f44d6dd7c05e6ccc7be976994b6269a724d0java-11-openjdk-demo-debug-11.0.14.0.9-1.el7_9.x86_64.rpm6369689fb71d5d00ec0736c4462b02d19376b3085ba45a70f2186224f30002d8java-11-openjdk-javadoc-debug-11.0.14.0.9-1.el7_9.x86_64.rpmf040b3fff3cadbf5bba46359793f047aceec610db6b246d2d1495b575976b0c4java-1.8.0-openjdk-headless-debug-1.8.0.322.b06-1.el7_9.i686.rpmf74f241d8001846ea41a74f6e4fe447e3c5040739edfa4bede9d73a4e2acc064java-11-openjdk-javadoc-zip-debug-11.0.14.0.9-1.el7_9.i686.rpm96de0c2dc0c8db1c3b6d05d1d88021884e87016f30990a68b5081ae3a2dd34a2java-11-openjdk-src-debug-11.0.14.0.9-1.el7_9.i686.rpm5afd5e147596a1d9397956bf9721329089d28bc928fdd47a1459ae4b6a3b6b5ejava-11-openjdk-debug-11.0.14.0.9-1.el7_9.i686.rpm3fc46c2e0fbdb37e4e798254d1c5ed4d35d14efaea3c20a9401283ea9b068303java-11-openjdk-jmods-debug-11.0.14.0.9-1.el7_9.i686.rpm2fc773b81c442f071e6ed161ff9836373741bf1ac45102c9a2c006d9c48b6641java-1.8.0-openjdk-src-debug-1.8.0.322.b06-1.el7_9.x86_64.rpme9ea555722da53401eb1acedccb6cee5093ffe0d923a857b4de4d4be2c090feejava-1.8.0-openjdk-devel-debug-1.8.0.322.b06-1.el7_9.x86_64.rpm428130bcc2525c6a036bbaf6da0788720b6e75aada9a50fcafe91585b4f28244java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.322.b06-1.el7_9.noarch.rpmfed1d5416135665f0d365e53c2821753658b58496601de12afe92b96e502b314java-1.8.0-openjdk-debug-1.8.0.322.b06-1.el7_9.x86_64.rpm01d5ba12a84abfa92dc7a4bc18d4a833cc125ae5b52c5d8c3bf66e9347bb54f8java-1.8.0-openjdk-javadoc-debug-1.8.0.322.b06-1.el7_9.noarch.rpm91ded251200a705eb4c072c2044612331cd229e820328e0045319633269d704ajava-1.8.0-openjdk-debug-1.8.0.322.b06-1.el7_9.i686.rpmffead4c176d93aee9b77b4da35a516af4023a7ef83a1167d681970b9e1c1d1cejava-11-openjdk-jmods-debug-11.0.14.0.9-1.el7_9.x86_64.rpmf86af909cc2f526fe18fd6535390085ec139b66b88863946cacb8e6ad68dbde7java-1.8.0-openjdk-src-debug-1.8.0.322.b06-1.el7_9.i686.rpmd08459c9eb22b8e5f9be6a280c5df29f72ad16bf6f83f22897aaabbea136e05bjava-11-openjdk-debug-11.0.14.0.9-1.el7_9.x86_64.rpmf5e40ddaf84a7b9a91c9f819c7dd2af4ad5254788ef00c3e83dfba35eaeb80a7java-11-openjdk-src-debug-11.0.14.0.9-1.el7_9.x86_64.rpm4360d60400c097e9d840cd55ee4b32828b82afe859bd0acd2738aed6548b4839java-1.8.0-openjdk-demo-debug-1.8.0.322.b06-1.el7_9.i686.rpm44511b6ecb9daf9acc9d5e84a68d5ba9f06302ca652ae1f507c84e04a43edb75java-1.8.0-openjdk-demo-debug-1.8.0.322.b06-1.el7_9.x86_64.rpm106283358485a57311aa90a8b37fad25d1dd72f71a528ff64872f51ce8d27d32java-1.8.0-openjdk-accessibility-debug-1.8.0.322.b06-1.el7_9.x86_64.rpm419bd98f1f9c77fc6e63f6eff664dc3af238fcbf6916d4952c111e441f341af7java-11-openjdk-devel-debug-11.0.14.0.9-1.el7_9.i686.rpm4fa67312ed6440d3808caf8bd033c095c3126c02c12ca3c8126e958b256550abjava-11-openjdk-static-libs-debug-11.0.14.0.9-1.el7_9.x86_64.rpmfdbd1738c7a9a66b53d2744428dd69a7ff9129a8caa52042fa2ed080b1a7e705java-11-openjdk-javadoc-debug-11.0.14.0.9-1.el7_9.i686.rpmbe5ac853436da737779d848c36be1cdae8aa926fad8d6540b5b4b77f929652a2SLSA-2022:0204-1Security Fix(es): * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248) * OpenJDK: Incorrect reading of TIFF files in TIFFNullDecompressor (ImageIO, 8270952) (CVE-2022-21277) * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) (CVE-2022-21282) * OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813) (CVE-2022-21283) * OpenJDK: Incorrect marking of writeable fields (Hotspot, 8270386) (CVE-2022-21291) * OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293) * OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294) * OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498) (CVE-2022-21296) * OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299) * OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014) (CVE-2022-21305) * OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340) * OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341) * OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360) * OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365) * OpenJDK: Excessive memory allocation in TIFF*Decompressor (ImageIO, 8274096) (CVE-2022-21366) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7java-11-openjdk-devel-11.0.14.0.9-1.el7_9.x86_64.rpmcc0889f63874783c1587cdb2920dae9c9b22b654208212411a6675c559ae85bdjava-11-openjdk-javadoc-11.0.14.0.9-1.el7_9.x86_64.rpm77bd8cd3cb7b00b03f86de7d2ba8c94733b0cd0058cc898d318c83c6f2b3067ejava-11-openjdk-javadoc-zip-11.0.14.0.9-1.el7_9.i686.rpm5144866cf38908fa899127f174a67b3913a2b873291b355067e0896da8eb4fe0java-11-openjdk-demo-11.0.14.0.9-1.el7_9.i686.rpmd19bdc3ab44387fbce45f62c463221c9788c0c63d0f9eea7a2bdb7eae77ad7ccjava-11-openjdk-src-11.0.14.0.9-1.el7_9.x86_64.rpmd6bf474547d1334de8d7640fc5126470cd0f84c08c92e2b005df87158e7dad39java-11-openjdk-jmods-11.0.14.0.9-1.el7_9.x86_64.rpm52c47aeb85a00884f332349ad60e14bcfd2967dbf35901b99caa91a9c8874941java-11-openjdk-javadoc-zip-11.0.14.0.9-1.el7_9.x86_64.rpmf2f7478230baa8b5a9dc38d0e718632d861b42d60326bccbcef0d80145ad246ejava-11-openjdk-11.0.14.0.9-1.el7_9.i686.rpmce7b0ad4461acf10115acbecf082ea2475952fd27c71530cf08d55d195153d3ejava-11-openjdk-demo-11.0.14.0.9-1.el7_9.x86_64.rpm8f0a47867262db56e7790a717dd1ada48ae630a58e63875fdbafcbd99ce10b74java-11-openjdk-static-libs-11.0.14.0.9-1.el7_9.x86_64.rpm75db03a8a5647d9c9327f479714bc74dfad20c0002ad9409ceab1e0c0ad09388java-11-openjdk-headless-11.0.14.0.9-1.el7_9.i686.rpmbbf237389b53489037deab07f4eb170225ef1b113b38f7d175f9f5345ff792d9java-11-openjdk-headless-11.0.14.0.9-1.el7_9.x86_64.rpmc69384d43f8be73c756b6b45ed9efdc142fc792d5988b8a7a7f2d81749e21768java-11-openjdk-src-11.0.14.0.9-1.el7_9.i686.rpm50eb4249160603431d7aab5d83df8bb7408102070f1e7f6b7b87c9cae987644bjava-11-openjdk-11.0.14.0.9-1.el7_9.x86_64.rpm9459fcb48519274800a15bc286399d160a55ac9e4a14504ddc677e6cdca22371java-11-openjdk-javadoc-11.0.14.0.9-1.el7_9.i686.rpm4100a9da94044e8a26c6fbbb8a155fcb3d346a0b999817f744a566e83af271ddjava-11-openjdk-jmods-11.0.14.0.9-1.el7_9.i686.rpm18e806660adc56368b07783d1dc706fc1574144c5a3c469baf58414b03134389java-11-openjdk-devel-11.0.14.0.9-1.el7_9.i686.rpmd93618065592c206d65b10e92606933f6436cc175d919bf380acd07614d589d3SLSA-2022:0274-1Security Fix(es): * polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector (CVE-2021-4034) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7polkit-0.112-26.el7_9.1.i686.rpma51c58a015ba9d4a24cd2892eff98c88780bc2faf647d7a2de964503062c9a9apolkit-devel-0.112-26.el7_9.1.x86_64.rpm9f5b87876726dd6f3222308cf4d835c0ea59184d38f0a6b9d63e7c31230f0e95polkit-0.112-26.el7_9.1.x86_64.rpm68203be229c1f9cda0901c099d1c83d467c440273aeca0477beae5f4837bc9cepolkit-devel-0.112-26.el7_9.1.i686.rpm927f01258ae72316036787ef5c597fa6ab4b4d3b52f1d2a2247ccf1819f9dc84polkit-docs-0.112-26.el7_9.1.noarch.rpme60511f118ae805d5d7cb82c8a852b55454d27a21407581e71db6420d58adf90SLSA-2022:0306-1Security Fix(es): * OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934) (CVE-2022-21248) * OpenJDK: Insufficient URI checks in the XSLT TransformerImpl (JAXP, 8270492) (CVE-2022-21282) * OpenJDK: Unexpected exception thrown in regex Pattern (Libraries, 8268813) (CVE-2022-21283) * OpenJDK: Incomplete checks of StringBuffer and StringBuilder during deserialization (Libraries, 8270392) (CVE-2022-21293) * OpenJDK: Incorrect IdentityHashMap size checks during deserialization (Libraries, 8270416) (CVE-2022-21294) * OpenJDK: Incorrect access checks in XMLEntityManager (JAXP, 8270498) (CVE-2022-21296) * OpenJDK: Infinite loop related to incorrect handling of newlines in XMLEntityScanner (JAXP, 8270646) (CVE-2022-21299) * OpenJDK: Array indexing issues in LIRGenerator (Hotspot, 8272014) (CVE-2022-21305) * OpenJDK: Excessive resource use when reading JAR manifest attributes (Libraries, 8272026) (CVE-2022-21340) * OpenJDK: Insufficient checks when deserializing exceptions in ObjectInputStream (Serialization, 8272236) (CVE-2022-21341) * OpenJDK: Excessive memory allocation in BMPImageReader (ImageIO, 8273756) (CVE-2022-21360) * OpenJDK: Integer overflow in BMPImageReader (ImageIO, 8273838) (CVE-2022-21365) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7java-1.8.0-openjdk-1.8.0.322.b06-1.el7_9.i686.rpm9fc1c228bfdd6cd91ee00a1b85521b0bd9a1703c25bf371a3e170520718b254ejava-1.8.0-openjdk-devel-1.8.0.322.b06-1.el7_9.i686.rpm1474e8e84cd3edee131374d943d7c5aaa650d46f2fbf2679902f1ee849009900java-1.8.0-openjdk-devel-1.8.0.322.b06-1.el7_9.x86_64.rpmd0d1db385d79c24b153a5e378d3557637b3262336aa5c670577218a9e1b07b79java-1.8.0-openjdk-javadoc-zip-1.8.0.322.b06-1.el7_9.noarch.rpm3f9d342530e385ac09c2bccf9994f13b797fa7245a284d16e77cd44482175e00java-1.8.0-openjdk-1.8.0.322.b06-1.el7_9.x86_64.rpmcac72660b95e7de372e9c8863d0d577f6e66b21b019847201a6975aba535fc7cjava-1.8.0-openjdk-src-1.8.0.322.b06-1.el7_9.i686.rpmb6f8d11f1467b3341d0c1790239571e32e512cc2f9f57033a77c00984940715fjava-1.8.0-openjdk-demo-1.8.0.322.b06-1.el7_9.x86_64.rpm04dc751224ddbbdfbf53fcc13646051e88de5a92cf81f9621ac4d26bd51adca4java-1.8.0-openjdk-src-1.8.0.322.b06-1.el7_9.x86_64.rpmc54c45e92dd9370bd5ec2cf4b94f9c4c2c5c8b23d4d460fc13e9312df9ec2f9djava-1.8.0-openjdk-javadoc-1.8.0.322.b06-1.el7_9.noarch.rpmd5fd399710a732268bba30410c30f68613bfdd0abdd174ddba84f2084c36ebb4java-1.8.0-openjdk-accessibility-1.8.0.322.b06-1.el7_9.x86_64.rpmea1964a5ac6c3ce7d23c0379adf67af3b9a6b324186b6f5a77c03dc41ea7e955java-1.8.0-openjdk-demo-1.8.0.322.b06-1.el7_9.i686.rpma138a9ff6d0a204d4954e21ce9bbfffe6cbc71cdfab9b7254ea8a1519ed38892java-1.8.0-openjdk-accessibility-1.8.0.322.b06-1.el7_9.i686.rpmb0d2892f5361e65f6cf19ed8e55b374bca09237b7ffb47788dc94db5ed46d584java-1.8.0-openjdk-headless-1.8.0.322.b06-1.el7_9.x86_64.rpm8930e7312515fb1b8ec206e11be265caf82649d498f28a7bd2664f7668cbfd79java-1.8.0-openjdk-headless-1.8.0.322.b06-1.el7_9.i686.rpmabf6d38551de0d1441ff30ed1e5770c5f9402423d2c42944e003942abd8748aaSLSA-2022:0328-1Security Fix(es): * samba: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution (CVE-2021-44142) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Fix CVE-2020-25717 username map [script] advice * Fix Kerberos authentication on standalone server with MIT realmcriticalScientific LinuxScientific Linux 7samba-vfs-glusterfs-4.10.16-18.el7_9.x86_64.rpmdf8d1340cb4aa6914bb9ea7874070288a8d22c55f39d645ad86ba5a31c259e2bsamba-common-libs-4.10.16-18.el7_9.x86_64.rpmff89d32684ee759c454ef11b51ff31d4ab44179d46d5283cbf646999d16b2886libwbclient-devel-4.10.16-18.el7_9.x86_64.rpmbc9aa7dbffea68c98acbc88351a6327dc9ca500eb6a2479120737e1f96bd2ec2samba-client-libs-4.10.16-18.el7_9.i686.rpm663812b7dfd973fdeb6b74305cf08921d5e8335ed5017c3df59727ebd535ea1esamba-libs-4.10.16-18.el7_9.x86_64.rpme0097d987e2824450c7a11ac3fa532ab06135fd15f38220e2dfaf8f077f038ebctdb-4.10.16-18.el7_9.x86_64.rpmf2202e2e9b18f5f5f4811a7c13559b3ac8af727e7527cb65d40c3e56e4dc8c0dsamba-pidl-4.10.16-18.el7_9.noarch.rpmf8e815f2673098975c445e25da7c9888356919b0f110f82a04eb99f8e829b91asamba-winbind-clients-4.10.16-18.el7_9.x86_64.rpm5d7f29a95b57203ec49238bd369911af9b72ba82f75a0622ea6163b35f3314b5samba-devel-4.10.16-18.el7_9.i686.rpmfc07d27a24cfb4bf3fa270fffe46819d19b7e4e847365548d7a6b7ec278da24asamba-test-4.10.16-18.el7_9.x86_64.rpmf7e01fd00edc4d62cd42ae41951abf4757e5ad7a1c1ed285a327907171b2ff11samba-winbind-4.10.16-18.el7_9.x86_64.rpmfab6ec8990130ff39e6b8f98593599f42697a5438d68800968033b83cc51e308samba-krb5-printing-4.10.16-18.el7_9.x86_64.rpm01fc3a9e1c9a12f830b114d85d160f26074e02dd715a312951a1e2e5a57dc324samba-common-tools-4.10.16-18.el7_9.x86_64.rpm3f52d9d7e060e7b709f26c6293aba4e0ef9d9bdadb5603dd61099716d381aaa9samba-4.10.16-18.el7_9.x86_64.rpmced360cb043b91623e67bee09549903842831c2eede707e98d8ae900796afb51samba-common-4.10.16-18.el7_9.noarch.rpm32f942ee5738af20289aabd52b423162b6bd093c6be041a7071238080853b8e4samba-winbind-krb5-locator-4.10.16-18.el7_9.x86_64.rpma2bd52f053cd2c036687eebc3ea642bfc33aa5a38ab6f2cd55da9210d8d5516fctdb-tests-4.10.16-18.el7_9.x86_64.rpmaa2e4e9aa51f6c1a5f3d4d911af3af5dce1f7d9e9baf676c7e5dd49b8790b0a7libsmbclient-devel-4.10.16-18.el7_9.i686.rpm8a522401f34868ed4780b40edfc1b2fa187e1edf154c390de8b9cba7be2074b1libwbclient-devel-4.10.16-18.el7_9.i686.rpm68d0c23f13c12c8c6f6a7b10575d1bad11b066bcf4b365a1a0431c771418402csamba-test-libs-4.10.16-18.el7_9.x86_64.rpma9b7a9efd81714e4c1dc7138b23388da7c3b85057317bcb52cbea650c5720897libsmbclient-4.10.16-18.el7_9.i686.rpm52006ab895f07fa144f6caf9f0108d798dc7686e992b97dc18c0a110b2f2f489libsmbclient-devel-4.10.16-18.el7_9.x86_64.rpma6116873071d0e0e1a93f92da747594440df1661bab383785ab65bc054e78c8esamba-client-libs-4.10.16-18.el7_9.x86_64.rpm73b297084b805368e9667009be2b75c17b73ad7f1f506494a49df3d35109a3besamba-devel-4.10.16-18.el7_9.x86_64.rpmca6c55ccd41e72fed93e81bbc6fdde14ea7e8346f8fc14c7801372dba2104e65samba-python-test-4.10.16-18.el7_9.x86_64.rpme6e02517c726e3d2c1b20b65f6d57c118d87f6af0d28492ede3bbbbef4c7ed40samba-winbind-modules-4.10.16-18.el7_9.i686.rpm875867d34e244fe641fff4e423d80b07242a8114b964f46d8557ff456311269dsamba-winbind-modules-4.10.16-18.el7_9.x86_64.rpm0910ecae72d725b7e82afd842ef1fa185e4dc42011571109c4c238d91f97c8a5samba-python-4.10.16-18.el7_9.x86_64.rpm1110731afb343bcb0a24bb1093644864edd9c95fd2405668431271396b824fc3libwbclient-4.10.16-18.el7_9.x86_64.rpm93c751bd215072f74bea32450991e179972a893d22670d3aa7734a20f8e284a4samba-libs-4.10.16-18.el7_9.i686.rpm822f845e292c216299de5833eeee71b674544aa92d36be06aa9a0f5c7d5abe4dsamba-common-libs-4.10.16-18.el7_9.i686.rpm358abe0a4f3d1cccee4cbfdba14e4b8e9f9b249b3be50719522a14fb86e950d0samba-dc-libs-4.10.16-18.el7_9.x86_64.rpm4e068894c52502219475e5eedff3ebafcb87de6e24b7d19b5f2a442fd8f0210elibsmbclient-4.10.16-18.el7_9.x86_64.rpmade34f32e8b4638566cad1850941da3d52909303b61d17d40757a1f1b2d6e5c4libwbclient-4.10.16-18.el7_9.i686.rpmb18a8ec1660612b3ad53037f8ac744ee63d2b8a9ad2c26af2d6ed8e1b0c56b77samba-python-4.10.16-18.el7_9.i686.rpmd15237e0febd8fb7c185f336f4e8c1b4b5bf46db636e83fa5289b928c9ed0fb8samba-test-libs-4.10.16-18.el7_9.i686.rpm2e289467abbb34185c8560a26d2cf8e48172772b3ebfd21da6cb9bbe7db22633samba-client-4.10.16-18.el7_9.x86_64.rpm4ae012ffc048270196283c083ddc37e49cb6867ac416c766017cbb2518edc18esamba-dc-4.10.16-18.el7_9.x86_64.rpme1085bfc77c7780cde712c509a36e2fedc60a70f6c10f8a7b92c77b2baf3211cSLSA-2022:0442-1Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix(es): * log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender (CVE-2022-23305) * log4j: Unsafe deserialization flaw in Chainsaw log viewer (CVE-2022-23307) * log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink (CVE-2022-23302) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE importantScientific LinuxScientific Linux 7log4j-1.2.17-18.el7_4.noarch.rpm9a9f3a9c0c0b3c903b3eaba362782c65a7fe0960c03569ceb943974feb8dc6a0log4j-javadoc-1.2.17-18.el7_4.noarch.rpmb7bce1f231766d0932ad8e7a33358ec1e403446a4c9397b9c9420d4ca87605e6log4j-manual-1.2.17-18.el7_4.noarch.rpm461d220a1b053f5423d08f9200f10c970665b4c01c355772b0494ab003236f85SLSA-2022:0473-1Security Fix(es): * aide: heap-based buffer overflow on outputs larger than B64_BUF (CVE-2021-45417) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7aide-0.15.1-13.el7_9.1.x86_64.rpm363dd087939f8af0acae1ac7e23f6450d17e61db25f0b1ba7fc788c90b4c8c9cSLSA-2022:0514-1This update upgrades Firefox to version 91.6.0 ESR. Security Fix(es): * Mozilla: Extensions could have bypassed permission confirmation during update (CVE-2022-22754) * Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6 (CVE-2022-22764) * Mozilla: Drag and dropping an image could have resulted in the dropped object being an executable (CVE-2022-22756) * Mozilla: Sandboxed iframes could have executed script if the parent appended elements (CVE-2022-22759) * Mozilla: Cross-Origin responses could be distinguished between script and non-script content-types (CVE-2022-22760) * Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages (CVE-2022-22761) * Mozilla: Script Execution during invalid object state (CVE-2022-22763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-91.6.0-1.el7_9.i686.rpm006aa93e30bbb3f0008e6d0e66fd76bae445f9cceee651b211fc41064485b986firefox-91.6.0-1.el7_9.x86_64.rpm02ae80929123f01f3766ad291f6c2fe454e161bf31ecb8405a78b352d9d5e857SLSA-2022:0538-1This update upgrades Thunderbird to version 91.6.0. Security Fix(es): * Mozilla: Extensions could have bypassed permission confirmation during update (CVE-2022-22754) * Mozilla: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6 (CVE-2022-22764) * Mozilla: Drag and dropping an image could have resulted in the dropped object being an executable (CVE-2022-22756) * Mozilla: Sandboxed iframes could have executed script if the parent appended elements (CVE-2022-22759) * Mozilla: Cross-Origin responses could be distinguished between script and non-script content-types (CVE-2022-22760) * Mozilla: frame-ancestors Content Security Policy directive was not enforced for framed extension pages (CVE-2022-22761) * Mozilla: Script Execution during invalid object state (CVE-2022-22763) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.6.0-1.el7_9.x86_64.rpm4cb3af64b351c65ca34d5fdd03c25ef419d792314f77aa5e8f6f9fc14bd12537SLSA-2022:0609-1Security Fix(es): * python-pillow: PIL.ImageMath.eval allows evaluation of arbitrary expressions (CVE-2022-22817) * python-pillow: buffer over-read during initialization of ImagePath.Path in path_getbbox() in path.c (CVE-2022-22816) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7python-pillow-sane-2.0.0-23.gitd1c6db8.el7_9.x86_64.rpm761ee37e931defd45f9d59ca37e3faf94f054114e2a73c335d20318a23c484a9python-pillow-2.0.0-23.gitd1c6db8.el7_9.i686.rpmf24f8203b4277f2c132fa1c7259c7f537836f050dd5a5b7b5c1267fac1d3e9a1python-pillow-doc-2.0.0-23.gitd1c6db8.el7_9.x86_64.rpm2620c143a4a87bd90be2f59117c2af3fc51383790dca3e0887c226cdbda8a851python-pillow-tk-2.0.0-23.gitd1c6db8.el7_9.x86_64.rpm8bc1039d9b77f4fd8c40f8b4a8dc0c4d1959420b8fd45beeb7ed77855c53268apython-pillow-qt-2.0.0-23.gitd1c6db8.el7_9.x86_64.rpmca4d0a62c0744041d7f27f56718b6d7b22a22aecfa795edc5a968ed7e508e41dpython-pillow-devel-2.0.0-23.gitd1c6db8.el7_9.i686.rpmd249271ef57c9faae7cffe852c28a837b96ae8f6d1b4e330c1b9792f869adf53python-pillow-devel-2.0.0-23.gitd1c6db8.el7_9.x86_64.rpmc10b296e79d6f98eecd23df8d0ab59797f6aaac7bb30bdc005023e234b01ed65python-pillow-2.0.0-23.gitd1c6db8.el7_9.x86_64.rpm60975a21b14fe34186e2217332ed40acd52bcb74f73d679fd61f81041a9d70bdSLSA-2022:0620-1Security Fix(es): * kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466) * kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920) * kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155) * kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330) * kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942) * kernel: out of bounds write in hid-multitouch.c may lead to escalation of privilege (CVE-2020-0465) * kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564) * kernel: use-after-free in function hci_sock_bound_ioctl() (CVE-2021-3573) * kernel: possible use-after-free in bluetooth module (CVE-2021-3752) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Kernel with enabled BERT does not decode CPU fatal events correctly * SL 7.9 - Call trace seen during controller random reset on IB config * Infinite loop in blk_set_queue_dying() from blk_queue_for_each_rl() when another CPU races and modifies the queue's blkg_list * NFS client kernel crash in NFS4 backchannel transmit path - ftrace_raw_event_rpc_task_queued called from rpc_run_bc_task * SELinux is preventing / from mount access on the filesystem /procimportantScientific LinuxScientific Linux 7bpftool-3.10.0-1160.59.1.el7.x86_64.rpm4ddf7ebc316baa4753d705cc370c3345d8e2e3cea217dc81cf612a8ba3f92af2kernel-doc-3.10.0-1160.59.1.el7.noarch.rpm946c0d5fcb9b4946fd34699fb2ef587e861ec95bc4468acce0c7422eb10425d5kernel-tools-3.10.0-1160.59.1.el7.x86_64.rpme747d7f2f10bff1b2ca5b681279af5885c2bb1d05885c2e98b9b6ccace3d3a03kernel-headers-3.10.0-1160.59.1.el7.x86_64.rpma22a4b3e94f5b811f45bf3495d738f76e4496f5ce9330f9720e19cab12fa77c0kernel-devel-3.10.0-1160.59.1.el7.x86_64.rpm6e1694a9954433eabc31e5ce15ffbb9c21ff17193421ae9bb3cb180ed1b88e34python-perf-3.10.0-1160.59.1.el7.x86_64.rpm82a02931a29454361303ab1ba2c02f228f0f17bf17b57b56343a8f6cab755296kernel-tools-libs-devel-3.10.0-1160.59.1.el7.x86_64.rpm463f7dda5c55c053351b111748e0bcfee9f51c9ea91ad6a93d3e43ce32563911kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch.rpm13ffd6cfe031fa7b7ce1e900387a4a4ba21b9c079f01e6c7727b8a1154fd2504kernel-3.10.0-1160.59.1.el7.x86_64.rpm60245e7c95ddaa01b92e933a97e4a19b14691634789b4da69df74ef7f7ca3e03kernel-debug-devel-3.10.0-1160.59.1.el7.x86_64.rpm82baafb6336e0df2607de6c8cae06e5f156a0468672396aae71a1d3c2e320016kernel-debug-3.10.0-1160.59.1.el7.x86_64.rpmf3d5d25fdcfeeeb70b7f01ee947bf0905277a88b74fc90cd2218a08f9879f0cdperf-3.10.0-1160.59.1.el7.x86_64.rpm05f73fd3364bb8792508c37d2a3c449f175e11e27884d797aacfcdba9495655bkernel-tools-libs-3.10.0-1160.59.1.el7.x86_64.rpm32309a82faf074334032b78dc644203d3d8cca45cb372d5b3b780391248a4504SLSA-2022:0621-1Security Fix(es): * openldap: assertion failure in Certificate List syntax validation (CVE-2020-25709) * openldap: assertion failure in CSN normalization with invalid input (CVE-2020-25710) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7openldap-clients-2.4.44-25.el7_9.x86_64.rpm05df5e99db0edc47544d7e762ad1ccc43a9e553280b133221c5bd62d14fe880dopenldap-2.4.44-25.el7_9.x86_64.rpme9a2d83f26076ad4562fa60d1ae142d084bfdb8aa51f48827d6934385a26f72bopenldap-devel-2.4.44-25.el7_9.x86_64.rpm97dd2cd507f6de48745ebc747fc1f4ef66077ec5b94c4052d0653c3ecfda9cbaopenldap-2.4.44-25.el7_9.i686.rpmc09a5ae95c62121ac6673698e840713a44a367e395133e28ab063689d6ab80cdopenldap-servers-2.4.44-25.el7_9.x86_64.rpm80759d70873b2db68b01b5378b4959847eed52f08191d3ac7adc649b860fdac0openldap-devel-2.4.44-25.el7_9.i686.rpme7b7ce9bd1c91af747a625b85f9d9a3b92ad3db0145c679b6fa2094563a0edacopenldap-servers-sql-2.4.44-25.el7_9.x86_64.rpm0177d423dfdf9c911c709ed276d8a2fac763c9e586977f47df64187a75f64803SLSA-2022:0628-1Security Fix(es): * 389-ds-base: double-free of the virtual attribute context in persistent search (CVE-2021-4091) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * CSN generator can adjust wrongly the local and remote offsets used to generate a CSNlowScientific LinuxScientific Linux 7389-ds-base-snmp-1.3.10.2-15.el7_9.x86_64.rpmce77ae886569507d3d8a636881b4e0227124bb4ac73d40eac1f2a1966385e86f389-ds-base-libs-1.3.10.2-15.el7_9.x86_64.rpmba9bb484a4c7dc68b007a7f520720b47331b793f36702702197405dbd144ca71389-ds-base-devel-1.3.10.2-15.el7_9.x86_64.rpm9dfdde8db3f0283a5d345af8176577a6fec3f27a965a496675311bf7424936de389-ds-base-1.3.10.2-15.el7_9.x86_64.rpm8101f7625070f12f155e4c6d7f4cd2807d5b8e32274999474c2c41b1c5ef2eafSLSA-2022:0666-1Security Fix(es): * cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands (CVE-2022-24407) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7cyrus-sasl-sql-2.1.26-24.el7_9.x86_64.rpm4a40ab6db225cb6ad07f8544edd60c2aee43d0d380300527cd9e9721b1aa5655cyrus-sasl-gs2-2.1.26-24.el7_9.i686.rpmb54b9528ae53f5495721c5f2c8adbebe1f1d1757fa21cb0997471353766c3b31cyrus-sasl-2.1.26-24.el7_9.i686.rpm967339b9fcb7b6167797be3b72d0d4ac420e9b86fe1cac909ad8c90007e11fefcyrus-sasl-scram-2.1.26-24.el7_9.i686.rpm44780aad3b57cae08e6c6f2589d1dadd74ae23126c71398eb4e7c0dcf4661b1fcyrus-sasl-md5-2.1.26-24.el7_9.i686.rpm54625b5af7df520aa30ec4be91f88aa4f021b99b420d85da3b0616076dd98ec3cyrus-sasl-plain-2.1.26-24.el7_9.x86_64.rpmc4ab1f09bb0e4a614871d5c4266e4d18ae88d3df3d57c15772abe292c23d30aacyrus-sasl-ldap-2.1.26-24.el7_9.i686.rpmeea9f5dcf16322f440e908b8ff15b291d0d39e817c42673dae424714e236531dcyrus-sasl-gssapi-2.1.26-24.el7_9.x86_64.rpma83b5a1977b9c7b3538b2d3b624a9bdff4f7c505dcf42a0c31fb95aefd07aca0cyrus-sasl-ntlm-2.1.26-24.el7_9.i686.rpmccc7f7145072c2a6b4b86fc3df68c3763801dfcc27186be6ab680e26920dbc0bcyrus-sasl-plain-2.1.26-24.el7_9.i686.rpm6b94a459b9b883c37968d0f20fb8600ba428e4ccfdf66d797b0a56a3b4083963cyrus-sasl-scram-2.1.26-24.el7_9.x86_64.rpma1ddbd0a6fd6f2e074c3df9a2c124bda9d81b9d7d605b0dd8805c215c9ae78dbcyrus-sasl-2.1.26-24.el7_9.x86_64.rpmc0788227ddc4b5349fd59d2c921669ff2943c5a5b26986440b5d1f61b4c8ad16cyrus-sasl-sql-2.1.26-24.el7_9.i686.rpm8904a5ee533579ee4ca9881e15f251c6de2eb088fcbace9481a4ad7adb46377dcyrus-sasl-lib-2.1.26-24.el7_9.x86_64.rpm2aba1129ef910065dc0a8e69295d1ad6bcd5b1f97ff2e3ac3f3be667594a3363cyrus-sasl-devel-2.1.26-24.el7_9.x86_64.rpm0230c24753ea28baaaab7ff9b4f2dd408029bf893ea6aefab59034f0d2c5cf3fcyrus-sasl-gs2-2.1.26-24.el7_9.x86_64.rpm31a2440a98e41391a5fbab60a833229fa2e70ecaae47167d83359eeaa8b9a48ecyrus-sasl-lib-2.1.26-24.el7_9.i686.rpm4853a8c3bdbd9490959789e6a00ef507002c7d2c16d8867c64dbc95fb0f7d430cyrus-sasl-devel-2.1.26-24.el7_9.i686.rpmb30208f1a17274345596864583a4697e3110646204022787474b3351697d666ccyrus-sasl-ntlm-2.1.26-24.el7_9.x86_64.rpm7d64db4096bcc01a8587a9d5aa2f22616c979dbeba0e1294b9345628a704ac5fcyrus-sasl-gssapi-2.1.26-24.el7_9.i686.rpm4bec982ea813540557f0a52138f8b3e09698020541719c8e783ad57eeacfcf3ecyrus-sasl-ldap-2.1.26-24.el7_9.x86_64.rpmfa614ba1acea9591194c1a17162400866c22b9f4a231e45166d352f0907915d6cyrus-sasl-md5-2.1.26-24.el7_9.x86_64.rpmc4202509cdb3a97da1c6aa221566733f33c1afc61e8c1067d5ad1f4c4bb6d742SLSA-2022:0824-1This update upgrades Firefox to version 91.7.0 ESR. Security Fix(es): * Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485) * Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486) * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235) * expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution (CVE-2022-25236) * expat: Integer overflow in storeRawNames() (CVE-2022-25315) * Mozilla: Use-after-free in text reflows (CVE-2022-26381) * Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383) * Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384) * Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387) * Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Firefox 91.3.0-1 Language packs installed at /usr/lib64/firefox/langpacks cannot be used any morecriticalScientific LinuxScientific Linux 7firefox-91.7.0-3.el7_9.i686.rpm17a6c0c6940f2d8c32861a0fc4523fd49af44c0790833f5ecef02ac63dd6a45dfirefox-91.7.0-3.el7_9.x86_64.rpm96d651cc95589c55f2343d3ecd7a126c34b8e500a6666c5633ca1071f58c1547SLSA-2022:0850-1This update upgrades Thunderbird to version 91.7.0. Security Fix(es): * Mozilla: Use-after-free in XSLT parameter processing (CVE-2022-26485) * Mozilla: Use-after-free in WebGPU IPC Framework (CVE-2022-26486) * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235) * expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution (CVE-2022-25236) * expat: Integer overflow in storeRawNames() (CVE-2022-25315) * Mozilla: Use-after-free in text reflows (CVE-2022-26381) * Mozilla: Browser window spoof using fullscreen mode (CVE-2022-26383) * Mozilla: iframe allow-scripts sandbox bypass (CVE-2022-26384) * Mozilla: Time-of-check time-of-use bug when verifying add-on signatures (CVE-2022-26387) * thunderbird: Crafted email could trigger an out-of-bounds write (CVE-2022-0566) * Mozilla: Temporary files downloaded to /tmp and accessible by other local users (CVE-2022-26386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.7.0-2.el7_9.x86_64.rpm86ae44e13f4bd6644c5f83d8e7149c802629dad4f6a1110dbb096a7fdcd2a9e9SLSA-2022:1045The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling (CVE-2022-22720) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7mod_proxy_html-2.4.6-97.sl7_9.5.x86_64.rpm61b42447228c8c4f96ca083fa8874f87393f20064bc6cd7702d5f287107eefc9httpd-devel-2.4.6-97.sl7_9.5.x86_64.rpm60c899c7fb2088fb25771d3a18c096b7e85fa343a21f99fde105751d5a78d593httpd-manual-2.4.6-97.sl7_9.5.noarch.rpm53b457c68db12d30eacfe372d40554be842ac10db5568f6576574b28cb6b17d0httpd-tools-2.4.6-97.sl7_9.5.x86_64.rpmb7000fea8dd4c7ddfbcbf98b95ae7e20330fac2554404d59f1dae79ca3d7010chttpd-2.4.6-97.sl7_9.5.x86_64.rpm0be74a09f7461ff46cf66401b9db4e4f429b1d4c55952455a8a7a012b728b7c5mod_ssl-2.4.6-97.sl7_9.5.x86_64.rpmd03ed63db929825bd4f0f81df35f02c5cc4ad1a05c7693b42b125a8062a69e08mod_ldap-2.4.6-97.sl7_9.5.x86_64.rpmb01bda47f0ad5df1efa995409759bdaddba56709ca2790177a1a6aa5758086e2mod_session-2.4.6-97.sl7_9.5.x86_64.rpm6f9b6c8d39161243b4d782e6b55549de922d0e2d4a56d057373bb28a5577206cSLSA-2022:1066-1Security Fix(es): * openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7openssl-devel-1.0.2k-25.el7_9.x86_64.rpm0cd7ba148b371e943111ce6eaafbd00eb24c265bbea3545e4cd8f77a4ae0f51aopenssl-devel-1.0.2k-25.el7_9.i686.rpmfb9d5a2a4777a3570d2826570ce98f67c3e75b01d06a859c7d6521ee75d229f8openssl-perl-1.0.2k-25.el7_9.x86_64.rpm7a90aa94a06406b97cb00a55e2ecfbafb31d9967e76907ec7ad4f954a7f573cbopenssl-libs-1.0.2k-25.el7_9.i686.rpme9318045f52dc83193ff047b76fee6f3d06ee2092cd7d6752fdb1a7577be3f42openssl-1.0.2k-25.el7_9.x86_64.rpmda8f28a2c9b1940ce0ee2c745cda3f2774bcf3a426350a26903f29b40b9b2fc9openssl-static-1.0.2k-25.el7_9.x86_64.rpm9f0061c22cec08a203b08ecc08351efa083a2a438c995b153ae072748bad5263openssl-static-1.0.2k-25.el7_9.i686.rpm2c9af1aa25ed8e8d12035e176bd3bb1648e3ae05903620f768fd41c83a3cbc27openssl-libs-1.0.2k-25.el7_9.x86_64.rpme58ebf01a83537b5b6979be59b9bad2552b07874b4ad317037287dbc9e127fd4SLSA-2022:1069-1Security Fix(es): * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution (CVE-2022-25235) * expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution (CVE-2022-25236) * expat: Integer overflow in storeRawNames() (CVE-2022-25315) * expat: Large number of prefixed XML attributes on a single tag can crash libexpat (CVE-2021-45960) * expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143) * expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822) * expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823) * expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824) * expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825) * expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826) * expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827) * expat: Integer overflow in function XML_GetBuffer (CVE-2022-23852) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7expat-2.1.0-14.el7_9.i686.rpmdb2260a5a84c3b7184b5bc609698720947e449b84b89688dabf5254d2cccfd5bexpat-2.1.0-14.el7_9.x86_64.rpm5257fbac66b901d8eb514bbc0d61e19302e6e789bf5666bed2840c6fdad50babexpat-devel-2.1.0-14.el7_9.i686.rpm91bc2f24c563682181148502aeee7002e20d1745a3fda375947d0b68298e6f9cexpat-devel-2.1.0-14.el7_9.x86_64.rpm7a36b0bcb1c2ea46cf6c80ffe6d0f37a8767d514bfa2c8fdd27828766f1db9d5expat-static-2.1.0-14.el7_9.i686.rpmd92b1587b263f4e350840712870cce1abf384381120b621f913f6d5dbb426c56expat-static-2.1.0-14.el7_9.x86_64.rpm09fb4769dc9a2d5d253ffddaab86e4eccc87bb0b9fc7a551f5e0a68ea04526c6SLSA-2022:1198-1Security Fix(es): * kernel: use-after-free in RDMA listen() (CVE-2021-4028) * kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Adding new kernel entry in grub configuration file only after generation of new initramfs * Cannot mount DFS shares on SL7 * SL7.9 - zcrypt DD: Toleration for new IBM Z Crypto Hardware * kernel panic at skb_free_datagram_locked on 3.10.0-1160.45.1.el7 * Lots of tasks are getting stuck in I/O wait waiting on the buffer_head locked by the task that is busy shrinking slab for freeing pages - 3 patches to fs/buffer.c * [SL 7.9 Bug] x86/platform/uv: Add more to secondary CPU kdump info * REGRESSION System panicking in __kmalloc+0x94 from a freelist issue introduced by a block patch. Enhancement(s): * SL7.9 - kernel: Add support for CPU-MF counter second version 7importantScientific LinuxScientific Linux 7kernel-tools-libs-3.10.0-1160.62.1.el7.x86_64.rpm406efbc3cf0166a399a7d123eed3829f0305f3888628008d5f289e23f55434bakernel-debug-3.10.0-1160.62.1.el7.x86_64.rpm80cd64455bb40e7230c5834ba674fd80d234e6325414d1543edf005b294e1eb5kernel-headers-3.10.0-1160.62.1.el7.x86_64.rpm517ce9e691730d5103e7ebeb16e7d616d639f3412a4166060d58155d06914b65kernel-doc-3.10.0-1160.62.1.el7.noarch.rpm472ce233645dedc0eebab070fbf54bae4b5148b689de439d1d25334317906ea1kernel-tools-libs-devel-3.10.0-1160.62.1.el7.x86_64.rpm61998c4bdf5a790273293189b472775556b614d1a70988f5d81351674a1ace67kernel-tools-3.10.0-1160.62.1.el7.x86_64.rpm303b2a8f6f95bc0b6637d696f898944f6c027bfb04037d268485220bc1c94045kernel-debug-devel-3.10.0-1160.62.1.el7.x86_64.rpmc85e6501cee65b1a7867aad8fc811600b899f71817e88c6369e8d15b949f42ddpython-perf-3.10.0-1160.62.1.el7.x86_64.rpme63786d546be238c2b8da96134eb0cedf37afae465088eec5b916e839cc1d102kernel-devel-3.10.0-1160.62.1.el7.x86_64.rpm958f9f19d97851d8cb365895dc33e57e8611f9101896ae8f0485bd687711505dperf-3.10.0-1160.62.1.el7.x86_64.rpm189d3795653adaada253018e99cdf4046cbdf6e4cb50fec91aee8c705b1c9fe1kernel-3.10.0-1160.62.1.el7.x86_64.rpm5f4b87416f08fe2293227436c3860a7b2ba649264a9c16c0113bb22067048556kernel-abi-whitelists-3.10.0-1160.62.1.el7.noarch.rpm775ad768127a77f40b4feeeaffeff7bce31181bb02dedca2e3d3f02090e693f1bpftool-3.10.0-1160.62.1.el7.x86_64.rpme87ae6fa8c463e8a14daa06961a93b0f67bf3d0114b5293a66376a79d7827672SLSA-2022:1284-1This update upgrades Firefox to version 91.8.0 ESR. Security Fix(es): * Mozilla: Use-after-free in NSSToken objects (CVE-2022-1097) * Mozilla: Out of bounds write due to unexpected WebAuthN Extensions (CVE-2022-28281) * Mozilla: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8 (CVE-2022-28289) * Mozilla: Use-after-free after VR Process destruction (CVE-2022-1196) * Mozilla: Use-after-free in DocumentL10n::TranslateDocument (CVE-2022-28282) * Mozilla: Incorrect AliasSet used in JIT Codegen (CVE-2022-28285) * Mozilla: Denial of Service via complex regular expressions (CVE-2022-24713) * Mozilla: iframe contents could be rendered outside the border (CVE-2022-28286) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-91.8.0-1.el7_9.i686.rpm9daf2e0220ee23c0eb4357894ba156262a6e09e3109e488ba28530e5f63b3b26firefox-91.8.0-1.el7_9.x86_64.rpme8b3036efd6a8b939ed121e073fb065f3518b7c43761e4d4610afd5f829b7422SLSA-2022:1302-1This update upgrades Thunderbird to version 91.8.0. Security Fix(es): * Mozilla: Use-after-free in NSSToken objects (CVE-2022-1097) * Mozilla: Out of bounds write due to unexpected WebAuthN Extensions (CVE-2022-28281) * Mozilla: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8 (CVE-2022-28289) * Mozilla: Use-after-free after VR Process destruction (CVE-2022-1196) * Mozilla: OpenPGP revocation information was ignored (CVE-2022-1197) * Mozilla: Use-after-free in DocumentL10n::TranslateDocument (CVE-2022-28282) * Mozilla: Incorrect AliasSet used in JIT Codegen (CVE-2022-28285) * Mozilla: Denial of Service via complex regular expressions (CVE-2022-24713) * Mozilla: iframe contents could be rendered outside the border (CVE-2022-28286) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.8.0-1.el7_9.x86_64.rpma8f369bab052fd85ca6c24f4845174873218547a34eca1081b7d1f7fbfd54a8eSLSA-2022:1440The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-11-openjdk (11.0.15.0.9). (BZ#2047531) Security Fix(es): * OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476) * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426) * OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434) * OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443) * OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7java-11-openjdk-jmods-debug-11.0.15.0.9-2.el7_9.i686.rpm6454698240bf2414d9a427d50bfc9066d1309fdcbe3ce9fa46c08a34531f9bbdjava-1.8.0-openjdk-demo-debug-1.8.0.332.b09-1.el7_9.i686.rpm8fa1db6e7c41fa21f266379f8373d0b5adc94af525b0575000f9170a7897a208java-11-openjdk-demo-debug-11.0.15.0.9-2.el7_9.i686.rpmd61e76b91d98389d1d69d1f777395aee32f352d27aa5f69c3639b96170927768java-1.8.0-openjdk-debug-1.8.0.332.b09-1.el7_9.x86_64.rpm98d063dd81a3e10cd455c9d22c4dc9842526ea4739341844b058af143868df19java-1.8.0-openjdk-debug-1.8.0.332.b09-1.el7_9.i686.rpm6d2bd0cca07b5da3a949c5ab58b8051ef22f9135c194bf6fda871c55252c2f07java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.332.b09-1.el7_9.noarch.rpm0b4e7241ab25be75d62adfd35cf567580d3d778a707cc2c392baad4c0de5d283java-1.8.0-openjdk-accessibility-debug-1.8.0.332.b09-1.el7_9.x86_64.rpm8d0531bfee4d52a9205fcbe8c1e3910652d26957d10214d8dc1720242cc418cbjava-11-openjdk-src-debug-11.0.15.0.9-2.el7_9.i686.rpmc9862419593933f057e7e52a04628c31a91afce54ca20a94e75eb7d8bd4a0c4ejava-11-openjdk-debug-11.0.15.0.9-2.el7_9.i686.rpma98dbfd8c7b4aa2d34e972234a01c35ec374d4a01453b24030c1e5700c1acbd7java-11-openjdk-headless-debug-11.0.15.0.9-2.el7_9.x86_64.rpm7ab27c142f078cd661ad9bc2986a25b0e965ed9c6c2954c9b727a4a57b770a70java-1.8.0-openjdk-devel-debug-1.8.0.332.b09-1.el7_9.i686.rpma3536da9d95f234070c5588f129862e6f76e115ab6b9be0e0ed7abae77a491dejava-11-openjdk-headless-debug-11.0.15.0.9-2.el7_9.i686.rpm91e1ca80adf9e1c006a587215b8360444486c64e21a21595cd9570ee112d0e18java-11-openjdk-javadoc-zip-debug-11.0.15.0.9-2.el7_9.i686.rpm9a27c396f5c20920f4e3b2135d207f022048ac7d2c8e92a7cc7045804a36ff0ajava-11-openjdk-devel-debug-11.0.15.0.9-2.el7_9.i686.rpm44882dc9edf6502327ae1d7483c4c5e94eaadef140eab876563e545cf588ef69java-11-openjdk-javadoc-zip-debug-11.0.15.0.9-2.el7_9.x86_64.rpm8f5bb8aedb103c83eb41e2cd01541e3745b3ce1c2d18a5fb4c96004573354d46java-11-openjdk-javadoc-debug-11.0.15.0.9-2.el7_9.x86_64.rpm790a422311f4bf7e96ab4f70596e3b15081723e03c10ea5c91be361f32dd00c3java-11-openjdk-static-libs-debug-11.0.15.0.9-2.el7_9.x86_64.rpm865c25db988d67ea0239d79eff5574b232513b88c54e86fde9768de3420f9849java-1.8.0-openjdk-src-debug-1.8.0.332.b09-1.el7_9.x86_64.rpm7ec8ac0d1a0ade3c045fdb70e701cdedaed51839fc794a6cb646da9d2b62542djava-11-openjdk-src-debug-11.0.15.0.9-2.el7_9.x86_64.rpma5f11cb569cd225057fbf7d36db853276edbdfdc8d4e95f8a3eb45dd816ede0cjava-11-openjdk-javadoc-debug-11.0.15.0.9-2.el7_9.i686.rpmbab1d9c934572ad5e702d3f290c5c3be3db749006e8a4f19023d1d3b43195706java-11-openjdk-demo-debug-11.0.15.0.9-2.el7_9.x86_64.rpm55b5258d010f86e7ef8ad2a49179e102cd71c4c281fba741c65ee9d72290c800java-1.8.0-openjdk-demo-debug-1.8.0.332.b09-1.el7_9.x86_64.rpm3c2d12a6fde5807197875fa4f3abab4b4b71c2fbedeebc8b74fa5a929612c5a7java-1.8.0-openjdk-javadoc-debug-1.8.0.332.b09-1.el7_9.noarch.rpm2fbc92e494e095f0bd519994a99ff2dfdef3fc82db35669b1e868e8797c27de2java-1.8.0-openjdk-src-debug-1.8.0.332.b09-1.el7_9.i686.rpm5c9a44c800e5518d218e575dd86612f06ec48a06d1a192896b8ad93b5432c46fjava-11-openjdk-debug-11.0.15.0.9-2.el7_9.x86_64.rpmbf12e7ca8f7d3ee8b42c8fea4863251f25fd0688e622119a9e2d164965268b03java-1.8.0-openjdk-headless-debug-1.8.0.332.b09-1.el7_9.x86_64.rpm29a58554a3c82b76a03f260483b39de964ed2434f54de298b631d7291f5f760ajava-11-openjdk-devel-debug-11.0.15.0.9-2.el7_9.x86_64.rpme6070418b3a57822693d1ba54ab0835d412b97de8f31738d137e1a8affd67c06java-1.8.0-openjdk-accessibility-debug-1.8.0.332.b09-1.el7_9.i686.rpm5c4c150e5d70ef3e359f5cc3c001dd34c5aaa52972b76db6c0cf7f99c09e1480java-11-openjdk-jmods-debug-11.0.15.0.9-2.el7_9.x86_64.rpmf79e6a2d077080d73e3d2e89419e063fed74e795be7eb14bd794be7b6251727fjava-1.8.0-openjdk-headless-debug-1.8.0.332.b09-1.el7_9.i686.rpm1be91c9ffdaf54ab97c3e8ca6e8f8cc761d71df030821976129d0b975e8fff74java-1.8.0-openjdk-devel-debug-1.8.0.332.b09-1.el7_9.x86_64.rpm1d5c0b1629cd24b0ef8772abd047e970432905649620632b32b5b45f33f397d8SLSA-2022:1440-1The following packages have been upgraded to a later upstream version: java-11-openjdk (11.0.15.0.9). Security Fix(es): * OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476) * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426) * OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434) * OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443) * OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7java-11-openjdk-javadoc-11.0.15.0.9-2.el7_9.i686.rpmdde57732b2c43cf4fdab923ca25a26111486754cfef4b0b7ca9ae4bcc59c8f03java-11-openjdk-javadoc-zip-11.0.15.0.9-2.el7_9.x86_64.rpmdcf924eeb44ba991e6d0ffdc06e5f8ae80a9fefa7034a3c4866cf7a56ef3c8e3java-11-openjdk-jmods-11.0.15.0.9-2.el7_9.i686.rpm29225e443a09ceaff69bc83a0172c0287a57389bdfb51b9f19e612e440bbc71ajava-11-openjdk-jmods-11.0.15.0.9-2.el7_9.x86_64.rpm37e80356b5ec3561aa58ed22a4c8d39eaffc5111a7931dc05f8879fc880c2f66java-11-openjdk-devel-11.0.15.0.9-2.el7_9.x86_64.rpmd13851971149cf7063229db1256e4079cd602a757bdc196b01db2a3eaf888f61java-11-openjdk-11.0.15.0.9-2.el7_9.i686.rpmf941c1ab71d54b68b3cd2560fd5340cba62675deeffa9fac9cb2f663de30c5cdjava-11-openjdk-demo-11.0.15.0.9-2.el7_9.x86_64.rpmb5babd89afc050fb8e0be904f5fc61c9d551ed427a72d4a77d367e415776704djava-11-openjdk-11.0.15.0.9-2.el7_9.x86_64.rpm54de3796cc3eb5b01d2b60bcc97b9c8fcf29dcc4a70a8c7031fe6f55cc0f8ec6java-11-openjdk-src-11.0.15.0.9-2.el7_9.i686.rpm3bdef62cb5951dfd6d4561608d29e54e027eb399227e9d066e8ea0a7da7feb73java-11-openjdk-headless-11.0.15.0.9-2.el7_9.x86_64.rpm85b1c49c7c73aa8d4fd021959cbe18c3ee1cdbc75268a0e7b212f1852f0db2d7java-11-openjdk-src-11.0.15.0.9-2.el7_9.x86_64.rpm89d22efd78517f02dbf39aea0f45dfa8d261012bd910d7059012cd53fc6ce28bjava-11-openjdk-headless-11.0.15.0.9-2.el7_9.i686.rpm187b0eeca1aa3710529d42aec35f95d4cb2a0dadf7089b297512c4cc604a213cjava-11-openjdk-javadoc-11.0.15.0.9-2.el7_9.x86_64.rpmb78a1c26e55cc35b94e51b14ef910876e24a17e7ddd20f0a9bd230ae6e72f3a1java-11-openjdk-devel-11.0.15.0.9-2.el7_9.i686.rpm7fcf28f2386c7cab99c5bfba993434b55e925ac83db8d627ccbcad6dfeff416fjava-11-openjdk-static-libs-11.0.15.0.9-2.el7_9.x86_64.rpmabd20afa7d4d5874006ad51aafa8bb71c41048ac8be43642c5913d0f9f007bc7java-11-openjdk-demo-11.0.15.0.9-2.el7_9.i686.rpmfd618325e092d5dbe7ad7e7e7c3178a8335f1d2c1d9a9fc05962f6703df8648cjava-11-openjdk-javadoc-zip-11.0.15.0.9-2.el7_9.i686.rpm43425d585ac388ff95d0d6bcd4d5a80b9c13c0d6df3756a31d89fa50920fe4d9SLSA-2022:1487-1Security Fix(es): * OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476) * OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426) * OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434) * OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443) * OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7java-1.8.0-openjdk-1.8.0.332.b09-1.el7_9.x86_64.rpm2fe3ed816e42aacabe3ccbe30a458b41470ed1419f25c24f07ea37c2faf16ed5java-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el7_9.i686.rpm3203b6dee98f8021866c807ba0389dcaa94cafdc001720e86135d61b1a826b4ajava-1.8.0-openjdk-devel-1.8.0.332.b09-1.el7_9.i686.rpm913f70c9c5bfb2b4c63dffc455ee70363bca51fed32a63bc552c3686c1f9c34fjava-1.8.0-openjdk-headless-1.8.0.332.b09-1.el7_9.i686.rpm1a08683eeb8f7d7245725793b3ccc5011b5feb349ad97a59b6c1a0e096d56abcjava-1.8.0-openjdk-demo-1.8.0.332.b09-1.el7_9.i686.rpmc8caa6d338c2691c4c131f970d3a3bafbc26d9445e85f57ca905fa0635c2dbbfjava-1.8.0-openjdk-accessibility-1.8.0.332.b09-1.el7_9.x86_64.rpm7555bf4db79a8e019a6757b8b3f7ade934a602a05f711d0ffbf0d17991047a1cjava-1.8.0-openjdk-devel-1.8.0.332.b09-1.el7_9.x86_64.rpma911a1eb974b106334d39bd84e8394b666788f50805e0b0bb675cf086a5e860ejava-1.8.0-openjdk-demo-1.8.0.332.b09-1.el7_9.x86_64.rpm2d032b3722bef7b4fcc6722509f7c105c742079e69ed5a2ab9bce66e7d870c22java-1.8.0-openjdk-javadoc-zip-1.8.0.332.b09-1.el7_9.noarch.rpm4e216459910b462af79016c6fe77c7d44608501de95f10dd93bebc4968ad96e0java-1.8.0-openjdk-src-1.8.0.332.b09-1.el7_9.i686.rpm25e1e8033161283a58f8deaa404326d267095868935d1d9bb839a38c004046a7java-1.8.0-openjdk-src-1.8.0.332.b09-1.el7_9.x86_64.rpm46fa43016dca217f7f31aec060edb30aaabaa1f50ae8a70ec3ec0508cb7d8aa7java-1.8.0-openjdk-javadoc-1.8.0.332.b09-1.el7_9.noarch.rpm65ba24f4ef25a4833d1a39799602766dc85b2c018c8928d31ab4a2001c59b578java-1.8.0-openjdk-1.8.0.332.b09-1.el7_9.i686.rpm8b035e58f6ea351ea93babda6b4925d6cfe96b5e169f9548028831c8042ad0c1java-1.8.0-openjdk-headless-1.8.0.332.b09-1.el7_9.x86_64.rpm982688a1575aa0bf1f4c1adaf81c61564d7a2dea3bd7394bcbccc2f8a6997719SLSA-2022:1541-1Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7maven-shared-utils-0.4-4.el7_9.noarch.rpm635ca492b99ed733728a56d3d5882fc5a367ffcae2bcd0e5730ecba596d48a99maven-shared-utils-javadoc-0.4-4.el7_9.noarch.rpm71ba926f15d5118380601b4e3c13e09b1aa51462571713302735e558c25aeb62SLSA-2022:1703-1This update upgrades Firefox to version 91.9.0 ESR. Security Fix(es): * Mozilla: Bypassing permission prompt in nested browsing contexts (CVE-2022-29909) * Mozilla: iframe Sandbox bypass (CVE-2022-29911) * Mozilla: Fullscreen notification bypass using popups (CVE-2022-29914) * Mozilla: Leaking browser history with CSS variables (CVE-2022-29916) * Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9 (CVE-2022-29917) * Mozilla: Reader mode bypassed SameSite cookies (CVE-2022-29912) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-91.9.0-1.el7_9.i686.rpm2848a8eb37faa0aa648b62965b19fa466dc4968ed927d3545154545215d52e98firefox-91.9.0-1.el7_9.x86_64.rpmc11a6c9ed11495d188649eb84f2251a15dbf86228fce394a8c8b9fd278ddb811SLSA-2022:1725-1This update upgrades Thunderbird to version 91.9.0. Security Fix(es): * Mozilla: Bypassing permission prompt in nested browsing contexts (CVE-2022-29909) * Mozilla: iframe Sandbox bypass (CVE-2022-29911) * Mozilla: Fullscreen notification bypass using popups (CVE-2022-29914) * Mozilla: Leaking browser history with CSS variables (CVE-2022-29916) * Mozilla: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9 (CVE-2022-29917) * Mozilla: Reader mode bypassed SameSite cookies (CVE-2022-29912) * Mozilla: Speech Synthesis feature not properly disabled (CVE-2022-29913) * Mozilla: Incorrect security status shown after viewing an attached email (CVE-2022-1520) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.9.0-3.el7_9.x86_64.rpm806c8e4eebfcbbae90a9ac8a9d27e401ae2e6bc8bd1e64d871a4c55478605cc9SLSA-2022:2191-1Security Fix(es): * gzip: arbitrary-file-write vulnerability (CVE-2022-1271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7gzip-1.5-11.el7_9.x86_64.rpm31892df32fdf2c1c290d6e2f41169b2cd56ddbf8bb2635c07416c00979a4d59fSLSA-2022:2213-1Security Fix(es): * zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7zlib-static-1.2.7-20.el7_9.x86_64.rpm59fbd7dba8ac257ebd36d9e43a3f1416134e2034c3c64053397dbe35092f29b1minizip-1.2.7-20.el7_9.x86_64.rpm2e4eacbb6adc7522697701ef62afef3212274d563cf10b9e556fe8e2eb341577minizip-devel-1.2.7-20.el7_9.i686.rpmc8243e2e7c06b397b7d8f8f5f6c0baa8b8a83a37618e96d4ee46974a0648dabezlib-static-1.2.7-20.el7_9.i686.rpm6edb526f889c296e32c1573d68fe243759299b4a8bd2a0b7a29328695ae05769minizip-1.2.7-20.el7_9.i686.rpmcedb4974fde50c300966cefb68799eca467fa942ae921647be90c1e11a3df00fzlib-devel-1.2.7-20.el7_9.i686.rpmce8da1a1626e6648d5557d6566ebc67e0c2b61e841c2c501e15f7bd867bb3236minizip-devel-1.2.7-20.el7_9.x86_64.rpmf9cb6bb4c9f5556c891e8eb177f3b35dbc5dd20ad58256f93e4e2a9a9bea0614zlib-devel-1.2.7-20.el7_9.x86_64.rpmecb3672456577e44acfee7cb131be9acb9781ba1433f4e1fadb18f7d6dcd700czlib-1.2.7-20.el7_9.x86_64.rpm4a4de3032bfcef31be4e2cb07dc924293521d9ce6500d17c45e618af7d3f725azlib-1.2.7-20.el7_9.i686.rpme2a8ad745347fbfb35c38b8084fa7d8918c8affc9387f5a45f9e60c32279597dSLSA-2022:4642-1Security Fix(es): * kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * kernel panic in mlx5_ib driver SL/CentOS 7.9 VM * [SL-7.9] Get Call Trace about "kernel/timer.c:1270 requeue_timers+0x15e/0x170" on specified AMD x86_64 system * kernel NULL pointer dereference while calling dma_pool_alloc from the mlx5_core module * Rhel 7.9 NFS Clients takes very long time to resume operations in an NFS Server failover scenario * perf stat shows unsupported counters for Intel IceLake cpuimportantScientific LinuxScientific Linux 7perf-3.10.0-1160.66.1.el7.x86_64.rpme35107177f0d41b11598d0eb6b700fcb26220351f583b2b7f5822f6e8c3362d6kernel-tools-libs-3.10.0-1160.66.1.el7.x86_64.rpmc1c6d696b1cf50d8c90b8fc28de93bb4281a51a243e473fa57f0bcfe6868b343kernel-debug-devel-3.10.0-1160.66.1.el7.x86_64.rpm9f3f654ab1782eebfee4bdfa9ef84640016992e36a13770aae9d8e3a91d9f05fkernel-headers-3.10.0-1160.66.1.el7.x86_64.rpm69d183d419048a8f44a63d9c6ecefdc9c66a024a3fd1a977a52242a10d9a6c94kernel-doc-3.10.0-1160.66.1.el7.noarch.rpmfb8d00a98dbf8ad64df3c2fc3bd71875f16f26f4bb63d75569f3b23119e1cf82kernel-devel-3.10.0-1160.66.1.el7.x86_64.rpm335d8182f93343fe1c06d24c240894cce9ff2641ae03e4be023af248320211b0kernel-abi-whitelists-3.10.0-1160.66.1.el7.noarch.rpm7f4a207a45581b1089c7584be3d0e47920eaa1daf4259f06c2f224b5ee6b89d4kernel-3.10.0-1160.66.1.el7.x86_64.rpmf9b73f3c142bad4396ca930a46fb0a9936ea56f78daee78c5a5567eef626765dpython-perf-3.10.0-1160.66.1.el7.x86_64.rpmd4df399b78ab27a497b8ba2cdda2b6c2429c137b5b75c0e9e7b7dda9aa1f7f5ckernel-tools-libs-devel-3.10.0-1160.66.1.el7.x86_64.rpm8213bb277061bfe1bd0374654b7af0c9bbe1fc417794613469281c45e94ad21akernel-tools-3.10.0-1160.66.1.el7.x86_64.rpmba2389506b7fdd928f026feeaa2e7c45f63e70a263360669cd5246259d9b9c22kernel-debug-3.10.0-1160.66.1.el7.x86_64.rpm6d3e4617ed58016b72c8c1e794509f65512f2895935e7d5228b82fe0544f18ddbpftool-3.10.0-1160.66.1.el7.x86_64.rpmce07c0edcf1471992df12486aaab0ac6c59c962c91ec2488f8080eb5527c2895SLSA-2022:4729-1This update upgrades Firefox to version 91.9.1 ESR. Security Fix(es): * Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution (CVE-2022-1529) * Mozilla: Prototype pollution in Top-Level Await implementation (CVE-2022-1802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEcriticalScientific LinuxScientific Linux 7firefox-91.9.1-1.el7_9.x86_64.rpm80d46609a8cb319359dc3b90af371283b148cd4a302a84bd648bf361c9c9aea0firefox-91.9.1-1.el7_9.i686.rpm341d17218763d9e521c93047f4952bfec6d6c04b14f9ee0a68fa7349fb40c0e6SLSA-2022:4730-1This update upgrades Thunderbird to version 91.9.1. Security Fix(es): * Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution (CVE-2022-1529) * Mozilla: Prototype pollution in Top-Level Await implementation (CVE-2022-1802) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEcriticalScientific LinuxScientific Linux 7thunderbird-91.9.1-1.el7_9.x86_64.rpmcdc32e32092757a426f9207dcc7a53db29fa5b0ed6c7fe4fe65314f3cefa263eSLSA-2022:4803-1Security Fix(es): * rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7rsyslog-snmp-8.24.0-57.el7_9.3.x86_64.rpme3b0542fcbf988eefd3b6ec087cdc45c6c1d06f14f3be8bade5e4f1c7e417672rsyslog-doc-8.24.0-57.el7_9.3.noarch.rpm72657e2cc5db25197b8f643d0203f53eacd2005e6b211e2317675382eba39e4frsyslog-libdbi-8.24.0-57.el7_9.3.x86_64.rpm966ee3885d60b27edf283acd40da8dcb43f82fdf2e4b85775808e4b8c01a91a1rsyslog-pgsql-8.24.0-57.el7_9.3.x86_64.rpm432a8f1b6e2be0243afc23f667afa34872e02b7b9f961628c3236a7b055798afrsyslog-elasticsearch-8.24.0-57.el7_9.3.x86_64.rpmfcd136bc321c3355d226340c99e3966a302f34476f045f5224335f637d397567rsyslog-relp-8.24.0-57.el7_9.3.x86_64.rpm8d3db0683773333cd93c29adbc38376f2d4b47539b0e573028504b08227ea593rsyslog-gnutls-8.24.0-57.el7_9.3.x86_64.rpmdbf02a5d0fc4e537ba4efc857f2665213c6d3dc3b84c5f62b6c3ad8978d8464arsyslog-udpspoof-8.24.0-57.el7_9.3.x86_64.rpm5a6260ae1d9c425f4d0e094e01ceaec7a20afea7464ddd37219ce2d86bd42e06rsyslog-crypto-8.24.0-57.el7_9.3.x86_64.rpm35077c3289d295a5cc412a627a2b361607dd36c687b16a2bacdb2b21dc2e4f8arsyslog-mmnormalize-8.24.0-57.el7_9.3.x86_64.rpm644b8ec956e3eaf20423f42b6d09c3a84f1bb42e71e37bd362e0d61c078e75bersyslog-8.24.0-57.el7_9.3.x86_64.rpm79a351c99a2feaa59d46d57843b73a33626af0b2e0c02e36b4d1433b854eb632rsyslog-mmkubernetes-8.24.0-57.el7_9.3.x86_64.rpm00a56045395dda8d104195a547d518a18fbbb6b03cf23b40a1184906eef1ca51rsyslog-mmjsonparse-8.24.0-57.el7_9.3.x86_64.rpm46edf8d0738f0a3f00cf1a2780d87e0c6f0bcadc90cd137ecfc30e86571fd90crsyslog-gssapi-8.24.0-57.el7_9.3.x86_64.rpmaf9469c429db2f02c98a5491498b5eeba67965d937b0accd39b9d6cb868dab10rsyslog-mmaudit-8.24.0-57.el7_9.3.x86_64.rpm04c51d5cf3f33a846a9791cd706b8f717e28c9d6d49c3ddf46901600b0250b60rsyslog-mysql-8.24.0-57.el7_9.3.x86_64.rpma9b52a799cc93dc6d8a1d9f9a194ab5e3dddc39cf22bdb4345a3b0d92c532bb7rsyslog-kafka-8.24.0-57.el7_9.3.x86_64.rpm88d2d81c4c6f9f0eecb5f904d4ffbe92f99cf545734a558e3b44642c1185dd87rsyslog-mmsnmptrapd-8.24.0-57.el7_9.3.x86_64.rpm111275aab2b392d0e2100b7b793077752a97d9753336c6bb69b6cc7692137d6aSLSA-2022:4870-1This update upgrades Firefox to version 91.10.0 ESR. Security Fix(es): * Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736) * Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737) * Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738) * Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740) * Mozilla: Uninitialized variable leads to invalid memory read (CVE-2022-31741) * Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10 (CVE-2022-31747) * Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information (CVE-2022-31742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-91.10.0-1.el7_9.i686.rpm2c73cfaf9b93a6e35b7206601d3a4f4d633b93e520ced5f8479a6eaacad266e1firefox-91.10.0-1.el7_9.x86_64.rpmf439b4056dcf344e92989d85360bc52336ce8ec8f3c89db5ab19f2b3688e3b3eSLSA-2022:4891-1This update upgrades Thunderbird to version 91.10.0. Security Fix(es): * Mozilla: Braille space character caused incorrect sender email to be shown for a digitally signed email (CVE-2022-1834) * Mozilla: Cross-Origin resource's length leaked (CVE-2022-31736) * Mozilla: Heap buffer overflow in WebGL (CVE-2022-31737) * Mozilla: Browser window spoof using fullscreen mode (CVE-2022-31738) * Mozilla: Register allocation problem in WASM on arm64 (CVE-2022-31740) * Mozilla: Uninitialized variable leads to invalid memory read (CVE-2022-31741) * Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10 (CVE-2022-31747) * Mozilla: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information (CVE-2022-31742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.10.0-1.el7_9.x86_64.rpmba4945587137c1e9dc2da7e1bc1c6993113a8dac1a2b1af76a9b473672c62f6bSLSA-2022:4930-1Security Fix(es): * python-twisted: possible http request smuggling (CVE-2022-24801) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7python-twisted-web-12.1.0-8.el7_9.x86_64.rpm45f5bb7fea6902e35eae90d069a93ba49ba7a7c8b0d7c6f2a34eca6fe131ad25SLSA-2022:5052-1Security Fix(es): * gzip: arbitrary-file-write vulnerability (CVE-2022-1271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7xz-lzma-compat-5.2.2-2.el7_9.x86_64.rpm178be34e860e9391f07fb01816dc05a79e1d95a398f26b2c998d0ab621a3d073xz-libs-5.2.2-2.el7_9.x86_64.rpmc07f0cf3977e760679b6626d88a5d1b88ca2540ac6659c3fac74da5802341b2exz-devel-5.2.2-2.el7_9.i686.rpmc3af6af75d9eb8a997dbf96539b8e37a276a8a0ffbcfef2f939c6a06fd427277xz-5.2.2-2.el7_9.x86_64.rpm6e66b5705a7befffe0701195106d9d9638602fe7a80d54eaf4c8d1ffe1a694f8xz-compat-libs-5.2.2-2.el7_9.i686.rpmed52b79ebc47ec936fe2e8e2e44dbe888f3707ed6067f473b3b0a9d052a08823xz-devel-5.2.2-2.el7_9.x86_64.rpmc17801a5adcda0f76ceaa856dad0568a25406374520a3b96f926c24c5a265e58xz-compat-libs-5.2.2-2.el7_9.x86_64.rpm50573e4a0c567e0c6000a558a5bcab49ffe16fba1444253b351a628eddefe282xz-libs-5.2.2-2.el7_9.i686.rpm4d87b16c5e91c6169ef120acd7f925bc140876fafc133af49bc086c190652862SLSA-2022:5162-1Security Fix(es): * postgresql: Autovacuum, REINDEX, and others omit "security restricted operation" sandbox (CVE-2022-1552) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7postgresql-docs-9.2.24-8.el7_9.x86_64.rpm785f51347d3f6b380a212837cb270c0a462763304285d9b5438448c697e15cc4postgresql-libs-9.2.24-8.el7_9.x86_64.rpm59a4789756e0cb29822cf7c8eedf629e9a67e43b2f7fdc5ace1c9e7fab1f80b1postgresql-plpython-9.2.24-8.el7_9.x86_64.rpm163973d9e3846607713d6a2ace3e29a9c00ae46a46253a9f27f59c85baf77f15postgresql-static-9.2.24-8.el7_9.x86_64.rpm46f46125b8d1815a091900c4fd80a0c838a8b68206c399563ceb3f43b871bb78postgresql-upgrade-9.2.24-8.el7_9.x86_64.rpm725c7494ff796b3c5e721187771a2307352f91738e5133e33f50b808b0086158postgresql-libs-9.2.24-8.el7_9.i686.rpm59efe390ae8c13b421732a56cac09f26690d633efe1e8259bfda1a3f1b9ddfe3postgresql-test-9.2.24-8.el7_9.x86_64.rpm288f93adc82232378274a624afc629b402d6c4c006626541c72b9a59371c424dpostgresql-static-9.2.24-8.el7_9.i686.rpm19a07b567067664944f2a8aa7df574c970184b11ff0949579e157421cdc9cbf0postgresql-pltcl-9.2.24-8.el7_9.x86_64.rpme18690e1d0d9ed6c6818e4198375da98920ad266acc9ec7e7f7b80a7672bde27postgresql-9.2.24-8.el7_9.x86_64.rpm2d2e7d29446e98fabe696c38228d61c6ac6e18ce1c0a79776cc4cef11974b3d0postgresql-devel-9.2.24-8.el7_9.i686.rpm22a34c80bc19cdf540fb3a0900201c5cf18863efa3f38199343f68896bf238f0postgresql-server-9.2.24-8.el7_9.x86_64.rpm2214e31cdf76b0bb8a399a80ba4662ee4381140c1ea62320bf50df2b2791cacfpostgresql-plperl-9.2.24-8.el7_9.x86_64.rpmd0df9bbf5eb5e754c22643007a07ccddaecc7096edfc03c2be248f79d3d004cfpostgresql-devel-9.2.24-8.el7_9.x86_64.rpmbd33822d9eab3ceb26128fb525db894fd6a9bdae21371c94d3db6ffdebb7f006postgresql-contrib-9.2.24-8.el7_9.x86_64.rpm273899f72e24eb777a82216f169a06d18ff1c6c48f0e29b154863757c5bf84c9postgresql-9.2.24-8.el7_9.i686.rpma9e3e531f3c674b2e4ddf3502b6c32d4d2950af50c050ef968c76de7c353d803SLSA-2022:5232-1Security Fix(es): * kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729) * kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-1966) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * XFS inode cluster corruption * sock: sock_dequeue_err_skb() needs hard irq safety * libceph: fix potential use-after-free on linger ping and resendsimportantScientific LinuxScientific Linux 7kernel-doc-3.10.0-1160.71.1.el7.noarch.rpm1d77baa3d81ea83477d62c49e015be49732465ccd422059db318efc757ae8ecbbpftool-3.10.0-1160.71.1.el7.x86_64.rpm7b066f7a2dc6af9f4b4060613ecd118b217cf11f81913b38bf5a654015dbde5ckernel-headers-3.10.0-1160.71.1.el7.x86_64.rpm4f556e1061c61af28b9174b25e07f65c43819121efcec015882d984e8b49602dkernel-devel-3.10.0-1160.71.1.el7.x86_64.rpm4db12f15fab31a6a5df99c09f89b5c62e83290fd0a61ac8ce5f9ee5e8a497421kernel-3.10.0-1160.71.1.el7.x86_64.rpm3214a01be7fda555894dc93053890a4100c0aa1c4886e7842ab7cfed376144bbkernel-tools-libs-3.10.0-1160.71.1.el7.x86_64.rpmd7e26d24d3a734275e8bc9ade31b1ae3adee803dd46db10d57b6d85660494a00kernel-debug-3.10.0-1160.71.1.el7.x86_64.rpmce17a9c6466362c175e0bddc060062332de9e637d4caafe8cc983a0a1e8be3c3kernel-tools-3.10.0-1160.71.1.el7.x86_64.rpm2750f1392b10f38d70e95e3d8a78ab25c2518d9ca45d85bd30f300db19593d81kernel-debug-devel-3.10.0-1160.71.1.el7.x86_64.rpm41aae026c1a9b1193e21d29b67d9c83918da3d7d027d6727b85a9c04c391c7a3python-perf-3.10.0-1160.71.1.el7.x86_64.rpm1910321931f2f0a442171a982d11ef4f6be5450336c0eac6287f89f65c267caeperf-3.10.0-1160.71.1.el7.x86_64.rpm2e5767fc21747cc1001ad9293110f8fa39ea33383d025c625bc65a026ba6166ckernel-tools-libs-devel-3.10.0-1160.71.1.el7.x86_64.rpm72dd92debffef227aee347e7b48b4bd26a8154b7ccdefab4a2ded440a376859ekernel-abi-whitelists-3.10.0-1160.71.1.el7.noarch.rpm76398d724a76043908976a33be347fffb46febcf045b39309fde9250498c8d91SLSA-2022:5234-1Security Fix(es): * python-pip: directory traversal in _download_http_url() function in src/pip/_internal/download.py (CVE-2019-20916) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7python-virtualenv-15.1.0-7.el7_9.noarch.rpme91998c8834ef7665475ce23d9b11eab0bdc361c2c595c7bfd57fe9b5b07c32fSLSA-2022:5235-1Security Fix(es): * python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116) * python-urllib3: CRLF injection via HTTP request method (CVE-2020-26137) * python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7python-devel-2.7.5-92.el7_9.x86_64.rpm3d67098ab806f5b36a32ad07f418c0c3f336177fecd3e69332aa47bc841b6a38tkinter-2.7.5-92.el7_9.x86_64.rpm75ff0121c4b61bdb679b3d1f5464a924ab6ba3e304da49651d948c557741b1b6python-debug-2.7.5-92.el7_9.x86_64.rpm15793b35b8d9dd822f51a7b2890c5dd76e634259ba7abf19e7e9ad88d9976c66python-libs-2.7.5-92.el7_9.i686.rpm722f37223adac9b05f452755a17f11db6e32a48fba2e9792e205b81b20544032python-tools-2.7.5-92.el7_9.x86_64.rpm119abd1b66cb24e612fc399c80af7c5040169ac2078bac8446f57f81061f2eccpython-test-2.7.5-92.el7_9.x86_64.rpm9ca0cb5713f710cfc4281aca00b03121ceb3897e17d7ec58aa7f16223533b1e8python-2.7.5-92.el7_9.x86_64.rpmd1d50f02f72bf047ef8fff0a6150e0eeb1eaee72a27fdf8ab41acb42f10b6915python-libs-2.7.5-92.el7_9.x86_64.rpma9b403e98099f7e6ff63ac8e5712b378ec290ce13c7357fe1704c302bac41f4bSLSA-2022:5239-1Security Fix(es): * 389-ds-base: sending crafted message could result in DoS (CVE-2022-0918) * 389-ds-base: expired password was still allowed to access the database (CVE-2022-0996) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Log the Auto Member invalid regex rules in the LDAP errors log. Enhancement(s): * RFE - Provide an option to abort an Auto Member rebuild task.moderateScientific LinuxScientific Linux 7389-ds-base-libs-1.3.10.2-16.el7_9.x86_64.rpm2b6f8fd9d6c2d5d6a400605ebb49e89a22b1b307288eb098908b1cad691b2e17389-ds-base-devel-1.3.10.2-16.el7_9.x86_64.rpmd226bedc44c7f9d2cf5192e322e7e0a9cd1656c3b68aa8973ec6ed482f9264e5389-ds-base-snmp-1.3.10.2-16.el7_9.x86_64.rpm748b47079f3d10641d78e5f1e3e63bc24b6e874fab0706073bc364f561147ab0389-ds-base-1.3.10.2-16.el7_9.x86_64.rpm0ed083ae9c6791c4b9eee5fb1eb5e7cd1b22a74f433b86a1c7975cda5e9afcbbSLSA-2022:5479-1This update upgrades Firefox to version 91.11 ESR. Security Fix(es): * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI (CVE-2022-34468) * Mozilla: Use-after-free in nsSHistory (CVE-2022-34470) * Mozilla: A popup window could be resized in a way to overlay the address bar with web content (CVE-2022-34479) * Mozilla: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 (CVE-2022-34484) * Mozilla: Undesired attributes could be set as part of prototype pollution (CVE-2022-2200) * Mozilla: CSP bypass enabling stylesheet injection (CVE-2022-31744) * Mozilla: Unavailable PAC file resulted in OCSP requests being blocked (CVE-2022-34472) * Mozilla: Potential integer overflow in ReplaceElementsAt (CVE-2022-34481) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-91.11.0-2.el7_9.x86_64.rpm5e83f5f9e9a731890b9ba7d60465f40904736502213b1f154fd5e104105844befirefox-91.11.0-2.el7_9.i686.rpm6ff4fc0a21fa4e5fa5f25bc3c28d56596b6699302f3d9bc0ae2c5671b679e254SLSA-2022:5480-1This update upgrades Thunderbird to version 91.11. Security Fix(es): * Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI (CVE-2022-34468) * Mozilla: Use-after-free in nsSHistory (CVE-2022-34470) * Mozilla: A popup window could be resized in a way to overlay the address bar with web content (CVE-2022-34479) * Mozilla: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 (CVE-2022-34484) * Mozilla: Undesired attributes could be set as part of prototype pollution (CVE-2022-2200) * Mozilla: An email with a mismatching OpenPGP signature date was accepted as valid (CVE-2022-2226) * Mozilla: CSP bypass enabling stylesheet injection (CVE-2022-31744) * Mozilla: Unavailable PAC file resulted in OCSP requests being blocked (CVE-2022-34472) * Mozilla: Potential integer overflow in ReplaceElementsAt (CVE-2022-34481) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.11.0-2.el7_9.x86_64.rpm518b25f63fd9c1898cf7dbc477faf7330e4eeca94bbfaf5ce71233c8b0f46c1eSLSA-2022:5542-1Security Fix(es): * squid: DoS when processing gopher server responses (CVE-2021-46784) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7squid-sysvinit-3.5.20-17.el7_9.7.x86_64.rpmdbff6ab9c250e0f10dfca230a5f1170d86e8144eb1dd96909b41e1183ee5ecc0squid-3.5.20-17.el7_9.7.x86_64.rpm000c8e8e89638b9035378a053890a009bf1912fce759f517f212187470ddb2b5squid-migration-script-3.5.20-17.el7_9.7.x86_64.rpmab738d32e426a0b2aa73cb8c5d479f25edb1c03e00afda9adcc0cf661cf02b43SLSA-2022:5687The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-11-openjdk (11.0.16.0.8). (BZ#2083258) Security Fix(es): * OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169) * OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540) * OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7java-11-openjdk-jmods-debug-11.0.16.0.8-1.el7_9.i686.rpmff485a031b7358e9a603019431d11ad49fe1c191b651a1ab4a966f3254434a36java-11-openjdk-src-debug-11.0.16.0.8-1.el7_9.i686.rpm35b009867aeaec41a4101189c975ab32f52b96997c04179577e204fa7c953041java-11-openjdk-javadoc-debug-11.0.16.0.8-1.el7_9.x86_64.rpm8fc0bd4b7300cd42b8c60f8301d2262a0e6ea85ca55bbc6191f423f8202351dfjava-11-openjdk-src-debug-11.0.16.0.8-1.el7_9.x86_64.rpm3e5b6dde1167f229003f25a94346f478c7386e8578b31da25f85940331851b92java-11-openjdk-javadoc-debug-11.0.16.0.8-1.el7_9.i686.rpmc0b7fa4b587e7c76e5b652246d91f417d05c21d031489d5f776db52c4554f81fjava-11-openjdk-debug-11.0.16.0.8-1.el7_9.x86_64.rpm7c81e27141ef3886d8a41bc2d856be63ac236f2aa11c4782382e82d44ce2c221java-11-openjdk-demo-debug-11.0.16.0.8-1.el7_9.x86_64.rpm78fab0f72db34591ffdf639cdbe2205b7d7838e039c3a6132953943c67894bfbjava-11-openjdk-javadoc-zip-debug-11.0.16.0.8-1.el7_9.x86_64.rpmc3ae470cc832c94dc93002679fe56a85f31e5988fafff3fa00b23e4c520d16b9java-11-openjdk-static-libs-debug-11.0.16.0.8-1.el7_9.x86_64.rpm58260f8e9843800aa31099c7e4f7a6aa74597a915271959fc300c78fef0825d6java-11-openjdk-devel-debug-11.0.16.0.8-1.el7_9.i686.rpmead1acfec0163bef28a3971805467b337155d5ba67064a613dab2424f187a02cjava-11-openjdk-demo-debug-11.0.16.0.8-1.el7_9.i686.rpm9c83e1948e56b5044f88c9a04eef39f63ec956fc54f29b023c752b62f71f73fbjava-11-openjdk-jmods-debug-11.0.16.0.8-1.el7_9.x86_64.rpm08d96bdd9b4331466d1c58221053dd24927fd80259e9e2cdc3edbf4c06b9e061java-11-openjdk-headless-debug-11.0.16.0.8-1.el7_9.x86_64.rpm07d0d9aedd58dc4d0bc84278ce0304fa2611a20ccc953e0719b2af733f5c95d1java-11-openjdk-debug-11.0.16.0.8-1.el7_9.i686.rpmf6277b5d6d7a9a104aa48ff42821bba76d39ea8109ca0ef184dd602386fdddecjava-11-openjdk-headless-debug-11.0.16.0.8-1.el7_9.i686.rpm37cafdda08da3a1ea4dad7b80777489a1e4f6117b828b5100e289e33088700c0java-11-openjdk-javadoc-zip-debug-11.0.16.0.8-1.el7_9.i686.rpm94355e3db0d1eeb216c439c8794e367d054b3c0f110445a51e122ff51efbe2b1java-11-openjdk-devel-debug-11.0.16.0.8-1.el7_9.x86_64.rpm3ab693276932133e379fdf8b4ba7d90d26dc330d6c7dd75a6fc03b150e18bd45SLSA-2022:5687-1The following packages have been upgraded to a later upstream version: java-11-openjdk (11.0.16.0.8). Security Fix(es): * OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169) * OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540) * OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7java-11-openjdk-demo-11.0.16.0.8-1.el7_9.x86_64.rpm8611c379545049fb5145af947ade98d6a34982bc6b1bd6fdc81b844cbcb69d6ajava-11-openjdk-headless-11.0.16.0.8-1.el7_9.x86_64.rpm144ea8e27c84507fcd45e26a346bceeb42afa3b2d10cc491ca6a313ad72d87fejava-11-openjdk-static-libs-11.0.16.0.8-1.el7_9.x86_64.rpm4bb7d26c567fe11f583ff82d4e213651a0add391dc89c7ded87d18acabba77ecjava-11-openjdk-demo-11.0.16.0.8-1.el7_9.i686.rpm0dfbe0a0574ac807f4e74809bb73dad28f577fdd6f077cee0bb6aabd5dafaa3bjava-11-openjdk-11.0.16.0.8-1.el7_9.x86_64.rpm31ab6b80b64db525f4350f5e232a4ad566c0a79970861d8029ea611644c5771fjava-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.i686.rpm1e4d28d9a9842eca02530b1c5663a51a039fc5e5e6920b447097fde9621ee2afjava-11-openjdk-headless-11.0.16.0.8-1.el7_9.i686.rpm55746417c54be47dd7809c30d000e0b7df9c025cc5350cd3ded8aac7a7c27033java-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.i686.rpmb16c911001ad580f4c2eca21d0924a8baade689e538df738b7f5e9c9f4253005java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.i686.rpm820cfd6ee3b4b8a3d26cd3492a4774099272260bd0d18dd554c2f131c707ac84java-11-openjdk-devel-11.0.16.0.8-1.el7_9.x86_64.rpmdb9ed77efbe929b28e593e4a21d6dded7aea5e80c7c9757c4e6d1fabe0c35720java-11-openjdk-javadoc-11.0.16.0.8-1.el7_9.x86_64.rpma9676e773f4ab904e6df5340fd3ddebb1bd7150ade2b0dd4a3d6e48d83ad3203java-11-openjdk-src-11.0.16.0.8-1.el7_9.i686.rpmdceaf6b3fa5f11e3c3090f103adc39c32ab3b78e19e0a0ec82e56054a2ae28adjava-11-openjdk-devel-11.0.16.0.8-1.el7_9.i686.rpm30ecf4fca91c24ce852ef7d2c7f0ffe7d3c0cc2267a92963cfe5e3105225d811java-11-openjdk-11.0.16.0.8-1.el7_9.i686.rpmaac17aa4e1897cc09e6e0e34dc6dfc05075cb0a119889610763865b5eb7c814djava-11-openjdk-javadoc-zip-11.0.16.0.8-1.el7_9.x86_64.rpm404c5774f8f9163e381965ffc6e739616efae6c6fa8a6bff1bc09627535c3c73java-11-openjdk-src-11.0.16.0.8-1.el7_9.x86_64.rpmcb1b49986b19897e0457f122762c3a018f006826fc0b1270fe1e82c804c5c5f6java-11-openjdk-jmods-11.0.16.0.8-1.el7_9.x86_64.rpmc962abaf22b4a395efaf424f8c79ef7676507c16265a1f7253bfdcf794360ea2SLSA-2022:5698The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. The following packages have been upgraded to a later upstream version: java-1.8.0-openjdk (1.8.0.342.b07). (BZ#2083257) Security Fix(es): * OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169) * OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540) * OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7java-1.8.0-openjdk-devel-debug-1.8.0.342.b07-1.el7_9.i686.rpm5cfe245f019d5fc6308312b6a2c36a5b3816add572af41e5c6da2630b2a9bc9ajava-1.8.0-openjdk-src-debug-1.8.0.342.b07-1.el7_9.x86_64.rpmdd552247cc20b81cab5abc2ac39dc17703d58a53732fa2f6e0f11c51b8d1de95java-1.8.0-openjdk-src-debug-1.8.0.342.b07-1.el7_9.i686.rpm2d94cbaab9b7bf560be85fef61cec7970813cbcfb23a6293de86d10ffee052d0java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.342.b07-1.el7_9.noarch.rpmeab54a41190cafaef99ff3f6d5539734a6c151d3868f78a326b549940284c43fjava-1.8.0-openjdk-demo-debug-1.8.0.342.b07-1.el7_9.i686.rpme283c2ea3701cd6b330e1fb6c469a58905becb4687d6ddca1fdfcf5b6e24a173java-1.8.0-openjdk-demo-debug-1.8.0.342.b07-1.el7_9.x86_64.rpm5dede49755fef443561ec1294d59dddef1e977661dc8965744ea5b3eadaa82f7java-1.8.0-openjdk-headless-debug-1.8.0.342.b07-1.el7_9.i686.rpmfb412993684366151cc44711dd03669a328a34a78c0a6672f94f1a3f48e7dd8bjava-1.8.0-openjdk-accessibility-debug-1.8.0.342.b07-1.el7_9.x86_64.rpme1592b2fdef08f1ac87ecb4356fe1a6667cc9a310a5eff04bc97fb67bead7846java-1.8.0-openjdk-javadoc-debug-1.8.0.342.b07-1.el7_9.noarch.rpm49142f39946bf7ab738aeeeb04d894615267f95b7dc83a735c1aa75531c95599java-1.8.0-openjdk-debug-1.8.0.342.b07-1.el7_9.i686.rpm4d87c03704812f5de6e21624549dfee758efd582b6161854c671bb5c4671f2ffjava-1.8.0-openjdk-debug-1.8.0.342.b07-1.el7_9.x86_64.rpm5ff4ae53a07a78eeca4ad20043caa10fb4f5ce90b73a6e102d2870d3a13fcf9ajava-1.8.0-openjdk-headless-debug-1.8.0.342.b07-1.el7_9.x86_64.rpm3fb8a14a48644a420ec20fd27537402eca63522a85023ab13bbcede16dc384adjava-1.8.0-openjdk-accessibility-debug-1.8.0.342.b07-1.el7_9.i686.rpmff4d3843ce0896b873094b65d95ca7aecf1343ba1c948dbafa02de065c951154java-1.8.0-openjdk-devel-debug-1.8.0.342.b07-1.el7_9.x86_64.rpme1bdd17a0490037142cdb6ae84a6ff45766880d6cb7e147f74b7ae01788f652dSLSA-2022:5698-1The following packages have been upgraded to a later upstream version: java-1.8.0-openjdk (1.8.0.342.b07). Security Fix(es): * OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) (CVE-2022-34169) * OpenJDK: class compilation issue (Hotspot, 8281859) (CVE-2022-21540) * OpenJDK: improper restriction of MethodHandle.invokeBasic() (Hotspot, 8281866) (CVE-2022-21541) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7java-1.8.0-openjdk-src-1.8.0.342.b07-1.el7_9.x86_64.rpm4ab7f27a38f56298c39e246c94d702d582ea7461cd0cda84ae19d6898080d863java-1.8.0-openjdk-1.8.0.342.b07-1.el7_9.x86_64.rpm4f5e91bda435dd90919ffa87bf89fdac660a7581c552c0c1a6e8bc8b729c694ajava-1.8.0-openjdk-javadoc-zip-1.8.0.342.b07-1.el7_9.noarch.rpm6e2bfd3f96c12846a098b7d01b6114c64b868638c083814e5a57facae46d4081java-1.8.0-openjdk-devel-1.8.0.342.b07-1.el7_9.x86_64.rpm866c8ff926d25e5c119c13292f2bac934bb3e02a9b821123efdd85dd3b263135java-1.8.0-openjdk-devel-1.8.0.342.b07-1.el7_9.i686.rpmb4006d90a56f38c63ef8522c0c97ad8a5963d5e50107985f0f758e39e03f5c27java-1.8.0-openjdk-1.8.0.342.b07-1.el7_9.i686.rpm6b3829da94a98f6ad1e9e4224796bf108eb0f15f1b6fea2a7be9cfd0b559767ejava-1.8.0-openjdk-accessibility-1.8.0.342.b07-1.el7_9.x86_64.rpm7dabfb17f9d0efe22785ddeff0450c86fc99e0942e254911f3424cbaa1040dfdjava-1.8.0-openjdk-headless-1.8.0.342.b07-1.el7_9.x86_64.rpm943ac0fd188f796e44f4173e92e2e6b7bfd67d0597bf42234b17463b1cd62a02java-1.8.0-openjdk-javadoc-1.8.0.342.b07-1.el7_9.noarch.rpm8ccac8e0148f92f0c7f079a592c2a7e62644b42c26d0c61b3b93b1c22454868ejava-1.8.0-openjdk-headless-1.8.0.342.b07-1.el7_9.i686.rpm1fb56095e0db3a565698ac3a02327db2940983beb6cc358373da4dab1ef91c70java-1.8.0-openjdk-demo-1.8.0.342.b07-1.el7_9.x86_64.rpm42b430ea26f1ca194196526b12c4dbac2d646081c4572cdcfc35e184fd9f491bjava-1.8.0-openjdk-src-1.8.0.342.b07-1.el7_9.i686.rpmf25db7168bce97ee6e42b1605467a84b4aea3418c88cdf10131b453f9c700968java-1.8.0-openjdk-accessibility-1.8.0.342.b07-1.el7_9.i686.rpm37005280cc568854374742f1509d56437f8e4a07ada84ab33b6eff370523036cjava-1.8.0-openjdk-demo-1.8.0.342.b07-1.el7_9.i686.rpmebfc9595270935485aa68afb4085c59d07730d26b097e9a9149993c98f89af98SLSA-2022:5773-1This update upgrades Thunderbird to version 91.12.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 (CVE-2022-2505) * Mozilla: Directory indexes for bundled resources reflected URL parameters (CVE-2022-36318) * Mozilla: Mouse Position spoofing with CSS transforms (CVE-2022-36319) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.12.0-1.el7_9.x86_64.rpm25a5d69dab2c0d6e34baffa70a62cbf18dbce647a17972984ee25af215b4a716SLSA-2022:5776-1This update upgrades Firefox to version 91.12.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 103 and 102.1 (CVE-2022-2505) * Mozilla: Directory indexes for bundled resources reflected URL parameters (CVE-2022-36318) * Mozilla: Mouse Position spoofing with CSS transforms (CVE-2022-36319) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-91.12.0-2.el7_9.i686.rpme807c37430e440a90e53af5e3858b6d52894389f35fa4361859e909c484328e8firefox-91.12.0-2.el7_9.x86_64.rpmef66827a15fe99c87e24c7685945c40f106fa61acab0287487d7d79a8482bd4fSLSA-2022:5905-1Security Fix(es): * xorg-x11-server: X.Org Server ProcXkbSetGeometry out-of-bounds access (CVE-2022-2319) * xorg-x11-server: out-of-bounds access in ProcXkbSetDeviceInfo request handler of the Xkb extension (CVE-2022-2320) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7xorg-x11-server-Xorg-1.20.4-18.el7_9.x86_64.rpmf198d70d27d6f20b08719a5d875253fc44f9ea11146514d27c98c6ab8c12ee7axorg-x11-server-Xnest-1.20.4-18.el7_9.x86_64.rpm6b9a477b42d0bf923e2e2cfd4dce74d98748caa2f83b94a587514bc46102bf2cxorg-x11-server-Xdmx-1.20.4-18.el7_9.x86_64.rpm6e5c93deb4573a33358916269db7b17a0df2403364718318c5afe97b2806bc9cxorg-x11-server-devel-1.20.4-18.el7_9.i686.rpm7aaefe51552cc5d7a9e2d6d51f58a94df47648dff8b4cefa9353ef3f54f1a813xorg-x11-server-Xvfb-1.20.4-18.el7_9.x86_64.rpmfcb5709e9084537571247640566e2680616a5db70de7491bd83278358e22a64dxorg-x11-server-devel-1.20.4-18.el7_9.x86_64.rpm546ecc8a110ab6d2c1d3b0362e1ffd9dd0ac923bed363397d560eeab0f72b7c2xorg-x11-server-Xwayland-1.20.4-18.el7_9.x86_64.rpmf8c10d3f4bfb44128472809afe964e52451f3b4534c0438ad07aeadd2e0e8356xorg-x11-server-common-1.20.4-18.el7_9.x86_64.rpm29f5d4a1af552ddb0093c15683f86e51d39d9a055bfc5209ba2a26200449b8d7xorg-x11-server-Xephyr-1.20.4-18.el7_9.x86_64.rpma409484eb5a91f441cf24a219a3e24fb4a51587b5bf18385001d912889178772xorg-x11-server-source-1.20.4-18.el7_9.noarch.rpmec086e923e6853c3f484c456df0a9428b87748d4c26a3b10befb8b5716219d86SLSA-2022:5937-1Security Fix(es): * Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123) * Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125) * Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * SolarFlare sfc spurious TX completion * Page allocation failure on cryptsetup open * The kernel-rt crashes where one task is indefinitely looping in __start_cfs_bandwidth() with the cfs_b->lock spinlock being held * While using PTimekeeper the qede driver produces excessive log messages * The kernel crashes due to a GPF happens in mutex_spin_on_owner(). The known RDMA/cma bug that was introduced with a patch from upstream commit 722c7b2bfead is the possible cause. * Running LTP testcase creat09 fails showing related to 'cve-2018-13405' * Crash when releasing inode which was on unmouted superblockmoderateScientific LinuxScientific Linux 7kernel-doc-3.10.0-1160.76.1.el7.noarch.rpmd102f7c09caf2f06e44a067310247b90109993c49a4f5fe2756ef40119c67723kernel-tools-3.10.0-1160.76.1.el7.x86_64.rpm737ff7b8680df3b857d3386e5e33fb441444da64f4bfe0e9996d943dcee11bdbkernel-tools-libs-3.10.0-1160.76.1.el7.x86_64.rpm028e5f26d6cb86bc95b0a0583c97a367cd71cbf05b6115ec3aad3dff4c792abakernel-headers-3.10.0-1160.76.1.el7.x86_64.rpmae37ab166a3132528ba33a244f4de1a9f8644f0df5d3ff424056c0df935046d5perf-3.10.0-1160.76.1.el7.x86_64.rpm2ae7ad41b3cacbc8e843a4e3a0c6a2289ab9046e72cb3de23cdeb21488cdacd6kernel-debug-devel-3.10.0-1160.76.1.el7.x86_64.rpm96b836848019f779069f10177b6d425f351526684bbadcda46e1cc06aa2b006bkernel-devel-3.10.0-1160.76.1.el7.x86_64.rpmeb6c6858ee108768f74cbf482648a1d7c1468dfd9c6c14df31c4faea745a3aafkernel-3.10.0-1160.76.1.el7.x86_64.rpmef75240138a948d9fdc8669cf50f5ca70e48f2a9217acd6559577ca782b666fakernel-tools-libs-devel-3.10.0-1160.76.1.el7.x86_64.rpmd15c22331aa7656ad2f356b252b861f88a176d7a883bfa1c69c4e3098475777apython-perf-3.10.0-1160.76.1.el7.x86_64.rpmb054c8924feb65a2322d77acaac5203839c1217149ece08fc0b5da3c618a60b4kernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch.rpmf05cd8f070add9cd4fc3e2dde0412e2e6f220d5c7bdc8a37e377e49c41637f11bpftool-3.10.0-1160.76.1.el7.x86_64.rpmbc87496d4e290c092d76890042f67cd51705320c826f03086ed3fabf4b4cb29dkernel-debug-3.10.0-1160.76.1.el7.x86_64.rpm10ebee491b5390dfd3a729a6195825d8dd9809bf8287f9cb321ebede65329e78SLSA-2022:6160-1Security Fix(es): * systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c (CVE-2022-2526) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7systemd-219-78.el7_9.7.x86_64.rpm2b08ea19b057824d23fbcee8bb677679b7502f5b0b0cd38d60b7547ede2616e5systemd-resolved-219-78.el7_9.7.x86_64.rpme8fb0512bc5b5c66a605062cd97348245d57219d59f0fd14c5c12715017fe90elibgudev1-devel-219-78.el7_9.7.x86_64.rpmc7f3267ae4feb20d1d39d56a84a392e357db2ee1b34a6af2a7f7ffde61d30330systemd-resolved-219-78.el7_9.7.i686.rpm17ccc70a4c6b0fd4e36f601dda974f4c5f0d9c9da5cb3c348c54ee0039e5c5a3systemd-python-219-78.el7_9.7.x86_64.rpm621c4981bdbb67e3c0183a129cd2a51c36d6fa7b7940ed5ae3326fdf2d43bb06libgudev1-219-78.el7_9.7.i686.rpma813ab9e45be45a76c35df5060d6a236e18fd15fb13b2dd55ebc4f48a87f2b47systemd-libs-219-78.el7_9.7.x86_64.rpm3ed557aa85228f94cf8edce8c2bc89de8768a9ef050ee9928d68e6306501df1dlibgudev1-219-78.el7_9.7.x86_64.rpm02046f2acce4d5b8942b5e44d1fc5055a9e0e0f36e8463f3b17bc1a0155f4976systemd-devel-219-78.el7_9.7.i686.rpm2c5fc64cb5b0cb6df919385209c89eea049576a44a733ce2db2a119af579a726systemd-networkd-219-78.el7_9.7.x86_64.rpm774a53e5c24bc4ffbfa971d0686081c94f071eb3922e882ae90c82740f6c26dfsystemd-sysv-219-78.el7_9.7.x86_64.rpm3f89049498d61702206987358b0093989b9e8a226f794f03c941ede6b11b49d3libgudev1-devel-219-78.el7_9.7.i686.rpm3d2423fe28b482163248e160f4a471838e8c0a4f40308e6325cee4e2b4184e30systemd-devel-219-78.el7_9.7.x86_64.rpm791e864b91024b15cba4e60eea597d4261f1926cd7c8f7a24e8158d8a15ba699systemd-libs-219-78.el7_9.7.i686.rpm48338899941ad604d5b84c5610d198837179fde1a03eb8301038ba704c2bcb45systemd-journal-gateway-219-78.el7_9.7.x86_64.rpmd00824b3b9831e98c7a22512c63df9e320b7ab2769d49159dba45f99c212d93cSLSA-2022:6169-1This update upgrades Thunderbird to version 91.13.0. Security Fix(es): * Mozilla: Address bar spoofing via XSLT error handling (CVE-2022-38472) * Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions (CVE-2022-38473) * Mozilla: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 (CVE-2022-38477) * Mozilla: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 (CVE-2022-38478) * Mozilla: Data race and potential use-after-free in PK11_ChangePW (CVE-2022-38476) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-91.13.0-1.el7_9.x86_64.rpm6d85633aab8f9d5e33b46d20c0cb450d8b929292c3d4ec57f5cc9c4b9e1ca949SLSA-2022:6170-1Security Fix(es): * rsync: remote arbitrary files write inside the directories of connecting peers (CVE-2022-29154) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7rsync-3.1.2-11.el7_9.x86_64.rpm0c488dacb9f63cc2330889b3748f363389f63ac0c34cad4588f23ef4afe550beSLSA-2022:6179-1This update upgrades Firefox to version 91.13.0 ESR. Security Fix(es): * Mozilla: Address bar spoofing via XSLT error handling (CVE-2022-38472) * Mozilla: Cross-origin XSLT Documents would have inherited the parent's permissions (CVE-2022-38473) * Mozilla: Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 (CVE-2022-38477) * Mozilla: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 (CVE-2022-38478) * Mozilla: Data race and potential use-after-free in PK11_ChangePW (CVE-2022-38476) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-91.13.0-1.el7_9.i686.rpm81039b2e705fbc6fb6c4ef61fcc0fc13592fb7a778009b300b41befb5500b044firefox-91.13.0-1.el7_9.x86_64.rpm098f44ada05d0d9010b129d6c9f3b00921b8b94b3568a4b550bc6cbd07339c37SLSA-2022:6381-1Security Fix(es): * open-vm-tools: local root privilege escalation in the virtual machine (CVE-2022-31676) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7open-vm-tools-11.0.5-3.el7_9.4.x86_64.rpm2c7a540c07f75bbde969aab6fcd7643af51af971b6f2e604e30160fdf66c102bopen-vm-tools-devel-11.0.5-3.el7_9.4.x86_64.rpmff5657209dd6cdfe32980b90cd40eb61d77c1f1fd633a53137d8429890940660open-vm-tools-desktop-11.0.5-3.el7_9.4.x86_64.rpm3736617d4ffbbee600bb2b187c796ea5a2e976c42a51bdc11310520b2a493cc7open-vm-tools-test-11.0.5-3.el7_9.4.x86_64.rpmae6fb0521fdab2fd20a14ffb493fd0e72863d59051fe1d16f2bacd95df27ec89SLSA-2022:6710-1This update upgrades Thunderbird to version 102.3.0. Security Fix(es): * Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag (CVE-2022-3033) * Mozilla: Bypassing FeaturePolicy restrictions on transient pages (CVE-2022-40959) * Mozilla: Data-race when parsing non-UTF-8 URLs in threads (CVE-2022-40960) * Mozilla: Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3 (CVE-2022-40962) * Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked (CVE-2022-3032) * Mozilla: An iframe element in an HTML email could trigger a network request (CVE-2022-3034) * Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of- service attack (CVE-2022-36059) * Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix (CVE-2022-40958) * Mozilla: Content-Security-Policy base-uri bypass (CVE-2022-40956) * Mozilla: Incoherent instruction cache when building WASM on ARM64 (CVE-2022-40957) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.3.0-3.el7_9.x86_64.rpm5c158e57590300fc7fdc7642fadd46a5c062d8f1d3f5aaf87fc01b93f3110114SLSA-2022:6711-1This update upgrades Firefox to version 102.3.0 ESR. Security Fix(es): * Mozilla: Bypassing FeaturePolicy restrictions on transient pages (CVE-2022-40959) * Mozilla: Data-race when parsing non-UTF-8 URLs in threads (CVE-2022-40960) * Mozilla: Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3 (CVE-2022-40962) * Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix (CVE-2022-40958) * Mozilla: Content-Security-Policy base-uri bypass (CVE-2022-40956) * Mozilla: Incoherent instruction cache when building WASM on ARM64 (CVE-2022-40957) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.3.0-6.el7_9.x86_64.rpm16dfa4174101455cbdf4db85f950a31f77d7a7a7cf9fbb71aa501b68d60b6a48firefox-102.3.0-6.el7_9.i686.rpma90f01eb2e7fb81dada4d449816efb77b1bb64bffdf4774ddc2be5a93ff8d340SLSA-2022:6765-1Security Fix(es): * bind: memory leak in ECDSA DNSSEC verification code (CVE-2022-38177) * bind: memory leaks in EdDSA DNSSEC verification code (CVE-2022-38178) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7bind-export-devel-9.11.4-26.P2.el7_9.10.x86_64.rpm8c8e95e6cc3d13d0a60fed32d2eb4c01f58f23a44d1ea1e09269db25a19f4b7dbind-9.11.4-26.P2.el7_9.10.x86_64.rpmc3c174c51b49054fc568a401d3333d3f72d60eb844202e128a35d9f0cab01f6cbind-libs-lite-9.11.4-26.P2.el7_9.10.x86_64.rpm452a47e1a5c85d5284ca3f3e624f93f3030863d7c1a716ec87f17c07d71bc3b0bind-sdb-chroot-9.11.4-26.P2.el7_9.10.x86_64.rpm38640fd00904a57efd528c2c076063e966d23cc216db15d22ed891140254393dbind-pkcs11-libs-9.11.4-26.P2.el7_9.10.i686.rpma0032d922ee1ad824ece7bee12589cef936bea052cf91695a46f4d29d48d6950bind-devel-9.11.4-26.P2.el7_9.10.x86_64.rpme7245226cdf1bf2a601cfc69cd381ce021c02992837e33a08f03e0289d423f29bind-sdb-9.11.4-26.P2.el7_9.10.x86_64.rpm11614018e6fd0121a286ff84626820225434594f97ef7f85c052a069f293a302bind-license-9.11.4-26.P2.el7_9.10.noarch.rpmf46466f6f10683fea611257b1f00763bd3f9441b97de721c19ff378e9104c901bind-export-devel-9.11.4-26.P2.el7_9.10.i686.rpm262677c264df05452a69e4ef29c3b8b7136538cbde5e230c7c35518b233819f0bind-libs-9.11.4-26.P2.el7_9.10.i686.rpmb50a3aa1d2f5d7ecf431a390f9d95312f338c75c847f9be2e3ce68616b9bae5fbind-export-libs-9.11.4-26.P2.el7_9.10.x86_64.rpm886b312819904b985a31a29c6186a922989129eab0a7d539381e01dee30876a7bind-pkcs11-utils-9.11.4-26.P2.el7_9.10.x86_64.rpm3f00161ab3c26341c8ab2d1bd5a22440d71ec8908dc5ed389f963a4050321eadbind-lite-devel-9.11.4-26.P2.el7_9.10.i686.rpm83aa7de54f47a6e325acc11254c9c3f447811ac6ec120e214288e278d72eff6cbind-utils-9.11.4-26.P2.el7_9.10.x86_64.rpm46d8f6e86bf934a2a672fae81dc95c4652b050b2a98dd17b7e4d282992199671bind-pkcs11-devel-9.11.4-26.P2.el7_9.10.i686.rpm9b4f8ba068b3891a277d4e4615ca3f8c882bad7fc9094d902267527fbf3c0b8ebind-chroot-9.11.4-26.P2.el7_9.10.x86_64.rpm3397207eef4b4b8230eb35d39e553433e864226d0f7dc4b0c8ecfa934e41c71dbind-pkcs11-devel-9.11.4-26.P2.el7_9.10.x86_64.rpm214fd14b0d5694ca4ef19425be5f88df6e324ad67f5f416ff037ebfdba6cb2ccbind-export-libs-9.11.4-26.P2.el7_9.10.i686.rpm63caf82f0c27722f3bcae22df946bb32b1042778da5ba76ce4f064abfa8d687abind-lite-devel-9.11.4-26.P2.el7_9.10.x86_64.rpm1043d386988aa361c430fc5bcf99f0e719c54e69c93b9b97dfafdb46f874b3d6bind-libs-9.11.4-26.P2.el7_9.10.x86_64.rpm7b348a7112ff4e203e64deec4f3d72909188f2302ab758dc02062c2d8f9e884ebind-devel-9.11.4-26.P2.el7_9.10.i686.rpmf1713f6bb470b0d7457202d39cd42bb0d03db2b75ab696e5ee3eb58d714a7226bind-pkcs11-libs-9.11.4-26.P2.el7_9.10.x86_64.rpm08fd5980cfa071b0029fcdc029d63ce1ca3649ef4a73d96a15a8a005ccfa9183bind-pkcs11-9.11.4-26.P2.el7_9.10.x86_64.rpm59d79cc06227b29ff85aad74c80d32ecf96007b4cf44413fc92d94beb89b51e6bind-libs-lite-9.11.4-26.P2.el7_9.10.i686.rpm49ff2ab782cd64e6e4716f6fd496983a988cbe706f2edb2e903a3ea0b9184396SLSA-2022:6815-1Security Fix(es): * squid: buffer-over-read in SSPI and SMB authentication (CVE-2022-41318) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7squid-3.5.20-17.el7_9.8.x86_64.rpmc80eba4f4ea195535460958b789906d52c7dca95daf9b548071db9c6edb70a45squid-sysvinit-3.5.20-17.el7_9.8.x86_64.rpmf5822f2cb2c244fb13fc93edc60a914c70a7e9f764dd7558f0e676e6cfd06275squid-migration-script-3.5.20-17.el7_9.8.x86_64.rpm41e3aa29f321f1a3db9d6b6b48288842b2e41f3f75a1640d0fa9cbfd0fca8ef7SLSA-2022:6834-1Security Fix(es): * expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7expat-devel-2.1.0-15.el7_9.i686.rpm6d734ec2dfb8d067b0ed9e0044f6ef41e53fb641f894c40f01b89b2257ed032eexpat-2.1.0-15.el7_9.i686.rpm9d0a2ee25f9603e4c03758b57ad0bfcb35d6578381841c4235ff2ba9c8415dbeexpat-devel-2.1.0-15.el7_9.x86_64.rpm1a55d904f7411d5734a35309c82dd5ef4d5f906ecb198aaccac3ba57c32cd8b2expat-static-2.1.0-15.el7_9.i686.rpm2b51ea7bea1db7ec6ffe364e0e55f7483eeb02d2f8a0600bc4fc5ac14f12a70eexpat-2.1.0-15.el7_9.x86_64.rpm342e80ce03829aa81d520b4d1765e109818f6341d410bc9e4f6a2fdbc2909fefexpat-static-2.1.0-15.el7_9.x86_64.rpmc5e62aa01f2a9979cde445da233c0ce980eb6d2124036f0f3e83246ed36c80d0SLSA-2022:6997-1This update upgrades Firefox to version 102.3.0 ESR. Security Fix(es): * expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.3.0-7.el7_9.i686.rpme0034b680c6c69752f77043e773d5f536fd2346d3e56ad571c76cdd058167e88firefox-102.3.0-7.el7_9.x86_64.rpm4881290a113ee0c15753bc4b63202747fcc727620c5089ba94fd2b563cfc69c9SLSA-2022:6998-1This update upgrades Thunderbird to version 102.3.0. Security Fix(es): * expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.3.0-4.el7_9.x86_64.rpm94b25799df156b6c9c081860f77acd08ce9c5579d31716471499eed12aa9892aSLSA-2022:7002The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352) (BZ#2130371) moderateScientific Linux 7java-1.8.0-openjdk-demo-debug-1.8.0.352.b08-2.el7_9.x86_64.rpmd56beb31d4ce3cb40cf06a3da3e78ecd7188dc0ef89bbeedb94fc05c0da906ccjava-1.8.0-openjdk-devel-debug-1.8.0.352.b08-2.el7_9.x86_64.rpm95a8274eacb0e615ccba63bfbe4f25693e055dee17e4c21aed7978ac968b5afbjava-1.8.0-openjdk-javadoc-zip-debug-1.8.0.352.b08-2.el7_9.noarch.rpm6e34c23528db17618c9dd959117bb35918d8f396ab75fe755a6c734c75e7c2dajava-1.8.0-openjdk-headless-debug-1.8.0.352.b08-2.el7_9.i686.rpm1be77c0923180bb6caffdaa7116b170fc598c54a75b6e745b6896909ba4e42b0java-1.8.0-openjdk-accessibility-debug-1.8.0.352.b08-2.el7_9.x86_64.rpma7c2844adb412d23f0d44e2406a02168ad616ab6782ab507b23e4d630a4658dajava-1.8.0-openjdk-src-debug-1.8.0.352.b08-2.el7_9.x86_64.rpm094e338d13280eafaa2a1d56c0f5adf1d3f81d8d1d598ed6c3040a4ecc5cd17ajava-1.8.0-openjdk-headless-debug-1.8.0.352.b08-2.el7_9.x86_64.rpm4bfda19ee57fc0edbd38c9fb1dbfa2dcbd1acc677d17dea82b097a8dead97ce4java-1.8.0-openjdk-src-debug-1.8.0.352.b08-2.el7_9.i686.rpm4c8ef6112e9d00d3c6897a771b2774d74c339bbf0f83958034f4d72d835cd2d8java-1.8.0-openjdk-accessibility-debug-1.8.0.352.b08-2.el7_9.i686.rpmdc22f9c7db829153bef1e0f454e626f978408ef1d954b33a4725accf8f502246java-1.8.0-openjdk-devel-debug-1.8.0.352.b08-2.el7_9.i686.rpm6efff0a7e6bf24d99c9292a1fab2cff2f82e77dcf81c55fa22b52b16117b5542java-1.8.0-openjdk-javadoc-debug-1.8.0.352.b08-2.el7_9.noarch.rpm5c369b93e91db39be0f766c413578e7144f0d877463e12c8ed344fb2659ae60cjava-1.8.0-openjdk-demo-debug-1.8.0.352.b08-2.el7_9.i686.rpmeb968d4f78a6de548c383fc6057ce11701ee12320697f918a3d3c36db9c1a8b2java-1.8.0-openjdk-debug-1.8.0.352.b08-2.el7_9.i686.rpm3a8ef487dc22dee957cb88c32af7efce732327055257cba68d755bd424e1c661java-1.8.0-openjdk-debug-1.8.0.352.b08-2.el7_9.x86_64.rpm393037559109238206721f2850b69dbfdc4d63c4b5e2049aff4a6c4593ea3120SLSA-2022:7002-1Security Fix(es): * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 8u352)moderateScientific LinuxScientific Linux 7java-1.8.0-openjdk-javadoc-zip-1.8.0.352.b08-2.el7_9.noarch.rpm236fc0b6fe5e63a031d98dad0282a0005276e6457b19792171ae5751c4893b88java-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.x86_64.rpm5527a326f0fca48935071a78978625a171fbfa130ac8b939a086a633a8e9eb7fjava-1.8.0-openjdk-src-1.8.0.352.b08-2.el7_9.i686.rpm41b5cd44eeaf21dddc7a8fcab47c64a450d31c421149160feac0d58851312e23java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.i686.rpm2260ae4a9e1b4fbdc73d15c0eb9a3dcfed10e6602ba22c01363528045e961b90java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.x86_64.rpm005d42f99b2171c26982cc7d7311934935a2d5ef23bd81e748c826b7a70de691java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.x86_64.rpma9bf6ced787401b1a48a4b41f761037e5e24b17ad998f1b2069c7b505a083177java-1.8.0-openjdk-1.8.0.352.b08-2.el7_9.x86_64.rpm34c31532c398cfcf388c394b3470d8cd2074534ee132f770cd1080c685bd2094java-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.i686.rpm7c587708770b27a9d455b30e4f3118d410595e4a047187a377f94a272a742edfjava-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.i686.rpm00123b9b7145ddc44227277d96a63acd537f393cd5183070bfb01762289c2419java-1.8.0-openjdk-javadoc-1.8.0.352.b08-2.el7_9.noarch.rpm5154bc849ea4faebc2df3ec151a2fff7e579d7bc8a0d6a92bc7ac3916e8eea85java-1.8.0-openjdk-headless-1.8.0.352.b08-2.el7_9.i686.rpmd723f61e6ce4a05c6683286586fb847941cafacb422bb68c40f35346c7b8e638java-1.8.0-openjdk-accessibility-1.8.0.352.b08-2.el7_9.i686.rpmf2bba7fd17da0be94b52d99e7efa8b27dbf3fa40e964595c6cdb331544f0a2edjava-1.8.0-openjdk-demo-1.8.0.352.b08-2.el7_9.x86_64.rpm045324cf39dd8d58706f6c90b421bbfe82dfbf1fa1bb614becf94af1bc5598fajava-1.8.0-openjdk-devel-1.8.0.352.b08-2.el7_9.x86_64.rpma85d45511bcc33ddbb1351d215ec9e16b644ecd45a8ef08c6c927cd4c8284f88SLSA-2022:7008The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17) (BZ#2130373) moderateScientific Linux 7java-11-openjdk-demo-debug-11.0.17.0.8-2.el7_9.i686.rpm9b30e0b4114447ecba9284f9f8bdc7a7fad055bd25fa4d0f940b2445b6a19073java-11-openjdk-javadoc-debug-11.0.17.0.8-2.el7_9.i686.rpm65a4fae1ca173d02255c130907fcd50e78168bc5bc4135e20df69177bd56c619java-11-openjdk-javadoc-zip-debug-11.0.17.0.8-2.el7_9.x86_64.rpm3d3a96485558332be7609acf9e84226055ff1d14905e59a943ea18cbab036696java-11-openjdk-demo-debug-11.0.17.0.8-2.el7_9.x86_64.rpm9c23f12f9a5495a548e1c9459308e84b9e9bc0ba240fa1dc77ea08baf93b2e62java-11-openjdk-devel-debug-11.0.17.0.8-2.el7_9.x86_64.rpmc794784018586395306109eb35a4e7a2b0af066a1c512f075ad22511bcc300c4java-11-openjdk-javadoc-debug-11.0.17.0.8-2.el7_9.x86_64.rpm0b5a939ef30c149d7c8bc37d653dba5e91cc9800a95b7105afb9d53461fc42efjava-11-openjdk-jmods-debug-11.0.17.0.8-2.el7_9.i686.rpm1f9d95412225790c9ee7352e4f91df4e7802ba3277c8d8dd51b1739db7ad3664java-11-openjdk-headless-debug-11.0.17.0.8-2.el7_9.i686.rpmd885ab7433ac56582a23b9ecd7d23131073867860a272dd26173cf376f16f65ejava-11-openjdk-debug-11.0.17.0.8-2.el7_9.x86_64.rpm49bf2f5320e238c6aae952f0a51052ed5e6759fc81e272117e30c0e39b6ad55bjava-11-openjdk-devel-debug-11.0.17.0.8-2.el7_9.i686.rpma887b2c3dd2ffe619fdd61c8fb2ddc15918bda4b3ecdd06aace9b65e7f335952java-11-openjdk-jmods-debug-11.0.17.0.8-2.el7_9.x86_64.rpm9f96cafc43c20dab9078c4fff5050241c0a92b28af68e4fab5160bed79580a44java-11-openjdk-src-debug-11.0.17.0.8-2.el7_9.i686.rpm906dbfba89f53fba9d831aef188204c768faea406c5c6cac748650a2acd5b2ddjava-11-openjdk-src-debug-11.0.17.0.8-2.el7_9.x86_64.rpmbe16072fc3b3928b5e29e9ac8de897e345b1e7c05bc5a3653394f190a516a935java-11-openjdk-static-libs-debug-11.0.17.0.8-2.el7_9.x86_64.rpmd220f2012589f2cb3f6a2a35c2d450e9d046810cdfad7162041dbac644ee5a24java-11-openjdk-javadoc-zip-debug-11.0.17.0.8-2.el7_9.i686.rpm873e1f41f194c4720c8b728c6fdca7682b625710ee7b6335f64734b3c5937f49java-11-openjdk-debug-11.0.17.0.8-2.el7_9.i686.rpm01ed2ea371ef11fd32780c19716eb34a3b66e3eaf3a493095e65bf86f69521c5java-11-openjdk-headless-debug-11.0.17.0.8-2.el7_9.x86_64.rpm26122d4e60e887d73eb597edad58173f18d3ca9cc960670b3ba34cfc89627058SLSA-2022:7008-1Security Fix(es): * OpenJDK: improper MultiByte conversion can lead to buffer overflow (JGSS, 8286077) (CVE-2022-21618) * OpenJDK: excessive memory allocation in X.509 certificate parsing (Security, 8286533) (CVE-2022-21626) * OpenJDK: HttpServer no connection count limit (Lightweight HTTP Server, 8286918) (CVE-2022-21628) * OpenJDK: improper handling of long NTLM client hostnames (Security, 8286526) (CVE-2022-21619) * OpenJDK: insufficient randomization of JNDI DNS port numbers (JNDI, 8286910) (CVE-2022-21624) * OpenJDK: missing SNI caching in HTTP/2 (Networking, 8289366) (CVE-2022-39399) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2022-10, 11.0.17)moderateScientific LinuxScientific Linux 7java-11-openjdk-headless-11.0.17.0.8-2.el7_9.i686.rpm2e2f4282ea556b93790aa1f19bba98323f97261add22e01175952f7b54180271java-11-openjdk-devel-11.0.17.0.8-2.el7_9.i686.rpmc6dac67cc14997f8bdd2dd3f7c17a5356cf1dfd544c537e4a4cb1be83e411dc5java-11-openjdk-demo-11.0.17.0.8-2.el7_9.i686.rpma70dbda492c78313c14a7a84828fc160b387bb1a1ea3ebfc2901e4a1ada2c63cjava-11-openjdk-11.0.17.0.8-2.el7_9.i686.rpmd68cb771bd42bb1114ef6559d8f7a51c2fd9e2ef435ad5a94dcb10744af7837fjava-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.i686.rpmb68bc607c222aa7323545ccb3262e624a17ad28dd04cfe4f0575a0cd6a14b905java-11-openjdk-devel-11.0.17.0.8-2.el7_9.x86_64.rpm15ab7a5216ed7697b80152e664dad4c0118228e2efbe7fde553627ef5d0fe1d6java-11-openjdk-11.0.17.0.8-2.el7_9.x86_64.rpm897a35cd9ecd8fe3605aeb9f800e834335b04aeeb756419b111fa6910fdbf20ajava-11-openjdk-src-11.0.17.0.8-2.el7_9.x86_64.rpm4e1a6147713db1f4fafbd879be92ce02a46966b7dbf0474b43eed85ffbb4bdb7java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.i686.rpm85858b751048b26cad16d92415828e9468ee5835840e547c549c00e31fade5d3java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.i686.rpm79f01ac42da78f71404bcac3d62dcc7c6f3d60100a33b8e1eff91f9c25d75210java-11-openjdk-javadoc-11.0.17.0.8-2.el7_9.x86_64.rpm5f7eb56248f3f5eb23975d3b7bae6acb884bcc24aeab2c6d51c80277274f28e8java-11-openjdk-jmods-11.0.17.0.8-2.el7_9.x86_64.rpm28fc66558d2ba55d75d14e50f8816694f309cb296e8ac95a22655364e2a0c176java-11-openjdk-src-11.0.17.0.8-2.el7_9.i686.rpm5b6289d4a8c6cfb1938a28dc1a42b9849c012856d101f1ee0e69e621a979d06djava-11-openjdk-javadoc-zip-11.0.17.0.8-2.el7_9.x86_64.rpmf3eba0997d80fd02f0641cb91ef9d3e79154b864cb8ec725b3468e6772c85942java-11-openjdk-demo-11.0.17.0.8-2.el7_9.x86_64.rpmbc21f6281a4762c1b3a272002479649491b01a68954c3962d4c7a75c38390c5cjava-11-openjdk-static-libs-11.0.17.0.8-2.el7_9.x86_64.rpmde645229b378ac294b1976bb731ce4336a91191ebb1573bb8f042b109397b583java-11-openjdk-headless-11.0.17.0.8-2.el7_9.x86_64.rpmbbb34fc805b6ee57991a015d7ae9bbfd4de8f6f6685a0a5a6e8dafee0f0e24a7SLSA-2022:7069-1This update upgrades Firefox to version 102.4.0 ESR. Security Fix(es): * Mozilla: Same-origin policy violation could have leaked cross-origin URLs (CVE-2022-42927) * Mozilla: Memory Corruption in JS Engine (CVE-2022-42928) * Mozilla: Denial of Service via window.print (CVE-2022-42929) * Mozilla: Memory safety bugs fixed in Firefox 106 and Firefox ESR 102.4 (CVE-2022-42932) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.4.0-1.el7_9.x86_64.rpm0642373afde8eacc9aeeb43c40c54bcf7c9f3749c7a1a8ea40e35825d201482efirefox-102.4.0-1.el7_9.i686.rpm9acb24fcb2dfe02086a689c5392f6c45d84459580fd79b2d14ce0993dc21d96cSLSA-2022:7086-1Security Fix(es): * pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field (CVE-2022-2393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7pki-server-10.5.18-23.el7_9.noarch.rpm09524799484444a63b913868881e250af4f0119140f1ca99fc6c4fbc468cac6bpki-kra-10.5.18-23.el7_9.noarch.rpmf76d979333f8434d23757f3b6e1bb28343747049e0a10cb5252ebcfe5462802cpki-base-java-10.5.18-23.el7_9.noarch.rpm794c5cb52ab984ec7528d71a07eb08a8e2d93ef75e10ebf594d4c42cb40b248bpki-javadoc-10.5.18-23.el7_9.noarch.rpm167f14b76c2519a957b28c4c1104739f821a2f2943f3b31f34437ebcd68f8bf9pki-symkey-10.5.18-23.el7_9.x86_64.rpm49a97d887f18cea8d21db6e43d88473304c72347ec23df948a7058b2922e07c9pki-tools-10.5.18-23.el7_9.x86_64.rpmfd9f9a6b2d9168cf15bba41c981c54459bce435098ec52d0c4827685bcb01ea7pki-base-10.5.18-23.el7_9.noarch.rpm953ae5767d157d431e1c9bb90cd2151636d8e605ec23df90789c96372f8602ddpki-ca-10.5.18-23.el7_9.noarch.rpm02068486401ee6b5051a65921893a41da030562b0a46be4f00fbd004f9119515SLSA-2022:7087-1Security Fix(es): * 389-ds-base: SIGSEGV in sync_repl (CVE-2022-2850) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Import may break replication because changelog starting csn may not be createdmoderateScientific LinuxScientific Linux 7389-ds-base-1.3.10.2-17.el7_9.x86_64.rpm944f95622365738fafccebbf63316eac7d691e3e470ee9fc33d68fdba098b14f389-ds-base-snmp-1.3.10.2-17.el7_9.x86_64.rpmd8d451f7a840ad2daf7160514343a7d0803e7f24b76086999548e5715fe5b085389-ds-base-devel-1.3.10.2-17.el7_9.x86_64.rpm6ec4b181ba625b39344fcbd044793356d3549213cbf7e94806dd06fc38d84a17389-ds-base-libs-1.3.10.2-17.el7_9.x86_64.rpm77db2d2adfa7d50b05eb1f3eb8f39fb488d0a6b36121d361057dff940ebd85d3SLSA-2022:7088-1Security Fix(es): * libksba: integer overflow may lead to remote code execution (CVE-2022-3515) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7libksba-1.3.0-6.el7_9.x86_64.rpm7e11e6a81df1d6272e17a03009a28d7943a6cabd68bf3a923c6d89ead0769d2flibksba-devel-1.3.0-6.el7_9.x86_64.rpm673f0822ba542ac61ce573dca842da2c6661e75fb2de30e86bad51cb7a6237e3libksba-devel-1.3.0-6.el7_9.i686.rpm07a063e3cc370de7bb840c75e0f4ee06e5c777a7c18b843916c71c484ca8e943libksba-1.3.0-6.el7_9.i686.rpm533730773bb7dfd38472b7e70e42eb7e2ffd62449d70aeca13d4019900e8f8b8SLSA-2022:7184-1This update upgrades Thunderbird to version 102.4.0. Security Fix(es): * Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack by malicious server administrators (CVE-2022-39249) * Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a device verification attack (CVE-2022-39250) * Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack (CVE-2022-39251) * Mozilla: Same-origin policy violation could have leaked cross-origin URLs (CVE-2022-42927) * Mozilla: Memory Corruption in JS Engine (CVE-2022-42928) * Mozilla: Matrix SDK bundled with Thunderbird vulnerable to a data corruption issue (CVE-2022-39236) * Mozilla: Denial of Service via window.print (CVE-2022-42929) * Mozilla: Memory safety bugs fixed in Firefox ESR 102.4 and Thunderbird 102.4 (CVE-2022-42932) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.4.0-1.el7_9.x86_64.rpm751d9af64cbed054e4ce9d25ba8de957cfca2e6b6bbc6e583f6bb7e955e8e702SLSA-2022:7186-1Security Fix(es): * device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket (CVE-2022-41974) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7device-mapper-multipath-libs-0.4.9-136.el7_9.x86_64.rpmc0417cd8fbd8cf0ebb675b89fe1472401299dbe36f3fe4832a6fd6f3d4820ee3device-mapper-multipath-devel-0.4.9-136.el7_9.x86_64.rpmfe3b267788d109ff4f28777fcc00dafaa6669cae749057415a1194fe94cabeeclibdmmp-devel-0.4.9-136.el7_9.x86_64.rpm30ca5556be8eab6e7c22d594443e7627ddc1d414751cad4b31556d244787ce56device-mapper-multipath-0.4.9-136.el7_9.x86_64.rpm55013cb7881446aa95631dfd591cde64b649c7a1b91c942d131bc49e117c0ff1kpartx-0.4.9-136.el7_9.x86_64.rpm0df134d6cc6152e6ee502a0590a4f10aeaabd870624486bcd1ecf804d0376e01libdmmp-devel-0.4.9-136.el7_9.i686.rpm7d73ab67bd157e7d42989546fe383af91118f2bb5afa94b5ac0ca82ce2d6d9b2libdmmp-0.4.9-136.el7_9.x86_64.rpm859220b7a7116671fa883778eb026c73853085eb18dcdf85d37c6f13904a8b9blibdmmp-0.4.9-136.el7_9.i686.rpmdf30e350eaf3d5d7eff406c4e548aea30732ea9564ea84403018876c810e2664device-mapper-multipath-libs-0.4.9-136.el7_9.i686.rpm16b497a2a5748f83372ecd97c9a53caf6a56c5136e039a3ec351c7ac6074fa26device-mapper-multipath-sysvinit-0.4.9-136.el7_9.x86_64.rpm125e697568c384f2b0e8b1e81a067b11d599fe7a078c7ac2347729e66a6b21e6device-mapper-multipath-devel-0.4.9-136.el7_9.i686.rpmbe0f0cbdc39232617d8f56ea6b5c387a8e7a5fdc378e8379553adcca324e81f0SLSA-2022:7337-1Security Fix(es): * a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) * RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900) * Branch Type Confusion (non-retbleed) (CVE-2022-23825) * Intel: Post-barrier Return Stack Buffer Predictions (CVE-2022-26373) * Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * lpfc panics in lpfc_els_free_iocb() during port recovery * mlx5 reports error messages during shutdown then panic with mce * Kernel panic due to hard lockup caused by deadlock between tasklist_lock and k_itimer->it_lock * fix excess double put in nfs_prime_dcacheimportantScientific LinuxScientific Linux 7kernel-debug-devel-3.10.0-1160.80.1.el7.x86_64.rpm371b608b0e17311b77cbb5c189256e34e26616d68e63c2377d3cf2fff2738f6ckernel-doc-3.10.0-1160.80.1.el7.noarch.rpm8ebb2c2be13c520a0bc08dd36c7d3f6986cb16e3999e3ef5e1a0405227ebaf19perf-3.10.0-1160.80.1.el7.x86_64.rpma45033d911a9951c719cbe1aff04fcf2216b4196f99c28010beb30b26f3366cbkernel-tools-3.10.0-1160.80.1.el7.x86_64.rpm2d77fae8e1d3117d2bd2d48cbc79b5c3dcbf58c48a6f8b9be6a2681eee9d2806kernel-tools-libs-devel-3.10.0-1160.80.1.el7.x86_64.rpm4a71676849293f3c9f03b00e00d398df59415f2b4b2b146f74ae8f5583d347efkernel-tools-libs-3.10.0-1160.80.1.el7.x86_64.rpmaac2543f8b404cc85519fca1c32a189b44db191d78a4d19345e5b2963c531436python-perf-3.10.0-1160.80.1.el7.x86_64.rpm059abb1c94a1beb4ff872ca8ea2dc9faf621c414a90dcfedfa5922eabf27bebekernel-devel-3.10.0-1160.80.1.el7.x86_64.rpmddbdb5dffbf590e495a3f442dac24a81a3cc0ae681eb42fe5853a68d2ea2b6b0kernel-debug-3.10.0-1160.80.1.el7.x86_64.rpmdccc8cb1637b56a31daafec03d0f5618c74aa0c35c407136d3c447b661adf7fckernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch.rpm0f478084fd9a6ac71bdfe4f6a6d68c360817fe8b8875cfc733e46165b5230a67kernel-3.10.0-1160.80.1.el7.x86_64.rpm334bf15c70cbd6233c3b86e566248a9996c9e25a541f91113f6bc278a09ccf45kernel-headers-3.10.0-1160.80.1.el7.x86_64.rpme1b1fb5a43dba7bdcc17a379221e8dfe0084b0a62bf19934dd34a293e0cd6565bpftool-3.10.0-1160.80.1.el7.x86_64.rpm5b1549f366029a1777a0a1672a63ecb1070ceef48b309f5f3315442f9c000764SLSA-2022:7340-1Security Fix(es): * Archive_Tar: allows an unserialization attack because phar: is blocked but PHAR: is not blocked (CVE-2020-28948) * Archive_Tar: improper filename sanitization leads to file overwrites (CVE-2020-28949) * Archive_Tar: directory traversal due to inadequate checking of symbolic links (CVE-2020-36193) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7php-pear-1.9.4-23.el7_9.noarch.rpm03d25f58bd03ae554728125a505e13150c6f9bc8eae411c41dc195bb34099c22SLSA-2022:7343The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fix(es): * rubygem-rack: crafted requests can cause shell escape sequences (CVE-2022-30123) * jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7pcs-snmp-0.9.169-3.sl7_9.3.x86_64.rpm390b97770cab2e1374c50ec3619000ebb7872e23a8419e960c92041cfff00a83pcs-0.9.169-3.sl7_9.3.x86_64.rpmf8d9e60d0aa9c4ead385ae3725133bd8e1593e67285fa304ad0fc02bc6e3ef31SLSA-2022:8491-1Security Fix(es): * xorg-x11-server: buffer overflow in _GetCountedString() in xkb/xkb.c (CVE-2022-3550) * xorg-x11-server: memory leak in ProcXkbGetKbdByName() in xkb/xkb.c (CVE-2022-3551) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7xorg-x11-server-devel-1.20.4-19.el7_9.x86_64.rpm3e3432461e7d3bc68549c1872fde8eac9e22004155b343f0d5e98e0a96a6debdxorg-x11-server-devel-1.20.4-19.el7_9.i686.rpm0fd6387e097cf045b57e24a56d2da4afee38e756dc8ed403e95263f6356547e0xorg-x11-server-source-1.20.4-19.el7_9.noarch.rpm9023b819fdd94631d36f8be6c4c146489ca13e1134cb7e713d0846a2190816f6xorg-x11-server-common-1.20.4-19.el7_9.x86_64.rpm24376753e027a21ae6fa8e7b389c76538157ed9e06b64e44fc9b89a99fc6c10bxorg-x11-server-Xwayland-1.20.4-19.el7_9.x86_64.rpm5618774205f6014628aeee0dcf61781f52a0f265211147dffb51967c92942fdcxorg-x11-server-Xorg-1.20.4-19.el7_9.x86_64.rpm9ceb862a8744affd6ac8c2d38d756324460ad2cfe084621de13c075aad9590e2xorg-x11-server-Xephyr-1.20.4-19.el7_9.x86_64.rpmd0fcf4663345dc9465ef599962e37c0682546d1e76426a1e946245c0910ab558xorg-x11-server-Xnest-1.20.4-19.el7_9.x86_64.rpm0e1d8fbdd9864e1c01862fa15e6d601e0b230ee758da7838f905cf728054aed5xorg-x11-server-Xvfb-1.20.4-19.el7_9.x86_64.rpmaef148d20647d6392ce3a307b6305368d22ba19d28efb86fe15f1a90f02466a6xorg-x11-server-Xdmx-1.20.4-19.el7_9.x86_64.rpm3472ac91cc88a2b629fb6dc03cee388c9e0d7bb8d3e476526b7074480d663b2bSLSA-2022:8552-1This update upgrades Firefox to version 102.5.0 ESR. Security Fix(es): * Mozilla: Service Workers might have learned size of cross-origin media files (CVE-2022-45403) * Mozilla: Fullscreen notification bypass (CVE-2022-45404) * Mozilla: Use-after-free in InputStream implementation (CVE-2022-45405) * Mozilla: Use-after-free of a JavaScript Realm (CVE-2022-45406) * Mozilla: Fullscreen notification bypass via windowName (CVE-2022-45408) * Mozilla: Use-after-free in Garbage Collection (CVE-2022-45409) * Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 (CVE-2022-45421) * Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy (CVE-2022-45410) * Mozilla: Cross-Site Tracing was possible via non-standard override headers (CVE-2022-45411) * Mozilla: Symlinks may resolve to partially uninitialized buffers (CVE-2022-45412) * Mozilla: Keystroke Side-Channel Leakage (CVE-2022-45416) * Mozilla: Custom mouse cursor could have been drawn over browser UI (CVE-2022-45418) * Mozilla: Iframe contents could be rendered outside the iframe (CVE-2022-45420) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.5.0-1.el7_9.i686.rpmfbfdecd9b75c9285060bf545f775eec9d54c680f703ee44634b2d6892b5b62c6firefox-102.5.0-1.el7_9.x86_64.rpmd9246fd451ec95c47e1faae3b828827c1a897d3a0447c57b2a79e744347c42d4SLSA-2022:8555-1This update upgrades Thunderbird to version 102.5.0. Security Fix(es): * Mozilla: Service Workers might have learned size of cross-origin media files (CVE-2022-45403) * Mozilla: Fullscreen notification bypass (CVE-2022-45404) * Mozilla: Use-after-free in InputStream implementation (CVE-2022-45405) * Mozilla: Use-after-free of a JavaScript Realm (CVE-2022-45406) * Mozilla: Fullscreen notification bypass via windowName (CVE-2022-45408) * Mozilla: Use-after-free in Garbage Collection (CVE-2022-45409) * Mozilla: Memory safety bugs fixed in Firefox 107 and Firefox ESR 102.5 (CVE-2022-45421) * Mozilla: ServiceWorker-intercepted requests bypassed SameSite cookie policy (CVE-2022-45410) * Mozilla: Cross-Site Tracing was possible via non-standard override headers (CVE-2022-45411) * Mozilla: Symlinks may resolve to partially uninitialized buffers (CVE-2022-45412) * Mozilla: Keystroke Side-Channel Leakage (CVE-2022-45416) * Mozilla: Custom mouse cursor could have been drawn over browser UI (CVE-2022-45418) * Mozilla: Iframe contents could be rendered outside the iframe (CVE-2022-45420) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.5.0-2.el7_9.x86_64.rpmaa6b87752deb674efc6faf9d021e36523a29be598aba27f9627d9118f480c8aaSLSA-2022:8560-1Security Fix(es): * hsqldb: Untrusted input may lead to RCE attack (CVE-2022-41853) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7hsqldb-demo-1.8.1.3-15.el7_9.noarch.rpm52afec8b8d834a50847f845c3d07024d94af6ecde1019872ddfd1b8f7ae27ca6hsqldb-manual-1.8.1.3-15.el7_9.noarch.rpmd37aa571bfe6d88ad8c91d832ce9b4681a923db382482dd0c616e245e37ed2c2hsqldb-javadoc-1.8.1.3-15.el7_9.noarch.rpma27b384f2e00296902b1a0fc4191f3ba7316a3fafd968e944e37f19a4d7151f6hsqldb-1.8.1.3-15.el7_9.noarch.rpm227ca9d80bccfb61a5790605ed02ff16da540572df48e3705884964262444a56SLSA-2022:8640-1Security Fix(es): * krb5: integer overflow vulnerabilities in PAC parsing (CVE-2022-42898) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7krb5-libs-1.15.1-55.el7_9.i686.rpm1f711a5526449ed91253280ae45242d477b1abc458cc6d2cbac38ad0ae33cf20libkadm5-1.15.1-55.el7_9.i686.rpm88bb67fe414e2b7cb835e8232d313bf8ca0a6cfeb75b7e572f7752d8edec8c64krb5-server-ldap-1.15.1-55.el7_9.x86_64.rpmfdd36b73b8525fafedd6d7583da11d48fed0c3152cb1f6781efc425b05152380krb5-devel-1.15.1-55.el7_9.x86_64.rpm7c2e5c8e65ee6cc4042785a0ed36f99435254246f07260981f47b848921e61f2krb5-server-1.15.1-55.el7_9.x86_64.rpm5c22318fd10f1e807a87454ab210b4f1c3e5681fb931becfd7a866a37476808akrb5-devel-1.15.1-55.el7_9.i686.rpm0a98cd60d216e78afb2bfd8c25bf46c2aeeaa1b4412b3000c702a8c4db02bf32krb5-pkinit-1.15.1-55.el7_9.x86_64.rpm67b71dd1972f73c992e99e75c2204ca00ebc4d6979e0f833c9c14125ff4b7229krb5-libs-1.15.1-55.el7_9.x86_64.rpm94051fb415c683c99563089edd3efdc1c89803c3a5dd6a5d552d6fc0e302e3f7libkadm5-1.15.1-55.el7_9.x86_64.rpm09c4105398d0ebfda101c5733482baba1a78c10c09214d066630e4b93b368142krb5-workstation-1.15.1-55.el7_9.x86_64.rpm632e08ca81c5804305ea37d3a31eb3043c022e5f3f5477ad7dfd0fa39ee52e83SLSA-2022:8799-1Security Fix(es): * pki-core: access to external entities when parsing XML can lead to XXE (CVE-2022-2414) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7pki-symkey-10.5.18-24.el7_9.x86_64.rpm3763d3b06fa5adf88b1d856ec6e4df9ca072e85bb4c81802e242f92a276ff808pki-base-java-10.5.18-24.el7_9.noarch.rpmdec3a16ca4abc10365d37dd7f5b56d884f68dbd6daf866b94879a8791d0a7e07pki-tools-10.5.18-24.el7_9.x86_64.rpm0ab55652836140beb57a6c63f61647209cab3de7150476eb35cc8dadbb914db0pki-base-10.5.18-24.el7_9.noarch.rpm18901f2122cb5943d0653f02b4c62053e7f560ed6ea4b756c5423076d84d3234pki-server-10.5.18-24.el7_9.noarch.rpm56e94336222080a7ff07384101ee0283b3bd10c37c4f2a80c0829109bdad74bapki-kra-10.5.18-24.el7_9.noarch.rpmf9f6a70b5fce40e571b34548f86c5a4c3396d08b883a8cc489278f380a075b20pki-ca-10.5.18-24.el7_9.noarch.rpm2e0f47fdb4abae43cd3dfed8b80839aa1d2a766c0251406381fe380f81392d07pki-javadoc-10.5.18-24.el7_9.noarch.rpme5f1fc8f795dc8659b0e65e19d84f650ff31d2784ff1fe8a16f794d5ec3b3847SLSA-2022:8900-1Security Fix(es): * grub2: Integer underflow in grub_net_recv_ip4_packets (CVE-2022-28733) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7grub2-efi-x64-2.02-0.87.sl7_9.11.x86_64.rpm99f13a06930fd8354a1ce96c33a6259dc91161f7b09891410980dc420ccabe97grub2-2.02-0.87.sl7_9.11.x86_64.rpmc2dcf0ed508fe4acc3f214e50869ff48cf0886c74714a2577e2b67d762855fc2grub2-efi-ia32-cdboot-2.02-0.87.sl7_9.11.x86_64.rpm5918876ca7da16670b153194d5a341cb7761ae6492372e7072ddbdcbaa42b5a8grub2-tools-2.02-0.87.sl7_9.11.x86_64.rpmf30b3c3195f950bd75b2d21900762fcea27dab83ae1e850266e2850f25457554grub2-efi-x64-cdboot-2.02-0.87.sl7_9.11.x86_64.rpm4cd257f520e9638b7cb458d48fd0d283e107960078011156a3a8f36c9974390fgrub2-tools-minimal-2.02-0.87.sl7_9.11.x86_64.rpm9c6b61af8090eac77335eb6d8ba3ad60833940748bdf74b499bb951f9894f65agrub2-tools-extra-2.02-0.87.sl7_9.11.x86_64.rpm71306d978b90994b31c82c9d7f9b4af1f9ebbe05b1359243d83f10b9ee71c6cfgrub2-efi-ia32-2.02-0.87.sl7_9.11.x86_64.rpm4ab89cd7a4d82eb2be1409e571f0e0f0f84c29a5a46305d549fcdac72816dbe2grub2-pc-2.02-0.87.sl7_9.11.x86_64.rpmae59cc1a85e6dbfbef53c30ebefb1e2fbc1ecf5ea64dd5e219acdadc8d54d936grub2-common-2.02-0.87.sl7_9.11.noarch.rpmbe8001b8070d239f5aa659ba3935f0f12f041c36098d269c6d3d646e3d909995grub2-efi-ia32-modules-2.02-0.87.sl7_9.11.noarch.rpmdde4f7b829f72d95ab2c64758b3984d14e513648d5e16960635f19b9dc224db0grub2-pc-modules-2.02-0.87.sl7_9.11.noarch.rpmd7305826250898110bd4c2b6011ec147aa73f2c34cb7264f62528928a896b020grub2-efi-x64-modules-2.02-0.87.sl7_9.11.noarch.rpm797f457079572c3ba99445cb9db9c3650c7144d48d2f65ded3f11256a3524432SLSA-2022:8958-1Security Fix(es): * Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7bcel-5.2-19.el7_9.noarch.rpme0cca685fe9940435681041174b6a4030eb581bc4e5308f7b587e3d4d1a0beffbcel-javadoc-5.2-19.el7_9.noarch.rpm7a618a7aa2a41af5da430d391a804277066289904fbe29cd4ea8fd0354b7774fSLSA-2022:9072-1This update upgrades Firefox to version 102.6.0 ESR. Security Fix(es): * Mozilla: Arbitrary file read from a compromised content process (CVE-2022-46872) * Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6 (CVE-2022-46878) * Mozilla: Use-after-free in WebGL (CVE-2022-46880) * Mozilla: Memory corruption in WebGL (CVE-2022-46881) * Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions (CVE-2022-46874) * Mozilla: Use-after-free in WebGL (CVE-2022-46882) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.6.0-1.el7_9.i686.rpme520550281c9f7c97655685cc5ab1c53c4a4958a2cba6c34d6294d78b179cbebfirefox-102.6.0-1.el7_9.x86_64.rpmaa5d2fc2abac7f2b6755b0d75ad9e00a5b88aa7f311c0f4be1cb30c09bf76cc0SLSA-2022:9079-1This update upgrades Thunderbird to version 102.6.0. Security Fix(es): * Mozilla: Arbitrary file read from a compromised content process (CVE-2022-46872) * Mozilla: Memory safety bugs fixed in Firefox ESR 102.6 and Thunderbird 102.6 (CVE-2022-46878) * Mozilla: Use-after-free in WebGL (CVE-2022-46880) * Mozilla: Memory corruption in WebGL (CVE-2022-46881) * Mozilla: Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content (CVE-2022-45414) * Mozilla: Drag and Dropped Filenames could have been truncated to malicious extensions (CVE-2022-46874) * Mozilla: Use-after-free in WebGL (CVE-2022-46882) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.6.0-2.el7_9.x86_64.rpm42b9264f75fcbd01966a937d569bd365f98c1c7bf4d83596b2bda5b8f060f137SLSA-2023:0045-1Security Fix(es): * xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free (CVE-2022-4283) * xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow (CVE-2022-46340) * xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access (CVE-2022-46341) * xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free (CVE-2022-46342) * xorg-x11-server: X.Org Server ScreenSaverSetAttributes use-after-free (CVE-2022-46343) * xorg-x11-server: X.Org Server XIChangeProperty out-of-bounds access (CVE-2022-46344) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7tigervnc-1.8.0-23.el7_9.x86_64.rpmdd3017d51e87041cf20c76409022f16c604d3db82fea92764bea0ddf3064c1b1tigervnc-server-1.8.0-23.el7_9.x86_64.rpm8ba2077105eacdd811c769c72a7a9834e55b37f61af9aa7a754fe0f5349b81d8tigervnc-server-minimal-1.8.0-23.el7_9.x86_64.rpm1ba07a8cbf1e41a0a31c664a7bcdb64fb1a5c15aaf675dfbee04f9eeadb76ed1tigervnc-license-1.8.0-23.el7_9.noarch.rpmd4918406587f5ee86cb34b02ced600c4cebc2d49094803a34f912ac6eca5f403tigervnc-server-applet-1.8.0-23.el7_9.noarch.rpm3ce399d5291dfe9f6ea5866ca916bcc44ba1327dffe7d42ff380a8f88cc519f5tigervnc-server-module-1.8.0-23.el7_9.x86_64.rpmf749036b2eec25233c9739ba858271abbc5c050abba51fb05efa087350fc4b77tigervnc-icons-1.8.0-23.el7_9.noarch.rpme06f8c903c7c8f2a55c2d691f7635c0450f53b242cc4ca08b2e927dc07d534c4SLSA-2023:0046-1Security Fix(es): * xorg-x11-server: X.Org Server XkbGetKbdByName use-after-free (CVE-2022-4283) * xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow (CVE-2022-46340) * xorg-x11-server: X.Org Server XIPassiveUngrab out-of-bounds access (CVE-2022-46341) * xorg-x11-server: X.Org Server XvdiSelectVideoNotify use-after-free (CVE-2022-46342) * xorg-x11-server: X.Org Server ScreenSaverSetAttributes use-after-free (CVE-2022-46343) * xorg-x11-server: X.Org Server XIChangeProperty out-of-bounds access (CVE-2022-46344) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7xorg-x11-server-common-1.20.4-21.el7_9.x86_64.rpm79d53e5d5cb651278f2afcb1294f9b7f02c9247a3adaca45560400fc0b570f88xorg-x11-server-devel-1.20.4-21.el7_9.i686.rpmb225aa56a8ca3c634abadd18923c8556e372e00b4f2048ef8e8d024f00048859xorg-x11-server-Xnest-1.20.4-21.el7_9.x86_64.rpm3b2ce032e3823928c8c7b39a8f3485b7f98ff75c1d93d5522b13f387742cbcc1xorg-x11-server-Xvfb-1.20.4-21.el7_9.x86_64.rpmb2b56bdddd55759d19fe1cda40eef9a558d83177e52e4d4febb2674bd11183c4xorg-x11-server-Xorg-1.20.4-21.el7_9.x86_64.rpmd55a20b8c13216c9b26bbf8bfa3968a8ec696e167a952acd479fc8c88a25a143xorg-x11-server-devel-1.20.4-21.el7_9.x86_64.rpm31d5dcfa4b14c22d9148fc0343746d4e468c267bbc21e3beb4b573c099e60c48xorg-x11-server-Xephyr-1.20.4-21.el7_9.x86_64.rpm579384683f9a00c1f779d2d356627975bbffb7fb22b45183c7cd129615eeccd5xorg-x11-server-source-1.20.4-21.el7_9.noarch.rpm51c813defbae680877830c3caba839f053ef6b7004088f7358c28d288113e7c5xorg-x11-server-Xwayland-1.20.4-21.el7_9.x86_64.rpma47e375d2cf9f34c2ccc30d20c6f94d619c492ccc51715729c75b314e3f58d67xorg-x11-server-Xdmx-1.20.4-21.el7_9.x86_64.rpm18862f831a03ed2aefa268c9c5bbdce8b7b977d0010a4d6a2f547d37b1c2e861SLSA-2023:0195The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 11.0.18) (BZ#2150192) moderateScientific Linux 7java-11-openjdk-javadoc-zip-debug-11.0.18.0.10-1.el7_9.x86_64.rpm4fcccdefc071d921599a1e7c4bc3a4f5fa074bef39e0504866e93dc5f91f2531java-11-openjdk-demo-debug-11.0.18.0.10-1.el7_9.i686.rpm5721c7753a72eac303fe3255b37283d95fcd94c7376c2d4ebbeeedff3a096af1java-11-openjdk-javadoc-zip-debug-11.0.18.0.10-1.el7_9.i686.rpm51b99f58322d567cddd042efbc869f373b52e933383e45a66c97ae8cc45e1f63java-11-openjdk-headless-debug-11.0.18.0.10-1.el7_9.i686.rpm6a258f5f2f99e2e656619c7f5f3b6b7f2023b8f901c0a0334873b94fdc941b29java-11-openjdk-javadoc-debug-11.0.18.0.10-1.el7_9.x86_64.rpm7bceae79f301a98f2b175728c26b4dc0ddd2049e5aba176fe774f0afd219a1aejava-11-openjdk-src-debug-11.0.18.0.10-1.el7_9.x86_64.rpm8ad97a2c2b6319d5cc2fcb597087eaa62c042f2225f2217708cab3fa727c7744java-11-openjdk-javadoc-debug-11.0.18.0.10-1.el7_9.i686.rpm42e0fc8733f5c586bb78b49b5a2de5bd09258b51af47a92b6e8712bf03ba76d1java-11-openjdk-demo-debug-11.0.18.0.10-1.el7_9.x86_64.rpm52fe117f3dc1637a5bce91dbbbf262cb3426d5ba229fdb5be195fb49de0dead5java-11-openjdk-static-libs-debug-11.0.18.0.10-1.el7_9.x86_64.rpm46ada50a9aa614b885d0dd4a7015ee5d1fb06d7f490904fa30e1ce6957236953java-11-openjdk-devel-debug-11.0.18.0.10-1.el7_9.x86_64.rpm2c9d49a68aa09f02258351c91f555f6b0211de901645235f7d0f31f232115963java-11-openjdk-headless-debug-11.0.18.0.10-1.el7_9.x86_64.rpmb3f024c8c0309215dd310fdc7d20f9e854ff1793fcd79f7cbdf51565a692ccbdjava-11-openjdk-src-debug-11.0.18.0.10-1.el7_9.i686.rpmce46f933757568cd5b7eba35845c701fcc3e4ed15e922ded40398265ee427211java-11-openjdk-debug-11.0.18.0.10-1.el7_9.i686.rpm3c359c9afd7dfd0a006e9b23d4ad5f1036df5508873b104ab0f05b5b5bbc60fajava-11-openjdk-jmods-debug-11.0.18.0.10-1.el7_9.x86_64.rpmbce1e0dc45399bdbee0b5b70b9596f99c175ca68a14454e8de229887bdfbff18java-11-openjdk-devel-debug-11.0.18.0.10-1.el7_9.i686.rpm1872c8712dccd991aa136cce3c2e86875a3b2643acc896bec68c3b083507125ejava-11-openjdk-jmods-debug-11.0.18.0.10-1.el7_9.i686.rpm1915fcb1e7116b4b935440e911a85d10923bd50e9c924c70aeaea617e26ab15cjava-11-openjdk-debug-11.0.18.0.10-1.el7_9.x86_64.rpm88c6d0144ec63fe83ba7762cd6bb68ba4d04c150859d27d78d0a1c5858b78b4bSLSA-2023:0195-1Security Fix(es): * OpenJDK: handshake DoS attack against DTLS connections (JSSE, 8287411) (CVE-2023-21835) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 11.0.18)moderateScientific LinuxScientific Linux 7java-11-openjdk-demo-11.0.18.0.10-1.el7_9.i686.rpm3bc1d3cae89a9b43428bc5b056d83be87f802edd3b625132919a4179e3636b00java-11-openjdk-11.0.18.0.10-1.el7_9.i686.rpmf843f7100c0e05db141e5711b463151f6f84edc518e26801f642781dadadca7cjava-11-openjdk-javadoc-zip-11.0.18.0.10-1.el7_9.i686.rpm748d1bbacd06da97f2aee6b4cc956921ed77d1686c9ecc216e3fbefdc764d37bjava-11-openjdk-static-libs-11.0.18.0.10-1.el7_9.x86_64.rpm842ad0e3202d29c2ab7d4a0da2ffd7ad60553b79dbc38a04e365248634c6de44java-11-openjdk-javadoc-11.0.18.0.10-1.el7_9.i686.rpm8962445f55696819dfe7c47f475c2b53cc0d96e5ff73bc5d645d6b61edbb7debjava-11-openjdk-headless-11.0.18.0.10-1.el7_9.x86_64.rpm954bed46277a5d12619ace7f32279515c2a98ffda3733e187797f19460113d75java-11-openjdk-devel-11.0.18.0.10-1.el7_9.i686.rpm135f5bac306fd312a6d7a5ed81c4922953d0ef8b2459fd5df8ce47ef3e275595java-11-openjdk-javadoc-zip-11.0.18.0.10-1.el7_9.x86_64.rpm1977afedf027ab6b36f6bb4701372b22ed6891ccb86921ec144da42de29f9a09java-11-openjdk-demo-11.0.18.0.10-1.el7_9.x86_64.rpmbdeda4ae3c3d1558414becfd75b3df7cef33576f702a1a1d3997c638d07b75fajava-11-openjdk-11.0.18.0.10-1.el7_9.x86_64.rpm1e1ee682659151ffc7e9622e46fc4a5385da0c847855c692fb300b454fe95038java-11-openjdk-src-11.0.18.0.10-1.el7_9.i686.rpm61e30fd23ae2c3e0fbbb70ee6995a7e608dd52710ded594d9ea8b9ff71f6dff2java-11-openjdk-javadoc-11.0.18.0.10-1.el7_9.x86_64.rpm1b9d27cbbe2e7a6823e56922b743ce76e738da8af3281699337a61f2df134024java-11-openjdk-src-11.0.18.0.10-1.el7_9.x86_64.rpm973dea4ab545a00f6aac1ce0b55b22df5a5bbb2d9071f77ce4b98f0ea0997a7cjava-11-openjdk-jmods-11.0.18.0.10-1.el7_9.x86_64.rpmb89892b3f9e18cd038d05dd81498d044c33b301dc2e42bf4a8a7e9eef50d4d9ajava-11-openjdk-headless-11.0.18.0.10-1.el7_9.i686.rpm271de5dce775c818dd0b07bb8f270955529619164be4339e950d85d38733b777java-11-openjdk-jmods-11.0.18.0.10-1.el7_9.i686.rpm27e633ba219e5a22027e01f848a8a16d84316b68f7cd97929c42fce46a887983java-11-openjdk-devel-11.0.18.0.10-1.el7_9.x86_64.rpm145f8da2a5bc486a8421b1e7cb57363db2e0f2b18f9349f21546ce6b8312f0afSLSA-2023:0203The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) (BZ#2150191) moderateScientific Linux 7java-1.8.0-openjdk-devel-debug-1.8.0.362.b08-1.el7_9.i686.rpmd67f5f2319f6ff0a3b5de8d2d807ee5c67e926c7a8dcacaf2e28e8e9bc6b2238java-1.8.0-openjdk-demo-debug-1.8.0.362.b08-1.el7_9.i686.rpm17fab252cbef0c6091cc5b79ee41edf7247454269c7672890c234175a9eb1f03java-1.8.0-openjdk-accessibility-debug-1.8.0.362.b08-1.el7_9.x86_64.rpm8a61d12f78f3795ac2cf62406286a5f37c7deead7dd6c3a02dd4c1e889ef8900java-1.8.0-openjdk-src-debug-1.8.0.362.b08-1.el7_9.x86_64.rpm394b99e5dad56c6b475922a65576ff8f622be890d773b2f61800985c335daae3java-1.8.0-openjdk-debug-1.8.0.362.b08-1.el7_9.i686.rpm59b237e3ae54ab4415241c247e5d3d42a352e2b81960c848cd8ec07d91fe1fb3java-1.8.0-openjdk-accessibility-debug-1.8.0.362.b08-1.el7_9.i686.rpmeafcc7b9ea13057aec5c7b0ebe6f10882c24d023883a27a2e2509bef8e8e1179java-1.8.0-openjdk-headless-debug-1.8.0.362.b08-1.el7_9.i686.rpm8b9addb29a05d1fd51e24843f9c9ff233ffefa529185561466b7c7d5f244b5e2java-1.8.0-openjdk-src-debug-1.8.0.362.b08-1.el7_9.i686.rpmef2f54dfcec1be271424d6a3a0a362c9a3af74a93f52ef43402d1912c781729bjava-1.8.0-openjdk-demo-debug-1.8.0.362.b08-1.el7_9.x86_64.rpmaf40a2cfda64966d5a427c2eea862ea30d618567d401078c4c0c448bf9432df6java-1.8.0-openjdk-devel-debug-1.8.0.362.b08-1.el7_9.x86_64.rpmd23676057675490f4089eab52482b9cd0e7878e5a2f3cf9c9d113207478d0751java-1.8.0-openjdk-debug-1.8.0.362.b08-1.el7_9.x86_64.rpm51112771c749d39cf0184f0bb26636af59c40d88eee15751b02ce8f719f10a37java-1.8.0-openjdk-javadoc-debug-1.8.0.362.b08-1.el7_9.noarch.rpm5fbd504305174e6bfb203b14e45aa9fee36c3da9f73d7c810733d9600fcdda54java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.362.b08-1.el7_9.noarch.rpmcea11c3b85836b654b96bf42c4a8d3325d4d9db3c17277871f917965165aec3ajava-1.8.0-openjdk-headless-debug-1.8.0.362.b08-1.el7_9.x86_64.rpmc43fcee935ee49480526fac1e2080c2036252474816bd997f9ec6418f4add8e9SLSA-2023:0203-1Security Fix(es): * OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021) (CVE-2023-21830) * OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362)moderateScientific LinuxScientific Linux 7java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b08-1.el7_9.noarch.rpm05b6ccceb390b74f5a4dfc27aa6f6100d7bce12dc245e3c52e0ccc7fe1d642bfjava-1.8.0-openjdk-javadoc-1.8.0.362.b08-1.el7_9.noarch.rpmd7b36f402fb5e3cb164069a19de48997180a7acbf656960bb8395de371279098java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.i686.rpm653e348b4a040d8fade666eb0133836bd40c9973dd7ff739b24337dfbdc2c892java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.x86_64.rpm752180dbb579f396c985a1d7de2f8b79440096ebe4240c8b16a011eeab0557bcjava-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.i686.rpme5eeba85072f8947cb295251e39a59f2387fb3bdcb75fab7446b3319262313d6java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.i686.rpm4c06915a71f9f8f77fc3224a3befd6978484aa94fa0fbc6fc388db7463a24e22java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.x86_64.rpm8502fc7913dce12d4b6782a1b1bd06573cf1e0f3b87026a84fbf391584632705java-1.8.0-openjdk-accessibility-1.8.0.362.b08-1.el7_9.x86_64.rpmfebf86745e38c1a80182668de2e367ad6870206ed182ff455aa67cea0a450222java-1.8.0-openjdk-1.8.0.362.b08-1.el7_9.x86_64.rpm4c48921b8d693ebe70aea1f02ad0281c6bf7ad5343dd8286014421164bc60053java-1.8.0-openjdk-demo-1.8.0.362.b08-1.el7_9.i686.rpm8b4df27fdadbb0e8f1d2d251fbbe1659a597ab959926c96a03963d71d1631039java-1.8.0-openjdk-src-1.8.0.362.b08-1.el7_9.x86_64.rpm29e7e96ad8580b7ad6a47a627b381b7af105f9d1ffd99ed38cb9eae25ccc3768java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.i686.rpm165e46dc7a8d05f83a894dd20c23d60abc3c1887ecfa1c5254049ff044d73fc0java-1.8.0-openjdk-devel-1.8.0.362.b08-1.el7_9.x86_64.rpm591856a5e8fa2aca76194cf466f2c7a8e0ee74bea747b9a9618e4b5b51b24ab7java-1.8.0-openjdk-headless-1.8.0.362.b08-1.el7_9.i686.rpm77908458f8b22121d9d5d237ba5df39a2d013502b35c14bb51f7efecb23c2159SLSA-2023:0291-1Security Fix(es): * sudo: arbitrary file write with privileges of the RunAs user (CVE-2023-22809) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7sudo-devel-1.8.23-10.el7_9.3.x86_64.rpmb509e056243c05835de134363455b1f06feb4a168d8589a349ba2c8e83eddd47sudo-1.8.23-10.el7_9.3.x86_64.rpmcac42c69a281a8b043ad8439ea382ef1189f033ae73996f6ee04a369fd8db073SLSA-2023:0296-1This update upgrades Firefox to version 102.7.0 ESR. Security Fix(es): * Mozilla: libusrsctp library out of date (CVE-2022-46871) * Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598) * Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605) * Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599) * Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601) * Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602) * Mozilla: Fullscreen notification bypass (CVE-2022-46877) * Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.7.0-1.el7_9.x86_64.rpm11b23f5cd514cc8129706f30b58ad4a5ff362d3ef32d278e706ec529245f2128firefox-102.7.0-1.el7_9.i686.rpm6dcb5e50c1d0aeda1e6b048bb06d3b39cc58c23a5c108108eaefc4fe586d4027SLSA-2023:0377The libXpm packages contain the X Pixmap parser library. Security Fix(es): * libXpm: compression commands depend on $PATH (CVE-2022-4883) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7libXpm-devel-3.5.12-2.el7_9.i686.rpmb198deb123820a78c48009ba17ad5cbd90c0c33aa6bb09c392370a38599b7ae3libXpm-3.5.12-2.el7_9.x86_64.rpmdf039c15386f0ccaf4d4ecec2af6f54b1d698240cadbf324d7327d67ec92f365libXpm-devel-3.5.12-2.el7_9.x86_64.rpm60c812c275867820f98e75f4b0067b0b5ab76e52b5f95ecf26a2831b8e97a6e8libXpm-3.5.12-2.el7_9.i686.rpm2f0d3e0e9abe5bb42ef048af825a38deda1b5ead99875ab9e4f2063a51766714SLSA-2023:0399-1Security Fix(es): * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prevent unnecessary resets - Avoid leaving shost->last_reset with stale value if EH does not run * i40e: Request to backport upstream commit 2e5a20573a92 * disable VMA-based swap-in readahead on PowerPCimportantScientific LinuxScientific Linux 7kernel-abi-whitelists-3.10.0-1160.83.1.el7.noarch.rpm98e7e92cd04b875945fd4cb335412bf8c24a4e439ce39aabc1d795c46c4298d5perf-3.10.0-1160.83.1.el7.x86_64.rpmd33cbb5d8ad58c6e4c876a306ec93179871e9a2a84123c97d3793b0a8404dbe9kernel-debug-3.10.0-1160.83.1.el7.x86_64.rpm1a49e659075919d95f7ebd2fd2bc6689cb2f475d1274496c971e44e0899014c1kernel-debug-devel-3.10.0-1160.83.1.el7.x86_64.rpm6c11f35cc47ff1a43b18c0506fabc9a3f3d3b0b2f5c8c15470c443c7828450e9kernel-tools-libs-devel-3.10.0-1160.83.1.el7.x86_64.rpm1366cd9ad0a75cb819e32ab8e99f2e59afe5fa863832725e38334f2a1c8af63dkernel-3.10.0-1160.83.1.el7.x86_64.rpm03e614e31ff2f223881b8542d50a59e0360117c66c4663fea606ad019dc574ackernel-tools-libs-3.10.0-1160.83.1.el7.x86_64.rpmace7dd6fc95f571358580c4a373531a643070b7b59571908ea809c31dca21b76kernel-doc-3.10.0-1160.83.1.el7.noarch.rpm863a86b1705c39a0d3f84cadcc501337fd023cfc5cf517d71611b513a24100afbpftool-3.10.0-1160.83.1.el7.x86_64.rpmad4a6345606050446ad16b770f6d3d27852dda942ddfd3a0f06c0b2f551f89d0kernel-devel-3.10.0-1160.83.1.el7.x86_64.rpm6e0ef358ba023ff734894a30f88fa4cbf5d4a0639c70323c8881bb083a2dc6e7kernel-tools-3.10.0-1160.83.1.el7.x86_64.rpm7d96c648f1ecdb2a7a013c40c3eb09397ab8d091ad9a1edebff4a55348d0a1a0kernel-headers-3.10.0-1160.83.1.el7.x86_64.rpm0b6671b29f4ad5264592b71ad0eddc45a9ae36cf0b6f270e02743487c3fa0bdapython-perf-3.10.0-1160.83.1.el7.x86_64.rpm68b80d5f1ee488ce0fe8bf9e7f6d996325fe03c11fa6180f2491c6daa84d0920SLSA-2023:0402-1Security Fix(es): * bind: DNS forwarders - cache poisoning vulnerability (CVE-2021-25220) * bind: processing large delegations may severely degrade resolver performance (CVE-2022-2795) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7bind-pkcs11-devel-9.11.4-26.P2.el7_9.13.i686.rpmeb7454c91c0c0229c5c42b7b39da752e86f3a8d3178430deb6a1b44c96881f8dbind-pkcs11-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm0f56a8eb01c837fa298d23a19ab0440f1c384d578326e75deb4f079ab3d879e1bind-libs-lite-9.11.4-26.P2.el7_9.13.x86_64.rpmab10c3e78d6034f2aaa0c8b4ebf6d7be3407f1357101e822c318cf17ea861d63bind-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm1eb2074549612b1cff2a28627e5f3b2a4d236566d5adaa99b4674405697d2598bind-libs-lite-9.11.4-26.P2.el7_9.13.i686.rpmab7659bf414b34d38f29bb3c339e7ef7227ab6029c09aea0d9796f3b16617074bind-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpmf4a664d35029d85dd179c384f40480a3428f7812dc5451815f570169ad5772b6bind-pkcs11-9.11.4-26.P2.el7_9.13.x86_64.rpm1ced88f817c5c9b837c0f30d5716d0170451c17cb76f2aafae9f38ec7d4eb2b7bind-sdb-chroot-9.11.4-26.P2.el7_9.13.x86_64.rpm043c7ab8699a0c632fbcf86503a81e396117e945c9b688fbc3dd8ebf74bf130abind-export-devel-9.11.4-26.P2.el7_9.13.x86_64.rpmbc654c846cc7b0cf207acabf543674bb337c2d00834b8a1642d20f1f876c7913bind-9.11.4-26.P2.el7_9.13.x86_64.rpm4da9b800ab814fad0c507e1fbbcd24e87046e12f6a114208a20735d11ca050ddbind-sdb-9.11.4-26.P2.el7_9.13.x86_64.rpm6cb479ea7e8351c0e798e4bba3b420e8f8527767c75c387558d04ccc176131fbbind-pkcs11-libs-9.11.4-26.P2.el7_9.13.i686.rpmbd749319924fd015a69e9e0b46bbe2f1372885887dcae418439f0ac76ce4c217bind-pkcs11-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm8d3f4431c5eeca4e4d989d494d1e9fa35e5315c146e2ee097b18e46d125ac0a2bind-lite-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm776572692e3ee2fa60f1b3ec56e69ee16c4229730f7845cbc3fa135dab5c3c91bind-devel-9.11.4-26.P2.el7_9.13.i686.rpm329962f999d5f845da95aaac1b0236c6c12ab50763a353458b0563949e9241cbbind-export-devel-9.11.4-26.P2.el7_9.13.i686.rpmb388afda1b0ac50faedaaa336b839370c6edc9e37fc2bf2e444f8ffdd839e878bind-license-9.11.4-26.P2.el7_9.13.noarch.rpmf9aef2500b2b1ed6c3206607d73157246a3b0ea6fda944b02706154b00b4e979bind-export-libs-9.11.4-26.P2.el7_9.13.i686.rpma2a4d81888ef9d2d40a9925b76a4810877a2d2c652f56690282bdea89262089cbind-devel-9.11.4-26.P2.el7_9.13.x86_64.rpm4e09efb17c23f9971cf3c42854c641011561dace108198a272befdfefe2ebacebind-export-libs-9.11.4-26.P2.el7_9.13.x86_64.rpm4003d60867abb79d5c6e609204461ae25f64ccd2b1fd3738b72b12b440325bccbind-pkcs11-utils-9.11.4-26.P2.el7_9.13.x86_64.rpma6ec6b932f762a7869a3550209b49a275b111bf37ee2995818965911c54deb94bind-utils-9.11.4-26.P2.el7_9.13.x86_64.rpm46774dcafc058b1dd4cfc9a640d0d0a446467d300bcee59a7bda88a1b53e8c01bind-libs-9.11.4-26.P2.el7_9.13.i686.rpm34830638859ee62e60bc47dda6f0383455e839436448de55706892203e9fd909bind-lite-devel-9.11.4-26.P2.el7_9.13.i686.rpm42ca2439d41c12224fb12b8bda8ef7a3e260ceb64d79f0b6054eaec655cc7644SLSA-2023:0403-1Security Fix(es): * sssd: libsss_certmap fails to sanitise certificate data used in LDAP filters (CVE-2022-4254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * smartcards: special characters must be escaped when building search filterimportantScientific LinuxScientific Linux 7libipa_hbac-1.16.5-10.el7_9.15.i686.rpmec9e2f79eb49a0a505bc4258a16c40fdb4513d3ee2a915987ad1dbcb12a32a4alibipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm529d2d8d22c5c0b309ba3e79c1e410e0fcfc53987eb9322c862b6840a8675584sssd-ldap-1.16.5-10.el7_9.15.x86_64.rpm84b915877ab3a0f4fd324e69005f330e06b2a0e8f5787a2d0bba23d2b76ca9b2sssd-ipa-1.16.5-10.el7_9.15.x86_64.rpm8e8ec7152e1511103ce96db1be110b5010660c65698b467c470a980b0af99201sssd-client-1.16.5-10.el7_9.15.x86_64.rpm2fdc8cec74266f2a85a55c6d3b6b0307458d0a20476e5749c76aef33c6151225libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpm16bc4d0557dde9b46a1c9897345a621b49b790c90c07141860cfc9e93df55ee2sssd-krb5-common-1.16.5-10.el7_9.15.x86_64.rpmd7b2acb1b193cfdfdca7c54d169497cd58ee5e57e76980ed7868446d8b90cfdalibsss_nss_idmap-1.16.5-10.el7_9.15.i686.rpm8759698f9478c1aeb33c8ea981a0a6439202f6066cdb70c2682e1100320cbb42libipa_hbac-devel-1.16.5-10.el7_9.15.x86_64.rpm4fbb6253c7180e83a4b2bb828bd2a6cd24014d28a0055d2fcfc2fb5fc706f78clibsss_certmap-1.16.5-10.el7_9.15.x86_64.rpm388a3fc9d5274d70d776671716eb893b82d5e832890dae1d7ba2cf2d0484f3fclibipa_hbac-devel-1.16.5-10.el7_9.15.i686.rpm56cb20370288a226781598ee1d8dd41707ba4d2e6374a2b2a4505d2302357279sssd-tools-1.16.5-10.el7_9.15.x86_64.rpm255fd956b96970e4286710242848e4e2ea03d870037cdcfb4eb601449a82a13epython-sssdconfig-1.16.5-10.el7_9.15.noarch.rpmd9917b941c40b174fe3288f491f5a5c27432162520eee3e9802d08c5906bdc22sssd-libwbclient-devel-1.16.5-10.el7_9.15.x86_64.rpmaf6072ecffe9de1b96a4a2d046fde800d16199ed23fa9a5562fafd798ba0d812python-libsss_nss_idmap-1.16.5-10.el7_9.15.x86_64.rpma39774f4d0d89e596fa26fdd71180c15fc10f775827c9111f0ef263bfbda2393python-sss-murmur-1.16.5-10.el7_9.15.x86_64.rpm938cc193a64aae61f740e346a6cc07d91159b2bd59beb7e708126467fa3f9ae0libsss_sudo-1.16.5-10.el7_9.15.x86_64.rpmdd638f04c9746d12804f8f6832b0d7ba71bbbf274bea2c9e47208bba79340e8dlibsss_idmap-1.16.5-10.el7_9.15.x86_64.rpm67a758c68ca0ad65538bedcefb3878c38a204eec2805bcd3766399204f22f60dlibsss_simpleifp-1.16.5-10.el7_9.15.x86_64.rpm18c60954981fe89a687102c7ade27f8460765feb6a5dc041b1af83a2b4559bcesssd-common-pac-1.16.5-10.el7_9.15.x86_64.rpme7d7f28cfe133469d32a76816d268647e82f76efcc19bf23c656497e1ca0b219libsss_certmap-devel-1.16.5-10.el7_9.15.i686.rpme13ef52f86fd527281433977507ec7c903aa1509fc320351a8333674b0296ae3libsss_autofs-1.16.5-10.el7_9.15.x86_64.rpmc94c5b0f3138667df29e2276c9953e660d6fae4084fee8c13de93d44c1ce243blibsss_simpleifp-devel-1.16.5-10.el7_9.15.x86_64.rpm5cb5f1d47f0a70fb927abe487e444b4bdc44504b78e7be135573e6800a33c3b6libsss_nss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpm5b0b124649901239d68533cd1160d197a6664fba2b04a6e577b271a1ff520458python-libipa_hbac-1.16.5-10.el7_9.15.x86_64.rpm1268d17249eabc1d72f4f7d4e532006684674dd6e1ddb7fb61f27eb5925e1ceelibsss_idmap-devel-1.16.5-10.el7_9.15.x86_64.rpmd110b98cc9817c35bb3de61a1d32a7d730f929d01030553b2c9cfd185d8882e1sssd-ad-1.16.5-10.el7_9.15.x86_64.rpm917491496fe70b0202e6f01082eadc5e8f1a995664b299843c829cc6dcfd6f77libsss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm388765451b6fe56a237844e7bf42c6b96e04ed258ee5db463defffc2a96fa39bsssd-libwbclient-devel-1.16.5-10.el7_9.15.i686.rpm348326d8bac6c34c68273d1e15767b70bbb787dc04b2928ebfc3e3f00409ef39libsss_certmap-1.16.5-10.el7_9.15.i686.rpmb69296ad05824787abe7334c0802db70c802318dbc071fed8e0e1f2103c17738sssd-libwbclient-1.16.5-10.el7_9.15.x86_64.rpm91f4a3ad5d10e03c211e30e14045c82c014392c9e3a4e8340a736662f4955792python-sss-1.16.5-10.el7_9.15.x86_64.rpm20e31c810deb0e0829a6b056f2952375a95bbd973af4acba096a481902c2a263sssd-dbus-1.16.5-10.el7_9.15.x86_64.rpmb76094d7cc0b6c9d867a24911850af375df7342d2d5027fa01aad2a1831e8932libsss_idmap-1.16.5-10.el7_9.15.i686.rpmfc62a7d175109d6eac959a24e9c66eac882b75e167c102b169f0167c5053e1bfsssd-krb5-1.16.5-10.el7_9.15.x86_64.rpmfad79434fd51546a0fbee2de76ce712bfa0688711c140b1dc07c9a8c0b64c782libsss_simpleifp-1.16.5-10.el7_9.15.i686.rpmf9c666658668dd42ba5dc5d4a6d5cd92c1fd810366eebfaa8d213fc523e85374sssd-client-1.16.5-10.el7_9.15.i686.rpm19a7dc1be7ab7889c11f1bb537e695576a8ddaad71b6a98494dff5b95320734bsssd-winbind-idmap-1.16.5-10.el7_9.15.x86_64.rpm3f7f3f823469bc5e778a4a7d7c8f78fe28de7ab4f08ef9e4e18e0d2c3a4d3671sssd-common-1.16.5-10.el7_9.15.x86_64.rpmfba7a3b126e91c9453e4dab4e6d664e867f750f02852cc9ea52727d81a0d47b5libsss_simpleifp-devel-1.16.5-10.el7_9.15.i686.rpm39e740f102af4b6235a1428d0985cf18cbc14301443b4efdcbc587d897d3ee97libsss_certmap-devel-1.16.5-10.el7_9.15.x86_64.rpmd4967b404147f7103003cd1d643edeea8b827e201cae7e5df4e7320e25f6c381sssd-polkit-rules-1.16.5-10.el7_9.15.x86_64.rpm612d622be4d58ea8063b0f9fae21db3e244b111bb3b1cebc3d6b0de80893c6belibsss_nss_idmap-devel-1.16.5-10.el7_9.15.i686.rpm36c1eaaa24852833dc15e6e2d9001115d52559f8216da22719195690cbb84937sssd-kcm-1.16.5-10.el7_9.15.x86_64.rpmc1ba20a5876ef78cd463c30044c1f803c7c4a6522934f7593eb61e0d60f8dbfdsssd-proxy-1.16.5-10.el7_9.15.x86_64.rpm3e0a62b4beb3d82c57a1b105f5e3a2b331cb6e33d45e87beaf7c2c6da1e7c078sssd-1.16.5-10.el7_9.15.x86_64.rpmb7915ce2844a91d5c646615b010658b2441d16532459bea87c6c18669f83ee9fSLSA-2023:0456-1This update upgrades Thunderbird to version 102.7.1. Security Fix(es): * Mozilla: libusrsctp library out of date (CVE-2022-46871) * Mozilla: Arbitrary file read from GTK drag and drop on Linux (CVE-2023-23598) * Mozilla: Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 (CVE-2023-23605) * Mozilla: Malicious command could be hidden in devtools output (CVE-2023-23599) * Mozilla: URL being dragged from cross-origin iframe into same tab triggers navigation (CVE-2023-23601) * Mozilla: Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers (CVE-2023-23602) * Mozilla: Fullscreen notification bypass (CVE-2022-46877) * Mozilla: Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive (CVE-2023-23603) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.7.1-1.el7_9.x86_64.rpmf8eb0f48dc455b82381081db3cba0b2c75a0d885b8582ab5b17e418aa4d3ba27SLSA-2023:0530-1Security Fix(es): * libksba: integer overflow to code executiona (CVE-2022-47629) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7libksba-devel-1.3.0-7.el7_9.i686.rpmeb11ecb88f45499e516fc9e39454fc4ba8fae8176cb3dce87bf18faab092f0a0libksba-devel-1.3.0-7.el7_9.x86_64.rpm132171720846a1714489518d30207780d5c838a872d48d262b805519d967b8bdlibksba-1.3.0-7.el7_9.x86_64.rpmf4ed855d1c9f63d62bdc83eb52442a7350bd5202af24fded086e59ebee4b677dlibksba-1.3.0-7.el7_9.i686.rpm7e5903cb864a99118df2cb87a56afcb8a7cb92feb4a5c9480748323a2cb32752SLSA-2023:0600-1This update upgrades Thunderbird to version 102.7.1. Security Fix(es): * Mozilla: Revocation status of S/Mime signature certificates was not checked (CVE-2023-0430) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.7.1-2.el7_9.x86_64.rpma3d1eadfa0d5aa89a22b7885e85c547dd7cf96d832158506919f52bbaa19c73aSLSA-2023:0675-1X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation (CVE-2023-0494) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7tigervnc-server-minimal-1.8.0-24.el7_9.x86_64.rpmec701a0f8060564f5fa9b234242f61975328a64589a23ec4b85ceaa9771a13fftigervnc-server-1.8.0-24.el7_9.x86_64.rpm6aa9ebde340d047d4bb706b83dd28cd6e8e46bf5d0eb54d18709a4ba11d386ccxorg-x11-server-devel-1.20.4-22.el7_9.x86_64.rpmf107aadb4473d707bd74c370f8b2f70af9211609c2f2ca64bd31913946f5bf70xorg-x11-server-common-1.20.4-22.el7_9.x86_64.rpm04dfa49a820630082a4de59f0b63b9ede317888a4a402388cd2011fe72aa1154xorg-x11-server-Xephyr-1.20.4-22.el7_9.x86_64.rpm0e34f2713da8012f8f2843474faeb2c7815a3c3fef7d8af01eeb8c4986f7c6b5xorg-x11-server-Xvfb-1.20.4-22.el7_9.x86_64.rpmb9e16048bd8c405251a93c584bc5c873bb527d29e2543447fab2403870734950xorg-x11-server-Xorg-1.20.4-22.el7_9.x86_64.rpm8694f038496e5948c3a3783ab51176edef29d8d95296ef79e3a5eb686ae2adbexorg-x11-server-Xwayland-1.20.4-22.el7_9.x86_64.rpm40b038aea93bb116a76856958fb9e757a0873c454edce402c48fe248c320fe2axorg-x11-server-source-1.20.4-22.el7_9.noarch.rpmd92e9b25809b714f3f04f31f7eb8b49e26d3002dacd39d7f0e9b337f15b632e3tigervnc-icons-1.8.0-24.el7_9.noarch.rpm9f0328e2dbec5856c753c1d131e04d04d5a54b76d76d0125a89bc8a56747b824xorg-x11-server-Xdmx-1.20.4-22.el7_9.x86_64.rpm2c8c222a89dc9210b033711127ff969b3f2736e74b92bf24bcc4fc37c6d6fe6dtigervnc-1.8.0-24.el7_9.x86_64.rpmc17da119f457426264bb1dab2c7feb6d4f81f6b5dd406f66f3b178fa9cc93ae0tigervnc-server-module-1.8.0-24.el7_9.x86_64.rpmbd0288bb6da3f80c87d9dda13a62173ff0173a96693015cd8f4885bc16c2ac34tigervnc-server-applet-1.8.0-24.el7_9.noarch.rpmb17d08a619cffba382ede4c812adc1d4788651daae8cdb25c2fd90982d8cc2c0xorg-x11-server-Xnest-1.20.4-22.el7_9.x86_64.rpm8a1c4e5f7e823dfd628bcc73ee45c65382b0fc7f92bf0e76c24197ba79348334tigervnc-license-1.8.0-24.el7_9.noarch.rpm6fe8f2e3641dd29b7d3e9d68132f5e885a7801e0ee1d9123718b320655d6ac27xorg-x11-server-devel-1.20.4-22.el7_9.i686.rpma7529527d02d8baa8ebc8f416af1e48201c10b85225714068a80945799233b08SLSA-2023:0812-1This update upgrades Firefox to version 102.8.0 ESR. Security Fix(es): * Mozilla: Arbitrary memory write via PKCS 12 in NSS (CVE-2023-0767) * Mozilla: Content security policy leak in violation reports using iframes (CVE-2023-25728) * Mozilla: Screen hijack via browser fullscreen mode (CVE-2023-25730) * Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-25735) * Mozilla: Invalid downcast in SVGUtils::SetupStrokeGeometry (CVE-2023-25737) * Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext (CVE-2023-25739) * Mozilla: Fullscreen notification not shown in Firefox Focus (CVE-2023-25743) * Mozilla: Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8 (CVE-2023-25744) * Mozilla: Memory safety bugs fixed in Firefox ESR 102.8 (CVE-2023-25746) * Mozilla: Extensions could have opened external schemes without user knowledge (CVE-2023-25729) * Mozilla: Out of bounds memory write from EncodeInputStream (CVE-2023-25732) * Mozilla: Web Crypto ImportKey crashes tab (CVE-2023-25742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.8.0-2.el7_9.x86_64.rpma3877ec0d3d9b26a2d922f57130ad636c80eaad56ac034af6a842d93be7f7fbffirefox-102.8.0-2.el7_9.i686.rpm6758c75f205d4e4c74069d30d41135040e340c0941cd2aa36d065b46bb22e491SLSA-2023:0817-1This update upgrades Thunderbird to version 102.8.0. Security Fix(es): * Mozilla: Arbitrary memory write via PKCS 12 in NSS (CVE-2023-0767) * Mozilla: Content security policy leak in violation reports using iframes (CVE-2023-25728) * Mozilla: Screen hijack via browser fullscreen mode (CVE-2023-25730) * Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-25735) * Mozilla: Invalid downcast in SVGUtils::SetupStrokeGeometry (CVE-2023-25737) * Mozilla: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext (CVE-2023-25739) * Mozilla: Fullscreen notification not shown in Firefox Focus (CVE-2023-25743) * Mozilla: Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8 (CVE-2023-25744) * Mozilla: Memory safety bugs fixed in Firefox ESR 102.8 (CVE-2023-25746) * Mozilla: Extensions could have opened external schemes without user knowledge (CVE-2023-25729) * Mozilla: Out of bounds memory write from EncodeInputStream (CVE-2023-25732) * Mozilla: User Interface lockup with messages combining S/MIME and OpenPGP (CVE-2023-0616) * Mozilla: Web Crypto ImportKey crashes tab (CVE-2023-25742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.8.0-2.el7_9.x86_64.rpm84f11997de0cca1fbbb42d12ae5ab748e6a2b12da62075e83ff0313820b63696SLSA-2023:0978-1Security Fix(es): * git: gitattributes parsing integer overflow (CVE-2022-23521) * git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7git-1.8.3.1-24.el7_9.x86_64.rpmb26c2f0f9afecaae81c7a39acc8f66dfaa9b6d2e49f58370d1fa43425ab328bdgit-instaweb-1.8.3.1-24.el7_9.noarch.rpm5cbf8d6cd4c5f1ca050dcd4c99fbd2d7a90861ed38de876cc168ff0019cb08b8git-daemon-1.8.3.1-24.el7_9.x86_64.rpmedca8227e635ecf93dfeeff500d4314b8271777dbda7a4c5e0df88d87c66b773perl-Git-SVN-1.8.3.1-24.el7_9.noarch.rpm66077fc18291ae304da279d1f97ed77a1306bcc07629cbf9bfe5fa8f24525a46emacs-git-1.8.3.1-24.el7_9.noarch.rpmc9a516c4f2cc89e203a84a70ce903cdb388014a187d43a178bd163f78e454942git-cvs-1.8.3.1-24.el7_9.noarch.rpmfa461440d71427a33bed73c62219fc4d2c1e37b73a3141e82a773c037d20dae5git-gui-1.8.3.1-24.el7_9.noarch.rpm5d2c34d5b8486e3b27d65917b33fe782b5a858375fc1b0cb093ee114cbd04214git-gnome-keyring-1.8.3.1-24.el7_9.x86_64.rpm33829bca4c6cf3140c450f2ec4a8bfa8d6a9b7fc0d7ecbaa68ad73be9fc9d37fgit-p4-1.8.3.1-24.el7_9.noarch.rpm30fc2f9f292da5a4e7ee3ce8ca7baef2911973d72c856e81763596d3758208e8git-svn-1.8.3.1-24.el7_9.x86_64.rpm2cb056134b6bf424851bf959c25e17968f87dac0995c4faf5d09c4389f971a97git-hg-1.8.3.1-24.el7_9.noarch.rpmffd7e91f163eaedf85059bf5ac67d4ffae3414f915f891a4b1ab0fdf18c655e8git-email-1.8.3.1-24.el7_9.noarch.rpm67ef252f653719b74cb97466d1aab0f27249c1748ef5ced8337696376b5b39fdperl-Git-1.8.3.1-24.el7_9.noarch.rpm17f47c2a2714359e706cabb37c903cf05449cc6538a9698bd63635f09889d4c9emacs-git-el-1.8.3.1-24.el7_9.noarch.rpm99de28fe34035a00e4e9f90dc525e53058ea287ce4d1bbae965f044f73cd33bcgit-bzr-1.8.3.1-24.el7_9.noarch.rpmb58ab51d4051ea420f870ecb5fb3f399a77cdccbd2066e06cdf87136255e5d9bgit-all-1.8.3.1-24.el7_9.noarch.rpmbd063bcbd94dcfaaf21fa3fce44019ecb9e49baefbad3f82846c5b018678159egitk-1.8.3.1-24.el7_9.noarch.rpm512cf3658af83e990041688730807c342d960053723e696fdceee8c635b0d509gitweb-1.8.3.1-24.el7_9.noarch.rpme0e2d826925d442e35ea871ca3bc35a2e82aa2df5f09c48a80b18e9b86badf81SLSA-2023:1090Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided (CVE-2022-38023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7ctdb-4.10.16-24.el7_9.x86_64.rpmfddfbde281170a2350208c846e02cb2f735ee2da692388dfe592d3b6f2221315ctdb-tests-4.10.16-24.el7_9.x86_64.rpm0586c7e2c9783848bfc7fd8d069049645fcb9addf7f29a3405028b6f8fa6f8ceSLSA-2023:1090-1Security Fix(es): * samba: RC4/HMAC-MD5 NetLogon Secure Channel is weak and should be avoided (CVE-2022-38023) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7samba-devel-4.10.16-24.el7_9.i686.rpm500ff04ad16fa32c36af15b5e3c1b80492ddb2605c8831333fe699144e1b5585samba-common-libs-4.10.16-24.el7_9.i686.rpm3a506031708a60521c1ce26d7b25b7d33f871448efee490754aaa11f238bf6c5samba-test-libs-4.10.16-24.el7_9.i686.rpmaa14ab7a6819597c7179bf43a2612e93e65cdf60b588a47c90c5f69fc3a0a01esamba-libs-4.10.16-24.el7_9.x86_64.rpmfb4328a23ff9c6f3f1338e8ab0b640f49b135346019b3bf09ce2b9c125282814samba-client-4.10.16-24.el7_9.x86_64.rpm9817baee22eb3d09944be83b09843d8c5c0002914ba9dde8184f3ceedecfd53esamba-winbind-modules-4.10.16-24.el7_9.i686.rpmfd638a33e01ee122966a262131400c851d4b2cb82898af5ed06cbae1e88de1aasamba-winbind-4.10.16-24.el7_9.x86_64.rpmeb8c266f6f5019fc5b2c600965b45d57087e8d635aa5952361e28edb3ebaccdcsamba-dc-4.10.16-24.el7_9.x86_64.rpm2c381f7d0617036e73e5636546c62c420822537f69456921c6adab74ad4cb3f0libwbclient-4.10.16-24.el7_9.x86_64.rpm645fc6268dcb2bed6534f8e588b76b142e19a03a8e99db58fab3962305542881samba-dc-libs-4.10.16-24.el7_9.x86_64.rpm162e40109413dc22aa30db63c52aca3cd022e563f8813efe5afbb1ec654c1bbesamba-winbind-krb5-locator-4.10.16-24.el7_9.x86_64.rpm3ccc9f9326d8b4602a3ef3e389f23d593140ad6dda7893ead58d258aa2ed35absamba-client-libs-4.10.16-24.el7_9.x86_64.rpm7570e96a1288f733237327dc3da948701b33ec973a909820d25f28864a63127elibwbclient-devel-4.10.16-24.el7_9.i686.rpm4006301818a57799b4760db07835dfa52580c8ed26037adff4a8f7fa12750105samba-4.10.16-24.el7_9.x86_64.rpm2259a55556e9766fcc56db5372bf17847a469ee86031509c485a20e6926d9c78samba-python-4.10.16-24.el7_9.x86_64.rpm70674e86b6f31bad41417cefb7aaa003a98dfc3700094b1767d5c6336c80c664samba-common-4.10.16-24.el7_9.noarch.rpm599601a6ec8dbd3ea3f75be569b375fb9854c9c06123c08d9e4f36869e83f17asamba-common-libs-4.10.16-24.el7_9.x86_64.rpm7da197a0d57e411be6d6b01650265d280532834d8a384a544f3c5660b7bbe626samba-test-libs-4.10.16-24.el7_9.x86_64.rpmfad10520ae3cc31e6aa868f6385b027985464857673faaf5490291b40bde0843samba-python-4.10.16-24.el7_9.i686.rpmfc81d3283b08cf0a13ee1a3dc32c648956df0d797e19dc438229706f80874e9dsamba-libs-4.10.16-24.el7_9.i686.rpmece27d16977a89a859fb38d509053ef6487ccd79f432777da058a9ed83f2115csamba-client-libs-4.10.16-24.el7_9.i686.rpme284f006353619c61dc1b3995028031745e0c51ab673aac7df9d47af3ffeab58libsmbclient-4.10.16-24.el7_9.i686.rpm36482c21714fff9ecea78bfd9b60f4818a077034f7ae65d7975a0d1305988565libsmbclient-devel-4.10.16-24.el7_9.i686.rpm0ed2103a8eb2ee8ae24bc01c4a16685ac33614bb0ae0db7f22e6ed515fd6d335samba-krb5-printing-4.10.16-24.el7_9.x86_64.rpm4597f10df0c826ef51647d1bc615be93c0616512ecaf577ecc51aa7c4cd4b7a8samba-vfs-glusterfs-4.10.16-24.el7_9.x86_64.rpm2fbe9e1eeab8b46c0a07951c9de7af55591df294d580fbc4f35b622750ab5c54samba-pidl-4.10.16-24.el7_9.noarch.rpm60e72d724b225ce033d0c9ab75ece967b47edceb53f35338a94d8e5bf3dd44e2samba-devel-4.10.16-24.el7_9.x86_64.rpm481f7fdb19fa20bbbdaace15be52182a64ea6017bad6c8a3e7073c0477d659bbsamba-python-test-4.10.16-24.el7_9.x86_64.rpmee6083c33c8dea339c7dfdbcea143aa161f3efbab2c5b7605a4be8ec853f2667samba-winbind-modules-4.10.16-24.el7_9.x86_64.rpm794419b4cdfaddb314cfe6da06baa77bf8b2de66a2405373276d8b4a9283b1acsamba-test-4.10.16-24.el7_9.x86_64.rpma95cfb5c67cb83fa714c978bc63bb89c4558c29c5d33ab551e8a9f447a24516flibwbclient-4.10.16-24.el7_9.i686.rpmb4b4c731d0e5e3c42bb147a1f50523d98b0fba7418f05feeb1e60803e4cbb852samba-winbind-clients-4.10.16-24.el7_9.x86_64.rpm8c48cc5d15e8aa111c148bd4654ee35ef9d477e89b3f8b70659c58500d1a4a89libwbclient-devel-4.10.16-24.el7_9.x86_64.rpmf5cfea82a73d3008884adeeb93d6b6e82a67a0c69f6ccedf3a9d72e2152a2b0elibsmbclient-4.10.16-24.el7_9.x86_64.rpm38054eae1a74d2b95eeb8896b5985b5b6d7a189724c60d2a2d29b5fe2fd4a350libsmbclient-devel-4.10.16-24.el7_9.x86_64.rpm0b6dd455d26f75fe2b0015e954e9a9f7d40adc1511e366d64bd70694d1dc4232samba-common-tools-4.10.16-24.el7_9.x86_64.rpm5e105eee330f72edd154260e9b5abaeaff92e26a8c7bbf599a0d5943ebc1788cSLSA-2023:1091-1Security Fix(es): * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) * kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Regression - SAS3416 card works on SL 7.7 and below, does not work on SL 7.8 or 7.9 * use-after-free in sctp_do_8_2_transport_strike * SL7.9 - [Regression] Kernel test failed during CPU polarization test - lscpu, chcpu - LPAR * SL 7, block: Crash in blk_mq_rq_timed_out() when dereferencing NULL request->q pointer * qla2xxx: Qlogic double completion races during error handling are still not fixed and this will also be a SL8+ exposure * kernel 3.10.0-1160.80.1.el7.x86_64 on Xeon E55xx crashes upon KVM startup * Guest's time jumped forward by 12 minutes _after_ live-migration completes (in 30 seconds) * SL7: target crashes if a malicious initiator sends a logout immediately after a login command * SL7.9 - LTP testcase creat09 fails related to 'CVE-2018-13405' and 'CVE-2021-4037`importantScientific LinuxScientific Linux 7perf-3.10.0-1160.88.1.el7.x86_64.rpm2994a6e723cfacabd813dac1ea31a94b3d7335b015d5d9f5bb91dc450ca04154kernel-headers-3.10.0-1160.88.1.el7.x86_64.rpmf0fabded1573afeafbdea88dabaa33d9a5b25eb6a2e8da0b0741d98b82ee39cdbpftool-3.10.0-1160.88.1.el7.x86_64.rpmbd2b9606716ea103edfeade341a514508e78e2ebb20de46917c58714075b19a8kernel-tools-libs-3.10.0-1160.88.1.el7.x86_64.rpm18196694a675b25665410c3c9d44a2e98d1ca5bd946987e609612e8cfbdaa3e7python-perf-3.10.0-1160.88.1.el7.x86_64.rpmfa3a944b73812f9848fd6a8a3f5db3bad17e75c3964713e8358f699734a3cd58kernel-devel-3.10.0-1160.88.1.el7.x86_64.rpm847e8c99f83ffa5657b05ef11a8200d47838d7625d4daaae8176b24efc86c852kernel-abi-whitelists-3.10.0-1160.88.1.el7.noarch.rpm3e5a1430d717b710a581e948c0be5a661f549ba1dffb627801476755b4df5ca8kernel-3.10.0-1160.88.1.el7.x86_64.rpm5c64944b3c8e0a4b1b489a49fae4eca1e0e11230199314410617969ceea45b7ckernel-debug-3.10.0-1160.88.1.el7.x86_64.rpm23b0e945e1397bfc990f1f366e451335a0934428a9149bc85d47fae479dc9bf5kernel-tools-libs-devel-3.10.0-1160.88.1.el7.x86_64.rpm7675927d96955b743696d9e8314b6f78d61132e2e7b916df89a67d4f497f88dfkernel-debug-devel-3.10.0-1160.88.1.el7.x86_64.rpm32cd28ab0db8bea7fab5947760340fce5ac55dcf5ed47134de5501479e5e82adkernel-tools-3.10.0-1160.88.1.el7.x86_64.rpm86e80c491ce804d47f821e7ea6aa2ebc03421f81a13821e0fd94708e34a345b3kernel-doc-3.10.0-1160.88.1.el7.noarch.rpmba8643984b51511422db80b0ce8a7c820c0d691c260480f7e6e245f4de156a53SLSA-2023:1093-1Security Fix(es): * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7pesign-0.109-11.el7_9.x86_64.rpm818e3c6565f79af164f8deb035916daf2318eda8901ce99140df3d0f6cbc9fd3SLSA-2023:1095-1Security Fix(es): * zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field (CVE-2022-37434) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7zlib-1.2.7-21.el7_9.x86_64.rpmb906a4671893fe9fcf39156ba4033ba9bcd43627435e8b82217568f5d3b997d5minizip-devel-1.2.7-21.el7_9.i686.rpm28334f56db86508ed18a210c742977186328cae7b5472f6f12d4808b65b8192cminizip-devel-1.2.7-21.el7_9.x86_64.rpm6ab923ac4a54450364d194e1cedac2302f3c78a3f7d7c7560eb26a03b2565c59zlib-devel-1.2.7-21.el7_9.x86_64.rpmbc81ee36a9b0f222e5fca10b578453b8e6981ed0868012df60ab15105629244dzlib-static-1.2.7-21.el7_9.i686.rpm520f6ed819c571b365246297f7f7beef2d9d9db1f424556aad8844cefc98eb8ezlib-static-1.2.7-21.el7_9.x86_64.rpm328f1fe6e08399d03326a68f542ad89ddcb416dfabf1757c67ee372a4c6a8d71minizip-1.2.7-21.el7_9.i686.rpm7620d3f8bd2161803e83754acde308b4b76f47fd13b7a35f4d14973e89b363c1zlib-1.2.7-21.el7_9.i686.rpm4ebd12869bda437316581c42b39b035604ff470992e069d213283e17b7f3acffzlib-devel-1.2.7-21.el7_9.i686.rpm949c7905f39fc96d1c159336a55f1c0e9e22efe2ed5584cb759e7206750f80b3minizip-1.2.7-21.el7_9.x86_64.rpmafc722f2c605a07221685863675ef9f6607275561c1a95ecd42aeea6d157c357SLSA-2023:1332-1Security Fix(es): * nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7nss-devel-3.79.0-5.el7_9.x86_64.rpm34ce3134bee9eb51fe1920ee90371c3f8580d7acd476b5fdea6cf12bd7600ec0nss-tools-3.79.0-5.el7_9.x86_64.rpm0d669b9c5f62827ce1be6a066d8f5ab4881ecb66c4e37940865e839b6f386029nss-devel-3.79.0-5.el7_9.i686.rpma19367f29460d9ca333423ed010bc7bd5cc91c05ce4ffaa8affc9e190e2a9b86nss-3.79.0-5.el7_9.i686.rpmee56b00c8b952b66513a703df2001a2cb80a22f8a70b9e09b7005c756220d4c2nss-3.79.0-5.el7_9.x86_64.rpmf2520c6f279918a8a25d0af46886654a0fee295452dc01d2b314e0fd78b6fb4fnss-sysinit-3.79.0-5.el7_9.x86_64.rpmd15a95b44c4bf2c0539039b14df3f1144bb6b0ed81735081b3ee6e623d4322eanss-pkcs11-devel-3.79.0-5.el7_9.i686.rpm1c017b19a750ad2def22e07bd3316737c87d2e82808a8b929203e91ed8583767nss-pkcs11-devel-3.79.0-5.el7_9.x86_64.rpmddfe69109a54ff7b19f4751269ccaeb77bd7defa8b4aa0f975056110c82dbafeSLSA-2023:1333-1This update upgrades Firefox to version 102.9.0 ESR. Security Fix(es): * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751) * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176) * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752) * Mozilla: Invalid downcast in Worklets (CVE-2023-28162) * Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.9.0-3.el7_9.x86_64.rpma427a7a88bbd42133b1aaaf4008c3fcc07dbad9616aed631c0f49726b156fce8firefox-102.9.0-3.el7_9.i686.rpm59d53797253f44aaf180d6cbb4edbcc6eaa79d72c43b37363ecdce3cbdfe6829SLSA-2023:1335-1Security Fix(es): * openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7openssl-1.0.2k-26.el7_9.x86_64.rpm2e31d503681d6e51ffe1b515f01f0dc727f815ff16c44c30e151d1369dea38dfopenssl-static-1.0.2k-26.el7_9.x86_64.rpmc77c9e6ac83fe42c8effcc805dec484f68e057d40e2dc5357da3239d6c87596fopenssl-devel-1.0.2k-26.el7_9.i686.rpm29934cbf30d318a3c22bf8df0ee8321131d2dafaf96e68ffce5981c2b7a00ddeopenssl-perl-1.0.2k-26.el7_9.x86_64.rpm5fc16fc71da41b06defadfb576ac263d32ec4d632810feaec2c8797ad169d9baopenssl-devel-1.0.2k-26.el7_9.x86_64.rpm496511b8e774088eb9316cf3f6844619ba665ec80b90e46bd86cf08d75182828openssl-static-1.0.2k-26.el7_9.i686.rpm79b9820ed1c1acdf7cb580cffbfc22a4da3a575ac4a63a00341a0013206b86e7openssl-libs-1.0.2k-26.el7_9.x86_64.rpm2bd1f18958c502d555455c93beae0ecbfb201ca20e3a33f94fddf624f95efbc8openssl-libs-1.0.2k-26.el7_9.i686.rpm05c3ac671b481f99d8127e80e8ef27d40f3d417f7116726e6ad2bf036cd51ee3SLSA-2023:1401-1This update upgrades Thunderbird to version 102.9.0. Security Fix(es): * Mozilla: Incorrect code generation during JIT compilation (CVE-2023-25751) * Mozilla: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 (CVE-2023-28176) * Mozilla: Potential out-of-bounds when accessing throttled streams (CVE-2023-25752) * Mozilla: Invalid downcast in Worklets (CVE-2023-28162) * Mozilla: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (CVE-2023-28164) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.9.0-1.el7_9.x86_64.rpmaaef7ae5f3ff0fe550f70ff6757c567713337f61bb126f5909ff9ad5de04e06eSLSA-2023:1593The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7httpd-manual-2.4.6-98.sl7_9.7.noarch.rpm10e663ffe1d3b93bec8607a8ed2cef51586ae7574113e23ea5b168df1ba5fb7fSLSA-2023:1593-1Security Fix(es): * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7httpd-tools-2.4.6-98.sl7_9.7.x86_64.rpmb6cf4199858267e8f9762451385d46f87e8ceb75bac0b2de7fe032732fb06203httpd-2.4.6-98.sl7_9.7.x86_64.rpm3d4bc97a92e7c0bb5425a938a84c21101f25b7b53e825193af04e1fd8892d0dfmod_session-2.4.6-98.sl7_9.7.x86_64.rpm1ce891dabde1836b2b362c14de6e3aafdcd7c8d5f6de73e64e7f878ccd7d96a2mod_ssl-2.4.6-98.sl7_9.7.x86_64.rpm49f6fa7cfc5629f66b01e3a18ec3e558dc6722839a3766fc7d2cbe4fc1195b63mod_ldap-2.4.6-98.sl7_9.7.x86_64.rpm6e05444ce8d8bf1e3a91639b23bf7d128e584646f26949bb215f1446e1837820mod_proxy_html-2.4.6-98.sl7_9.7.x86_64.rpm1a650a8e1ea9a7d69c3d00dbeb59bb17e6a5c94df65dcb21cf3714c2859f781bhttpd-devel-2.4.6-98.sl7_9.7.x86_64.rpmecc06f45c96a7758b84341f2d60318bf7b28ff3b318304a73b4dbeccad3249f2SLSA-2023:1594-1X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability (CVE-2023-1393) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7xorg-x11-server-Xdmx-1.20.4-23.el7_9.x86_64.rpm97bf7b3f2bb37ae6d3e7a4efa36851013f8dc9b4cec489c2764768a14f8a0790xorg-x11-server-devel-1.20.4-23.el7_9.x86_64.rpm5c4766340029b5da5b87e44f14c9ff40b4d7e939beb439ae4fd922ead3a5a401xorg-x11-server-Xorg-1.20.4-23.el7_9.x86_64.rpm834e599ec8cf47884775633fa718683d390a944447405f8ff7b99ea05aec1f12xorg-x11-server-common-1.20.4-23.el7_9.x86_64.rpm62f517a3a48adb938f85b62f362149acdd6be710767e7770a46c37215f66a172tigervnc-1.8.0-25.el7_9.x86_64.rpm04671427d8346c9647f78cbdd0268fa1e5f699536f69d5cee4c769baee9b150bxorg-x11-server-Xephyr-1.20.4-23.el7_9.x86_64.rpm3467bf8a152e43b9bef7a27bd16715c5e3fa540e59fb5a33fb4b6aa4bc6e71b7tigervnc-server-1.8.0-25.el7_9.x86_64.rpm9a0971a52bce35c9630a41c85f52bffcf44546cfbd79cacb99b735206b946f5ctigervnc-license-1.8.0-25.el7_9.noarch.rpm983db28d51982dbfde3db1e7b05dc7702c97f51977ec27ec7b9d3b55d7761d5btigervnc-server-applet-1.8.0-25.el7_9.noarch.rpmebd8ed160da00171c32afe1429bd9d8ceaf34a91af5369bad46fc75d121bb3b2tigervnc-server-minimal-1.8.0-25.el7_9.x86_64.rpm91cf15c11dd54d4faa4450cf63008a4747524ec1cedf6c89ecb9e41b8bcc717fxorg-x11-server-source-1.20.4-23.el7_9.noarch.rpm35176bd63454bd00d5b1f0cf5abca716a2d9027dff58a39a1dab81b73a93b091xorg-x11-server-devel-1.20.4-23.el7_9.i686.rpm14244e03dbef775e3f5c6518c5ed08869205d39aa9411935fc4c007f9fc9120etigervnc-icons-1.8.0-25.el7_9.noarch.rpmf088e39a19cae65c421134424e007808080e02f5479f8c8ab224e3fab6b53aaexorg-x11-server-Xnest-1.20.4-23.el7_9.x86_64.rpm17d6256f633f77185934d41b63fef31042c96aa996dad9c1e0d65fdf2a861969tigervnc-server-module-1.8.0-25.el7_9.x86_64.rpm13a0791a7fe89474cd82503b3d573f393f9440dde33dc3e651684b8b25aab271xorg-x11-server-Xvfb-1.20.4-23.el7_9.x86_64.rpm5a14ef83b13c887c9537e214da940725b07ca8b45a50fd17ff63cf4580b45d00xorg-x11-server-Xwayland-1.20.4-23.el7_9.x86_64.rpme46d1a09f68e8b9c5c3fc265d0444d94ca0247c6f795ade8ffa4e2f3063d3d93SLSA-2023:1791-1This update upgrades Firefox to version 102.10.0 ESR. Security Fix(es): * MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp * Mozilla: Fullscreen notification obscured (CVE-2023-29533) * Mozilla: Potential Memory Corruption following Garbage Collector compaction (CVE-2023-29535) * Mozilla: Invalid free from JavaScript code (CVE-2023-29536) * Mozilla: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10 (CVE-2023-29550) * Mozilla: Memory Corruption in Safe Browsing Code (CVE-2023-1945) * Mozilla: Content-Disposition filename truncation leads to Reflected File Download (CVE-2023-29539) * Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux (CVE-2023-29541) * Mozilla: Incorrect optimization result on ARM64 (CVE-2023-29548) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.10.0-1.el7_9.i686.rpm4b88e59f89bd15b2d7dffa6ae1fd994a9adc1906332c85530f2d93a4739498d6firefox-102.10.0-1.el7_9.x86_64.rpm1971c8dd433daf282cc606e06d8148c6771731090d0fd0c3345fcae01055ac8bSLSA-2023:1806-1This update upgrades Thunderbird to version 102.10.0. Security Fix(es): * Thunderbird: Revocation status of S/Mime recipient certificates was not checked (CVE-2023-0547) * Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of- service attack (CVE-2023-28427) * Mozilla: Fullscreen notification obscured (CVE-2023-29533) * Mozilla: Potential Memory Corruption following Garbage Collector compaction (CVE-2023-29535) * Mozilla: Invalid free from JavaScript code (CVE-2023-29536) * Mozilla: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10 (CVE-2023-29550) * Mozilla: Memory Corruption in Safe Browsing Code (CVE-2023-1945) * Thunderbird: Hang when processing certain OpenPGP messages (CVE-2023-29479) * Mozilla: Content-Disposition filename truncation leads to Reflected File Download (CVE-2023-29539) * Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux (CVE-2023-29541) * Mozilla: Incorrect optimization result on ARM64 (CVE-2023-29548) * MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.10.0-2.el7_9.x86_64.rpm1c30a55a7773ed392b56df4f614bf0542653fd91f7a7b5b2a648d2912dd559a9SLSA-2023:1875The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7java-11-openjdk-demo-11.0.19.0.7-1.el7_9.x86_64.rpmca044ee07327b954b4aff68d9abf78d153a77c58f605be2b722e8cabb54ebee0java-11-openjdk-jmods-debug-11.0.19.0.7-1.el7_9.i686.rpmdf4208141f7ba687db292f880890b548ad5137f1723d26c58d134421dfd3f484java-11-openjdk-src-debug-11.0.19.0.7-1.el7_9.i686.rpm893b77a830554f328e04b4b4175516ae2cecfed146daac80e6d21c01f28fc631java-11-openjdk-demo-11.0.19.0.7-1.el7_9.i686.rpm5ce3e0b5c15c5a458d1ab4b0aed61ebe2ca8f6f5d90183675c3534d3acd7c0a4java-11-openjdk-javadoc-11.0.19.0.7-1.el7_9.i686.rpm8d3f8771540dc157c943f36685da8ee39f5f8a4fbfb6b9544164a255feab788djava-11-openjdk-headless-11.0.19.0.7-1.el7_9.i686.rpm1bcd0ac8c3c793004a05e1a20a23b19127a964e7ee34ec57570abb2cfd25897ajava-11-openjdk-javadoc-zip-11.0.19.0.7-1.el7_9.i686.rpm3eff7cecbe2e857bec3fdaf3911f021eb8731c6023da45671d315bad6510b25bjava-11-openjdk-jmods-11.0.19.0.7-1.el7_9.i686.rpm14339f857ef1c2eeb77945e298c3fa4762a10fb16fef2bbe9d8c39ee6304e2e9java-11-openjdk-src-11.0.19.0.7-1.el7_9.i686.rpm0521427a43634e0bcb5235a172a09ce2938c3ff33f4d03fe660e33078b9249a2java-11-openjdk-devel-debug-11.0.19.0.7-1.el7_9.i686.rpm368f46f7268fafdb3c579111305d4f7ec7ec3c1ce938aa01312c9ffa2b8ea772java-11-openjdk-demo-debug-11.0.19.0.7-1.el7_9.i686.rpm966c80b7f3c3e97c3be19ab2e037202e5a530518918897217e55a0d2eda58b5bjava-11-openjdk-debug-11.0.19.0.7-1.el7_9.i686.rpm5d3ad55933a600443139b9639e74211c56e605e5dc5ddcd3f34a992c254f57fejava-11-openjdk-devel-11.0.19.0.7-1.el7_9.i686.rpmc945c271b8a7fa135263b37a727bcb633fbad9901a9b253d7feb2a380c0b8bb0java-11-openjdk-11.0.19.0.7-1.el7_9.i686.rpmce9ed1c9d3076c33543fda913bdea950b7892a007bca45953cc54b34dbd4d7c7java-11-openjdk-headless-debug-11.0.19.0.7-1.el7_9.i686.rpmce7b0839a2ee5e74efd3b5ec54c0456afdd51a5cc82947087b4c4c7b735443b7java-11-openjdk-javadoc-zip-debug-11.0.19.0.7-1.el7_9.i686.rpm697d64355c9693a6bb54d851d774c842bf46b5da410b241aa89fab6e9b27d86ejava-11-openjdk-javadoc-debug-11.0.19.0.7-1.el7_9.i686.rpme27543f31898a2b72dc1687122ea3677eceabe93f618d77567dbec358d34cef5SLSA-2023:1899-1Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7java-11-openjdk-src-debug-11.0.19.0.7-1.el7_9.x86_64.rpm2c449d2a8bc39812577a9fd2179d4d190a242b7544548665792ab1957319326cjava-11-openjdk-static-libs-11.0.19.0.7-1.el7_9.x86_64.rpm3da89a9ffafce0f76610f0d5ff3b3ddaaaa7b0602106f6be67a1957f829bd8c6java-11-openjdk-src-11.0.19.0.7-1.el7_9.x86_64.rpm783b5a5ace4eabbc26c765569f31ff4863e83c81b48696a728bf9e4ee4534556java-11-openjdk-11.0.19.0.7-1.el7_9.x86_64.rpmd13185ac7d38f202463ddf655a25d02cef85b71d59acbe56ed0f7d40dc70d2c7java-11-openjdk-jmods-debug-11.0.19.0.7-1.el7_9.x86_64.rpm60ffc85fbd4b6440b246fa7f6c7ca08db70bc89dd26c97ce6f2a238b2304944djava-11-openjdk-javadoc-zip-debug-11.0.19.0.7-1.el7_9.x86_64.rpm79d88f962c73afceafa92655367a00510eb84da07b69f2e773d60208e62034d5java-11-openjdk-static-libs-debug-11.0.19.0.7-1.el7_9.x86_64.rpmddeb619b8bb2023b0ebe9bcf192a72ac70be99ce02964f925d14aae0adeda89djava-11-openjdk-devel-11.0.19.0.7-1.el7_9.x86_64.rpmb200923f06dfd3a841c63f1be22c6ee30274787ab0b6ef93865a0531a2796d47java-11-openjdk-javadoc-11.0.19.0.7-1.el7_9.x86_64.rpm1460d071feb21ff6bc669df2c59314a558d6ae377a0129be52b7f722aa21b591java-11-openjdk-debug-11.0.19.0.7-1.el7_9.x86_64.rpmf4db844a3283adb1a688769e5489614dcf2a25663a77f0943dadc08676d2a5dcjava-11-openjdk-headless-debug-11.0.19.0.7-1.el7_9.x86_64.rpm2f9282054eaaf1e0966ca3c79fb01604b52b6a736cc18100b48f4f207ac026a1java-11-openjdk-javadoc-debug-11.0.19.0.7-1.el7_9.x86_64.rpme7d7dcca1e81bf498dd349ae60f174446b068ce267e7ad6f503ef9b4954c2fa3java-11-openjdk-javadoc-zip-11.0.19.0.7-1.el7_9.x86_64.rpmff4bac6396cc6032ef5235e742d2901140529240aaca67794b38f123b3e55584java-11-openjdk-demo-debug-11.0.19.0.7-1.el7_9.x86_64.rpm42589b275de9ea6b01352701fa670321f4ff8ab8097a0cf0c939309ef833d45bjava-11-openjdk-headless-11.0.19.0.7-1.el7_9.x86_64.rpmb98fefbf36becafb610464da95ed028209814f32571e7edbe9747f7538bd2e91java-11-openjdk-devel-debug-11.0.19.0.7-1.el7_9.x86_64.rpm47443f3d369fa4eb622bf76975a3c62ad614321efbabaf6319bebf02386aa668java-11-openjdk-jmods-11.0.19.0.7-1.el7_9.x86_64.rpm285b1cd3daa192966c20725f318f343e0e93f85e370570a5be2f553ac021b397SLSA-2023:1904The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Native code within the OpenJDK code base attempted to call close() on a file descriptor repeatedly if it returned the error code, EINTR. However, the close() native call is not restartable and this caused the virtual machine to crash. The close() call is now only made once. (RHBZ#2159458) importantScientific Linux 7java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.372.b07-1.el7_9.noarch.rpm646768d83d6251c8eedf888f3915c573c053176902179b5f5a69cc8d37b1ebfajava-1.8.0-openjdk-accessibility-debug-1.8.0.372.b07-1.el7_9.i686.rpm806a3a0b17335ea6d9d1b8c53042e8bae1916f06e1ef5400e97827ef34bfb15fjava-1.8.0-openjdk-devel-debug-1.8.0.372.b07-1.el7_9.i686.rpm1bd2264d72db55590781bac0667f09114c7868d31a9353148fb4740b21934245java-1.8.0-openjdk-src-debug-1.8.0.372.b07-1.el7_9.i686.rpmd3cf33cd94a93d63544a4fbf673759b44f22933337b3f3b18ee5b8b81aa33606java-1.8.0-openjdk-debug-1.8.0.372.b07-1.el7_9.i686.rpmb1ff189ca269ee49847a9265cf0988dc998b33e92927fcf811f0c61afe6e8ba1java-1.8.0-openjdk-javadoc-debug-1.8.0.372.b07-1.el7_9.noarch.rpmf2aabab9fbc0ef81ca5da7a6ea4e2caa6473df13dd9121e0c021bbfe916fa16bjava-1.8.0-openjdk-demo-debug-1.8.0.372.b07-1.el7_9.i686.rpm4a97194520016f53ff2f66ec138b36bf53ce65cad09bbe01d96bd386e7293861java-1.8.0-openjdk-headless-debug-1.8.0.372.b07-1.el7_9.i686.rpm3ca61ef2ecfbce5403113d58ef935a7c8b9b2b95a247ecda8d58dbcd347397e3SLSA-2023:1904-1Security Fix(es): * OpenJDK: improper connection handling during TLS handshake (8294474) (CVE-2023-21930) * OpenJDK: Swing HTML parsing issue (8296832) (CVE-2023-21939) * OpenJDK: incorrect enqueue of references in garbage collector (8298191) (CVE-2023-21954) * OpenJDK: certificate validation issue in TLS session negotiation (8298310) (CVE-2023-21967) * OpenJDK: missing string checks for NULL characters (8296622) (CVE-2023-21937) * OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304) (CVE-2023-21938) * OpenJDK: missing check for slash characters in URI-to-path conversion (8298667) (CVE-2023-21968) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Native code within the OpenJDK code base attempted to call close() on a file descriptor repeatedly if it returned the error code, EINTR. However, the close() native call is not restartable and this caused the virtual machine to crash. The close() call is now only made once. (RHBZ#2159458)importantScientific LinuxScientific Linux 7java-1.8.0-openjdk-debug-1.8.0.372.b07-1.el7_9.x86_64.rpm2805bc614336ff529007801b092c3b638899290d57d3ede83686b5af7ecc797djava-1.8.0-openjdk-1.8.0.372.b07-1.el7_9.x86_64.rpm3970da71dbb7d4387ffda5541026805c6155773aa068f9aa2c50f7c1635f40efjava-1.8.0-openjdk-demo-debug-1.8.0.372.b07-1.el7_9.x86_64.rpm1b9c9d2c00fa1860c1a335735c066903dbb2fcb5d535fc757759f4abb3128b24java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el7_9.x86_64.rpm3b0f1a5bb573bbb35d00485b3fd963351cf346d7c39fe4817a8d63c9492fe91cjava-1.8.0-openjdk-devel-debug-1.8.0.372.b07-1.el7_9.x86_64.rpm21617911170f00001069a2338b7c3b9a5b6dd725074040579da1eb78a80e96a6java-1.8.0-openjdk-1.8.0.372.b07-1.el7_9.i686.rpmdf2eec75f6a7373e61d2a3b5a1f2b39ce61d77160466ad77bd1e1fcfc27888aejava-1.8.0-openjdk-devel-1.8.0.372.b07-1.el7_9.i686.rpm7c1d3c628dc2aa8ba5868c8503584323e6a85cb243ceab78b237eb8a55110a6ejava-1.8.0-openjdk-devel-1.8.0.372.b07-1.el7_9.x86_64.rpm44c0732528921c3523825792eb390055db12f5f0dfcfc951e29200853e8a2888java-1.8.0-openjdk-headless-debug-1.8.0.372.b07-1.el7_9.x86_64.rpm9fbac8c8d22e94f89554d198252d5e8603d7627e7ef794466d86b2569cd03e5fjava-1.8.0-openjdk-src-debug-1.8.0.372.b07-1.el7_9.x86_64.rpmc3ab8dfc60523f0a92429fd8d33a70da029b9de871be58b8a819a10facad0c2ejava-1.8.0-openjdk-headless-1.8.0.372.b07-1.el7_9.i686.rpm4cff91774c6f91e91384e2faf2141154e8f52123e68c7cc5bcd5d996df383a6djava-1.8.0-openjdk-javadoc-zip-1.8.0.372.b07-1.el7_9.noarch.rpm5c509a7695f34dc1ca8aa721bd41db8f1768b9cbb5639571b0554c15244c6361java-1.8.0-openjdk-headless-1.8.0.372.b07-1.el7_9.x86_64.rpm0e7b61f122111dd61463033d0391ff4ba07ca13ba4517ceffec740aca8f79454java-1.8.0-openjdk-accessibility-1.8.0.372.b07-1.el7_9.i686.rpmb81940212cfd79f445033cabe563daeb3596757fd22446f6e61df8541562a0cdjava-1.8.0-openjdk-demo-1.8.0.372.b07-1.el7_9.x86_64.rpm74da510bb8b01ead3f0dd393642a3632d4de354042276f8759912951838b5540java-1.8.0-openjdk-demo-1.8.0.372.b07-1.el7_9.i686.rpmb8f5a08a2517c86193fdff4312d88df661c2d1366d5694d5e8d8dd1f4908cfb4java-1.8.0-openjdk-accessibility-debug-1.8.0.372.b07-1.el7_9.x86_64.rpmd5bfcfe020159faf6beb324035ef036ea4871292bd296df6e5472bb392d31528java-1.8.0-openjdk-javadoc-1.8.0.372.b07-1.el7_9.noarch.rpma2facdb5600ce337d1ade1b1f902d8dd669cdff38f4cfda163c61239ec6b905bjava-1.8.0-openjdk-src-1.8.0.372.b07-1.el7_9.x86_64.rpm157a01cf2f7272493df845a357a7c4c1386b1656203880886448576c23ef6775java-1.8.0-openjdk-src-1.8.0.372.b07-1.el7_9.i686.rpmbc2adc4d0f284b275ed81058992d4c4355c126850d61a8ab0a9a66ac4ce08949SLSA-2023:1987-1Security Fix(es): * kernel: memory corruption in usbmon driver (CVE-2022-43750) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * NFSv4.1 : state manager loop TEST_STATEID/OPENmoderateScientific LinuxScientific Linux 7kernel-debug-devel-3.10.0-1160.90.1.el7.x86_64.rpmde36d46b2412c28856e2a4670ceab1138e88f088b02f688b09d6a4f47dcd1f2ckernel-3.10.0-1160.90.1.el7.x86_64.rpm23abdf98822a301faf51002e5cd3df3b237663599b54512bf5b3a704d2133f7ekernel-tools-libs-devel-3.10.0-1160.90.1.el7.x86_64.rpm5209696d1b9d02fda70665d0c33b8f42a0c2867c8c091ca0fa7ac187092dc610kernel-tools-libs-3.10.0-1160.90.1.el7.x86_64.rpmf912c4a8afbb5370c90d0f75f8ec48eadebda3e00a7c8cb3c812a4004121ec00perf-3.10.0-1160.90.1.el7.x86_64.rpm1f03dbba96d8c0aacd2c650617f689be28fc8fb500504203c7a6afc7e72f337dkernel-doc-3.10.0-1160.90.1.el7.noarch.rpm6c4fd3efe53de4ae2e3efc49baecdca84f4f5bccfa0d7cb2c5e05ef082b42e36bpftool-3.10.0-1160.90.1.el7.x86_64.rpmf59bfe8f6576b3594181ee0b78c833cebdb4c7ec6f5ea3950a4d863261708de4kernel-tools-3.10.0-1160.90.1.el7.x86_64.rpm1b51f9afb4bbf819af7e9945ea1bc83859f238da61968c3595e15b9438ef7fd7kernel-devel-3.10.0-1160.90.1.el7.x86_64.rpmdc586da04a325769bd63167a147befbe92ef90bf73a3b6c62483a33f3eabe18bkernel-debug-3.10.0-1160.90.1.el7.x86_64.rpme391d30656de06da5d4f1f021e84b75e97907824f27654997d7e1b6e6d56006dkernel-abi-whitelists-3.10.0-1160.90.1.el7.noarch.rpmc7bf8b4514eb48baae5bf8d71f0f5769459e0e0f2a6ea82b228dbd14afbaae93kernel-headers-3.10.0-1160.90.1.el7.x86_64.rpm4922ad2e5a87275be7d464a3b2983caf86c777941081f96271a65d66c068018bpython-perf-3.10.0-1160.90.1.el7.x86_64.rpm287afd725862c75b3bc9b5a2a6bd6f032963e86c856224219a7a7ab71d3b7987SLSA-2023:2077-1Security Fix(es): * Mozilla: libwebp: Double-free in libwebp (CVE-2023-1999) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7libwebp-tools-0.3.0-11.el7.x86_64.rpm69ad43f31cdd66bae7427ae8e7675a2473f8ec82a42d9ccc18f3fb8b147f23bclibwebp-devel-0.3.0-11.el7.x86_64.rpmd0f7746496279510d8d9349af1eedf768d6a9f6728b052b90c745128df1dc164libwebp-devel-0.3.0-11.el7.i686.rpmacc9073bac4c34b94140c41c00723439d7f8bdb27affd320ba2f6c0f6110a03alibwebp-0.3.0-11.el7.i686.rpmfde748bfb7fb2f89d217f1ce683817d6111d46d5961c517d98af764ae8598aealibwebp-0.3.0-11.el7.x86_64.rpm28f595642a9bf838e0c24a74f183e3fe24bb477ecb200018354951c31784f6b2libwebp-java-0.3.0-11.el7.x86_64.rpm15ac95abcbc2b845c4bef4bba6549f898899e7f7c9df1c5eda18011ea7d24406SLSA-2023:3137-1This update upgrades Firefox to version 102.11.0 ESR. Security Fix(es): * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process crash due to invalid wasm code (CVE-2023-32211) * Mozilla: Potential spoof due to obscured address bar (CVE-2023-32212) * Mozilla: Potential memory corruption in FileReader::DoReadData() (CVE-2023-32213) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.11.0-2.el7_9.x86_64.rpme2c2a1d54b202b045157a98bc48bef2d9e30b1946e632dd97f9d3f1eb32e031dfirefox-102.11.0-2.el7_9.i686.rpm217731f4536be9805e2c725616e4be6b623c1506a35bb55b2086030fcbc2b4e2SLSA-2023:3145-1Security Fix(es): * apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7apr-util-ldap-1.5.2-6.el7_9.1.x86_64.rpme25308894da281c3d546aca086e3a57f0428e8d01bdf83792fe0036da195439bapr-util-nss-1.5.2-6.el7_9.1.x86_64.rpm7df19e8165bbd56b4351b225ece0d4a43893a10dd5bcbf4acb5db7dba6d4f76bapr-util-openssl-1.5.2-6.el7_9.1.x86_64.rpm8a5ece8be05a373617dd4137d523928c8d3a789a142e17b132669e0a80629fb0apr-util-odbc-1.5.2-6.el7_9.1.x86_64.rpm6ff109d36706fc3357c18c1b1d96e6b19233ea875101a8a3a7553c35b322f02aapr-util-1.5.2-6.el7_9.1.i686.rpma10bfc1aff922fa7c434500ada8fe75f96726a33e8a55c4e6e71b02885860dccapr-util-mysql-1.5.2-6.el7_9.1.x86_64.rpmecbec100c816c813f091b250f8d4472ca80d76347e483adc7f48d49aa224e480apr-util-1.5.2-6.el7_9.1.x86_64.rpmb9dcf09c4b5bb5cb5c8db172f981b3c8043fd17aac07c4e1aed8af74f7284dbfapr-util-devel-1.5.2-6.el7_9.1.i686.rpm77cee88e27df38a0c49fbe92f4b392e924026cf18b9fef8cbe7accdaf2d6de64apr-util-devel-1.5.2-6.el7_9.1.x86_64.rpm29b315ff9cdfd835b84e0a733d12f6e6bcda0ee7f46ff9aaf9530bea4db0e538apr-util-sqlite-1.5.2-6.el7_9.1.x86_64.rpm9934b4db3804226ad60d97ef34095433b3b413806f877b2eff7fcdee6c4b4e49apr-util-pgsql-1.5.2-6.el7_9.1.x86_64.rpmccbb8d25374e3a3b0ac4d6a4f53d75abb82e10b611965c16a761907a95e3297bSLSA-2023:3151-1This update upgrades Thunderbird to version 102.11.0. Security Fix(es): * Mozilla: Browser prompts could have been obscured by popups (CVE-2023-32205) * Mozilla: Crash in RLBox Expat driver (CVE-2023-32206) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-32207) * Mozilla: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11 (CVE-2023-32215) * Mozilla: Content process crash due to invalid wasm code (CVE-2023-32211) * Mozilla: Potential spoof due to obscured address bar (CVE-2023-32212) * Mozilla: Potential memory corruption in FileReader::DoReadData() (CVE-2023-32213) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.11.0-1.el7_9.x86_64.rpm83950be333d1640567c94fc1a971c081442598d46e203d365aee10ce5b49e3f8SLSA-2023:3263-1Security Fix(es): * git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (CVE-2023-25652) * git: arbitrary configuration injection when renaming or deleting a section from a configuration file (CVE-2023-29007) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7git-instaweb-1.8.3.1-25.el7_9.noarch.rpm3e83eeab3a710c7be5655e2df71272688ff9f0af44b02f2ce1a06bc46bd733d0git-email-1.8.3.1-25.el7_9.noarch.rpm97899af62ee4b49b14b3423aae26390a143e6c3bce6ae55155d2faa133fc486egit-gui-1.8.3.1-25.el7_9.noarch.rpm294d6e517fc935fa5f592e1e91673aa0016f9d1d8a319ebd4c649f971eeaec3bgit-cvs-1.8.3.1-25.el7_9.noarch.rpm8010fe9f7a9f769ce948649f91321b0f50c10454b8ea402522e89b05b59681c0git-gnome-keyring-1.8.3.1-25.el7_9.x86_64.rpm78438f3c27a923f51e56b7a7b1d3cb53e65697751b833fd7e2f8a8a7a7f98080git-all-1.8.3.1-25.el7_9.noarch.rpmefa5741496687d523e89c33aa496a53e2e81c5f1f739f0890ba0e60fa02915d3emacs-git-el-1.8.3.1-25.el7_9.noarch.rpm0ab9001313770b6d4639542725fe6fe273360ba834f514b6d47e19e7a73b85cagit-p4-1.8.3.1-25.el7_9.noarch.rpme22b37264ccb2453f57e7d3f90c9a51f91fc95a312c06e94fffdda160ce0d998gitweb-1.8.3.1-25.el7_9.noarch.rpmccac8cdd7f8d8e0471b9b486349cd02e2c5e8a38dc886d8e3970a784a105c3fegit-daemon-1.8.3.1-25.el7_9.x86_64.rpm4a7893c0ccb2136cef96a3a42d1c976c4708baae1006ab0401e236184119f805gitk-1.8.3.1-25.el7_9.noarch.rpme756ea7f5b1836048bf353e2852378e1d28076550c1e611dbec1753e0c391526git-bzr-1.8.3.1-25.el7_9.noarch.rpm88099b0b0b0eac62df45f49512eee7277d55011dd5e1ebe315d4482e92118238emacs-git-1.8.3.1-25.el7_9.noarch.rpm204e0a02b8a7cb91e7ff10fc3c57ea2e69f3531aa62b2fe30f2a1b7922d0a20bperl-Git-1.8.3.1-25.el7_9.noarch.rpmc7b6358ffc05927f5d9a35c27857311630ebd75e9ef07749f33777b29b3d3d52git-1.8.3.1-25.el7_9.x86_64.rpm75e09efa67ede28fa48fc303a4b64f88ef0767c7a57862ba207b6c542a8c5129git-hg-1.8.3.1-25.el7_9.noarch.rpm7dbe6883a220246b72b07b0883b4d5cc6a6394d76fdd54ea15ceb7b968c005cbperl-Git-SVN-1.8.3.1-25.el7_9.noarch.rpm5dd193a55fb659b5d314001e1658f8a453cb21ee5e08c6bdd3dd5cacdb018290git-svn-1.8.3.1-25.el7_9.x86_64.rpm58d5775c300153c42aaee661185813841751bf363ed31cf0603f16fcd891f5dfSLSA-2023:3481-1Security Fix(es): * emacs: command injection vulnerability in htmlfontify.el (CVE-2022-48339) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7emacs-24.3-23.el7_9.1.x86_64.rpm16429ed85d33e15b552460c1b67de5294986c29daaa3d2c348e33ed9b1915302emacs-terminal-24.3-23.el7_9.1.noarch.rpme6304cdcc84e2f3b192eb747f376b7c28385031751e7f32ce62087cd4a4cc996emacs-el-24.3-23.el7_9.1.noarch.rpmcd07bf3dce1867952ff000c38af14043a31e2e230afd103c843157a81b64c7ceemacs-filesystem-24.3-23.el7_9.1.noarch.rpm52c8fb406a8e2b782b38536fe5e61ce36c031c3824cb32ce88b6bd2e9e6562d8emacs-nox-24.3-23.el7_9.1.x86_64.rpm379d8bbcd19407c44dc6b00af52973afecf4488c0b57609032725948563c02a3emacs-common-24.3-23.el7_9.1.x86_64.rpm77e5977105cc0b7645f5141a684adc2845813a0205881e1d0239961910937217SLSA-2023:3555-1Security Fix(es): * python: urllib.parse url blocklisting bypass (CVE-2023-24329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7python-test-2.7.5-93.el7_9.x86_64.rpm1c508a26d568ab252f09be0a5a9844febd340580a46f9959c8ea9b7bd643c879python-libs-2.7.5-93.el7_9.i686.rpm74a2f37e515525613a58e2d2e48cdef939554c6e985b556022f7a2fc3da193bapython-2.7.5-93.el7_9.x86_64.rpmc2b14b2623f7080d71a784a26cc0e0917c121879174aed1d7498702cd5f58e48python-tools-2.7.5-93.el7_9.x86_64.rpma141c7be5f16cb7d79c86a7d217c3c26170f59892f3d8449f155c95ef6bc7163python-devel-2.7.5-93.el7_9.x86_64.rpmc69106bbfeff385d12c48f00f9111f5e9551607cadaed31f7cea6303c465419ctkinter-2.7.5-93.el7_9.x86_64.rpm2af896618aad06c74e7d6aa51f936cd1def6ff4c2cdde61ad56f6c07dc53e989python-debug-2.7.5-93.el7_9.x86_64.rpm6a649dc6a6ed2a55d9dda6498f1f6fc0aea0e9e059c76f1ca4dcec9415f19cc2python-libs-2.7.5-93.el7_9.x86_64.rpma9911b8402a76fb873d4f8954d6ad8c3335a940617273561485f7ac44a10f3d3SLSA-2023:3556-1Security Fix(es): * python: urllib.parse url blocklisting bypass (CVE-2023-24329) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7python3-3.6.8-19.el7_9.x86_64.rpmeb546d5fe026dc6902621e56f6bc958568a1880997534d56ed5fe6b1f0ba3a1cpython3-libs-3.6.8-19.el7_9.x86_64.rpmacc5dc6879fcb54764b1982a828c7bd0d818e94ffa4b7656abf8bac9d2311cc0python3-tkinter-3.6.8-19.el7_9.i686.rpm082e297fda5b60c723bf4d11eaf47f2eaf9ffbf10b10e1809432a722d32e4d28python3-idle-3.6.8-19.el7_9.x86_64.rpmabdbe62fff672d7c8c674af61906edf5de7a1fa2eafcf6ffc991bb4f61c01955python3-test-3.6.8-19.el7_9.x86_64.rpm9b4d40db2ba3248732de180ffd339f822c98eaab3dc446a63c83e244d3fdf998python3-debug-3.6.8-19.el7_9.i686.rpm1d9a91b8ff0dda6a911e2cc7d89c7520736632c95fca8785cbd9e7c937f3c62bpython3-idle-3.6.8-19.el7_9.i686.rpmc3213042d778d496f5b48723f2f16e839754e53017944827b719eba596409007python3-debug-3.6.8-19.el7_9.x86_64.rpmaeabd980724b1d01314f93ee5368b188ace49f641ced64cb03f50c3daf80463epython3-devel-3.6.8-19.el7_9.x86_64.rpm06c47f05308ffd3e781f031941cf7e06cc0fd06ffb9dffe8191ab667bf295690python3-3.6.8-19.el7_9.i686.rpmb403cec0cf4d82052b1f34eab7ee866f48b4a38c847736a878041b92c9274b27python3-tkinter-3.6.8-19.el7_9.x86_64.rpm3fd7dd673a988c986805ed4ced6f19dc47d44f81aee291626dfcc9ae8f00fb27python3-libs-3.6.8-19.el7_9.i686.rpm85efb8f32cb59dd05a7a21f48cc2abe7711b7f2f1d19997cf4328a54e7b12d7bpython3-test-3.6.8-19.el7_9.i686.rpmd6c13b289c5b6793a34b0b67f88ab0730fb99b111e10adf77ad54e09cbc26358python3-devel-3.6.8-19.el7_9.i686.rpmba765447ce9209db237e4814f289ef966e50753d880e591b84ea9dc9eb8b9032SLSA-2023:3563-1This update upgrades Thunderbird to version 102.12.0. Security Fix(es): * Mozilla: Click-jacking certificate exceptions through rendering lag (CVE-2023-34414) * Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 (CVE-2023-34416) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.12.0-1.el7_9.x86_64.rpm3d6ef4a4906929928258405965ed74368e1a192aa83d0105bc4f25fa1f799885SLSA-2023:3579-1This update upgrades Firefox to version 102.12.0 ESR. Security Fix(es): * Mozilla: Click-jacking certificate exceptions through rendering lag (CVE-2023-34414) * Mozilla: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 (CVE-2023-34416) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.12.0-1.el7_9.i686.rpm85dd0bd1ea66050ffc9257d0c70173cc9db885ea8ca48b309c830c62eccb0f7efirefox-102.12.0-1.el7_9.x86_64.rpmb0eda21f63d6600d82d0eea6f78452939b615447a11748b6d3ff9dfca96df831SLSA-2023:3741-1Security Fix(es): * c-ares: 0-byte UDP payload Denial of Service (CVE-2023-32067) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7c-ares-devel-1.10.0-3.el7_9.1.i686.rpm4810d2e56485882183e34a8ddb72425fc96df44ff0690bc1d0acb024f9cfcc3cc-ares-1.10.0-3.el7_9.1.x86_64.rpm2767f9710da7c66679b27ee4c75b0eb4430dcb4a9d7d505a2a4a651218216a7ec-ares-devel-1.10.0-3.el7_9.1.x86_64.rpmc682f4cea6d4ae48a03518f7d4722b960bfb476a6edf9e96e80c3d43606fbe4bc-ares-1.10.0-3.el7_9.1.i686.rpm3bd881548e05c652d368e63a5a8e5487da80fb4dc7e9d59e8489f037d8214c1fSLSA-2023:3944-1Security Fix(es): * open-vm-tools: authentication bypass vulnerability in the vgauth module (CVE-2023-20867) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * [ESXi] [SL7] vmtoolsd task is blocked in the uninterruptible state while attempting to delete (unlink) the file 'quiesce_manifest.xml' * [ESXi][SL7.9][open-vm-tools] Snapshot of the SL7 guest on the VMWare ESXi hypervisor failed vm hangslowScientific LinuxScientific Linux 7open-vm-tools-desktop-11.0.5-3.el7_9.6.x86_64.rpm583a5c038ff4273c49f1bbaedd4c4fe343c81f9d4ddffcca1ac64a27cba33b63open-vm-tools-devel-11.0.5-3.el7_9.6.x86_64.rpme50c2f59eebd90a27a7c4b05f3ea63a278ef1587a393736a4a46837a2240e6e7open-vm-tools-test-11.0.5-3.el7_9.6.x86_64.rpmdd3dbeab07c3601f04fd9276645e4d879bfb2591dbf218106a4679bc3f2d0e8fopen-vm-tools-11.0.5-3.el7_9.6.x86_64.rpmd91ad175421f9064d2b465745ffb5522d929f0ac6931a66fa5c9a45dcd359603SLSA-2023:4062-1This update upgrades Thunderbird to version 102.13.0. Security Fix(es): * Mozilla: Use-after-free in WebRTC certificate generation (CVE-2023-37201) * Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-37202) * Mozilla: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 (CVE-2023-37211) * Mozilla: Fullscreen notification obscured (CVE-2023-37207) * Mozilla: Lack of warning when opening Diagcab files (CVE-2023-37208) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.13.0-2.el7_9.x86_64.rpm457011a565fd0d609ffafae8889642b0098c1782e64d391a7ec242f940aff6acSLSA-2023:4079-1This update upgrades Firefox to version 102.13.0 ESR. Security Fix(es): * Mozilla: Use-after-free in WebRTC certificate generation (CVE-2023-37201) * Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey (CVE-2023-37202) * Mozilla: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13, and Thunderbird 102.13 (CVE-2023-37211) * Mozilla: Fullscreen notification obscured (CVE-2023-37207) * Mozilla: Lack of warning when opening Diagcab files (CVE-2023-37208) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.13.0-2.el7_9.i686.rpm52525c06ded84e0af82ad1bb583015b6dd976b15c200a89929aea7970ebf182afirefox-102.13.0-2.el7_9.x86_64.rpm7d5b42ef904a7638edaf85655b8848a9b55128200dc6514220839294a292259aSLSA-2023:4151-1Security Fix(es): * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * perf record -ag does not capture user space stack frames on s390x * SL7.9 - kernel: handle new reply code FILTERED_BY_HYPERVISORimportantScientific LinuxScientific Linux 7grub2-2.02-0.87.sl7_9.11.0.x86_64.rpm02fdac07bcfcd70a44e58b2b66eacfb4b878d5021d85e5f6121f77a9328b5667grub2-tools-extra-2.02-0.87.sl7_9.11.0.x86_64.rpm6251a806574027dfd31c399144e35a259a698a3a28c3b2eaa54e6a0f188107f2grub2-tools-minimal-2.02-0.87.sl7_9.11.0.x86_64.rpm51a9101328612f9d71fe72c145879aba98a2b5afbdf08e04f5f427f5f3597a1dkernel-abi-whitelists-3.10.0-1160.95.1.el7.noarch.rpm13ddb32f504cbe0194aeead1151afc046b34cace7c5bc5193aed6bea6d4072c0kernel-debug-3.10.0-1160.95.1.el7.x86_64.rpmacc68d033ea9e974d2f6f2041224aff5f46859c6e45c0b97997949bf6add434dkernel-devel-3.10.0-1160.95.1.el7.x86_64.rpmd427f4027b89aa13cbc836bcafb6b69a7c335d37b84efc738b9aef1c30395e72grub2-efi-ia32-2.02-0.87.sl7_9.11.0.x86_64.rpmacaf931aae56735cabdefc5d99313cac4725e5a2211b19f15562856065856345kernel-debug-devel-3.10.0-1160.95.1.el7.x86_64.rpmaa994b7f8e6f91bc84e63169d2c518b4435aef54a487d99b3edea56719ccea1cshim-ia32-15.6-3.sl7.x86_64.rpm39185186a7f6cb0cefcc2c1d26d1dda21996afa9106651c290f8c41b0421abeagrub2-efi-x64-2.02-0.87.sl7_9.11.0.x86_64.rpm183ae7eb980f05ea13f48d4e2f41c90d34dc8b23817fc19969ca0ef69feb718efwupdate-12-6.sl7_9.x86_64.rpmf05fee0dca5f4736b736d99beec247af393b5f3920e668a98800e582159f24bbkernel-3.10.0-1160.95.1.el7.x86_64.rpm6ae9d35124a1f80a46ab4f8ad9ad4a4c6237452120f67f04881a22b7cf579e1bfwupdate-libs-12-6.sl7_9.x86_64.rpmd01c9c211a1f3d7a0beba4f69ba33a6285d11dbc8477c2a44590600a2644bb2agrub2-efi-ia32-modules-2.02-0.87.sl7_9.11.0.noarch.rpm31fe7931059e9be7e6bdad1a83a200f77593f86750de08e65fc1b8af0cc6a34apython-perf-3.10.0-1160.95.1.el7.x86_64.rpm306970c6e447bbeb126a7e99d4524b45a0cc580e5bdd05b30c60bf497ba1b516kernel-tools-libs-3.10.0-1160.95.1.el7.x86_64.rpm646b38c30483557716b7a9addd2326eb8be8c30c972d830094895917b94ee58cbpftool-3.10.0-1160.95.1.el7.x86_64.rpm94cc896650fb6c867857693598868f7e90d7dff12ea92cb57d97c491e5e61482grub2-tools-2.02-0.87.sl7_9.11.0.x86_64.rpm1f2405d5161a7e40d572c69b539a588a86c5b52608a8040c76236783c25fc617grub2-common-2.02-0.87.sl7_9.11.0.noarch.rpmdd912b0a96c6f9aac8dd2c44c40a7a57030b9096745740f69fa71baa2e3a2699grub2-efi-x64-modules-2.02-0.87.sl7_9.11.0.noarch.rpmd26326bb671444d05e22b08e86c63b1efb22eb88e56b619103e09c497c8226e0kernel-doc-3.10.0-1160.95.1.el7.noarch.rpme917b958908bfe5251fbdee329eea5285e1986be0982e74170ee9beda0630d9dshim-x64-15.6-3.sl7.x86_64.rpm37566ff2a06fd123d9213bb8a80c355ec75811dcd769220ff04bb2496db58147fwupdate-efi-12-6.sl7_9.x86_64.rpmb0363c1d769a27dd112cf4beed6f9537c150bb34e384b45e97e90c2a347d4ee2fwupdate-devel-12-6.sl7_9.x86_64.rpm76179cf91bf69a5f79b595984e40b0a455c76f97779731b2280fed8d72eefd6dkernel-tools-libs-devel-3.10.0-1160.95.1.el7.x86_64.rpmf1fceb068c5b4818015623b6b3e87d91effa4ec9d972bf8f01efe5212616907eshim-unsigned-x64-15.6-3.sl7.x86_64.rpmbdb026643e0ca5cacf8acb7778bb5dc9b09fe7c866ee8f14ccd1ece10450a61ekernel-tools-3.10.0-1160.95.1.el7.x86_64.rpm32fdbe756f8ed96b782df457240816cd884b0705447ee0a2c0495b7c7d763830grub2-efi-ia32-cdboot-2.02-0.87.sl7_9.11.0.x86_64.rpm50b51f12a760777c9387ad0e1191da8716f876f3065c894fa52cd0829f8fd131grub2-pc-modules-2.02-0.87.sl7_9.11.0.noarch.rpmd8a8f3c36a67551c955b05eede25d191e50c555f8ac86438772a6db95a0c530dgrub2-efi-x64-cdboot-2.02-0.87.sl7_9.11.0.x86_64.rpm2db99f7c06c5210819d5f9eb42c9abe0b8d9655d0b77f07ef73c4dae95d96175kernel-headers-3.10.0-1160.95.1.el7.x86_64.rpmdd68286b55ee763dd8fc678c44f263ec5d96c35a4c9fe9786e7cd0cbe153e1abshim-unsigned-ia32-15.6-3.sl7.x86_64.rpm2f1541a06e65a2d86848aca2d79f1640955593a7a68eec7a03a5a47d30f3ff76grub2-pc-2.02-0.87.sl7_9.11.0.x86_64.rpm1681e6f273f637765446f401f3eb14c0d731bada9d85f03251efc8804bc51157perf-3.10.0-1160.95.1.el7.x86_64.rpm0376e3997d60d170fce182e5cf2799f5ecb39f38e863b4913c5a993031e684f5SLSA-2023:4152-1Security Fix(es): * bind: named's configured cache size limit can be significantly exceeded (CVE-2023-2828) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7bind-export-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm5390ad1a5f2685596965712efe2d275bed051f57873af3ebc42b4c416539c908bind-lite-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm7b6ad4d11d5f58c4b785a685817819d9887e90dbf5b5ef896f2edfc520d31e44bind-libs-9.11.4-26.P2.el7_9.14.i686.rpm66a6af922faa347aaf91e64655d56f5d5b5e0d92890a2ae56f02c70c4864c95ebind-pkcs11-9.11.4-26.P2.el7_9.14.x86_64.rpm7e5d0f76854bfcfbe47690bb640b238c30e97e54e939c22322536c9d3f1faab0bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.i686.rpm6ddd097023193aacaa88687e1a4c37c905a7d9941541c80818654a584728e67fbind-pkcs11-libs-9.11.4-26.P2.el7_9.14.i686.rpma5d4544e806cf573de6fb927d2bb437679f2696a34fa5f792d2b76af32bb0fdbbind-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm2fb0d462a1b1db1a2725e1e0baf84fb76417bf2856005d9bd57c42907b8f5944bind-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm9d0985c47e21159f2ecc9df5c8ea8d2d70f5a56bd05aa6ed00ff25b36197c5e0bind-9.11.4-26.P2.el7_9.14.x86_64.rpm29acbdd8ef76126617364b40e3f2b7329905520c0fc2997cca1943ade2e2f170bind-pkcs11-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm4a989308307618115dab799fbd00aee4a7f6fe5d19f641b5e77430d452959540bind-libs-lite-9.11.4-26.P2.el7_9.14.i686.rpm2bce489aca7599245223ffae177480f2dc3b14e16c637f40a5a0c0890534a3b9bind-pkcs11-utils-9.11.4-26.P2.el7_9.14.x86_64.rpm7ff549d1ea4277b8cf04054cc499a2ef031e3bc53062ab740d612d3516fc5a20bind-devel-9.11.4-26.P2.el7_9.14.x86_64.rpmbb0eaaa881ed826216814d893c4ba525c373dd290e9eb74f24da46f40a43cfc4bind-sdb-9.11.4-26.P2.el7_9.14.x86_64.rpmbae52c0b8227daab9989105f72a3a74c7f75cceabd06b9b47d5bb4971eb6e7abbind-export-devel-9.11.4-26.P2.el7_9.14.i686.rpm0b226d71c582c942d56ca8f9a799ebe69c336b8f097905bfb1fdbaa487202bacbind-export-libs-9.11.4-26.P2.el7_9.14.i686.rpm2846839473093619718e8ea04cd84b4d4f27feb87cfb515d70fa32df7c2d74debind-license-9.11.4-26.P2.el7_9.14.noarch.rpm718ac5e100a00cf62b780e12da17fbdb95ea1e171c609c2f38db53b9aa319d6abind-pkcs11-libs-9.11.4-26.P2.el7_9.14.x86_64.rpmaca48ff6d1d75402d11355ed6f532fef4a349812937782dee155e1eca0610460bind-libs-9.11.4-26.P2.el7_9.14.x86_64.rpm840cda41fd97e0bc0d1665a201486780fde37112cb891fe0b94062ab0f5714dabind-sdb-chroot-9.11.4-26.P2.el7_9.14.x86_64.rpm9029c343cea2748a44100b3b0b89315ab0007e45171f7be07d3d0f50d093003cbind-devel-9.11.4-26.P2.el7_9.14.i686.rpm9bca8849fb777e9b638fcccb73d988d3b34353f26ce5efc93f02b31fb81f1926bind-libs-lite-9.11.4-26.P2.el7_9.14.x86_64.rpm574c4f30fafb93115de42de08603fa9bd6f0189f2f06247cb806b0cd4de33392bind-lite-devel-9.11.4-26.P2.el7_9.14.i686.rpme75f71ee6da51243433b0b1e77fbca1b79b3205e1068775255f44eafffc1b966bind-export-devel-9.11.4-26.P2.el7_9.14.x86_64.rpm482ef3dbadd5c64e229c46f6548fc0573e6931d61e126f5be2ff411f6a8af5e0SLSA-2023:4166The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-07, 8u382) (BZ#2217708) moderateScientific Linux 7java-1.8.0-openjdk-devel-debug-1.8.0.382.b05-1.el7_9.i686.rpm7c3395ba0672303eeacd383463317845324c1aac2030233d7fea9558fff90549java-1.8.0-openjdk-demo-debug-1.8.0.382.b05-1.el7_9.x86_64.rpm0acdfddd0a7621da52715ba0b8b239c1f5f0ee2dd1a5c773c835ca249e20bf0fjava-1.8.0-openjdk-src-debug-1.8.0.382.b05-1.el7_9.x86_64.rpmabfdc2d0ba965927ba438926b19bfddef818fa2ca21eac00c883a8503c092d1bjava-1.8.0-openjdk-src-debug-1.8.0.382.b05-1.el7_9.i686.rpm2ddc1ee4b77ec9cc6bceb4a1e2ea40fe0f47deb48bfd326e384c36ac9d4e409djava-1.8.0-openjdk-javadoc-debug-1.8.0.382.b05-1.el7_9.noarch.rpmaeb291eb0b50c6df8df73995e0d169b30d8cf97bf536fa903e1482fb69575ee7java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.382.b05-1.el7_9.noarch.rpm5de760604ddd497ea668ecf2f0f19d63f3d41595ed6ccbed0d890e6840626418java-1.8.0-openjdk-demo-debug-1.8.0.382.b05-1.el7_9.i686.rpm06ed414d6eb74d917f79c66135606b847e084b887f2e7aaec07907cc1ce898d7java-1.8.0-openjdk-accessibility-debug-1.8.0.382.b05-1.el7_9.x86_64.rpm3ff546cd8366a57d4613b8b3329c4002bb5521633b5497eb89a8fa4339cf2073java-1.8.0-openjdk-accessibility-debug-1.8.0.382.b05-1.el7_9.i686.rpm6b4b98b46d82621ea627ea494bcde7a01d57c52f499a3251a2026c7f45e1f5c8java-1.8.0-openjdk-debug-1.8.0.382.b05-1.el7_9.i686.rpmd5cca96d47139cb3c734101fc7d16eb5da6b8791594b76cc9cb311c0d77b8436java-1.8.0-openjdk-headless-debug-1.8.0.382.b05-1.el7_9.i686.rpmbb19016336ad1ffef6ccc598a796d2259b59ba46531c2a4e8ba765475158f440java-1.8.0-openjdk-debug-1.8.0.382.b05-1.el7_9.x86_64.rpm0c8b6ce7646a1b634638dabc81d075cfcb4eddc5f6776f6d7cd2bf7103e358ffjava-1.8.0-openjdk-devel-debug-1.8.0.382.b05-1.el7_9.x86_64.rpm1f710135ab14b8921155c51224f1620959c92342f5ed6c4f9e8405eb1fec8ea8java-1.8.0-openjdk-headless-debug-1.8.0.382.b05-1.el7_9.x86_64.rpm324fc8fe94286881f47638b6e0fd83bcd142875e7620d79ce20d80bf130ac238SLSA-2023:4166-1Security Fix(es): * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-07, 8u382)moderateScientific LinuxScientific Linux 7java-1.8.0-openjdk-src-1.8.0.382.b05-1.el7_9.i686.rpmbe2517d7192e20c4080fe95929dfae8a9aea42cab14e7e51c138f6c266d5055cjava-1.8.0-openjdk-headless-1.8.0.382.b05-1.el7_9.i686.rpm246498ddacd857113797505382a16215d170259474f568de21cdf337ff0f53efjava-1.8.0-openjdk-demo-1.8.0.382.b05-1.el7_9.x86_64.rpm9c426e1a4c65a49038792a46eda61db38172a58b637f04a031cb8dc4de8cd1cajava-1.8.0-openjdk-devel-1.8.0.382.b05-1.el7_9.x86_64.rpmb5b7073955ddd948e0c276da88d014744e6e2f2fd6ee40b993eff6af81b8a4fdjava-1.8.0-openjdk-1.8.0.382.b05-1.el7_9.x86_64.rpm8fea289176fabde82dcb29089c11467714e6a9abf9507fdd3cd6f86f0f658177java-1.8.0-openjdk-1.8.0.382.b05-1.el7_9.i686.rpm9ce39f54dfaeec78b581d0b325a8412dd482468778bca0f96a755e38f80736edjava-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el7_9.i686.rpmbb44623d2ee60580b7a1a7816d0351bd036210246f3e3fee58c3cfe8719eae06java-1.8.0-openjdk-javadoc-1.8.0.382.b05-1.el7_9.noarch.rpmb5d809bd49184057cfaa02919c8737f8ae3c3d2a9bdcb764ac4e19bb9c1cf322java-1.8.0-openjdk-devel-1.8.0.382.b05-1.el7_9.i686.rpm20fa5eebb058c93de0e25304267aeb15993df86f8e712172fb49e325dd4b2380java-1.8.0-openjdk-accessibility-1.8.0.382.b05-1.el7_9.x86_64.rpm61ba3d584fa8f470ae66e0853c79997ae4939c3e81ac78e8e782b29cd7143e60java-1.8.0-openjdk-demo-1.8.0.382.b05-1.el7_9.i686.rpme5be3aeb37544ea9645bd3ea4ef068cd56baa4982faba21298ec5db94b461cf1java-1.8.0-openjdk-javadoc-zip-1.8.0.382.b05-1.el7_9.noarch.rpm93929cce2fa47a2f63ccc5d1e84aa2cb89ffcac2fd09fe915b0e4d2f33145645java-1.8.0-openjdk-headless-1.8.0.382.b05-1.el7_9.x86_64.rpmc9db4e28c818f4caf37c8ebf7d4db06219799d5bc58f51989d93edefd4ffea8cjava-1.8.0-openjdk-src-1.8.0.382.b05-1.el7_9.x86_64.rpmca822420f5631ceffa2d5652b7666c8c2acde9aaae3d32837dc2295c8a4e1716SLSA-2023:4233The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: ZIP file parsing infinite loop (8302483) (CVE-2023-22036) * OpenJDK: weakness in AES implementation (8308682) (CVE-2023-22041) * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * harfbuzz: OpenJDK: O(n^2) growth via consecutive marks (CVE-2023-25193) * OpenJDK: HTTP client insufficient file name validation (8302475) (CVE-2023-22006) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-07, 11.0.20) (BZ#2217709) moderateScientific Linux 7java-11-openjdk-jmods-debug-11.0.20.0.8-1.el7_9.i686.rpm79edb96529d10ef16a14e2daf18ca1395d47fa641003d863f312355ea68f741ejava-11-openjdk-javadoc-debug-11.0.20.0.8-1.el7_9.i686.rpm4718a60737d866d51134e1997539125b97ffe020138b1154e117738222266221java-11-openjdk-debug-11.0.20.0.8-1.el7_9.x86_64.rpmc8be48c9d252511eec2ccf4cd7fc3fcf707e8d216f95966a6d70f958affc667ejava-11-openjdk-javadoc-debug-11.0.20.0.8-1.el7_9.x86_64.rpmf9ae10bed9a2bf684c6e270d4e7462952312530edc183bd7a0c09962419cba8cjava-11-openjdk-devel-debug-11.0.20.0.8-1.el7_9.x86_64.rpma53b63613af856ef8200398dc244c8afa4d2cff0f22263536599d752979620a6java-11-openjdk-debug-11.0.20.0.8-1.el7_9.i686.rpmbb113cc3ec5a057138fb0938f2778346db9a4855c6c6a4a6b46f3e5bebe2c81ejava-11-openjdk-static-libs-debug-11.0.20.0.8-1.el7_9.x86_64.rpm3bb27392b418c7c8899fc2e0856d3088e204b078c4dd1dc42cba2533e6055080java-11-openjdk-src-debug-11.0.20.0.8-1.el7_9.i686.rpm28344a7fd67e264329c9b07f5dcd8610dd66e448e5034ce1cf2fa55fcd234b92java-11-openjdk-src-debug-11.0.20.0.8-1.el7_9.x86_64.rpm33dc461e2082675b6e346795f300a91acdefa485e9233d3cf39f39b66e1fdae3java-11-openjdk-demo-debug-11.0.20.0.8-1.el7_9.x86_64.rpm8d383e463fb3b251593c23148d5c2ea67bdc3ba64601dd4ee6b8c2c249a85396java-11-openjdk-headless-debug-11.0.20.0.8-1.el7_9.x86_64.rpmde3b19406174e17155461c16bbb7ab46d6bab3ea373d9314d96cfbb7b5dea026java-11-openjdk-demo-debug-11.0.20.0.8-1.el7_9.i686.rpme71b46bf3b51c008b27b18cf8f8b4ab68e8fc6698382531f49ff66caebc79586java-11-openjdk-javadoc-zip-debug-11.0.20.0.8-1.el7_9.i686.rpmb45ea9aee2c7cbf87cf5e1a036fdaff5fc324eb0625524ea8333725f0c3f585fjava-11-openjdk-devel-debug-11.0.20.0.8-1.el7_9.i686.rpm27fddb078f6eb1a9cf97d83adca5712bce9b19d61c0f9f261094530b0daac735java-11-openjdk-headless-debug-11.0.20.0.8-1.el7_9.i686.rpmbfd172cc6c3047b7f2eaf10420625983b90ee8e61e0081b2db7b24e80cea299ejava-11-openjdk-jmods-debug-11.0.20.0.8-1.el7_9.x86_64.rpmf931e5668f419210f43e2b6024127623b3fd6428cdb9dc043cb0a1aa036ca660java-11-openjdk-javadoc-zip-debug-11.0.20.0.8-1.el7_9.x86_64.rpm20371f5b12456cb60bdeb50594787a9915571aeb4bed66acd480282d857a7debSLSA-2023:4233-1Security Fix(es): * OpenJDK: ZIP file parsing infinite loop (8302483) (CVE-2023-22036) * OpenJDK: weakness in AES implementation (8308682) (CVE-2023-22041) * OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312) (CVE-2023-22049) * harfbuzz: OpenJDK: O(n^2) growth via consecutive marks (CVE-2023-25193) * OpenJDK: HTTP client insufficient file name validation (8302475) (CVE-2023-22006) * OpenJDK: array indexing integer overflow issue (8304468) (CVE-2023-22045) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Prepare for the next quarterly OpenJDK upstream release (2023-07, 11.0.20)moderateScientific LinuxScientific Linux 7java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.i686.rpm6b81768fbdd28e1f6d21396d5c56c492566e171f0b3ba69d6a53c6899d8e7669java-11-openjdk-devel-11.0.20.0.8-1.el7_9.x86_64.rpm44d5bb2962cf95018188e0e9322f1cb0749559717925095f014860d9a2d52a51java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.i686.rpm181fec129c7d9092535329e8c13b10738f5b458b4bfc8e2b35f3d7a849fbf9e8java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.i686.rpm8d254b5dd60cc5ae65759c71124065eebeadf32795a13e6e6b4c19d3453c5734java-11-openjdk-jmods-11.0.20.0.8-1.el7_9.x86_64.rpm9fd0134a61497cef62d71c58e257c28984fe6754e417330cc4d3f196e800f4a9java-11-openjdk-javadoc-zip-11.0.20.0.8-1.el7_9.x86_64.rpm58c77950e50ddc6351ef578222b43c1629ac54bd5dfb8e1739807702af220c16java-11-openjdk-javadoc-11.0.20.0.8-1.el7_9.x86_64.rpm28f51f4e0c1d3b94b428e29c38ff7cde48854235795a347f7bce25e3fc1a011ejava-11-openjdk-src-11.0.20.0.8-1.el7_9.x86_64.rpm27a31b28a2db95c6db0a33da9d25fcdf6f29d7a3c8a6c2fbf3a265bebec66a22java-11-openjdk-11.0.20.0.8-1.el7_9.i686.rpm256fef34638e88b726b4a2f1c25fe1c25f3b9f780bfbf76cd7707df050945acejava-11-openjdk-headless-11.0.20.0.8-1.el7_9.x86_64.rpm5eee4ef43ef2ae522c24da2c9567c7a10a8e69c762b7388de5a44a094fdc31f4java-11-openjdk-demo-11.0.20.0.8-1.el7_9.x86_64.rpme8ccbd4e99b30c1b578777648ae4a22f2925f73051c06ce99f714f6b60bbe707java-11-openjdk-src-11.0.20.0.8-1.el7_9.i686.rpme4a4b80fd40168ee4be8d2d45724d4732b643a3109f88120835280019c5d1ccbjava-11-openjdk-11.0.20.0.8-1.el7_9.x86_64.rpm4277755e41d7df46ee4f348b36b869e49d17408bb01b498245bebd9ead246923java-11-openjdk-demo-11.0.20.0.8-1.el7_9.i686.rpmfb47826b6a6845ad11f4df022362b11cc86f8f707603371872e06ecc2a338833java-11-openjdk-static-libs-11.0.20.0.8-1.el7_9.x86_64.rpm07ef48a92d0025a97f2a3ba7d19df6dbc2e00facba809f2d5dba5d74f097473djava-11-openjdk-devel-11.0.20.0.8-1.el7_9.i686.rpm0c514dc36635d32c240308ef4dfc2b015bcc3c7223d010cf7ddf81ace4f6c9efjava-11-openjdk-headless-11.0.20.0.8-1.el7_9.i686.rpm8187223a55a7d29c536ef088992487a98eb5d02f73701a501a5b0a5a9973cb4cSLSA-2023:4326-1Security Fix(es): * iperf3: memory allocation hazard and crash (CVE-2023-38403) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7iperf3-devel-3.1.7-3.el7_9.x86_64.rpme53c0d01885458be4adac152217cf53d799662878939bc5fc691966f389e2f0fiperf3-3.1.7-3.el7_9.x86_64.rpm10a02c97f06d7be475a801b26dd8e756dbe815448697365a2aadfaa1deb0132fiperf3-3.1.7-3.el7_9.i686.rpmcfceef3822daabf5924b978c72905b741df7d00aaff0701b93f98cbe3c29aed7iperf3-devel-3.1.7-3.el7_9.i686.rpm3ec8a3704f101c48bf5e1ebb5799a8c4bbab428be5d54c451cae8049349698cbSLSA-2023:4382-1Security Fix(es): * openssh: Remote code execution in ssh-agent PKCS#11 support (CVE-2023-38408) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7pam_ssh_agent_auth-0.10.3-2.23.el7_9.i686.rpm15137695c53e2f504a6425d916c4e8d918cde6ea488c14a409e5bea6d383234bopenssh-server-sysvinit-7.4p1-23.el7_9.x86_64.rpm533d76891a4fd3af080647599d3de4aa93943e29dd2ba22e6cb2099e9297fc57openssh-server-7.4p1-23.el7_9.x86_64.rpme49f21aa861a841c7277185e4773533fdf824307c3bd2a190dbf6a4993534f4eopenssh-clients-7.4p1-23.el7_9.x86_64.rpm42ff6594a5706664e867dec3f55c7c5f2f781a76387b4b0fbdd61dc761c122cfpam_ssh_agent_auth-0.10.3-2.23.el7_9.x86_64.rpm5f5a93beb057f9d2bd3fc6809afa4bde65bc5cf9e2777ff6ad037b47524bb0d9openssh-askpass-7.4p1-23.el7_9.x86_64.rpm99e3fab2ddbf75dc3fe4eec47c13b108bcc5f86943ae40c64600b06a5ca13894openssh-7.4p1-23.el7_9.x86_64.rpm46560001f786099f2c23e67c61af9ada89ce46dee0a69c0ab2d9c8fec4928e18openssh-keycat-7.4p1-23.el7_9.x86_64.rpmc40d827906c9369a9cec60464f73dccca0c426665c52635a716cfdced2f9757bopenssh-ldap-7.4p1-23.el7_9.x86_64.rpm9668bcfc1a63f462660cc217d76fb0cfb95877ffabac224267198051dc9fb002openssh-cavs-7.4p1-23.el7_9.x86_64.rpme4eb00f6b5814dad2c715cfb2570de1665b13cddf60578f8a644b88fb470b02bSLSA-2023:4461-1This update upgrades Firefox to version 102.14.0 ESR. Security Fix(es): * Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions (CVE-2023-4045) * Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-4047) * Mozilla: Crash in DOMParser due to out-of-memory conditions (CVE-2023-4048) * Mozilla: Fix potential race conditions when releasing platform objects (CVE-2023-4049) * Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050) * Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 (CVE-2023-4056) * Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1 (CVE-2023-4057) * Mozilla: Cookie jar overflow caused unexpected cookie jar state (CVE-2023-4055) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.14.0-1.el7_9.i686.rpm46d3174db667a468ed9cb3879dbbefb56ba6a15111095d9f94cf9309b018a57dfirefox-102.14.0-1.el7_9.x86_64.rpm773c59b1f0ce9ec001ca836d4986d4ec85972700c21e51b94e5f149abd14b401SLSA-2023:4495-1This update upgrades Thunderbird to version 102.14.0. Security Fix(es): * Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions (CVE-2023-4045) * Mozilla: Incorrect value used during WASM compilation (CVE-2023-4046) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2023-4047) * Mozilla: Crash in DOMParser due to out-of-memory conditions (CVE-2023-4048) * Mozilla: Fix potential race conditions when releasing platform objects (CVE-2023-4049) * Mozilla: Stack buffer overflow in StorageManager (CVE-2023-4050) * Mozilla: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14 (CVE-2023-4056) * Mozilla: Memory safety bugs fixed in Firefox ESR 115.1, and Thunderbird 115.1 (CVE-2023-4057) * thunderbird: File Extension Spoofing using the Text Direction Override Character (CVE-2023-3417) * Mozilla: Cookie jar overflow caused unexpected cookie jar state (CVE-2023-4055) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.14.0-1.el7_9.x86_64.rpm90d4ca466a0c27ff92aa361e83fef3d2ad2a24f8ea729dc3ec89a46aab27f924SLSA-2023:4701The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform. Security Fix(es): * subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration (CVE-2023-3899) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7subscription-manager-cockpit-1.24.52-2.sl7_9.noarch.rpmd4dce8973007bffbdb590385324bb6fd624bdf3bf42f093cc1011ce33043d590SLSA-2023:4701-1Security Fix(es): * subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration (CVE-2023-3899) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEmoderateScientific LinuxScientific Linux 7subscription-manager-plugin-ostree-1.24.52-2.sl7_9.x86_64.rpm3aef89a2e5aa34e5153b964de89ed8dc97536a4197eca875550277ba3a329df9subscription-manager-initial-setup-addon-1.24.52-2.sl7_9.x86_64.rpmd004be8aedd432c0ea079c964d307e81a2899951816394458e645f88c5466994python-syspurpose-1.24.52-2.sl7_9.x86_64.rpmac777cf7e2eec23ec0e63b8c373ba4673dfdb5c5667d99d1fee87b23fff2d13fsubscription-manager-rhsm-certificates-1.24.52-2.sl7_9.x86_64.rpm59bac61f4807e35bfe6ffc7571678a2d01c64c5ac838510fa8f318f58ac36bb1subscription-manager-gui-1.24.52-2.sl7_9.x86_64.rpm6fb9aebcc5c57bd532ba287e48d4c86f54096c54d01da06ca6779a2cbc601385subscription-manager-rhsm-1.24.52-2.sl7_9.x86_64.rpm65df3cd12882609a31cb34e044827a64bb72e46c7f0a99ec5a9b62a36431d403rhsm-gtk-1.24.52-2.sl7_9.x86_64.rpmd039aca531355bf6b59cbfe5391109d27d7b4cbf5d60e0c1abbd7b352cf62671subscription-manager-1.24.52-2.sl7_9.x86_64.rpmdc72bb7a68002ce37e74d434c63040b2ee393b29fcf70bdbb4dd9c7a7ccd1570subscription-manager-plugin-container-1.24.52-2.sl7_9.x86_64.rpme9b395154b73f1f202917516bbfa4775d16da753e3ba2ec3deafc44316153c7dSLSA-2023:4766-1Security Fix(es): * cups: Information leak through Cups-Get-Document operation (CVE-2023-32360) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7cups-devel-1.6.3-52.el7_9.x86_64.rpm7c3cbf4cc374bdfd8015361637a8b8a867b5d1fa69bb7beff755640f23f6c0cccups-devel-1.6.3-52.el7_9.i686.rpm5504cec28cb1a1e19235afb9c2c56e02ba69aff292d6eef5d78f8d969419ce01cups-libs-1.6.3-52.el7_9.i686.rpm88297a55377748d2933fc8de089f795e27b3865d49e549e260b3fac7215498c2cups-client-1.6.3-52.el7_9.x86_64.rpm95ca623b83f86e463b49c79bbb19ccec5cf0199fa1ed2271a0e9a2f67148c76acups-1.6.3-52.el7_9.x86_64.rpm5741a6d72fe6c707106827df879c07eb365b69af9fd6eda0c6234f9136df517ecups-filesystem-1.6.3-52.el7_9.noarch.rpm5d1fd0decc17e7916b5d62739789604e57922d2c7b52fd4b12ad62288f188d3fcups-ipptool-1.6.3-52.el7_9.x86_64.rpmad6a544566561c17ed080bcdc740b00c63bc540a587e056c9285079b223826d0cups-lpd-1.6.3-52.el7_9.x86_64.rpm8e901dc27343fab9c1d7dcc25456b2817c574fd7e5fee0e00f157ce6e0b1621bcups-libs-1.6.3-52.el7_9.x86_64.rpm0485f21088d13e839a97117b8bdbc2430f5d0d9120cde06179f95bbc56802dffSLSA-2023:4819-1Security Fix(es): * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788) * hw: amd: Cross-Process Information Leak (CVE-2023-20593) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * nf_conntrack causing nfs to stall * Request to backport upstream commit 5e2d2cc2588b, 26a8b12747c9, and e98fa02c4f2e for SL 7.9.z * Fix soft lockup happens in gfs2_dir_get_hash_table()importantScientific LinuxScientific Linux 7kernel-tools-3.10.0-1160.99.1.el7.x86_64.rpm75fddc94eff778849051cd727cde8d2e2eab9f0dbe25819a1d54dea474ba2419kernel-headers-3.10.0-1160.99.1.el7.x86_64.rpm9480fa13131dc355affd38b22afae1755613b3600b7dfe14699c4747410c227dkernel-debug-devel-3.10.0-1160.99.1.el7.x86_64.rpm28326695252bb7d55df1dbaf43cc0761341058093df41ddfb46502f704eeb00bkernel-debug-3.10.0-1160.99.1.el7.x86_64.rpmfc472728cc201ee91ac0fce414ac4907d6c1ece852952923855f7af882ec7ad9python-perf-3.10.0-1160.99.1.el7.x86_64.rpm4a3bc0876b9b50589d39ff0880f73c65154e7a10a4e70b2c23dee84821f34b77kernel-abi-whitelists-3.10.0-1160.99.1.el7.noarch.rpm9e4dfeb66bac590bd33a26a3790dd3dfddf021f04c63cb11861c56569690d705kernel-3.10.0-1160.99.1.el7.x86_64.rpm823739028f271b72b7c0eb70e840c904a8b2c7fe1a757ebe819051befaac9a4bperf-3.10.0-1160.99.1.el7.x86_64.rpmabce41dd1aee77f661942497306545ac92cb95691348aa373cb66d2ba7ff333ekernel-tools-libs-devel-3.10.0-1160.99.1.el7.x86_64.rpm60f1ab6f6adb06f4d334331206fa7a46354fb75c8c10b467c569acdcd60356f0kernel-tools-libs-3.10.0-1160.99.1.el7.x86_64.rpm7547e301ec4b71ab1cd94b53e76d74b88fcc61a279c782d4e4184374ab2db0cekernel-doc-3.10.0-1160.99.1.el7.noarch.rpm40076f29ea2adeb4fc645a3173cce4ffbd86b82d3feb16cdb794d8db0df3e4f6bpftool-3.10.0-1160.99.1.el7.x86_64.rpm3337d4a5bc9064ab0ff906f5ef8ce2a5f97898ed0755a9d76b507f6797caad8ckernel-devel-3.10.0-1160.99.1.el7.x86_64.rpmcd25d361321788c310c1156e50d2441ae63062eedaf5210068a9261acff274edSLSA-2023:4945-1This update upgrades Thunderbird to version 102.15.0. Security Fix(es): * Mozilla: Memory corruption in IPC CanvasTranslator (CVE-2023-4573) * Mozilla: Memory corruption in IPC ColorPickerShownCallback (CVE-2023-4574) * Mozilla: Memory corruption in IPC FilePickerShownCallback (CVE-2023-4575) * Mozilla: Memory corruption in JIT UpdateRegExpStatics (CVE-2023-4577) * Mozilla: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 (CVE-2023-4584) * Mozilla: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 (CVE-2023-4585) * Mozilla: Full screen notification obscured by file open dialog (CVE-2023-4051) * Mozilla: Full screen notification obscured by external program (CVE-2023-4053) * Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception (CVE-2023-4578) * Mozilla: Push notifications saved to disk unencrypted (CVE-2023-4580) * Mozilla: XLL file extensions were downloadable without warnings (CVE-2023-4581) * Mozilla: Browsing Context potentially not cleared when closing Private Window (CVE-2023-4583) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.15.0-1.el7_9.x86_64.rpm46e739eeccfcee1be1adafb14c695e142b04362af9b6817cbffaed4730cfd694SLSA-2023:5019-1This update upgrades Firefox to version 102.15.0 ESR. Security Fix(es): * Mozilla: Memory corruption in IPC CanvasTranslator (CVE-2023-4573) * Mozilla: Memory corruption in IPC ColorPickerShownCallback (CVE-2023-4574) * Mozilla: Memory corruption in IPC FilePickerShownCallback (CVE-2023-4575) * Mozilla: Memory corruption in JIT UpdateRegExpStatics (CVE-2023-4577) * Mozilla: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 (CVE-2023-4584) * Mozilla: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 (CVE-2023-4585) * Mozilla: Full screen notification obscured by file open dialog (CVE-2023-4051) * Mozilla: Full screen notification obscured by external program (CVE-2023-4053) * Mozilla: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception (CVE-2023-4578) * Mozilla: Push notifications saved to disk unencrypted (CVE-2023-4580) * Mozilla: XLL file extensions were downloadable without warnings (CVE-2023-4581) * Mozilla: Browsing Context potentially not cleared when closing Private Window (CVE-2023-4583) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.15.0-1.el7_9.x86_64.rpm61891cfbf073416bacb946e6277177b91a65036cbce448a4d9487b556e7962f4firefox-102.15.0-1.el7_9.i686.rpma877db6eca1e072036ca6240b94335741438f65df125fbeb18d97deb9d69bd51SLSA-2023:5191-1This update upgrades Thunderbird to version 102.15.1. Security Fix(es): * libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-102.15.1-1.el7_9.x86_64.rpmba267354f3ea78058c39dc9a97779e0b13a6b2171755048856938aa03992073bSLSA-2023:5197-1This update upgrades Firefox to version 102.15.1 ESR. Security Fix(es): * libwebp: Heap buffer overflow in WebP Codec (CVE-2023-4863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-102.15.1-1.el7_9.i686.rpm85ef44035e869811a3f97325047aea5e33af2c1caabda824e7776c13b5ad9d4efirefox-102.15.1-1.el7_9.x86_64.rpmb4551ac8b815861793286454e211a169412783791af0ba5c020e2a9e36f12a88SLSA-2023:5217-1Security Fix(es): * open-vm-tools: SAML token signature bypass (CVE-2023-20900) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7open-vm-tools-test-11.0.5-3.el7_9.7.x86_64.rpm823f5bcaaa0eb97d719b79e3db244c2dd67d202054be1d9caef4383f73acc19fopen-vm-tools-desktop-11.0.5-3.el7_9.7.x86_64.rpm6abe1fc243914c55f8b9c4a529ee935f0c75fb9d8249afd6de81c1b72b9c160dopen-vm-tools-11.0.5-3.el7_9.7.x86_64.rpm5a7d14bd74c028a57867ba8c1d1ba693c9dd4a71176b504fe402adceae895764open-vm-tools-devel-11.0.5-3.el7_9.7.x86_64.rpmb9640d3d9d1264d159ccd03d4dc2a7ebd04170172e455b679e8c2046765becb7SLSA-2023:5461-1Security Fix(es): * ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS (CVE-2021-40211) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7ImageMagick-6.9.10.68-7.el7_9.i686.rpm88d53e3471be404073aacd2022f843d43aa504f504e01aaa542f1dfce7c30ef4ImageMagick-c++-6.9.10.68-7.el7_9.x86_64.rpmf1ef8a6d1457af646a1c6dc6f4c946a41d36b8fc073c2f40982be49691898167ImageMagick-devel-6.9.10.68-7.el7_9.i686.rpmb6bf0c4cc6844c9403adc6d56117609c51ee7422f0d38ee24b914f721b7208a9ImageMagick-c++-devel-6.9.10.68-7.el7_9.i686.rpm1935210bdf75f03b17edbea60aafce80c36c751efbd7e710642bb3f47338a94cImageMagick-c++-6.9.10.68-7.el7_9.i686.rpm2ceb28d62d9233df28ab04ede1331fc5e70c2e1a400e8c179b1a0486b14774d3ImageMagick-perl-6.9.10.68-7.el7_9.x86_64.rpmfb473c30a12109a02292af2b0109fa82b076c6c1868be07bedc1bb9fb743c208ImageMagick-doc-6.9.10.68-7.el7_9.x86_64.rpme66939f63c2e5a10e45ff7583c0f6a5e66a7f2b92e8cf14ac6ef2a3b552b46d7ImageMagick-devel-6.9.10.68-7.el7_9.x86_64.rpm9bd618b50bc740fe658ac25a4e8f4a2d683ccd4104c8c0f84652b388c2b5a03dImageMagick-6.9.10.68-7.el7_9.x86_64.rpm7aed22ca7f0431ae1c663475b14a974c97ff1c8acd8be1903ed9e103c637f3a2ImageMagick-c++-devel-6.9.10.68-7.el7_9.x86_64.rpm554f282b8a2f8ecda2b76fa9b51b4b9e2121579f5e4ca9ff1aeea6576a298136SLSA-2023:5475-1This update upgrades Thunderbird to version 115.3.1. Security Fix(es): * firefox: use-after-free in workers (CVE-2023-3600) * Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169) * Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171) * Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176) * libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7thunderbird-115.3.1-1.el7_9.x86_64.rpm8cab323b2f5657da63859e1c00c841e58c2d089d5cf0fa15633f5065c28579deSLSA-2023:5477-1This update upgrades Firefox to version 115.3.1 ESR. Security Fix(es): * firefox: use-after-free in workers (CVE-2023-3600) * Mozilla: Out-of-bounds write in PathOps (CVE-2023-5169) * Mozilla: Use-after-free in Ion Compiler (CVE-2023-5171) * Mozilla: Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3 (CVE-2023-5176) * libvpx: Heap buffer overflow in vp8 encoding in libvpx (CVE-2023-5217) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVEimportantScientific LinuxScientific Linux 7firefox-115.3.1-1.el7_9.i686.rpm7f4e2228d5d9d2949d16d30256d62fd9bf0ba6b0a2e2d47fe78ce28140e53ef0firefox-115.3.1-1.el7_9.x86_64.rpma4a269e22d3ff050ca22f748f613c9a75f87601b4c6f69dd657bb3e7bef41aa0SLSA-2023:5615The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es): * libssh2: use-of-uninitialized-value in _libssh2_transport_read (CVE-2020-22218) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7libssh2-devel-1.8.0-4.el7_9.1.i686.rpm009dbbbfdc6c1bbc675cce7495a9e81969032fc5c5ae59d06f1e05bd10769440libssh2-docs-1.8.0-4.el7_9.1.noarch.rpm650f40d7ebbeca8d4c1ac5d73e0e22f5a985ad0880700d6681a2bd5ac77d5a87libssh2-1.8.0-4.el7_9.1.x86_64.rpm6f0a7a53236ae0d600edfd672bc8d32fae6195edefd1680fd75ef358115faf10libssh2-devel-1.8.0-4.el7_9.1.x86_64.rpmceafa4b990b4ff47b9232a9544bc5b7396e6d9300a0c4bcdeca6ba4ce1371521libssh2-1.8.0-4.el7_9.1.i686.rpm5a3128e54547a71535b164de231c5b3027ed4ca833aab74478d77d773b81b146SLSA-2023:5616Python-reportlab is a library used for generation of PDF documents. Security Fix(es): * python-reportlab: code injection in paraparser.py allows code execution (CVE-2019-19450) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7python-reportlab-2.5-11.el7_9.x86_64.rpm6aa94a449302c953ce792df4055fc1a3f90f43a4331b8f20449ad3cf5b7372ffpython-reportlab-docs-2.5-11.el7_9.x86_64.rpmcb7cee39beb801352402cce7e897d37a3dd27f7214894296337b6406712eec8aSLSA-2023:5622The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails (CVE-2023-3609) * kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233) * kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Low memory deadlock with md devices and external (imsm) metadata handling (BZ#1703180) * cifs: memory leak in smb2_query_symlink (BZ#2166706) * bnxt_en: panic in bnxt_tx_int Redux (BZ#2175062) * NFS client loop in BIND_CONN_TO_SESSION (BZ#2219604) importantScientific Linux 7python-perf-3.10.0-1160.102.1.el7.x86_64.rpma575dc41a38b86ba6a5810695c921e7619e1e2f3cc851b7191772556c8445fc6kernel-devel-3.10.0-1160.102.1.el7.x86_64.rpm2b3eac029ce5cc3ebe613fd987c2cc5755ed4b779f64aff27e1dfdfb8651771cbpftool-3.10.0-1160.102.1.el7.x86_64.rpmf2ecdcd661c5d2880bc243b18d61eade1612a0fa12d1e2b646f53fc4c481f458kernel-tools-libs-3.10.0-1160.102.1.el7.x86_64.rpm955dfd4ad62fbde7414671c80983250683118e07db34d953eb2b2728dacb38efkernel-doc-3.10.0-1160.102.1.el7.noarch.rpm5c92588d3271e91f0d85560f158e9b6e7b04446a911c436632f0518e2d136901kernel-debug-devel-3.10.0-1160.102.1.el7.x86_64.rpmc8586683d09e71c02c70d426ef7e7968c7685ed3df97d3ae02e6476bac054c26kernel-tools-libs-devel-3.10.0-1160.102.1.el7.x86_64.rpm7a4a9eba9ac8bcd99d3892f35744aa1687f3d631a3841e2e8eb62ed0bfd4874eperf-3.10.0-1160.102.1.el7.x86_64.rpme13f03ef1dbecc2f0401b1d2d37cf13112668a74de4528e3699c9162e000fce7kernel-tools-3.10.0-1160.102.1.el7.x86_64.rpm394b4a4157f66ce62e0972a0a55cce0f9d2db44d925e09490d2810081f0b0d5ekernel-abi-whitelists-3.10.0-1160.102.1.el7.noarch.rpm7b4094d89b5e84246ea6c31607f1f362da35b5932c63d97df6dd14b608238b9ekernel-debug-3.10.0-1160.102.1.el7.x86_64.rpm7ee96c98d694bbd669f5882f922b4b663d951d2fcfe07d7831e4e2e96e9cd8f9kernel-3.10.0-1160.102.1.el7.x86_64.rpm8456ae2be668b8c01e3404760d5c5c20101fe93cc7e475a9add9e165bcb8744dkernel-headers-3.10.0-1160.102.1.el7.x86_64.rpmfac89ec17332ba89ae0a8080edf732968ba6e1e16be9254c43f7a771fce7a164SLSA-2023:5691The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: stack exhaustion in control channel code may lead to DoS (CVE-2023-3341) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7bind-license-9.11.4-26.P2.el7_9.15.noarch.rpm1f2d553f8f24279612612680dbafddface901a6d1452b5d34a6ad88af38757f1bind-export-devel-9.11.4-26.P2.el7_9.15.i686.rpm95f585ef51d565420ddfe4b9dfce1622d3792cbf10af8d2c3f548d9b63d2eb8ebind-sdb-chroot-9.11.4-26.P2.el7_9.15.x86_64.rpm58471fb7e9d0ccf639ac4ebeddc9b966a23875505b5bbf4368e9080cf8c0ae39bind-libs-9.11.4-26.P2.el7_9.15.i686.rpm5df9ba6db0f2f8cc95f80fe842f43c409bd92b8c1a2d765ebfe2c0c6d50701ffbind-libs-9.11.4-26.P2.el7_9.15.x86_64.rpma168ea75edb8a7b39c15699c8febed2520ea1d99df02fa2d5440beaedaceeaffbind-export-devel-9.11.4-26.P2.el7_9.15.x86_64.rpmb32d0d507b984496b55516e0ec02eeae22030905f6ef8b74080722f0adde637bbind-devel-9.11.4-26.P2.el7_9.15.i686.rpme6650a58dc11021770d67bb32617b4c04540d9df62c721351acc7726ece9d3bbbind-pkcs11-utils-9.11.4-26.P2.el7_9.15.x86_64.rpm4eed10bb667dfc4971c95d9d93ade897fe93c4e7d221b8393462eee7501e150cbind-pkcs11-libs-9.11.4-26.P2.el7_9.15.x86_64.rpma705ea82b76f5ecd7c4632abc398745bad874d9cf14e0a674fe2cb9e1e1d6644bind-9.11.4-26.P2.el7_9.15.x86_64.rpmba891837c78bb03773d1b1e143a6769cefab02d2de47807948e69b783a397df4bind-sdb-9.11.4-26.P2.el7_9.15.x86_64.rpm6513a176e8b138a53fceecbe776c3b65ea4f31f8335eb485cb3334f05093fcb6bind-pkcs11-devel-9.11.4-26.P2.el7_9.15.x86_64.rpm06992c1c6d9fa589d842073956eee1be92738fbd0b353a7e3b67774051cb42d3bind-utils-9.11.4-26.P2.el7_9.15.x86_64.rpmb10a650abea629a5b6e188287df5a45bc11e4147ea40dd087fe5d7c498183260bind-export-libs-9.11.4-26.P2.el7_9.15.i686.rpme1502396e3614ad3a8c7e51b30ad949380482473a8260a9391252c04c20c200ebind-lite-devel-9.11.4-26.P2.el7_9.15.i686.rpm4d7662bc5de69a43871484c65c73012998fb326d2e1cc770fb35ae5fffd5e995bind-export-libs-9.11.4-26.P2.el7_9.15.x86_64.rpm35fbd8117dfd541a110aaa5a30912cd15872f4701d9ce9e1e4dad76ad0f6d6bbbind-lite-devel-9.11.4-26.P2.el7_9.15.x86_64.rpmff3504db59f1af9765994d69f88c383447c70bf6ba23d3775d061be66e631191bind-chroot-9.11.4-26.P2.el7_9.15.x86_64.rpm1b044d428ce288b1b20083566f75f11524349db9fd060aae6b4ea7df2dc3ff4fbind-pkcs11-libs-9.11.4-26.P2.el7_9.15.i686.rpm6f4720e6664eab7dc8c0b9d43b52c1c577e2bcee1336234ab36079cefb81a7cabind-libs-lite-9.11.4-26.P2.el7_9.15.x86_64.rpm076d2419997ecf088330d9c732e699549026def60522c69730109edc94bb4f2ebind-pkcs11-devel-9.11.4-26.P2.el7_9.15.i686.rpm715efff7432a568ce183f654b9f4c69350cd92adaec5bef9ddebb74d29a9de10bind-pkcs11-9.11.4-26.P2.el7_9.15.x86_64.rpmbfac0bd5c2364efc678b08c266cee4929ec9b582f7c50a80ace8ffb28ac46738bind-libs-lite-9.11.4-26.P2.el7_9.15.i686.rpm51bfe6c18c927b4aa3922c703401d708be836b3bbb7d485f136e374abf132a67bind-devel-9.11.4-26.P2.el7_9.15.x86_64.rpm9bc7a0fda0b7aad5df7f421582b7fe6f585daf922054aecccb961c1122878d2aSLSA-2023:5736The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Additional validity checks in the handling of Zip64 files, JDK-8302483, were introduced in the 11.0.20 release of OpenJDK, causing the use of some valid zip files to now fail with an error. This release, 11.0.20.1, allows for zero-length headers and additional padding produced by some Zip64 creation tools. With both releases, the checks can be disabled using -Djdk.util.zip.disableZip64ExtraFieldValidation=true. (RHBZ#2236229) * A maximum signature file size property, jdk.jar.maxSignatureFileSize, was introduced in the 11.0.20 release of OpenJDK by JDK-8300596, with a default of 8 MB. This default proved to be too small for some JAR files. This release, 11.0.20.1, increases it to 16 MB. (RHEL-13217) * The serviceability agent would print an exception when encountering null addresses while producing thread dumps. These null values are now handled appropriately. (JDK-8243210) * The /usr/bin/jfr alternative is now owned by the java-11-openjdk package (RHEL-11320) * The jcmd tool is now provided by the java-11-openjdk-headless package, rather than java-1.8.0-openjdk-devel, to make it more accessible (RHEL-13227) moderateScientific Linux 7java-11-openjdk-debug-11.0.21.0.9-1.el7_9.x86_64.rpm852d5ebdda7e6e0a361e70d04a503a6103768771503e8bfd5106681681622faajava-11-openjdk-devel-11.0.21.0.9-1.el7_9.x86_64.rpm31573a285a0ce978a16cd2c795a604c932b450d1b870ff837c33674d71d21c44java-11-openjdk-devel-debug-11.0.21.0.9-1.el7_9.x86_64.rpmd5958af0dfdc7c5b371b50cbbc421223629494c767cd923987398b82b7dd5a47java-11-openjdk-jmods-11.0.21.0.9-1.el7_9.x86_64.rpm83585a3bbadda28e6c98442d96aeb494f16729be4b77d8c9e5d25bbafdf96187java-11-openjdk-javadoc-11.0.21.0.9-1.el7_9.x86_64.rpm65299f6ccbee7059e1542ca7db8d3e8f4885c2e26734d3a3a1ccb76529d2cd64java-11-openjdk-src-debug-11.0.21.0.9-1.el7_9.x86_64.rpm99a2016d3f40a3ccd73128756b22f143a8b9cfcf585acb5ed46b81468717af8cjava-11-openjdk-headless-debug-11.0.21.0.9-1.el7_9.x86_64.rpm2f1424773b3bf97109decbfbce83982ef90361700ca9bcd4e6c483ff7abfdd65java-11-openjdk-headless-debug-11.0.21.0.9-1.el7_9.i686.rpm867892df7b5ab9817c033f87d563690c8decdd9907f0932f66ad4827115b8394java-11-openjdk-devel-11.0.21.0.9-1.el7_9.i686.rpmeef4f88bea160aa6f3c213e3a3f8ffb7505ba8deacbde9871ea272046d1770d9java-11-openjdk-jmods-debug-11.0.21.0.9-1.el7_9.i686.rpm2b789ee027e297e9f6070c80624d1710aa44a1186f3d9ea81156ba947af7c62fjava-11-openjdk-javadoc-zip-debug-11.0.21.0.9-1.el7_9.x86_64.rpmf7a2f24c0a950cd6be1535aefb47f15088778c8a20a4323b69874539a109fcf0java-11-openjdk-javadoc-debug-11.0.21.0.9-1.el7_9.x86_64.rpm7dd0a1317bb451d71bf25e6898de171800448281ad5865fac3aba2361ab4797ejava-11-openjdk-src-debug-11.0.21.0.9-1.el7_9.i686.rpmef60fc8284635089a6a4e90a3daa4f7568066e984c8a935e3b4c7911df3fe7e4java-11-openjdk-static-libs-debug-11.0.21.0.9-1.el7_9.x86_64.rpm73236b4177b331b6182ded512b3964293092c169af420ff89e0d1ea0c0894d5ejava-11-openjdk-demo-debug-11.0.21.0.9-1.el7_9.x86_64.rpm83b5369cb37704d4e8c55b13b69c71835e5cc208df9b266211dcff06d9dd8010java-11-openjdk-src-11.0.21.0.9-1.el7_9.i686.rpm3fbd264abeb17ed7058526340788bdd44ed40eee3cd6a3c2d9b66a2dcb3fe4adjava-11-openjdk-11.0.21.0.9-1.el7_9.x86_64.rpmca02127332588becfad797011fbeee87663499d1d05caea52f61697392e69cf8java-11-openjdk-javadoc-zip-11.0.21.0.9-1.el7_9.x86_64.rpm9b7f0e8d335fd74f8cda722e4cc0e1fc3c7afc98c03dae7b7982cb1fede98301java-11-openjdk-jmods-debug-11.0.21.0.9-1.el7_9.x86_64.rpm27fe7c8fa43755c6207dfb71ab365fdba13452d5d08a16b8282eeaaac791eacbjava-11-openjdk-devel-debug-11.0.21.0.9-1.el7_9.i686.rpm79d52c2faa70d6c36fe8db4c76d02c669be81949390abb2bbb2eec606adfc1f1java-11-openjdk-static-libs-11.0.21.0.9-1.el7_9.x86_64.rpmcbdd1d4c981960e812db20fc18392044094608c8aa47d1797342dc1fbaf647dcjava-11-openjdk-demo-11.0.21.0.9-1.el7_9.i686.rpm17b85cd96008ab269b824ad60eb2387310af37ef49ff057620299647190fd6cajava-11-openjdk-javadoc-debug-11.0.21.0.9-1.el7_9.i686.rpmc87e82c8da8b407bd91a6b8c354ad494e4866a636fc9d58b6f5b7888279aaa53java-11-openjdk-jmods-11.0.21.0.9-1.el7_9.i686.rpm532b08c6ba673d428336e8cad5d42ce0de15065f218a93190949fddf858060ffjava-11-openjdk-javadoc-zip-11.0.21.0.9-1.el7_9.i686.rpm70170123103b1590d4a9330b995f642a10d677ec34ca872adb927d829bdcebbdjava-11-openjdk-debug-11.0.21.0.9-1.el7_9.i686.rpm88a4f0f227ded151ac7a1aa4ab1e538f2cc8314eef93b08bc14681e148db3732java-11-openjdk-javadoc-11.0.21.0.9-1.el7_9.i686.rpmf5cf09cf91f67fa17b9023ea064e84edb5915a6e5958cfb3450b5a77ac2c9d49java-11-openjdk-src-11.0.21.0.9-1.el7_9.x86_64.rpme602c08e8604c159064411ae0655ee92d7b6422abbef5c7a13e27fc2ee92dc8ejava-11-openjdk-11.0.21.0.9-1.el7_9.i686.rpma16956c879fd4befa343beb4eb1af596f2925cdaa0a5b6fb03a364593a9ed314java-11-openjdk-headless-11.0.21.0.9-1.el7_9.x86_64.rpm0569be2009302b5f1b9d2728285d563a1d031340591b2054384502482a17e1a5java-11-openjdk-demo-debug-11.0.21.0.9-1.el7_9.i686.rpmd6469bf88d85c6c3a1e20039bda579eec4957c26e68e223d554cb82bbf0774f7java-11-openjdk-javadoc-zip-debug-11.0.21.0.9-1.el7_9.i686.rpm451678b8e4f2b5e8f619def5c5b2f079f2e68683c07db695bddccfa0200f0e71java-11-openjdk-headless-11.0.21.0.9-1.el7_9.i686.rpmb9c4db2d2ae4a6d14d207725a0914da14ad214c0ca4081436debbf9441af8011java-11-openjdk-demo-11.0.21.0.9-1.el7_9.x86_64.rpm6b64894d3055d23192b286d5a29f1dbaa42b94c0639a14aee9e48e6d908067bfSLSA-2023:5761The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067) * OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * A maximum signature file size property, jdk.jar.maxSignatureFileSize, was introduced in the 11.0.20 release of OpenJDK by JDK-8300596, with a default of 8 MB. This default proved to be too small for some JAR files. This release, 11.0.20.1, increases it to 16 MB. (RHEL-13576) * The /usr/bin/jfr alternative is now owned by the java-1.8.0-openjdk package (RHEL-11319) moderateScientific Linux 7java-1.8.0-openjdk-debug-1.8.0.392.b08-2.el7_9.i686.rpm6d4e5f1ff90bc3c870c319b24b7cdbd0581bf1884eeee55a3a867103989da885java-1.8.0-openjdk-demo-debug-1.8.0.392.b08-2.el7_9.x86_64.rpm7b531fc824bc53d0abb38ba0e791591b64025ea9089eaa65ff216419a6197b46java-1.8.0-openjdk-debug-1.8.0.392.b08-2.el7_9.x86_64.rpm4b7ee7cb710573dbea4fb24a1c749a2b9434f35bb36626d86a8a59ecc96fdf70java-1.8.0-openjdk-accessibility-1.8.0.392.b08-2.el7_9.x86_64.rpm8951375cb2e20465100207c6130e226777bfce5762d57b3223467d98f2aedaa7java-1.8.0-openjdk-headless-1.8.0.392.b08-2.el7_9.i686.rpm0ff901d0c87829836df0499cc8f050a7c78aab35a06ed4bdeb4822feea48ec25java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.392.b08-2.el7_9.noarch.rpm8bde934721aa324b5b9764220e0c1b962de3f0855fe5e23b3a5dbd585bd704e3java-1.8.0-openjdk-demo-debug-1.8.0.392.b08-2.el7_9.i686.rpm26d16630cfa11ac24776e2b350acda9a0a37b984a14d9fe092f79a94e23e691bjava-1.8.0-openjdk-javadoc-zip-1.8.0.392.b08-2.el7_9.noarch.rpm634b546eed00b6c45a2840094ba4420ec53b8c3de17c653d20d8a988dc9b84c7java-1.8.0-openjdk-headless-debug-1.8.0.392.b08-2.el7_9.x86_64.rpm3c97d5503a057f4f3c9b0f824ba80233b203a547b12643351a388d5cfc8ca5efjava-1.8.0-openjdk-src-1.8.0.392.b08-2.el7_9.x86_64.rpm2b7ca53c76ffc6276f180e58660b5ac5001598d6c8065f75813d0623850e353bjava-1.8.0-openjdk-devel-debug-1.8.0.392.b08-2.el7_9.x86_64.rpm5cd42567e4d7a4f162c012cf15c361cc029ea6600566e5d92133824af9c4cdbcjava-1.8.0-openjdk-demo-1.8.0.392.b08-2.el7_9.i686.rpmc60dba6b1acc4e87d7e438c23c5c580b6eb35568518b8b4e85cd5150ac9aa13bjava-1.8.0-openjdk-src-1.8.0.392.b08-2.el7_9.i686.rpm79007f62ab4acc856f5c43abe124c3bfaa357cb9a3eddf7a495e20b322a61d54java-1.8.0-openjdk-1.8.0.392.b08-2.el7_9.i686.rpm519a0eb6d8b1904eb1654b9d3629bf6602005d4f48cb753c5b3f7f1030d4b0bejava-1.8.0-openjdk-accessibility-debug-1.8.0.392.b08-2.el7_9.x86_64.rpm8bcb60f5f3ae465e3b17b6909719e446f3d8adaba73bfed62cd66c95ec743b91java-1.8.0-openjdk-javadoc-debug-1.8.0.392.b08-2.el7_9.noarch.rpmf4362e1341e135258824db551a80726f36017494058809085f93b2c69db69449java-1.8.0-openjdk-1.8.0.392.b08-2.el7_9.x86_64.rpm4f87d75a902f3896ae48e19f294116d334a09d032d925c4377cebf534b7c3bb0java-1.8.0-openjdk-headless-debug-1.8.0.392.b08-2.el7_9.i686.rpmd5ed498c8a3b53ec876d437bf2b245542e10de259dd96b786e1d91a0b4229873java-1.8.0-openjdk-accessibility-1.8.0.392.b08-2.el7_9.i686.rpm2efe8409b7d03beac4ebd8b78af58260d081ba1ff32fac107cf0ff2d4ead4c67java-1.8.0-openjdk-devel-1.8.0.392.b08-2.el7_9.i686.rpmac9c0d53c1758d6d034d7f7239a2880d166ae8826ed99ea84d6ee622894f58e6java-1.8.0-openjdk-devel-1.8.0.392.b08-2.el7_9.x86_64.rpmf506e6ef5df5605321d537f68ff40d42d711a6f209d68556661d5e2a3c719eaajava-1.8.0-openjdk-accessibility-debug-1.8.0.392.b08-2.el7_9.i686.rpm47777a46061d05d7fc4a847b92468c40a80dcd64e4f8568e50c4cd67eaa60a31java-1.8.0-openjdk-javadoc-1.8.0.392.b08-2.el7_9.noarch.rpmd6086529ae7184f6ec7febbe66827324e584b18ad408731b120628934aab753bjava-1.8.0-openjdk-src-debug-1.8.0.392.b08-2.el7_9.x86_64.rpmff953990d41ff63f07054e8d929eb6e417835271f48fa6e9c67eb22bc65928f4java-1.8.0-openjdk-src-debug-1.8.0.392.b08-2.el7_9.i686.rpmd634bf2b90dd1b8177b18892fdb09d02ba538cf1810c5ec84d01aa5170293661java-1.8.0-openjdk-demo-1.8.0.392.b08-2.el7_9.x86_64.rpm929ca13dd5b34103354a198b3a1734d85fb4db61b2e3e4f1025a2fc4baefb9c0java-1.8.0-openjdk-headless-1.8.0.392.b08-2.el7_9.x86_64.rpm4083134d733b18d2b411902de71ee6684bdd9f719b2bab0e490ba3810f0e8acbjava-1.8.0-openjdk-devel-debug-1.8.0.392.b08-2.el7_9.i686.rpm5117393083e60828018763fbccd46a6ec79b4761d11e92c2927edf5a9817a79aSLSA-2023:6162Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.4.0 ESR. Security Fix(es): * Mozilla: Queued up rendering could have allowed websites to clickjack (CVE-2023-5721) * Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4 (CVE-2023-5730) * libvpx: crash related to VP9 encoding in libvpx (CVE-2023-44488) * Mozilla: Large WebGL draw could have led to a crash (CVE-2023-5724) * Mozilla: WebExtensions could open arbitrary URLs (CVE-2023-5725) * Mozilla: Improper object tracking during GC in the JavaScript engine could have led to a crash. (CVE-2023-5728) * Mozilla: Address bar spoofing via bidirectional characters (CVE-2023-5732) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7firefox-115.4.0-1.el7_9.x86_64.rpma2818ee16f2bfb49528f3b587a82a53d82d9f516d64e9f27e4e63949ed6ead0cfirefox-115.4.0-1.el7_9.i686.rpmc464ce10d380ecde30caa7b063c2748fa296105fd15a56027d421fafe3f01c5dSLSA-2023:6193Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.4.1. Security Fix(es): For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7thunderbird-115.4.1-1.el7_9.x86_64.rpm4f12854f23f8507d9d17cd74099d024209bb120fc19de04179bb106de2b5f4fdSLSA-2023:6802X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7xorg-x11-server-Xnest-1.20.4-24.el7_9.x86_64.rpm8b3af76b71595eafb3bc9e2357ae8f623eb7423afb54d8d73e655cf62dd808abxorg-x11-server-Xephyr-1.20.4-24.el7_9.x86_64.rpmf9b4df66849c9cc337987ce2622fa0ab9a8c46dda81aefd4d0ea9aa97c307c7exorg-x11-server-common-1.20.4-24.el7_9.x86_64.rpm1c89d6eb315ad483c31508533e687d1886a5ac9f57027d6c3c4cb64f2bcedf88xorg-x11-server-Xvfb-1.20.4-24.el7_9.x86_64.rpmdd61c82ae5cdd1ef658d696d111e1924727a8253be6b5905944ae86e34381783xorg-x11-server-devel-1.20.4-24.el7_9.x86_64.rpm85a7f65d174bf3a9d3be9759e63fa4770c1d49af7c2b2e821c07b370e766d381xorg-x11-server-devel-1.20.4-24.el7_9.i686.rpm75848218f62955bc8d5de3dea78d57d0c7e8a363d2126c2fa154ee40db68ac9fxorg-x11-server-Xwayland-1.20.4-24.el7_9.x86_64.rpma7658c5cc062175358e0b62294a8999b0327f5d1f60ff76b58c4684e489fb916xorg-x11-server-Xorg-1.20.4-24.el7_9.x86_64.rpmb529043f249d8d59b71689536112144a2b460d400e0eabf614db73c2f90c30ebxorg-x11-server-Xdmx-1.20.4-24.el7_9.x86_64.rpm08309adbef8892114d0d25caccb90286fb43ff27a8c8c93d53e71ac76c6b5a93xorg-x11-server-source-1.20.4-24.el7_9.noarch.rpm1846a73cc6684722f4bfcf6da7d2b6658bf132ac87414e2432e8d25b86ca5505SLSA-2023:6805Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): * squid: Denial of Service in HTTP Digest Authentication (CVE-2023-46847) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. criticalScientific Linux 7squid-sysvinit-3.5.20-17.el7_9.9.x86_64.rpm215cd76ccdf876aba2684bea20ee92b1b8e95e92e092dbb9eb2e24cd2d61cb9dsquid-3.5.20-17.el7_9.9.x86_64.rpmd9400d537dffeb41d81419bb5a6de65cceac4c2cfcafcbcc36519e0880e4a60fsquid-migration-script-3.5.20-17.el7_9.9.x86_64.rpm693170496ba38a2921ad1cb175cf751dc80ec6fb94e7f444747e6e6aa866cf66SLSA-2023:6823Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: TLS handshake bypass (CVE-2023-40217) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7python3-idle-3.6.8-21.el7_9.i686.rpmd7db2cdbb53476bcd10b225cf13884b9c299ef8fb5193a3abbf719e9fcd1e5c5python3-devel-3.6.8-21.el7_9.x86_64.rpm44c4e07a148f340dd3fc28d49493897663eb3f715ca54d8bcfaf17b4098106d9python3-3.6.8-21.el7_9.x86_64.rpm399a05764db67bc42803f45bb1b1b9133ebec0ea4140a6592d811e787f5eafc8python3-3.6.8-21.el7_9.i686.rpmfdcc1331f8c544a07788a0de89bf6181901458deac5b6eb506282f8637672f5cpython3-libs-3.6.8-21.el7_9.x86_64.rpm07b358ba123d2092e863ad59356750f8a6b69242c2941651e6e05f65070ecf1bpython3-devel-3.6.8-21.el7_9.i686.rpm0a91791ffb00ea9c47b1ff8e4611adf9887a58dc50276b6f60770f0cc764fad5python3-debug-3.6.8-21.el7_9.i686.rpm7d01ff505a3b881128ff44ad0e889ac1be03d859366fb033096dfa17438fc063python3-test-3.6.8-21.el7_9.x86_64.rpm003c6c9c7020b4c7692c2c1c69cca45f48cf8a3c25e191b468b87bee36d73ca7python3-idle-3.6.8-21.el7_9.x86_64.rpmf20da14ddb766b44e71d481c3d622a541f9d744d2e2f4886e78f3e6fea63706dpython3-debug-3.6.8-21.el7_9.x86_64.rpmd9e4f392ed5495d446a99746a8dcb296d542ab66f9b30892168b1ff0a841c1e0python3-tkinter-3.6.8-21.el7_9.x86_64.rpmcb7dc766ba29afe689685ec4027d4218f2f3741409027162e8b129617942fd08python3-libs-3.6.8-21.el7_9.i686.rpm4c538f38c63d09975be3e3665a9eb615a5ba026664e6904beebcb6cdad32439fpython3-tkinter-3.6.8-21.el7_9.i686.rpm7911bfb953c2e1231eee3b516010f4dbefb5bff7d05dde735b844d64744b0f1bpython3-test-3.6.8-21.el7_9.i686.rpmf751495dad7bae107ae8919706d9e764fdb53654e81a5f33aca49726c6ef2d54SLSA-2023:6885Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: TLS handshake bypass (CVE-2023-40217) --- This content is derived from https://access.redhat.com/errata/SLSA-2023:6885importantScientific LinuxScientific Linux 7tkinter-2.7.5-94.el7_9.x86_64.rpmb5b12bc491c983056da3d1bdf7a91feaa35bfa4efd8a905df65b2b9d575cb3e8python-devel-2.7.5-94.el7_9.x86_64.rpm7c8420d15e676e7537aa0c3a8583b385f774ca4f3d4b672d9375ad456373beb3python-debug-2.7.5-94.el7_9.x86_64.rpm6237b6e4118e2a52df74dab852be4a7bdb1939ad74bb4dcd67047203cd1fbdffpython-test-2.7.5-94.el7_9.x86_64.rpm52990a46e591ce98221560cfe2f7a892b9569c43b81c27e4d5b3ac8cb9711ae8python-libs-2.7.5-94.el7_9.x86_64.rpm4cc413074240bc16ce253acf8d95c1b13cb2488bb26346231fc3608c3518c367python-2.7.5-94.el7_9.x86_64.rpm3dc36426859b8749f3533a2417d688a30c7046388dc97788081ee1d3a862fa50python-tools-2.7.5-94.el7_9.x86_64.rpm92eb690460d473bc548c0e792d41f57cf478f33857589c4f9d3d53abfa40fd30python-libs-2.7.5-94.el7_9.i686.rpm1036daab80d95a984294968dd161f04ef98733546f39e22485bdfaa75a905b48SLSA-2023:6886The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can utilise component-oriented programming to build modular, reusable components that can easily be assembled and reused. The plexus-archiver component provides functions to create and extract archives. Security Fix(es): * plexus-archiver: Arbitrary File Creation in AbstractUnArchiver (CVE-2023-37460) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7plexus-archiver-2.4.2-6.el7_9.noarch.rpmd4c40b7fcd518ff9c13322420bd4e38055be3009a0bc846abb5e604a27abddceplexus-archiver-javadoc-2.4.2-6.el7_9.noarch.rpm427b6286b12481cfd22c1f1d8857aee030e72469a4d5e1343b77fd0bf028e2c4SLSA-2023:7279The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fix(es): * open-vm-tools: SAML token signature bypass (CVE-2023-34058) * open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper (CVE-2023-34059) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7open-vm-tools-test-11.0.5-3.el7_9.9.x86_64.rpmd3c481bf0ca3f463f9c194381f37b1aa29795ae5b2a16d6bf93066b1dcc3e299open-vm-tools-desktop-11.0.5-3.el7_9.9.x86_64.rpma8808cfcef5c51215d5a6859ac8970fece174ce74b28d00b3fdb3b9b4c5fddb7open-vm-tools-11.0.5-3.el7_9.9.x86_64.rpmd178a2ea870f10652fcbe438a7d80518b3e263596e90e6e3ac78ce786c60162eopen-vm-tools-devel-11.0.5-3.el7_9.9.x86_64.rpmb894408477d4d6e9d7bbf1ac573dd8ce2b91745916e216fa276749d9bb15c816SLSA-2023:7423The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead (CVE-2023-3611) * kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function (CVE-2023-3776) * kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208) * hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7kernel-tools-3.10.0-1160.105.1.el7.x86_64.rpm2626b9dfed1509c5d518ab7f6c6aafdc2ac1003e85a7a341680dbf082eb675delinux-firmware-20200421-81.git78c0348.el7_9.noarch.rpmdf92d3c5083d8aa8892d0c60397f4e5ed92f19b8e1cb20967370262dc6513906kernel-debug-3.10.0-1160.105.1.el7.x86_64.rpm529ccc3acba2d1f77afe89b0e91415cf2df73c41a2fc65cf81cd93e6412f4dd2kernel-tools-libs-3.10.0-1160.105.1.el7.x86_64.rpme0d906e1caf586eeb54910cd1ab6941fc9188f6f87644ca7e944614102be189dkernel-debug-devel-3.10.0-1160.105.1.el7.x86_64.rpmef9efb4624b6383bf095ea126f9c83db7e2d75c24641d224f821f315e1ce52b9kernel-tools-libs-devel-3.10.0-1160.105.1.el7.x86_64.rpm6c01fddfc2f36476e1615b0037ab28f12c8b23d55570d44fd276f09ba30c9806python-perf-3.10.0-1160.105.1.el7.x86_64.rpm59b5a6771869a09d85d43c7899cdd647e6d6f1a44d252c140747089c1d7c9e6fkernel-headers-3.10.0-1160.105.1.el7.x86_64.rpm5ade4d77f73184c7baf9df4f1a6bf22a1a19813ebcff5c24561c9631c104611fkernel-3.10.0-1160.105.1.el7.x86_64.rpm17f6ff299f9ee45086367edcb5312448b91b08287558b87397e3adda04189482kernel-devel-3.10.0-1160.105.1.el7.x86_64.rpm6dbe2b4a6bbc85bc3526043ccc99b836dc91f22c4f70b35ce9177f908a219f0fperf-3.10.0-1160.105.1.el7.x86_64.rpm44f8e68a25de3ca31ab898319a0768308bf36a22ebe83aa04855d0f77f572249kernel-doc-3.10.0-1160.105.1.el7.noarch.rpmd9a95a80164f06a428809429fc003aa85748cdcd17e4d2df6d5e56ebe7104470bpftool-3.10.0-1160.105.1.el7.x86_64.rpm194c7f40dbdce9e5ad2d9e9ac561404c7e38531b1de65216289fefaf22857bf0kernel-abi-whitelists-3.10.0-1160.105.1.el7.noarch.rpm91b1b60b76eed2a552f5780def812b0b560ac6053d08ce4de2f200898c4506f6SLSA-2023:7428Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): * xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty (CVE-2023-5367) * xorg-x11-server: Use-after-free bug in DestroyWindow (CVE-2023-5380) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7tigervnc-1.8.0-26.el7_9.x86_64.rpm998439e463a45278039ae8c8d47baeaf104aadf5ae3e203f1e6e63dd74787c64tigervnc-server-minimal-1.8.0-26.el7_9.x86_64.rpm7b1cdc67c45fb5b81f7323467f567268cea46b944ecc148c8fd33ba14cd59ceatigervnc-server-1.8.0-26.el7_9.x86_64.rpm1d138a871600959bbe9892e61b525cfa71389c2e40afb487bffe47c94cba0450tigervnc-icons-1.8.0-26.el7_9.noarch.rpmef6956ab3eaa71c40204278fba657f27c0e11df730a3f7847c3c640946ce5e72tigervnc-server-applet-1.8.0-26.el7_9.noarch.rpm996d53bf0fdc75fd9c57dc7de4e7147fc276b8554bad6d70847605d3abcd1565tigervnc-license-1.8.0-26.el7_9.noarch.rpm2aa6154d19d1ed9182e8c3b9d302b06424744ff0679ec404402d90d42ec0dc59tigervnc-server-module-1.8.0-26.el7_9.x86_64.rpm382433626ff6aebd55f5916957ee588933b97e128b2426a81a0bc9879d476b12SLSA-2023:7505Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.5.0. Security Fix(es): * Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204) * Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205) * Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206) * Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207) * Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212) * Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208) * Mozilla: Incorrect parsing of relative URLs starting with "///" (CVE-2023-6209) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7thunderbird-115.5.0-1.el7_9.x86_64.rpm5db75bde8daaf46ff7868d3752016f4d526c9070257c816e496b8b854328f66fSLSA-2023:7509Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.5.0 ESR. Security Fix(es): * Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer (CVE-2023-6204) * Mozilla: Use-after-free in MessagePort::Entangled (CVE-2023-6205) * Mozilla: Clickjacking permission prompts using the fullscreen transition (CVE-2023-6206) * Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer (CVE-2023-6207) * Mozilla: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 (CVE-2023-6212) * Mozilla: Using Selection API would copy contents into X11 primary selection. (CVE-2023-6208) * Mozilla: Incorrect parsing of relative URLs starting with "///" (CVE-2023-6209) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7firefox-115.5.0-1.el7_9.i686.rpm58b1191d09f569ca50c90861a01fcc770c6b2e028dc183df026135250539e2d1firefox-115.5.0-1.el7_9.x86_64.rpmba1012b0871603647ec5923b92aab013438b1e5103c8071e806fda840e612157SLSA-2023:7513The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569) * hw: amd: Cross-Process Information Leak (CVE-2023-20593) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7iwl2030-firmware-18.168.6.1-81.el7_9.noarch.rpmc80b56035c2231f62f39e828347adff98e06df09a972f4abe7ea09ec48259624iwl1000-firmware-39.31.5.1-81.el7_9.noarch.rpm0f34e9c6569a174840bda606a5788431fc09bd24adf91d82b80c4d1f2eb54dd7iwl135-firmware-18.168.6.1-81.el7_9.noarch.rpme5e3bab7f8f5589ee6a17eb313d12254953c3c21f63a08826d85ec2020d55284iwl5000-firmware-8.83.5.1_1-81.el7_9.noarch.rpmfc1ce06c78cdd48debb695745efea63eaad5284f2699eefc719d12c167fb2fd9iwl7260-firmware-25.30.13.0-81.el7_9.noarch.rpma23ab5114a38337497f7bf572b518395bb7f162859fbdef592c104cacb74004aiwl4965-firmware-228.61.2.24-81.el7_9.noarch.rpmd03d86d600173989e9041041e9a468b2290325fbaf25ffd822609e233931fc8aiwl6000-firmware-9.221.4.1-81.el7_9.noarch.rpm162f3331cb3d5e64a061141c3a9e2f322f6fbb1e12d0b1a9fd931a5a9fee4e16iwl2000-firmware-18.168.6.1-81.el7_9.noarch.rpmae840c8717376e1d523b22f2386ec667ca1b635aba1fb6e20ae732da6869d05aiwl3160-firmware-25.30.13.0-81.el7_9.noarch.rpm41525ac7e6724bd4c9ea6831ded4b7866e8af5eaa7d0159d2517aa687d477209iwl100-firmware-39.31.5.1-81.el7_9.noarch.rpm8a7bf5a100adddff48301066d9cf50ba07dc49e8fe3e878c051ea4f2615fb170iwl6000g2a-firmware-18.168.6.1-81.el7_9.noarch.rpm723dba92e8f1c1c00498793b267d9c14e7e556ec0e01c597782dd1c8db999ddbiwl6050-firmware-41.28.5.1-81.el7_9.noarch.rpmb4f6feadde05b546328da0e0f2eb3559b34308e6170986220ff367fd99a12f54iwl105-firmware-18.168.6.1-81.el7_9.noarch.rpmb879c2d7580862a690a51ae3a181e5d5776ac19aa212b674d0f807623a296ee5iwl6000g2b-firmware-18.168.6.1-81.el7_9.noarch.rpm600345a505c735c250632a3d57da21b4e200e7a2f44e42edb6d58ab796366391iwl3945-firmware-15.32.2.9-81.el7_9.noarch.rpmface3fe8de08de6afc25fb51bd5b178813993c0a452d2767363b9ac2ae652f71iwl5150-firmware-8.24.2.2-81.el7_9.noarch.rpm1e9c0a37d2b6a5b32105e6b1de05ed59d775eb38340533b2b6c71774c38d6460SLSA-2023:7743The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: Use-after-free triggered by an HTTP proxy deny response (CVE-2022-43552) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. lowScientific Linux 7libcurl-devel-7.29.0-59.el7_9.2.i686.rpm498441bce0334939d92470989ef0bf8e02a2083d5797b49d89fc415356ca0cfelibcurl-7.29.0-59.el7_9.2.i686.rpmc7e5a1ff315c48a648de2d245401e7fec04c6eb5a9b8eb59a726d1e8c90de1cflibcurl-devel-7.29.0-59.el7_9.2.x86_64.rpmb3aa7055b00066c3754a1704e4ef12dae91b8b2e25ab5e8e9d27459db17d0036curl-7.29.0-59.el7_9.2.x86_64.rpmb1d71a1adf87744cfbd15084b3f7a06e72d51c58118ed7b6224ae5b4505723aalibcurl-7.29.0-59.el7_9.2.x86_64.rpmc52b5493c22bcb5e3b7995c1aebf4ba1b005ac1d65a61f4074146b2b03779792SLSA-2023:7783PostgreSQL is an advanced object-relational database management system (DBMS). Security Fix(es): * postgresql: Buffer overrun from integer overflow in array modification (CVE-2023-5869) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7postgresql-contrib-9.2.24-9.el7_9.x86_64.rpm741a1dae7293037727b600dba20c327722f4b1df3b95c135b03aefcbebd87a3cpostgresql-plpython-9.2.24-9.el7_9.x86_64.rpm44d0882ae7e3b0682c6b3abd5a980a150f2938d1aa1dae66e1119e429cd09124postgresql-test-9.2.24-9.el7_9.x86_64.rpm9845a8aaad4bceea3ee21d571fc84ecd3aa61f1308260c42cf0954c4c519a0bdpostgresql-static-9.2.24-9.el7_9.x86_64.rpm295fc83d94836a9f03421dd47666204ed6588016a9b4bf408d1a48654d1ac0ddpostgresql-libs-9.2.24-9.el7_9.x86_64.rpm5588f9ad921a40763be94440941d88fceb1d546fc6f7137bfe104067579780ddpostgresql-docs-9.2.24-9.el7_9.x86_64.rpm9086c9558b5b164b54dbf963a0237d3bab03a30db662d100adcfb72bd267f211postgresql-9.2.24-9.el7_9.i686.rpma48fad0888f1b99f77b9983c25cf914cedc9362001926489cb57f56b1973b3bapostgresql-upgrade-9.2.24-9.el7_9.x86_64.rpm5abaf994b9145b83697a417448faeb7c2c20ddbbaceedc8812cb00ad1700c22fpostgresql-devel-9.2.24-9.el7_9.i686.rpm6ec387d40f42de7229a454500fd0f493f4956913fa46145a94a2f14ab56fd910postgresql-static-9.2.24-9.el7_9.i686.rpmcbb2f795ef8f7fb625aa63da0a311b8e3bd52639d904af9f34460aba44b87460postgresql-devel-9.2.24-9.el7_9.x86_64.rpmc3fa01e3b69d1d1b5f321eac8f16188fe5eb3ae4964a6a283b9bdff9c1a326dbpostgresql-libs-9.2.24-9.el7_9.i686.rpm5c4ad860099c03846bee5ca107b5d0f6a2a6e91a82ab2b09bc9f1dee0e44117epostgresql-9.2.24-9.el7_9.x86_64.rpmc902d80d63e50b7a4a56cf08053e31dd8de500fbc8e082238408279fb29b99fcpostgresql-plperl-9.2.24-9.el7_9.x86_64.rpm4b5f50ad4677c2daccaea86737614f874b91ceaf618230c20994385917400679postgresql-server-9.2.24-9.el7_9.x86_64.rpm10d7427c5a7f618ab4a37ec4235346c5b67e05a6c31907c37a10f657aa028a9cpostgresql-pltcl-9.2.24-9.el7_9.x86_64.rpmbe26b19fd4a14836d1b1c60182ef90ae89674923226c04056ef27806cfb3a7a7SLSA-2024:0006Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): * xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377) * xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7tigervnc-1.8.0-28.el7_9.x86_64.rpmd878ad53279d73a821eef6745e41475a13bf6423283929db83f80053934f9d91tigervnc-server-1.8.0-28.el7_9.x86_64.rpm4bf2bbb9e4b440fd8038341ae34a1568265ca33bf972538d5ae62c87fcf8bb57tigervnc-server-applet-1.8.0-28.el7_9.noarch.rpm67ceb09f8df51f16ab3fd644f1786a7b852bcb3aa254778657d553de5ba6da21tigervnc-icons-1.8.0-28.el7_9.noarch.rpma3c23f2b1a100a6c51e6b64162508b88c19f746dd453419871ef026be260547dtigervnc-server-module-1.8.0-28.el7_9.x86_64.rpma3860b641fa0d7eab0e113b080bd00faaf4be3d0aa40bdac4931ada911042945tigervnc-server-minimal-1.8.0-28.el7_9.x86_64.rpmf6d8b483b8f323a5d4421ef6ba62d6e49197813c5f80678794eff811746353bftigervnc-license-1.8.0-28.el7_9.noarch.rpm725cfd357b9e8cc80ab130a699df3de04f5e9f4d928e0b1894aeef8eda1b49acSLSA-2024:0009X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions (CVE-2023-6377) * xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty (CVE-2023-6478) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7xorg-x11-server-Xephyr-1.20.4-25.el7_9.x86_64.rpmcee49abea6f49e118f90cc707b18ae33b6dc79604abbca789e699da46987d0ddxorg-x11-server-Xdmx-1.20.4-25.el7_9.x86_64.rpm840305e25a4a9e6849ed74c7c0abe5ff8f18eec807b11356bba40ba959498f2bxorg-x11-server-Xorg-1.20.4-25.el7_9.x86_64.rpm6d7a7c45531423fa11b19377c136e5b5762df48fa0f7c0fcb47e9ddb26c63a36xorg-x11-server-devel-1.20.4-25.el7_9.x86_64.rpm042254433f043342a8daffc045a0f1baf62ef247337be8a01ecbc28fe0fae13dxorg-x11-server-Xvfb-1.20.4-25.el7_9.x86_64.rpm32e6a01863c31a84c3203c98f3d8c5b75c4b42c18369d2e2002e17ea646d9476xorg-x11-server-source-1.20.4-25.el7_9.noarch.rpm9f08f449f6688a64c204989c7e636b14856398128f86df97b31a841c4c4f01d5xorg-x11-server-common-1.20.4-25.el7_9.x86_64.rpm3c3e3412caaef346ee605ffd15be54c3cf9de01db7e37f13c9cd36d9869ad100xorg-x11-server-Xwayland-1.20.4-25.el7_9.x86_64.rpm57b02626f21e3385750bbd68a73ca20b32fa8b5cd788d343fecd6e7b556c38e2xorg-x11-server-devel-1.20.4-25.el7_9.i686.rpm89731ae94097e917ae4b164b58a0a9bb7bc739e427f6e5fdfe4347fdcc913ed9xorg-x11-server-Xnest-1.20.4-25.el7_9.x86_64.rpme2f0a21015a38018eab2cf043f99c0c0dfcac6555a729c866ae1ae4167bef845SLSA-2024:0013GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * gstreamer: MXF demuxer use-after-free vulnerability (CVE-2023-44446) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7gstreamer1-plugins-bad-free-devel-1.10.4-4.el7_9.x86_64.rpm1c7679ecfb7c3e30c43580ee577edd1f7a4bebced66fa7cc49cf45894f055a02gstreamer1-plugins-bad-free-1.10.4-4.el7_9.x86_64.rpm98e891ff0ba2d212f81e6fcffe2f6ac670c72919a71da83c6a71dea4663473ddgstreamer1-plugins-bad-free-devel-1.10.4-4.el7_9.i686.rpm0422289588e8fbc4fcea0da7706e2b1d7b67f4b1e0ae8f5ac894434016837713gstreamer1-plugins-bad-free-gtk-1.10.4-4.el7_9.x86_64.rpmb2d48cf4954af8b2f90c0022a13d3e4d6fd0c9244562d721e1131bfe226e9b99gstreamer1-plugins-bad-free-1.10.4-4.el7_9.i686.rpmc23b206afed8176086ea06f99b1fd0ce60b41b7fc61fbbc04f903eb0a29df041gstreamer1-plugins-bad-free-gtk-1.10.4-4.el7_9.i686.rpmb61e9981b5e312b3704c1e020036b8de4a1707248a2e1ac1587687067a7c2da9SLSA-2024:0026Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.6.0 ESR. Security Fix(es): * Mozilla: Heap-buffer-overflow affecting WebGL &lt;code&gt;DrawElementsInstanced&lt;/code&gt; method with Mesa VM driver (CVE-2023-6856) * Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864) * Mozilla: Potential exposure of uninitialized data in &lt;code&gt;EncryptingOutputStream&lt;/code&gt; (CVE-2023-6865) * Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857) * Mozilla: Heap buffer overflow in &lt;code&gt;nsTextFragment&lt;/code&gt; (CVE-2023-6858) * Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859) * Mozilla: Potential sandbox escape due to &lt;code&gt;VideoBridge&lt;/code&gt; lack of texture validation (CVE-2023-6860) * Mozilla: Heap buffer overflow affected &lt;code&gt;nsWindow::PickerOpen(void)&lt;/code&gt; in headless mode (CVE-2023-6861) * Mozilla: Use-after-free in &lt;code&gt;nsDNSService&lt;/code&gt; (CVE-2023-6862) * Mozilla: Clickjacking permission prompts using the popup transition (CVE-2023-6867) * Mozilla: Undefined behavior in &lt;code&gt;ShutdownObserver()&lt;/code&gt; (CVE-2023-6863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7firefox-115.6.0-1.el7_9.i686.rpm69c640581c71c0fcbcc844e1c7ab75ce5967a37ef63077b83e49b20fe2262066firefox-115.6.0-1.el7_9.x86_64.rpm4537288ea302f365b22fa97445e724ca45ecdd860cffc10bd515a0bb469ff0d4SLSA-2024:0027Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fix(es): * Mozilla: Heap-buffer-overflow affecting WebGL &lt;code&gt;DrawElementsInstanced&lt;/code&gt; method with Mesa VM driver (CVE-2023-6856) * Mozilla: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 (CVE-2023-6864) * Mozilla: S/MIME signature accepted despite mismatching message date (CVE-2023-50761) * Mozilla: Truncated signed text was shown with a valid OpenPGP signature (CVE-2023-50762) * Mozilla: Symlinks may resolve to smaller than expected buffers (CVE-2023-6857) * Mozilla: Heap buffer overflow in &lt;code&gt;nsTextFragment&lt;/code&gt; (CVE-2023-6858) * Mozilla: Use-after-free in PR_GetIdentitiesLayer (CVE-2023-6859) * Mozilla: Potential sandbox escape due to &lt;code&gt;VideoBridge&lt;/code&gt; lack of texture validation (CVE-2023-6860) * Mozilla: Heap buffer overflow affected &lt;code&gt;nsWindow::PickerOpen(void)&lt;/code&gt; in headless mode (CVE-2023-6861) * Mozilla: Use-after-free in &lt;code&gt;nsDNSService&lt;/code&gt; (CVE-2023-6862) * Mozilla: Undefined behavior in &lt;code&gt;ShutdownObserver()&lt;/code&gt; (CVE-2023-6863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7thunderbird-115.6.0-1.el7_9.x86_64.rpm85c44c0c883e100578a0a631f899fed79f62dbec9ab43577a196f35601ce6491SLSA-2024:0145Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * ipa: Invalid CSRF protection (CVE-2023-5455) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7python2-ipaclient-4.6.8-5.sl7_9.16.noarch.rpmd7449b964ca0d93bd691b3924ebd4597c3b8facd93bf8a73d9cf9054d24e9a8fpython2-ipalib-4.6.8-5.sl7_9.16.noarch.rpm56e0cc913272d59c7bac25811815868a011c1fc23ace80a1dfb2e3b33e7e270aipa-server-common-4.6.8-5.sl7_9.16.noarch.rpm96243f825077947b9477fcc8b7a86ab5c4e9b866cfa4d1dbf347a5f72c5f3eb9ipa-server-4.6.8-5.sl7_9.16.x86_64.rpmf03862146dd4db15a83b169823cf14d89da885a51ac03510e7a08c5d5b30ac50ipa-python-compat-4.6.8-5.sl7_9.16.noarch.rpmafcf62d93d9c6a91c28564972d424fe96ecaeeb9ed15257c86cfaa7012870c73ipa-client-common-4.6.8-5.sl7_9.16.noarch.rpmf2091a24905e839d934bdaf36f89f52383937115fb0d809400ea63c071a3c41dipa-common-4.6.8-5.sl7_9.16.noarch.rpm8fea5b8c00ef9078db6c29ef767d003d4a5da6740b0db0d89644e69bb3af8321ipa-server-dns-4.6.8-5.sl7_9.16.noarch.rpme2e99bf84ccba419a2df4125eba8aed8e354faa2708417d7700e9d12a8d55e95ipa-client-4.6.8-5.sl7_9.16.x86_64.rpmda0d5ed9a7a6dfe1a4e0b203e502ae5b9e8e775b3d6cd40ea148201e26240d71python2-ipaserver-4.6.8-5.sl7_9.16.noarch.rpm9bd9a40c83b465f0f89ca7f784244c957a9c600914737dad342867a9296e32b8ipa-server-trust-ad-4.6.8-5.sl7_9.16.x86_64.rpmd7f66d4c07be14d31442e011c376c15eeafb0c8133224eeb4d6836e36fcc446fSLSA-2024:0223The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468) (CVE-2024-20918) * OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547) (CVE-2024-20952) * OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295) (CVE-2024-20919) * OpenJDK: range check loop optimization issue (8314307) (CVE-2024-20921) * OpenJDK: arbitrary Java code execution in Nashorn (8314284) (CVE-2024-20926) * OpenJDK: logging of digital signature private keys (8316976) (CVE-2024-20945) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * In the previous release in October 2023 (8u392), the RPMs were changed to use Provides for java, jre, java-headless, jre-headless, java-devel and java-sdk which included the full RPM version. This prevented the Provides being used to resolve a dependency on Java 1.8.0 (for example, "Requires: java-headless 1:1.8.0"). This change has now been reverted to the old "1:1.8.0" value. (RHEL-19630) importantScientific Linux 7java-1.8.0-openjdk-src-debug-1.8.0.402.b06-1.el7_9.x86_64.rpmdde02384d8965b1b5d6ac02d5562395e8fe7d3f32b169d0b51cc0f2dfb631fbbjava-1.8.0-openjdk-javadoc-debug-1.8.0.402.b06-1.el7_9.noarch.rpm7361b0a79cea7ab301e84e9020b9b80196032be58382076647de5d2b948e49f3java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.x86_64.rpme853059da15e811a901a2457d3f4e76c1b27a5373c129ad9f86bf0eddf06fc49java-1.8.0-openjdk-accessibility-debug-1.8.0.402.b06-1.el7_9.i686.rpmc519dc68deaa751bc3dcbbc630673277ddb8f59797ed806b82fd67e85f786fefjava-1.8.0-openjdk-headless-debug-1.8.0.402.b06-1.el7_9.i686.rpm620c3d2bb18afd18943ed7b931a59c98ce4e51172dc10098177bb7103f182343java-1.8.0-openjdk-demo-1.8.0.402.b06-1.el7_9.i686.rpm52a2a65f175019a84d92d4e7bd10f7d4a2a1620549121bd84bd693877805471ejava-1.8.0-openjdk-devel-1.8.0.402.b06-1.el7_9.x86_64.rpme43196032476954d2186cde0d31f0d67a9370dee47e19b264e92180af5a684d6java-1.8.0-openjdk-src-1.8.0.402.b06-1.el7_9.x86_64.rpmc339e64ff249c0a41c74e0d45b4b815bab631775f0e020b764e158578ae46c1bjava-1.8.0-openjdk-src-debug-1.8.0.402.b06-1.el7_9.i686.rpm085e1ecffc8fa3229546ab90c2832c853b65822ac6f0fe89e7ebfb780eaf654djava-1.8.0-openjdk-javadoc-zip-1.8.0.402.b06-1.el7_9.noarch.rpm9aa443b30c29acafad890abd5905f52b22ba1b164609c1acedfc98b9ce4d5352java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9.x86_64.rpm00ebf212d95b5f39a4d75a7a276972e1d57a8f069205ad78137c2b4234c9fe9cjava-1.8.0-openjdk-accessibility-1.8.0.402.b06-1.el7_9.x86_64.rpm74553d6272ba331071b0a8aa47bd77d1b45c025546a41fbe983d2afa1b8706d9java-1.8.0-openjdk-headless-1.8.0.402.b06-1.el7_9.i686.rpm889e875141b1f5df42a57d5c71f58a8548998bfb66863a2a03b5d1c5a8ad52d0java-1.8.0-openjdk-headless-debug-1.8.0.402.b06-1.el7_9.x86_64.rpm8b162f48db9c44de048a8cfadcf5c0d85378b8ee263bb29bfbc3ab366ca1dae3java-1.8.0-openjdk-debug-1.8.0.402.b06-1.el7_9.x86_64.rpmdac003986595c8b61e70b30a52b004ca526cb97e301b427cbed01379cdedb2bdjava-1.8.0-openjdk-demo-1.8.0.402.b06-1.el7_9.x86_64.rpm68d1d750ab3b071cdbbb360cc5ddc03e0ebadbabcc1f2638539fc1d5956a4313java-1.8.0-openjdk-demo-debug-1.8.0.402.b06-1.el7_9.i686.rpm8fb9d89cb92135c8fc87718624113eddd9147d572168cc7d2caab086bd6693f4java-1.8.0-openjdk-demo-debug-1.8.0.402.b06-1.el7_9.x86_64.rpmfa1ee407187fa3705573e8fb1c7d2667ff9e0cd286f3c00bb74fcad74cc54d5bjava-1.8.0-openjdk-src-1.8.0.402.b06-1.el7_9.i686.rpm2eb2056b396149fceec9129c4f5d2384b123f0b519d48435af4f64f3119bcf26java-1.8.0-openjdk-1.8.0.402.b06-1.el7_9.i686.rpmeca089b02540431718b5f4ef73a50cece50caac23128e11c39153f3ee3f7ebb1java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.402.b06-1.el7_9.noarch.rpmffc2d73db443bdc8c362d206da1484d0cf3f1563ca371a9c05ef734371ad962djava-1.8.0-openjdk-accessibility-debug-1.8.0.402.b06-1.el7_9.x86_64.rpm8d37d5dadbd56eefc491794e0a76f2299ab8ae87610534eea0bac073170a5091java-1.8.0-openjdk-devel-debug-1.8.0.402.b06-1.el7_9.x86_64.rpm08934624c43913ef01469cdb07033cb665925dc6b56d56924292e8cc8e584d6fjava-1.8.0-openjdk-debug-1.8.0.402.b06-1.el7_9.i686.rpm15db9a206370da709910dbb60050fc3e3d0a02caaba117531056355b9c0c0c02java-1.8.0-openjdk-devel-1.8.0.402.b06-1.el7_9.i686.rpm6d4d26428da44b62bf2a54be4e62df24b42d6c7296d9edd6c637b7bcf5d487fdjava-1.8.0-openjdk-accessibility-1.8.0.402.b06-1.el7_9.i686.rpm2d2672bbf31410f48b8ea2820549fef9e3f3e7a657a6f11e5d93e68ce947b92ajava-1.8.0-openjdk-javadoc-1.8.0.402.b06-1.el7_9.noarch.rpm32af6a7462dc10af31dab9f263885d789bbc4584699f3f005605131fd1d83a41java-1.8.0-openjdk-devel-debug-1.8.0.402.b06-1.el7_9.i686.rpmfc441b4c2acf427b4df871fde7a41cdcc91ada1fa9366ea47279e04f1b9bbcf2SLSA-2024:0232The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468) (CVE-2024-20918) * OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547) (CVE-2024-20952) * OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295) (CVE-2024-20919) * OpenJDK: range check loop optimization issue (8314307) (CVE-2024-20921) * OpenJDK: arbitrary Java code execution in Nashorn (8314284) (CVE-2024-20926) * OpenJDK: logging of digital signature private keys (8316976) (CVE-2024-20945) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7java-11-openjdk-demo-11.0.22.0.7-1.el7_9.x86_64.rpm95576be2076e94f321be597b82c012c86361c5356cf844f86619cc6dd62c5e53java-11-openjdk-demo-debug-11.0.22.0.7-1.el7_9.i686.rpmb77dab4d298a73238d6e19e59114793eb49ccc4b03f8b3745f88f663a258b461java-11-openjdk-headless-11.0.22.0.7-1.el7_9.x86_64.rpm1c8872e428cd92d18a092ac69b51494d8b91985e7bc91f71bb692468fe0a2efejava-11-openjdk-headless-debug-11.0.22.0.7-1.el7_9.x86_64.rpm6d197aafe764af0160b0da23049f3ccc5fdf7770a7dc473499cb49f1877e0556java-11-openjdk-javadoc-debug-11.0.22.0.7-1.el7_9.i686.rpm5f505af6d49f833135800b8034e962058f24a2cdc6fd6e2416e6dd1c5a33416ajava-11-openjdk-11.0.22.0.7-1.el7_9.i686.rpm44871757e5397e5f0ff59df1eb7d11c5e476976427db8a992bfe76678a5ef976java-11-openjdk-11.0.22.0.7-1.el7_9.x86_64.rpm0621d1509b6394e973480a59b6cab842c967101d2f8142acd7992a5835b7abf6java-11-openjdk-javadoc-zip-debug-11.0.22.0.7-1.el7_9.x86_64.rpm117319bd032a4ef64d49cb6a3414626071a4db2c0a48675251aa76d58ef0ef45java-11-openjdk-jmods-11.0.22.0.7-1.el7_9.i686.rpm7d94af7086999a9b14e8120cbe8b493fc641a3f9a85ac573050754b086ca4983java-11-openjdk-demo-11.0.22.0.7-1.el7_9.i686.rpm0a870fe20b25057c5548716e32ce90d1cf6b9b48b62ddd5897ff858d015a1241java-11-openjdk-demo-debug-11.0.22.0.7-1.el7_9.x86_64.rpmf379918409d5321ce1d3e56701ae947f73fd7de655c676ef1ebb481da5dc4d0ajava-11-openjdk-src-11.0.22.0.7-1.el7_9.x86_64.rpm4d8de6773a7251746e3e975e65506206690bb5076927eb54b75b4f88586da265java-11-openjdk-headless-debug-11.0.22.0.7-1.el7_9.i686.rpm270bc9bd8a9e1788d554e01da8e07b794033669407fe0dc1b634c4e83abe9016java-11-openjdk-debug-11.0.22.0.7-1.el7_9.x86_64.rpm14c0faebea0f99195f73da800562e386075b28e459a8625e3e201d8e63402563java-11-openjdk-headless-11.0.22.0.7-1.el7_9.i686.rpm6f3305d38383c213fd8a31bf5e7e1e16283a81f3742f6eb3bf2767ac8c7f063ajava-11-openjdk-static-libs-debug-11.0.22.0.7-1.el7_9.x86_64.rpmb52efc2014e5e6f6d00b9da4f106a7de1d850bf2760d565d8b28636016bc67bajava-11-openjdk-javadoc-11.0.22.0.7-1.el7_9.x86_64.rpma864487011f9047034551d8e309d9d5ff322b53faf35a191a2288ce5843af83bjava-11-openjdk-src-debug-11.0.22.0.7-1.el7_9.i686.rpm9e08bbbe35f812b16a16638c2d1fef2f52f8e61e61b2019485ceceac51e22c70java-11-openjdk-devel-11.0.22.0.7-1.el7_9.x86_64.rpm9042cb7ac96e9b3ee54b2247c2a1460f0a681ba4d518cec61cf4b2faddb8676ajava-11-openjdk-jmods-debug-11.0.22.0.7-1.el7_9.x86_64.rpm7fa496f97aeb3506611bc0a20c3d5fa84c17ae51a859d73309f751503ffba7d5java-11-openjdk-javadoc-zip-11.0.22.0.7-1.el7_9.x86_64.rpmc4ed4a0b8d0e7c33b78a5c12d4401bb736d56959dd573c5e26515307bb64a057java-11-openjdk-javadoc-zip-11.0.22.0.7-1.el7_9.i686.rpm9faa8250912a2be04d4498daa3fc0b40eacde1c144076c6837ae5e359414f50djava-11-openjdk-javadoc-zip-debug-11.0.22.0.7-1.el7_9.i686.rpmfd710de29dcdf89cf4e6a233122b7f1b405b370f13681049f6783212255b7829java-11-openjdk-static-libs-11.0.22.0.7-1.el7_9.x86_64.rpm16b90f808a79a23246d661893064bea524dda0549caddd283e53cdc6fe06e110java-11-openjdk-javadoc-debug-11.0.22.0.7-1.el7_9.x86_64.rpm63aa077fca3bd0309ad6339aa8b14d691f4a9b755adf23584a99e68160085564java-11-openjdk-jmods-debug-11.0.22.0.7-1.el7_9.i686.rpm93a3522634768c262c2df5da341d0091fd8fe113222a0ce5ffaded281821fecejava-11-openjdk-devel-11.0.22.0.7-1.el7_9.i686.rpmceccfdbf84e12de9260cf94520f64154cdc6d1360fa74a1c89b232487d28280ajava-11-openjdk-devel-debug-11.0.22.0.7-1.el7_9.i686.rpmc7dbfe21bc4a71451e335a05a632b07cc1adb551e534c024a5132c93a9a77ce6java-11-openjdk-src-debug-11.0.22.0.7-1.el7_9.x86_64.rpm4f78d38cc22c0000c60437b76a9dd1ace7e0119b374a855849814b98a96d438cjava-11-openjdk-src-11.0.22.0.7-1.el7_9.i686.rpm61b2000c37c25a6f56e4b7a88453ac8e857d9ed505827d272dee685fb1d498e7java-11-openjdk-jmods-11.0.22.0.7-1.el7_9.x86_64.rpm4febd8135ba4cbcfab1e3fa238eaf5fceb4953c4a302af5d76a0db173b025779java-11-openjdk-debug-11.0.22.0.7-1.el7_9.i686.rpm9e92a308ae9678956078aa4a638cf58cc7fe992fba72cc9ff3a922dd6a31faa0java-11-openjdk-devel-debug-11.0.22.0.7-1.el7_9.x86_64.rpmf69b67b651639c1296a154fc500e02fc359a0e90c11e825ae415abfcf8ff130ejava-11-openjdk-javadoc-11.0.22.0.7-1.el7_9.i686.rpm0cbc4940043b1c9dded3f2e731211cf11c11667c64c68e2cc825b580799f0525SLSA-2024:0279GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix(es): * gstreamer: MXF demuxer use-after-free vulnerability (CVE-2023-44446) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7gstreamer-plugins-bad-free-0.10.23-24.el7_9.i686.rpm46c922e1d24d8284170b98e0f142a0e17802842adc3da065bd8330dd6c081de8gstreamer-plugins-bad-free-0.10.23-24.el7_9.x86_64.rpm0934f97f08c806631a7f63644847e920c09a8f047d70e4dd76a35325a5af8bfcgstreamer-plugins-bad-free-devel-0.10.23-24.el7_9.x86_64.rpm1802aadbbbf0087d8e2cce0dea743ecbcfb25e897183784bc0d88b004d3ec389gstreamer-plugins-bad-free-devel-docs-0.10.23-24.el7_9.x86_64.rpm8bb33140410d396a3c1e09e1e7636cfad5641d474c614dc8ee90434eab1ff9e8gstreamer-plugins-bad-free-devel-0.10.23-24.el7_9.i686.rpm5a20bfc364ce0109eb22d83a993604bbec573e15b5e42800f244dc945aaaeae5SLSA-2024:0320X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816) * xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229) * xorg-x11-server: SELinux unlabeled GLX PBuffer (CVE-2024-0408) * xorg-x11-server: SELinux context corruption (CVE-2024-0409) * xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885) * xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7xorg-x11-server-Xvfb-1.20.4-27.el7_9.x86_64.rpm6778e751e0074379445b1d618d7fb380c5b8271870391f2b1986b1bd1fe67941xorg-x11-server-Xnest-1.20.4-27.el7_9.x86_64.rpmcd1e3e50fd368947479e8e5a01613c78f88daba8f7e94234e7a486955b0f9c82xorg-x11-server-Xephyr-1.20.4-27.el7_9.x86_64.rpmaa8c44d5d0f90ec0e98953a3b942cbe1f5b3ef92c45406d0567237ab7aa01731xorg-x11-server-devel-1.20.4-27.el7_9.x86_64.rpm85adcaa8f4a114ef75b8f463a7f43cec7a4b0338b5d93d8113ad76b98f8a1647xorg-x11-server-Xorg-1.20.4-27.el7_9.x86_64.rpmf798bbfc8b5c38c89aa7580f8fcd9736d7fd8ea62cd463bde9226f0a81377da5xorg-x11-server-source-1.20.4-27.el7_9.noarch.rpmb91c387e09a82405d1b5936f85986ce2291a9efad65f4748183f9a74f9dfcdcaxorg-x11-server-Xwayland-1.20.4-27.el7_9.x86_64.rpmea9f77b8cd412fc9783b1337bffef758dfcb3f7c91723c38b1d9489afe87ce20xorg-x11-server-devel-1.20.4-27.el7_9.i686.rpm217bf7588963dcd2af78b1400a42ec3855b517a4b1add62c3dc961e707cdf8ecxorg-x11-server-Xdmx-1.20.4-27.el7_9.x86_64.rpm18d38bc6740bc3142d0035dc752c5df83be63f5fc7378db267c809bfdc988e38xorg-x11-server-common-1.20.4-27.el7_9.x86_64.rpmd97635105ed33d28798a218a9f1c3d98e74c9b36553f9b7786954b83e3f66984SLSA-2024:0343LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). Security Fix(es): * LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp (CVE-2021-32142) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7LibRaw-static-0.19.4-2.el7_9.i686.rpmc07f0c388d53ef358304fbf5a890c8ed27ae53ac3562bf722810321531fd361eLibRaw-devel-0.19.4-2.el7_9.i686.rpmafe924b0d2eb987ea4ed17a7c86e6ce9a2aaa2203672a0e501e8f4542ce26df2LibRaw-devel-0.19.4-2.el7_9.x86_64.rpm9be290004a20cff637d7db3a166196299147d69eb4cfb37827fa64eb33766220LibRaw-0.19.4-2.el7_9.i686.rpm21fa8b7b6ecf815d8cbcb1a7a3246c238e96be77a9b0fbc6df94b230dd376b04LibRaw-static-0.19.4-2.el7_9.x86_64.rpm2efa6f2fff664a9e8d805395dd44f71dfb756e1fca4e1de635ea410afe69d9fdLibRaw-0.19.4-2.el7_9.x86_64.rpm2cd76b61d30079714ab546a2d5d8270a6da702c9b19f6b947fec49d03fed2b96SLSA-2024:0345The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): * python-pillow: uncontrolled resource consumption when textlength in an ImageDraw instance operates on a long text argument (CVE-2023-44271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7python-pillow-2.0.0-24.gitd1c6db8.el7_9.x86_64.rpm81413d6b0956aff03a592b4b9dda1e107ea340a40c841e9f49fc0b8dcb778a61python-pillow-sane-2.0.0-24.gitd1c6db8.el7_9.x86_64.rpm7df5cda96de4345301564233d4f73210ecc6f5d4774f993730f56f7757b5ba0bpython-pillow-devel-2.0.0-24.gitd1c6db8.el7_9.x86_64.rpm54388931d055924d06b0cd6dd8873d868143563199de035e45c51b6037afd611python-pillow-2.0.0-24.gitd1c6db8.el7_9.i686.rpm9f082ca45e31f71798f6cd9e202c15f116b73edcdb1e89449c37c22cecd24e1cpython-pillow-qt-2.0.0-24.gitd1c6db8.el7_9.x86_64.rpm754ea3a6ce7134fbc594c534a2a81bf845b369423871c9ad49f9afe6c9782099python-pillow-devel-2.0.0-24.gitd1c6db8.el7_9.i686.rpmb3a8eb943b033ae352a9449ade64acf785c669c3036d1f0bd7ad5e90e1208ecfpython-pillow-tk-2.0.0-24.gitd1c6db8.el7_9.x86_64.rpmf871880a43e6660c4103602b302e99e38455494651f2e6bb410535f45868d30cpython-pillow-doc-2.0.0-24.gitd1c6db8.el7_9.x86_64.rpm5d329a9892fb932b1b2024236976baad22bd5ca3d6432851931ec97869baa662SLSA-2024:0346The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * gfs2: kernel BUG at fs/gfs2/lops.c:135 (BZ#2196280) * ax88179_178a 2-6:1.0 (unregistered net_device) (uninitialized): Failed to read reg index 0x0006: -71 (RHEL-6302) importantScientific Linux 7kernel-tools-3.10.0-1160.108.1.el7.x86_64.rpm8ed03cdee3c6f96583e0d7213404eabcc01aea6a0df53bad7b20cb96666838f6kernel-abi-whitelists-3.10.0-1160.108.1.el7.noarch.rpme199f6b0dda918678870e94fd82b6509db5d1d81c304e2ec7ad19b2a8fbd12c2kernel-tools-libs-3.10.0-1160.108.1.el7.x86_64.rpm4d46be2e7f1aea69880cfb02c600953d0f848c3a5ea502388989bd44584e1956bpftool-3.10.0-1160.108.1.el7.x86_64.rpm5babb17a292aa655c2458056ebb1073456db49e369a7d1f10786a4bcc4acaf86python-perf-3.10.0-1160.108.1.el7.x86_64.rpm0e68ec2adb0238e252e1999ecac0efb5b3bcfa1bf4994bd14f075785357dc109kernel-devel-3.10.0-1160.108.1.el7.x86_64.rpm43098b52ac40ae5c5f3080ff5a42fc09262e882a822cb5e5947ced3dbdc2c2f4kernel-doc-3.10.0-1160.108.1.el7.noarch.rpm4cdc3a356924241aae99ad3debebaa1c8e2294e2eb6a86c96c94fe7694ab834fkernel-3.10.0-1160.108.1.el7.x86_64.rpm8a44907d63ba2c431265cc97f497ed4998d58b0d716422b81ddfd3afbf936ba7kernel-debug-3.10.0-1160.108.1.el7.x86_64.rpmb8fd50e3df21e313479ea3dbd5a21d07fa1b057b799a1b8ada709fcaceebeb7dkernel-headers-3.10.0-1160.108.1.el7.x86_64.rpmd7d0b7a0b00169816abd24f0536b7af24067e2f68be53d15db85556474e0b6e8perf-3.10.0-1160.108.1.el7.x86_64.rpmafa2282ea672e08045f6e7e20b3f52587719e7a0c403ccdfb3ac75513028615bkernel-debug-devel-3.10.0-1160.108.1.el7.x86_64.rpm1ae9bb5868083ed0ac71b848de353773db99073a37d54e27867400e1dbb9c0a5kernel-tools-libs-devel-3.10.0-1160.108.1.el7.x86_64.rpm43586f28a7c20ebfba8ae2fcf35a91780bf656a7a7a1207260a8d4b40891ad73SLSA-2024:0600Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.7.0 ESR. Security Fix(es): * Mozilla: Out of bounds write in ANGLE (CVE-2024-0741) * Mozilla: Failure to update user input timestamp (CVE-2024-0742) * Mozilla: Crash when listing printers on Linux (CVE-2024-0746) * Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set (CVE-2024-0747) * Mozilla: Phishing site popup could show local origin in address bar (CVE-2024-0749) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2024-0750) * Mozilla: Privilege escalation through devtools (CVE-2024-0751) * Mozilla: HSTS policy on subdomain could bypass policy of upper domain (CVE-2024-0753) * Mozilla: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7 (CVE-2024-0755) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7firefox-115.7.0-1.el7_9.x86_64.rpmea22ef001519caa8ff417d9c87f6b375b1082727fcec2747802342a6e993b3b4firefox-115.7.0-1.el7_9.i686.rpm07313088232c6184aaa18e6cd5f3a64d0bf5a4373276de8e6b05ec4a1a1c03e6SLSA-2024:0601Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.7.0. Security Fix(es): * Mozilla: Out of bounds write in ANGLE (CVE-2024-0741) * Mozilla: Failure to update user input timestamp (CVE-2024-0742) * Mozilla: Crash when listing printers on Linux (CVE-2024-0746) * Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set (CVE-2024-0747) * Mozilla: Phishing site popup could show local origin in address bar (CVE-2024-0749) * Mozilla: Potential permissions request bypass via clickjacking (CVE-2024-0750) * Mozilla: Privilege escalation through devtools (CVE-2024-0751) * Mozilla: HSTS policy on subdomain could bypass policy of upper domain (CVE-2024-0753) * Mozilla: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7 (CVE-2024-0755) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7thunderbird-115.7.0-1.el7_9.x86_64.rpma8d93b2a5cfc9fd072a7304a659f1c3fdec5ad7756d516d0fc2b9aa00d0fbb79SLSA-2024:0629Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): * xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer (CVE-2023-6816) * xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access (CVE-2024-0229) * xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent (CVE-2024-21885) * xorg-x11-server: heap buffer overflow in DisableDevice (CVE-2024-21886) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7tigervnc-server-minimal-1.8.0-31.el7_9.x86_64.rpmb63f27490a21ca002b9b142c768efef20e9c395d54e892057bb58608cc204fa8tigervnc-1.8.0-31.el7_9.x86_64.rpm4b100d9b5c7636dfdfdfe41a637d0526490bce975df2325af3d0922939dd67catigervnc-server-1.8.0-31.el7_9.x86_64.rpmba082c4d938772188057ad42edcce544b2dcecc2a610d34c61c4ee758d772ed3tigervnc-icons-1.8.0-31.el7_9.noarch.rpm07a9abca01452eaa3c9dbfd9c5f9fb66ddcdef37278b8e4443d44e3fe33b27catigervnc-server-applet-1.8.0-31.el7_9.noarch.rpm1d4bb14474a252b9009725af3d0853209f7723cdaf3892644aef511b9cb15578tigervnc-license-1.8.0-31.el7_9.noarch.rpm160eddd328e690a5339dd325e0dd8209d4a6cf237f8895dbf0be2052411960a6tigervnc-server-module-1.8.0-31.el7_9.x86_64.rpmb0ca8ac5f2622ea90ff9de469ead08695c1b43cdcce2779c53ea534521fc95deSLSA-2024:0753The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * (RCVE-2023-20592) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7iwl7260-firmware-25.30.13.0-82.el7_9.noarch.rpme64a97d5c671efc4fa415bd4c532464a6262f62b1a9fa98a799c03487433ad0diwl6000g2b-firmware-18.168.6.1-82.el7_9.noarch.rpm141487a55bbc7dbdf9f830b07f80cbf8e2d34c75aac27fb2ac98237e6f2ab244iwl4965-firmware-228.61.2.24-82.el7_9.noarch.rpmda898bc4b4e3150cf1460c4eeda3405a39f7ce8892e7094414c529d30a296422iwl5150-firmware-8.24.2.2-82.el7_9.noarch.rpmb7c434a206a59763ca232a0bb8e49701aa018d93b0d1cc041814e6d94bf50c4biwl6000g2a-firmware-18.168.6.1-82.el7_9.noarch.rpm0d692533b2a5ed4ed28868c7bb8334525076497de50353ad813da6fe07734284iwl3945-firmware-15.32.2.9-82.el7_9.noarch.rpm097176fa2cb3c3f5caf9d1fa228090fd6d5c9dd78f8d212fcdc96ecf711a55cdiwl135-firmware-18.168.6.1-82.el7_9.noarch.rpm95bfaba9b5653a83e20c9932b2930eb6bda85d510059a5c43cf550a53ae448e7linux-firmware-20200421-82.git78c0348.el7_9.noarch.rpma8777329c0b6e715eac602ff58a6429bca76e76ac70603206312441bf247a2adiwl6050-firmware-41.28.5.1-82.el7_9.noarch.rpmbede749692b47135cac3d83f3811deaaa856821d340a49e23c281a4da586f3bciwl3160-firmware-25.30.13.0-82.el7_9.noarch.rpmaf80422a01927bfdb8b5205ef9d97360eaa757c898688dc506466eca6f067406iwl2000-firmware-18.168.6.1-82.el7_9.noarch.rpmaf3ed29b25df5c8a78f4b10a974cdd2ebc5dbfc7a3ee9e2d5ef010fe20851f30iwl6000-firmware-9.221.4.1-82.el7_9.noarch.rpmdc0489d581ae27ffc1ce06e394aab2912de78a3f6f3bce244e7bab0692373006iwl2030-firmware-18.168.6.1-82.el7_9.noarch.rpm77d06de2dc9b5b81939baafdb9150ec3b9a5f407cb384ee53d17e1d0596d3aa5iwl5000-firmware-8.83.5.1_1-82.el7_9.noarch.rpme02af43fa4eead018ef3b96bc5e13b1753bfaad664429845c0aef433765ef060iwl100-firmware-39.31.5.1-82.el7_9.noarch.rpm91f90c313410f56aed94e461a0e925b6df6d91a3a93d1376dbcddc7e7e0fd5adiwl1000-firmware-39.31.5.1-82.el7_9.noarch.rpm54b17ad5fd3c9c574dfcefefb2a8834656fdd82cf152caf8b9ba308cebf7d1bdiwl105-firmware-18.168.6.1-82.el7_9.noarch.rpm3d0b10f45e5f0c5ae891adcb8584696e241ebe689ac0cfa747f6fccf7a5849acSLSA-2024:0857The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Security Fix(es): * pillow: Arbitrary Code Execution via the environment parameter (CVE-2023-50447) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7python-pillow-tk-2.0.0-25.gitd1c6db8.el7_9.x86_64.rpm15ae81d0c24e554168f090c91b0bc2b5581f0d142a5bef76c9e770d4a7c29802python-pillow-2.0.0-25.gitd1c6db8.el7_9.i686.rpm791474fa898b4d6fa0ebdb548ed5799c07682da9ada08418be98c027169e4f32python-pillow-devel-2.0.0-25.gitd1c6db8.el7_9.x86_64.rpm0e5b6de2c1553be4d41141f38ee00540dee7f7bac9856cd13e3a5577bc44e79dpython-pillow-doc-2.0.0-25.gitd1c6db8.el7_9.x86_64.rpm7913772aeb3a93c0c8f76445b344a0e683bd79d3a9d15080fdb4a08d22c57993python-pillow-devel-2.0.0-25.gitd1c6db8.el7_9.i686.rpm38a8568a5a6917fed7d4ca98920d155a2a4391e7172ea37054f73fe7c4afdb1epython-pillow-sane-2.0.0-25.gitd1c6db8.el7_9.x86_64.rpmbc9b15bb3548fca39106e1dd305aafcfecdddb850043ac44e12acaa19d73175dpython-pillow-qt-2.0.0-25.gitd1c6db8.el7_9.x86_64.rpm4d006721fe89a5c6fa877246ae5304b6c0c98ca697495886f0d15e4cb52d2acepython-pillow-2.0.0-25.gitd1c6db8.el7_9.x86_64.rpm4e40b851a547086a74959ca0b2a31dfa750e1882e98dd5a8a56534c2f033e53aSLSA-2024:0957Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fix(es): * Mozilla: Out-of-bounds memory read in networking channels (CVE-2024-1546) * Mozilla: Alert dialog could have been spoofed on another site (CVE-2024-1547) * Mozilla: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 (CVE-2024-1553) * Mozilla: Fullscreen Notification could have been hidden by select element (CVE-2024-1548) * Mozilla: Custom cursor could obscure the permission dialog (CVE-2024-1549) * Mozilla: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants (CVE-2024-1550) * Mozilla: Multipart HTTP Responses would accept the Set-Cookie header in response parts (CVE-2024-1551) * Mozilla: Incorrect code generation on 32-bit ARM devices (CVE-2024-1552) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Scientific Linux 7thunderbird-115.8.0-1.el7_9.x86_64.rpmb93f4388564d33caa2064835d37d025d08c1b8d66e51e872a3921bc0f40645d6SLSA-2024:0976Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.8.0 ESR. Security Fix(es): * Mozilla: Out-of-bounds memory read in networking channels (CVE-2024-1546) * Mozilla: Alert dialog could have been spoofed on another site (CVE-2024-1547) * Mozilla: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8 (CVE-2024-1553) * Mozilla: Fullscreen Notification could have been hidden by select element (CVE-2024-1548) * Mozilla: Custom cursor could obscure the permission dialog (CVE-2024-1549) * Mozilla: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants (CVE-2024-1550) * Mozilla: Multipart HTTP Responses would accept the Set-Cookie header in response parts (CVE-2024-1551) * Mozilla: Incorrect code generation on 32-bit ARM devices (CVE-2024-1552) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Scientific Linux 7firefox-115.8.0-1.el7_9.x86_64.rpm19645f18638c73e54e5a9ab313bc9cd6fd7f9324afe5a071c4b777a21e1ad939firefox-115.8.0-1.el7_9.i686.rpmf08e3beb43fee16a6bce5a10defd482ad304f42980b9ca9b7be65555bce9fc2aSLSA-2024:1249The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * (CVE-2024-26602, ?) * kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896) * kernel: use-after-free in sch_qfq network scheduler (CVE-2023-4921) * kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871) * kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (CVE-2023-38409) * kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [rhel-7] INFO: possible circular locking dependency detected: store+0x70/0xe0 kernfs_fop_write+0xe3/0x190 (BZ#2161654) * qedf: Reading /sys/kernel/debug/qedf/hostX/stop_io_on_error can cause panic (BZ#2224973) importantScientific Linux 7python-perf-3.10.0-1160.114.2.el7.x86_64.rpm6219ccf626b63bfab99d033de385dba6b35d64154246c6fd87812ec21e8e9567kernel-devel-3.10.0-1160.114.2.el7.x86_64.rpmfda8c918fc3432c34e4268978b46c786654968f2a0601c6abdfe2d643733f990kernel-tools-libs-3.10.0-1160.114.2.el7.x86_64.rpm203be60922d3278b1b6d9471c79cab6f9bfa2a0fd05b05dc5fdca7042aa6fb6ekernel-headers-3.10.0-1160.114.2.el7.x86_64.rpm0a74334fadf5e361e000cdfd3914bab8064753102fdf58527a4c1f18e88ed0eaperf-3.10.0-1160.114.2.el7.x86_64.rpmb5912c34f83560f9865f6f1fba4f654f7eea21409398c0b15be377e95e45cf5bkernel-debug-devel-3.10.0-1160.114.2.el7.x86_64.rpm791452b00d72645b5e5c89f1f04b9d21efbce3b90009de08924f5b4797d8903bkernel-tools-libs-devel-3.10.0-1160.114.2.el7.x86_64.rpma76baaa0c86b21c117e3b32b9378a3dc132095b00cba8c207c9c0293b4cba73dbpftool-3.10.0-1160.114.2.el7.x86_64.rpma734e79d3bc421f931d2d82589a7103260a56804728153892a0411b268848840kernel-abi-whitelists-3.10.0-1160.114.2.el7.noarch.rpm8451aa49628585a9f0906f5104d7d6ba5087251161b07861149fa5a68f34f516kernel-debug-3.10.0-1160.114.2.el7.x86_64.rpm6d80eb63b24244233b797ebcb16866ce03198e8bd8d097de606bad6f046bac58kernel-doc-3.10.0-1160.114.2.el7.noarch.rpm3d9873984d98e433540c1af5b1d24fed7014cee60c834f5793708a0f651dd30dkernel-tools-3.10.0-1160.114.2.el7.x86_64.rpm8a07d2f79c4bbcf23b91292c704d658bd4ea30c4d82402774a36dbd95a172f0bkernel-3.10.0-1160.114.2.el7.x86_64.rpm49c52b78daffac4caa1ac6602573916787864be7bb05d7a94416bfb7544b3922SLSA-2024:1486Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.9.1 ESR. Security Fix(es): * nss: timing attack against RSA decryption (CVE-2023-5388) * Mozilla: Crash in NSS TLS method (CVE-2024-0743) * Mozilla: JIT code failed to save return registers on Armv7-A (CVE-2024-2607) * Mozilla: Integer overflow could have led to out of bounds write (CVE-2024-2608) * Mozilla: Improve handling of out-of-memory conditions in ICU (CVE-2024-2616) * Mozilla: Improper handling of html and body tags enabled CSP nonce leakage (CVE-2024-2610) * Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions (CVE-2024-2611) * Mozilla: Self referencing object could have potentially led to a use-after-free (CVE-2024-2612) * Mozilla: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 (CVE-2024-2614) * Mozilla: Privileged JavaScript Execution via Event Handlers (CVE-2024-29944) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. criticalScientific Linux 7firefox-115.9.1-1.el7_9.x86_64.rpmf288a71162f7c339c59ad0bdca178fcb27e415e0866b00db0cd176c57dbd1706firefox-115.9.1-1.el7_9.i686.rpm9518d749a87e95259d1331d59693d6a74d7e9eee033f5a31d1676c914155d44bSLSA-2024:1498Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.9.0. Security Fix(es): * nss: timing attack against RSA decryption (CVE-2023-5388) * Mozilla: Crash in NSS TLS method (CVE-2024-0743) * Mozilla: Leaking of encrypted email subjects to other conversations (CVE-2024-1936) * Mozilla: JIT code failed to save return registers on Armv7-A (CVE-2024-2607) * Mozilla: Integer overflow could have led to out of bounds write (CVE-2024-2608) * Mozilla: Improper handling of html and body tags enabled CSP nonce leakage (CVE-2024-2610) * Mozilla: Clickjacking vulnerability could have led to a user accidentally granting permissions (CVE-2024-2611) * Mozilla: Self referencing object could have potentially led to a use-after-free (CVE-2024-2612) * Mozilla: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 (CVE-2024-2614) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7thunderbird-115.9.0-1.el7_9.x86_64.rpm633ac61bf649cbb0a8af1fe19bf02629b6aa72b06a1f7bc010f3e0191c081bf1SLSA-2024:1785X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080) * xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice (CVE-2024-31081) * xorg-x11-server: User-after-free in ProcRenderAddGlyphs (CVE-2024-31083) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7xorg-x11-server-devel-1.20.4-29.el7_9.x86_64.rpm9cd2ecb63df9fb22b407d4985082354910087069eb12747b1a3c8dbd91a376c8xorg-x11-server-Xephyr-1.20.4-29.el7_9.x86_64.rpm36081c9b9c87022032141d87cee179ca1e4bb24b8e3cec5f810f3ab3292b9879xorg-x11-server-common-1.20.4-29.el7_9.x86_64.rpmae83d82858bf83da7eb37ddae61f71b588879adba1aee004ba37fa6c2d6d282exorg-x11-server-source-1.20.4-29.el7_9.noarch.rpmb575bab4e5c503acc122713aa952b48ec27c1f2e2d71abe1d9a7e2e310d01e87xorg-x11-server-Xvfb-1.20.4-29.el7_9.x86_64.rpm75f7bf39ae5ecfa5c37a5fda81409b7a747e3ea195240253b07e5e2fbde9fbdexorg-x11-server-Xwayland-1.20.4-29.el7_9.x86_64.rpm3f71c6f0a460e254f7fa38a4f70022c2c16b0434b7420d55c85b95c33edfe2caxorg-x11-server-Xorg-1.20.4-29.el7_9.x86_64.rpm0592fe7d3f6d6942ecef2e6f48163fac7cf59b2d760479fb6110f81b240b650fxorg-x11-server-devel-1.20.4-29.el7_9.i686.rpmf7a93733b242167bb472f01c0d7ba503dbfa21a96eca2e2707ab2967e47c3791xorg-x11-server-Xnest-1.20.4-29.el7_9.x86_64.rpma8f92d3db45455d068361ebaa8af64275d656af1a44d0d7cf1c3db6e0ed91e53xorg-x11-server-Xdmx-1.20.4-29.el7_9.x86_64.rpm3387269f61804f0b2b7a9606c3a1344123086b21b9ae3e253996b289b54daa30SLSA-2024:1787Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): * squid: denial of service in HTTP header parser (CVE-2024-25617) * squid: denial of service in HTTP request parsing (CVE-2023-50269) * squid: Buffer over-read in the HTTP Message processing feature (CVE-2023-49285) * squid: Incorrect Check of Function Return Value In Helper Process management (CVE-2023-49286) * squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728) * squid: Denial of Service in SSL Certificate validation (CVE-2023-46724) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7squid-3.5.20-17.el7_9.10.x86_64.rpm535a00517c6bfbc2eca005ca05996bec350f327132f69dc9810e100b756d33b9squid-migration-script-3.5.20-17.el7_9.10.x86_64.rpm1e1ad8c5ac62df286ba1a1efb4176f3191425f71477815589b05339e2df1d1a2squid-sysvinit-3.5.20-17.el7_9.10.x86_64.rpm5730d09504f1aece6838c90069bffc2f453f55cf5381b7ff8a93a4031c6f26eeSLSA-2024:1817The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix(es): * OpenJDK: long Exception message leading to crash (8319851) (CVE-2024-21011) * OpenJDK: integer overflow in C1 compiler address generation (8322122) (CVE-2024-21068) * OpenJDK: Pack200 excessive memory allocation (8322114) (CVE-2024-21085) * OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507) (CVE-2024-21094) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.i686.rpmdd01fc33cf37f8a54346df5d03f247bc4d1c8065d17be7e0dc44bce99c32630ejava-1.8.0-openjdk-javadoc-zip-debug-1.8.0.412.b08-1.el7_9.noarch.rpm94cfa62d890d71ee0423d68a84ca416efa73088f89fd28aa08bd254071ea0dc8java-1.8.0-openjdk-demo-debug-1.8.0.412.b08-1.el7_9.i686.rpm6233de7740a123225cfc809c5dd0ca69df02afbd5c4c3617ab65430c0f91fbb8java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.i686.rpm8b7774447a244305f377bfb98fb92dccf701eb683776599a2c434451bed39e4ejava-1.8.0-openjdk-javadoc-debug-1.8.0.412.b08-1.el7_9.noarch.rpm32bc114411b39d13ebf0af4da7ce0d616d3d468dcb79216083faf5c157b03574java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.i686.rpmd6d71f3df48a3ed75ac0a571754ead18c5bc889da18c3ac6e7cec74bbc25e110java-1.8.0-openjdk-devel-1.8.0.412.b08-1.el7_9.x86_64.rpm4b8f078d24919936a039b9a6a20ae2eb785df559b2768b8bd03f9f2e75cc75cejava-1.8.0-openjdk-demo-debug-1.8.0.412.b08-1.el7_9.x86_64.rpm6929e42135cc5b3160118cca0a986785bcd307dd581a4e9ebf6fde91bb59e5e6java-1.8.0-openjdk-devel-debug-1.8.0.412.b08-1.el7_9.i686.rpmb76d6c84c2a51474607dd5b89ad367198739336bf4d0d717fe379a4b107a1194java-1.8.0-openjdk-devel-debug-1.8.0.412.b08-1.el7_9.x86_64.rpmbb8720a43b0770f702a2a69d7eb270cdb045e73007fce293a10345e250c09917java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.i686.rpm88c0c30ef0a8545ceb2fca04440af566161c59dbf80592eaf32fd279a6d96057java-1.8.0-openjdk-src-1.8.0.412.b08-1.el7_9.x86_64.rpm5523d2b121cb76c5a23a0d7a0dd3e9fd938e5f25a5b398b79077570f0915a36ejava-1.8.0-openjdk-accessibility-debug-1.8.0.412.b08-1.el7_9.i686.rpmc0a1975cbe1fe4c1361671feeb62ec6b042b7857ffc6c16fdd3a44afe6f7cd99java-1.8.0-openjdk-accessibility-debug-1.8.0.412.b08-1.el7_9.x86_64.rpmdb697d3e8d1962d53c672af785b1660088386812b6283f7e4411faead1501646java-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.i686.rpmd3f92ce1c50bcb1f3d2f20321ee32cebcacaccac3d641d2ba4f557c28bc47dc4java-1.8.0-openjdk-src-debug-1.8.0.412.b08-1.el7_9.i686.rpm1e18f402b9c193cdbb34f248883971b11cc93698b212a6939e9a39804a76785cjava-1.8.0-openjdk-demo-1.8.0.412.b08-1.el7_9.x86_64.rpm502e113cb2543a3a4799877c200a64611d442bb8fffb7bcd44e50689866ce726java-1.8.0-openjdk-headless-1.8.0.412.b08-1.el7_9.x86_64.rpm8a95eeea1fb14c5468160dd9015fd10e7323043f5cdee0eb301e88d8baaa3a6djava-1.8.0-openjdk-javadoc-zip-1.8.0.412.b08-1.el7_9.noarch.rpm51d609b53a3edd23c2b078777e77bd319dc039533ad3a208bfb16b3a29af2c38java-1.8.0-openjdk-accessibility-1.8.0.412.b08-1.el7_9.x86_64.rpma9d12d3814fde3710d495b3aa7014690427bdf0048df08200fa30df1cc9af6cdjava-1.8.0-openjdk-debug-1.8.0.412.b08-1.el7_9.i686.rpm80e519bed885acf426e7abafe523f22b410a4738b99d422abcad3e1f121f799fjava-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.x86_64.rpm4c8d2f27d85e9b6b854a7845dfd33dd362e517a68898ff465e7a7fd13eaa80efjava-1.8.0-openjdk-headless-debug-1.8.0.412.b08-1.el7_9.i686.rpm86f31659058f688c5d9fb31cb83b1e8a61a0f1609448613d7b58f2aad6025143java-1.8.0-openjdk-headless-debug-1.8.0.412.b08-1.el7_9.x86_64.rpm1894fd71dfa3138964caa76cbbfaf358a833d2897d72d6500ebc32a799320362java-1.8.0-openjdk-1.8.0.412.b08-1.el7_9.i686.rpmb61062c1696adf1365012cdb2d60c4557f7b54b96b6b07f3a0c987cb7cad38c3java-1.8.0-openjdk-src-debug-1.8.0.412.b08-1.el7_9.x86_64.rpmdc6dc3d2a74a97e5c60ab5e0175706aa7b0e2f9b8d74159d7965cc12479a1fffjava-1.8.0-openjdk-javadoc-1.8.0.412.b08-1.el7_9.noarch.rpmfae992f04223ed32dcc4c439a82ab270df358fe5e7f95ca14ea9d6f3b8c9234ajava-1.8.0-openjdk-debug-1.8.0.412.b08-1.el7_9.x86_64.rpmec52dc8077894df0b9eafe9b63a0f6478081b8ffc6b5a01cc48aab78106833b8SLSA-2024:1821The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fix(es): * OpenJDK: long Exception message leading to crash (8319851) (CVE-2024-21011) * OpenJDK: integer overflow in C1 compiler address generation (8322122) (CVE-2024-21068) * OpenJDK: Pack200 excessive memory allocation (8322114) (CVE-2024-21085) * OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507) (CVE-2024-21094) * OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708) (CVE-2024-21012) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7java-11-openjdk-javadoc-zip-debug-11.0.23.0.9-2.el7_9.x86_64.rpm83bf9c4398525ee7235519d471d34273b1eab0a40c397efbb926105051049d04java-11-openjdk-src-debug-11.0.23.0.9-2.el7_9.x86_64.rpm433671636d3ff2ed55052ae80016a5bf3cc10113b000be4e054d38340c1fa348java-11-openjdk-headless-11.0.23.0.9-2.el7_9.x86_64.rpm4fcec7872a4167f05a2253652cd1080227bb44714c997916cc428c7dfeb7e72bjava-11-openjdk-javadoc-debug-11.0.23.0.9-2.el7_9.i686.rpm2287b02610b5ca856eef97c4399a7c05098956fe60f54c163b81bbd72d046135java-11-openjdk-static-libs-debug-11.0.23.0.9-2.el7_9.x86_64.rpm76348cd9945afc43080010a400c33dbe2f3caae0a92f79c52e4dd89a660fb45ajava-11-openjdk-demo-11.0.23.0.9-2.el7_9.x86_64.rpm4d62abd5413d28dec9654b5538b1a048c9bfa1143edb7b9dfbbfd0027246a157java-11-openjdk-javadoc-zip-11.0.23.0.9-2.el7_9.i686.rpm66d7708d57587d0bbb7f3aa5da321a292b9a3ece5bc795f8a93ca187888a4f39java-11-openjdk-headless-debug-11.0.23.0.9-2.el7_9.x86_64.rpmf54a1040f9ff05f7c90bfd476058e20983715f79fe14e709ecb98fb8dcf8eee6java-11-openjdk-devel-debug-11.0.23.0.9-2.el7_9.x86_64.rpmddf698e9510fc5f9ebe182220b487f28838d9f0643f0d672f8205d4c081fb571java-11-openjdk-jmods-11.0.23.0.9-2.el7_9.i686.rpm8e8db98b1336dc22e9f6260200f7cf67fe6e41ab873dabe2d6da8233a5af5eb0java-11-openjdk-11.0.23.0.9-2.el7_9.i686.rpmc816cdd66389a18294ccd7d1f7daaf4e76e70c652ab59649ce25c61bff610cf1java-11-openjdk-demo-debug-11.0.23.0.9-2.el7_9.i686.rpm256ac25644e7dd3d70c4780b8ab3cbf37551086087ce78b6a20c5189b202f309java-11-openjdk-javadoc-debug-11.0.23.0.9-2.el7_9.x86_64.rpmc4840f9613e6ed3d1e856759f8ae2b64c39dadc5a6a0796a955744b1326c84c0java-11-openjdk-src-11.0.23.0.9-2.el7_9.x86_64.rpm73fcd8c65d03fd78b26fb9a5b37dfde0bb13a7536216b3cddd40d4f4d47401c2java-11-openjdk-javadoc-zip-debug-11.0.23.0.9-2.el7_9.i686.rpm0a63ee84ae817929cab3f49b5d8695161dba65b7afdaba91c208c647089b0a3djava-11-openjdk-demo-11.0.23.0.9-2.el7_9.i686.rpm275f3d258d3d6ec26e355436793272b83dd2333fcf504d9c954e6b5bf68ab735java-11-openjdk-javadoc-11.0.23.0.9-2.el7_9.x86_64.rpm93b23fbbf28a017c1ce8b6adc2d68f6af0707cb664887246c334caa9c194701fjava-11-openjdk-demo-debug-11.0.23.0.9-2.el7_9.x86_64.rpmb1b6ee1e6944ff30f1b9fb7115caed23f4763fb38f08db5bd0389715532592a6java-11-openjdk-javadoc-zip-11.0.23.0.9-2.el7_9.x86_64.rpm8db4502addde63a3d96670c3a5c036dc93285bd28634f1d10d28d4d0f519295fjava-11-openjdk-headless-debug-11.0.23.0.9-2.el7_9.i686.rpmb92fafe1e4203272638d4871d2d5c87b17a94af5560426e97deb419dacb882c6java-11-openjdk-debug-11.0.23.0.9-2.el7_9.i686.rpm28d755e9c43b1d35a38ee0be97dc1383047b60341a0f054cca72ba9054d952e3java-11-openjdk-devel-11.0.23.0.9-2.el7_9.x86_64.rpm81c86fe4a514adee5f88ec8459181b1de99df7ed6982e9ed2c8dce31be634357java-11-openjdk-jmods-debug-11.0.23.0.9-2.el7_9.i686.rpme3893ad0cc9afa1d48812473113d15b0a69b9091e83c1bc1462589fef73b8cc8java-11-openjdk-devel-debug-11.0.23.0.9-2.el7_9.i686.rpmb78ba6a368741f19c8d8e34add033eb125d3146948b4e7fd6541b82e1dffbf0ajava-11-openjdk-debug-11.0.23.0.9-2.el7_9.x86_64.rpm42e0262d4474aaf0389974ee13fa2d981e491bbb07683f7b4c6329edf6557d83java-11-openjdk-headless-11.0.23.0.9-2.el7_9.i686.rpmd6ad00980db65031bf41c48fa478db9c382eb95e54302a445595034f1730aa0djava-11-openjdk-jmods-11.0.23.0.9-2.el7_9.x86_64.rpmd8dfa59d0f2dd9a44a3631795e37ab959edcb3877fbf631dc5a9ef2f99a76df6java-11-openjdk-devel-11.0.23.0.9-2.el7_9.i686.rpm9c9120e36d54a44510c9d8861582a75d6e6aad532ed4d28f57d2a960448564c9java-11-openjdk-src-debug-11.0.23.0.9-2.el7_9.i686.rpm40d48da8a29c49d1fa3e7bfe26af46afc08a5af9feeff7a65050876117edbbc3java-11-openjdk-static-libs-11.0.23.0.9-2.el7_9.x86_64.rpm44d581cf158533a72118a6461a310d4da57a5b45aed55b41e97c27a29e277e7ajava-11-openjdk-11.0.23.0.9-2.el7_9.x86_64.rpm7bb1431fad617ee085a71171ba969888296b01db0f3fde4bbbc0178bad08cccejava-11-openjdk-javadoc-11.0.23.0.9-2.el7_9.i686.rpm7e33c0ced954204da3edbf3fe83aa47c1a89367b01943da62947679f686e75cajava-11-openjdk-src-11.0.23.0.9-2.el7_9.i686.rpmda5a45e8546769c6a9fb143e6392357a5b7219676762c3314699251c92d6b958java-11-openjdk-jmods-debug-11.0.23.0.9-2.el7_9.x86_64.rpmc15a40f868117eb65143aef6ce9a4dd5e62a2848fbe4ceef0ad576ae4233329fSLSA-2024:1910Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.10.0 ESR. Security Fix(es): * GetBoundName in the JIT returned the wrong object (CVE-2024-3852) * Out-of-bounds-read after mis-optimized switch statement (CVE-2024-3854) * Incorrect JITting of arguments led to use-after-free during garbage collection (CVE-2024-3857) * Permission prompt input delay could expire when not in focus (CVE-2024-2609) * Integer-overflow led to out-of-bounds-read in the OpenType sanitizer (CVE-2024-3859) * Potential use-after-free due to AlignedBuffer self-move (CVE-2024-3861) * Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 (CVE-2024-3864) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7firefox-115.10.0-1.el7_9.i686.rpm7aa2b7e271c8808b35f2e8c47723c3842c4604ae0ebbeec74b2b64f89c658cbbfirefox-115.10.0-1.el7_9.x86_64.rpmd474c789af4e006b84209b179f4e0c6be2a1a86df34b65a9c1b4b4944eba55a1SLSA-2024:1935Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fix(es): * Mozilla: Denial of Service using HTTP/2 CONTINUATION frames (CVE-2024-3302) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. lowScientific Linux 7thunderbird-115.10.0-2.el7_9.x86_64.rpm3696d5d5fb5df0d910ac63a3812b6b8dcbd4f73d94a8e492276e66cd49d1d3a1SLSA-2024:1959The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fix(es): * shim: RCE in http boot support may lead to Secure Boot bypass (CVE-2023-40547) * shim: Interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems (CVE-2023-40548) * shim: Out-of-bounds read printing error messages (CVE-2023-40546) * shim: Out-of-bounds read in verify_buffer_authenticode() malformed PE file (CVE-2023-40549) * shim: Out-of-bound read in verify_buffer_sbat() (CVE-2023-40550) * shim: out of bounds read when parsing MZ binaries (CVE-2023-40551) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. IMPORTANT: The new shim revokes ALL VERSIONS of GRUB2 before grub2-2.02-0.87.el7_9.14. Therefore GRUB2 MUST be updated to the latest version: grub2-2.02-0.87.el7_9.14 BEFORE or SIMULTANEOUSLY with this shim in order for Secure Boot to continue to work. Failure to update GRUB2 will result in an UNBOOTABLE system. importantScientific Linux 7shim-unsigned-ia32-15.8-3.el7.x86_64.rpme205f2d8305e0b78da2a23ae1ec4d74aab02e8666f7ac0573866fdbf52ca7d5dshim-ia32-15.8-1.el7.x86_64.rpmf9b40dc9c290d5b52191e1ee291cb54f54bd2decf7caff9846910f154d7a87d3shim-unsigned-x64-15.8-3.el7.x86_64.rpm1960322489956f7c9e0fee46c0b1f582aa9f8f421121d9bb40fdee4ef68191bbshim-x64-15.8-1.el7.x86_64.rpm22cbf183fedbf7bd3f9d2d686e657129a007b4d766f3498f6633df7de49997c7mokutil-15.8-1.el7.x86_64.rpmc0381e57fd3d566a9d884ed245c28a97fb5db1c6f56b62d93a63077d718a1caaSLSA-2024:2002The grub2 packages provide version 2 of the Grand Unified Boot Loader (GRUB), a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fix(es): * grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass (CVE-2022-2601) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. moderateScientific Linux 7grub2-pc-modules-2.02-0.87.sl7_9.14.noarch.rpmde553d66e74eb6e3b7291f750da30dbb325c1c4eb33c4503ee423eebfa6049d4grub2-efi-x64-2.02-0.87.sl7_9.14.x86_64.rpm5f59ec5b5ba3c614f0f6472378271d2b953a6a574efee9bc5bd3eca363cb01edgrub2-pc-2.02-0.87.sl7_9.14.x86_64.rpm108388534ab5669c827705a133cc30f5e1641a6ecfbc597074fe1c98fd198215grub2-efi-x64-modules-2.02-0.87.sl7_9.14.noarch.rpmabb1623323af16e8fd73f12c1dba456f6b92b4a57d94672fc75150a79e8045ddgrub2-tools-minimal-2.02-0.87.sl7_9.14.x86_64.rpm9f04dd1ad4933b1c0e401399052fe39d4c87fa9af4983150928cd5dcc7f4d77fgrub2-efi-x64-cdboot-2.02-0.87.sl7_9.14.x86_64.rpm5de060c344853637840847f2dd6643619fb84110543232a75b7bbbff64326da4grub2-efi-ia32-2.02-0.87.sl7_9.14.x86_64.rpmb0752bb4a2a765df6f934dc5e17464bca7e00f5f5815c029c145afa6986c9641grub2-tools-extra-2.02-0.87.sl7_9.14.x86_64.rpm8a17558cb3dc6d0c38515fb2f16fefc7a0e1ed8b825c0f1ee8477bf43adbc06egrub2-efi-ia32-modules-2.02-0.87.sl7_9.14.noarch.rpm72fe341a890b11586020e592b63e0ec987d05506b3f1a23b53418e605a7f5d96grub2-efi-ia32-cdboot-2.02-0.87.sl7_9.14.x86_64.rpm92183c4ed0632506a9dfa50d34fac96dc53b4ebdb641d69e1f705377fdf5db16grub2-2.02-0.87.sl7_9.14.x86_64.rpm516bae7d6c7518b69717c806a9cf27281aee56cfa3e37be492ebdd3c1db09675grub2-common-2.02-0.87.sl7_9.14.noarch.rpm9c52b9c63bdce728d5bf47d2c8c7a1de03c87359b8da295581efdce3ac56b976grub2-tools-2.02-0.87.sl7_9.14.x86_64.rpm926e8500cb90ae1aa6ae3931f1d2990822c04cb72f6a3a68ef2e735796469767SLSA-2024:2004The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * kernel: use after free in unix_stream_sendpage (CVE-2023-4622) * Kernel: bluetooth: Unauthorized management command execution (CVE-2023-2002) * kernel: irdma: Improper access control (CVE-2023-25775) * kernel: net/sched: sch_hfsc UAF (CVE-2023-4623) * kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference (CVE-2020-36558) This update also fixes the following bugs: * NFS client closes active connection (RHEL-22193) * kernel panic at __list_del_entry from smb2_reconnect_server (RHEL-26301) * kernel: race condition when call to VT_RESIZEX ioctl and vc_cons[i].d is already NULL, causing a NULL pointer dereference. (RHEL-28639) * kernel: net/sched: sch_hfsc UAF (RHEL-16458) * kernel: irdma: Improper access control (RHEL-6299) * The message in RHEL 7 ?stack-protector: Kernel stack is corrupted in:? is triggered because perf_trace_buf_prepare() does not verify that per_cpu array perf_trace_buf has allocated per_cpu buffers in it. (RHEL-18052) * [rhel7] gfs2: Invalid metadata access in punch_hole (RHEL-28785) * UDP packets dropped due to SELinux denial (RHEL-27751) * Boot fails with kernel panic at acpi_device_hid+0x6 (RHEL-8721) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7kernel-devel-3.10.0-1160.118.1.el7.x86_64.rpm85c7c3767f97a197245c84b2d5d239e52a212f765679a2013ff68f6b5660fc0akernel-3.10.0-1160.118.1.el7.x86_64.rpma215bf9176ac171af3703f8c45d6e6621d6f6d2ce4c2ea29341a7493e621608abpftool-3.10.0-1160.118.1.el7.x86_64.rpm17c07e3477c895a66bb5c88501f56574d18b9212f014105fb2699c78b52ed894kernel-headers-3.10.0-1160.118.1.el7.x86_64.rpm1f1abf69033db1dd3be82b519f1fae78b9df2de0ed9ae8ddb293a58726748b72kernel-tools-3.10.0-1160.118.1.el7.x86_64.rpme7c74b0039e8ab1b1bbb5ea76ca60ac8fcf39cc7cae5be1c8a2e402d110eb944kernel-tools-libs-devel-3.10.0-1160.118.1.el7.x86_64.rpmf679408054e52eef048fa610a3e07716247e545532cc89f912203db8407a7e92kernel-debug-devel-3.10.0-1160.118.1.el7.x86_64.rpm5faa45f1201c00caf00a824b5d0bef925ca3036d4cf259aec024b0ce5450c54dpython-perf-3.10.0-1160.118.1.el7.x86_64.rpm88255385c921df551bea5f3d19750b17a2eee06689d6b91a3f89eccf45f89913kernel-tools-libs-3.10.0-1160.118.1.el7.x86_64.rpm6a15f0c30a63a29a9fb0bcabab646c9d9ee1b32fd92514e6b5a68a2b1b3e8dc9perf-3.10.0-1160.118.1.el7.x86_64.rpmcf3cc9c6705a2cbe65cd973ed0addde6d273fcac8437cecf5351a2ffbc98c213kernel-doc-3.10.0-1160.118.1.el7.noarch.rpm9b4424bfbc18595a30c25a73762427674af6836540345ff342cd74a998cb3d1akernel-abi-whitelists-3.10.0-1160.118.1.el7.noarch.rpm7d8361f62fafbcfaa2d6ec717398c300db78c693c85387ed4351ead083beb4bbkernel-debug-3.10.0-1160.118.1.el7.x86_64.rpm7a1fb05bbeaaa66ba9f9f65a88b7cfb485dada88626e074b6fccf90b5e194406SLSA-2024:2080Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Security Fix(es): * xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents (CVE-2024-31080) * xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice (CVE-2024-31081) * xorg-x11-server: User-after-free in ProcRenderAddGlyphs (CVE-2024-31083) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7tigervnc-server-applet-1.8.0-33.el7_9.noarch.rpmfdaa2953aba5d18d06f8d606541a1b2ec1b74cfef56f022ee0bc02f60c18889dtigervnc-server-1.8.0-33.el7_9.x86_64.rpm39886431c1b102e3aef949be9fe7107c0710a22ca042910dfe6462ced503dcb1tigervnc-server-minimal-1.8.0-33.el7_9.x86_64.rpma9dd08cdddf52dae3391416ea2ee088e60c58672abf9cb11b5c4ac55d735bc47tigervnc-icons-1.8.0-33.el7_9.noarch.rpmfbb4c6d0df2b7888ffdd23d8b5619d0ac83f946c8b39084b08b95cdf80de40fetigervnc-license-1.8.0-33.el7_9.noarch.rpm194bd13249ee6ad299694362025856b55fe23b4054243b1c4e68abcb55cdbbd9tigervnc-server-module-1.8.0-33.el7_9.x86_64.rpmd7aa613f092e0e42839c77c6b97cb2a2a75091b3bbd0d42b00ef1cd14817735ftigervnc-1.8.0-33.el7_9.x86_64.rpm940566e6ba4ba98b4c9ed8c06be7ed68d2471417c41d545b2f6e5854198ede2cSLSA-2024:2881This update upgrades Firefox to version 115.11.0 ESR. Security Fix(es): * firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) * firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) * firefox: Potential permissions request bypass via clickjacking (CVE-2024-4768) * firefox: Cross-origin responses could be distinguished between script and non-script content-types (CVE-2024-4769) * firefox: Use-after-free could occur when printing to PDF (CVE-2024-4770) * firefox: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11 (CVE-2024-4777) importantScientific Linux 7firefox-115.11.0-1.el7_9.x86_64.rpm55b3f7841e4098f37f5a346f303ee689395bc9be8e5efe3b0e96a1e5ccb54f3afirefox-115.11.0-1.el7_9.i686.rpmfcb8f9aa002e42dfc510d097a721581620a8463d40e7b727bff2e5e03f417f29SLSA-2024:2913 This update upgrades Thunderbird to version 115.11.0. Security Fix(es): firefox: Arbitrary JavaScript execution in PDF.js (CVE-2024-4367) firefox: IndexedDB files retained in private browsing mode (CVE-2024-4767) firefox: Potential permissions request bypass via clickjacking (CVE-2024-4768) firefox: Cross-origin responses could be distinguished between script and non-script content-types (CVE-2024-4769) firefox: Use-after-free could occur when printing to PDF (CVE-2024-4770) firefox: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11 (CVE-2024-4777)importantScientific Linux 7thunderbird-115.11.0-1.el7_9.x86_64.rpmf95888eca1b9df9142fbc591b71f10682ab0ffd6264ed25f746e3f2d612ba572SLSA-2024:3304LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Scientific Linux 7libreoffice-langpack-st-5.3.6.1-26.el7_9.x86_64.rpmb5b2d90f8468a6c8fc833cb41acb323728f26727ebac7a27350abf013cfc35c6libreoffice-langpack-bg-5.3.6.1-26.el7_9.x86_64.rpmef9622f9bd1d4eb951525595543a22050bba30dc1e3d0089bea6fa58065dd567autocorr-de-5.3.6.1-26.el7_9.noarch.rpma3b47cac2b8fb9f3d0f229138c054be941af5c5381759fd1cce395d3f27ac166libreoffice-help-sv-5.3.6.1-26.el7_9.x86_64.rpm25bb9c3bb53e3675929599cb36b225fbee3073d6d44a1af01d4cf9821b3c1a65libreoffice-help-nn-5.3.6.1-26.el7_9.x86_64.rpm67f5137567d9ad9d16fb01a97f0c8fd8f17d171e9934bfd17f751675eb113678autocorr-sk-5.3.6.1-26.el7_9.noarch.rpm24f444d6954d85cd78c3fb489ce745f252fedcce1ab8892d8b1f5d8bc49ed5aaautocorr-fi-5.3.6.1-26.el7_9.noarch.rpm30db863d976679c99cb04ef3c7b435a0736c70b30795e3dba6909028a72f5169libreoffice-langpack-nl-5.3.6.1-26.el7_9.x86_64.rpmbb2257b24f1427cd0565223008ee7e702ff516159428db37349d2610cb37c3e7libreoffice-langpack-ru-5.3.6.1-26.el7_9.x86_64.rpm8f82f7a62de024c68b823355e638d6b8f64e351974c45d0d83d1a3372b03684flibreoffice-help-de-5.3.6.1-26.el7_9.x86_64.rpm80005d57bd471955774fec5d0e74152e3453f581711d2ef418c947727899cabblibreoffice-writer-5.3.6.1-26.el7_9.x86_64.rpm6d7855be03d7d7b110eeafcb94398cd9c02027580411502df9b8371986b4fbeblibreoffice-gdb-debug-support-5.3.6.1-26.el7_9.x86_64.rpm2cb747b449861a615682d21f10a6a55152455dc5a3f662c6769b4ca583b506fblibreoffice-postgresql-5.3.6.1-26.el7_9.x86_64.rpm459cb7ef55e54282a337cffe2e8118286c4a267d2d253348d9b9c59ab9b40b79libreoffice-help-et-5.3.6.1-26.el7_9.x86_64.rpma97a3949effcb6229a2e286d6e1a02d3458134353143dfa5f53b2e524ded6ffelibreoffice-help-da-5.3.6.1-26.el7_9.x86_64.rpm3eaa1fb335f4572b3bb75bbc744805f61fd173248a97384aed2f2c99695c7a71libreofficekit-5.3.6.1-26.el7_9.x86_64.rpm9132367e34cb94680daabaca9391e60997147e2ad4274a5ae752cb695d394882libreoffice-langpack-de-5.3.6.1-26.el7_9.x86_64.rpm770e2a95f0cdc63a3a98368378cd40a82e8d8cab2b63851b8a0502b9e2446b58autocorr-ro-5.3.6.1-26.el7_9.noarch.rpmfb0b63ce7c88d76be88f892e27ce54d77c8b1615e78480007d24dabd833341d0libreoffice-help-ta-5.3.6.1-26.el7_9.x86_64.rpm3a9e919d0f16df1ed3c5212d2151a8f1d71a5c81ab6c7f6ec5e5ab4fb527e5f1libreoffice-langpack-ts-5.3.6.1-26.el7_9.x86_64.rpmf00644d6bb6ef121a6be50f319bc7267f48a81c43f1026c0a86270e3b6b74fa8libreoffice-langpack-en-5.3.6.1-26.el7_9.x86_64.rpm01e0851ef4d5e5d558b8830384cc22e7b4485d35dd2ad557f2f418277dcc19a8autocorr-da-5.3.6.1-26.el7_9.noarch.rpm503abfb816613a202f375dc0a186b136efbb56583be231d4c47bde605ab2ff2blibreoffice-help-fi-5.3.6.1-26.el7_9.x86_64.rpmfeb8a5c95863c1607a74cf9f9f8d34b0aac63f0516c7318e4c0636f094a97e29libreoffice-help-nb-5.3.6.1-26.el7_9.x86_64.rpmccd149e01dbddbd8561581401786f22fb5abf8d17d89ccdbe98fb8e7567ca0e9libreoffice-langpack-ta-5.3.6.1-26.el7_9.x86_64.rpmfc6876fc64f592dbef2a82fcedcb89ff128940d1f1d3efb158cec7d8dfdfb546libreoffice-langpack-gu-5.3.6.1-26.el7_9.x86_64.rpm33f07e83cc97c56b8afb6f778a1d2726549addc0465442ff19a5dbccae35046clibreoffice-pdfimport-5.3.6.1-26.el7_9.x86_64.rpmd0c3a8418d14b6826a4c4fbcb183b38591e6e7b9e381e25a2a7adcb1eac9ecadlibreoffice-langpack-zu-5.3.6.1-26.el7_9.x86_64.rpme8da43cee532d8081c9b6429803b745ef2870a64f3c21ede5df42bbfe4c59152libreoffice-langpack-uk-5.3.6.1-26.el7_9.x86_64.rpmb85f75b2fdefaab2dc7d9717cca1706b118ac8fb7167627feeb249f5cf9ddf34autocorr-zh-5.3.6.1-26.el7_9.noarch.rpm9cc018b9c6e5a082f269bbc697500c07efc76b269ce60d0dc2eb311071174349libreoffice-help-es-5.3.6.1-26.el7_9.x86_64.rpm995ba00e29d88d777c737afb75a7d72c6a52e6cebf777749fc359c4e2e7394e1libreoffice-help-gl-5.3.6.1-26.el7_9.x86_64.rpmc34ef81db96a84c9b660d5328a9a1547568c819d286f6e20096bb41a032d805blibreoffice-langpack-eu-5.3.6.1-26.el7_9.x86_64.rpm2f9062dc7c74b65d1fe46a6aa16bff321ceef6cdf8709230296b2aa0b90f1edflibreoffice-langpack-nso-5.3.6.1-26.el7_9.x86_64.rpm8d40d448b472cf9ebf321e7bb72e9c352281913a7925249b3677f8650d71101flibreoffice-langpack-sk-5.3.6.1-26.el7_9.x86_64.rpm0b3f57772f97dbd58e94bba840fb36fd0e24e2931be45ab5f977f6eb20491cb9libreoffice-help-ko-5.3.6.1-26.el7_9.x86_64.rpm7a2ec1147fba8a3ec5e7e20e808062f31b5cabfd9762063a29faa8f7b0f76e03libreoffice-help-pt-PT-5.3.6.1-26.el7_9.x86_64.rpm8ec1f5d1872b8993b1e272c5aab60966468c9700a052111915f7f0327d88d841libreoffice-langpack-tn-5.3.6.1-26.el7_9.x86_64.rpme9256b8f39feb3541a0672034d4d310d1bbd973d23cdb977a4cf21b111f0530alibreoffice-rhino-5.3.6.1-26.el7_9.x86_64.rpm75732ab688cfa9f7989cacbadd50a0b5174f23b9dbf5f241beb5b8800232e244libreoffice-langpack-he-5.3.6.1-26.el7_9.x86_64.rpm0692fe12d41bd5b23726291d7d1469bb765abb3dcb9f4bce4f6c33309c406d72libreoffice-help-hr-5.3.6.1-26.el7_9.x86_64.rpm5cac849c307b75917fca18076120b5ca54640dedffa241b68af804ee27f1c638autocorr-pl-5.3.6.1-26.el7_9.noarch.rpme43f3b46401a800a651b87d46da09b528d7d5a186cf162e0a550176dd22115aelibreoffice-help-lt-5.3.6.1-26.el7_9.x86_64.rpmf5e99e8e1e3b2ae179f644ec4dfda2548d01a48bd36c9b4f0684b0536eaa0ac0libreoffice-langpack-hr-5.3.6.1-26.el7_9.x86_64.rpm952f84efdbdfdac386ed99332b7bae48a7b8362ab556d4b3c6ee8cb37fb1d1aclibreoffice-langpack-hu-5.3.6.1-26.el7_9.x86_64.rpmd1d86d10eab53d20db4f444912c986720d6975803fead8fc0b1ae5354cb35f42libreoffice-langpack-xh-5.3.6.1-26.el7_9.x86_64.rpme4d2182982dc57b03a81af5110930d01e8a2bfd0457226049a258b31f8742061autocorr-sl-5.3.6.1-26.el7_9.noarch.rpm1a5e3e534c20ed4a998986e5c76b18f5ae726a403b63bd9c348bb5bb07455cbelibreoffice-gtk2-5.3.6.1-26.el7_9.x86_64.rpm835c40cb3c82c537695f4f0560535b6f7351422b17726f8b1d77b789d0cac57clibreoffice-emailmerge-5.3.6.1-26.el7_9.x86_64.rpm2c58cb593f2e801b523a884e5117defd8eff181fd3a037b2baa3ade8c26a93c2libreoffice-filters-5.3.6.1-26.el7_9.x86_64.rpmbee9125a5a79fd5187b4db55de62b35eefea3633f51ebaaaad641c60d5655177libreoffice-help-cs-5.3.6.1-26.el7_9.x86_64.rpmeced567a62efb7becdae271e06bd653ac2982d6d4cbf4eef3e5029ce99e938a7libreoffice-help-bn-5.3.6.1-26.el7_9.x86_64.rpmd6c44cae2de2955fc1496abc321fd8c5d1462105e14f363bca7c69546aa0fd92libreoffice-langpack-da-5.3.6.1-26.el7_9.x86_64.rpm12b4ece3442cb939c0656517f906c8f84fda97be5a329555806c249c58f8e2e1libreoffice-langpack-as-5.3.6.1-26.el7_9.x86_64.rpm3e13d987ab00908acc8acc301757c292c99a39fee6338cc62e20a3c02ca6cc66libreoffice-officebean-5.3.6.1-26.el7_9.x86_64.rpm35f836a30502d60be98021719b9b0e1b24685e3c00cf5d0c668a95b120086c57autocorr-bg-5.3.6.1-26.el7_9.noarch.rpm263fa0cbe9f9c0e1be623195c1e7735ffda6bc58d705c8191ff8f429ba6e4c7eautocorr-ko-5.3.6.1-26.el7_9.noarch.rpmf0884bafc9de29300689a3114fbfc8ab4836bd65896fc37b9f39f25d90aeec44libreoffice-langpack-te-5.3.6.1-26.el7_9.x86_64.rpma4cad8fba4738a8c92a2721c93676bc60ccbb9767d400a1492c2097f31e005belibreoffice-langpack-nb-5.3.6.1-26.el7_9.x86_64.rpm4d252c52077a4288157f9d320970da33401a5a01e75a0f82af9741993d2d85a3libreoffice-langpack-ve-5.3.6.1-26.el7_9.x86_64.rpmeb589da6e7c4f3654fb12401fde271ce537768915b27b470e9039bad20348b3flibreoffice-help-sl-5.3.6.1-26.el7_9.x86_64.rpm8f006eebe057cc3e00d8fe40be12661d8dcab825f1fa39caa96d8a07329445b0libreoffice-help-uk-5.3.6.1-26.el7_9.x86_64.rpm8f6e2a26dd16041ca5bdb463039b6a4ee48896b1abbb2118359b59e9b3d37d4aautocorr-fa-5.3.6.1-26.el7_9.noarch.rpm3a22bc47f4d7d964cdd0d40e7c9918b3c6af71b5cefd9fd26204fbfddcaf7c9alibreoffice-langpack-nr-5.3.6.1-26.el7_9.x86_64.rpm3c2d060d95957da026eedcf0df7fbe78d18f9ff8d8b935f985c9cd4d7afe536cautocorr-ga-5.3.6.1-26.el7_9.noarch.rpmf87bbbec6c230a2543c8673dee70f84d13c2898857703047c9fa1b547ef42438autocorr-en-5.3.6.1-26.el7_9.noarch.rpm0e385e4782a6e3c95d5da3a50811c48d9420ac033626956d5ccfc3004710c1f7libreoffice-langpack-ar-5.3.6.1-26.el7_9.x86_64.rpm5c7cb5980bf2fd2a93526a0c34d31c822b8c95b61289a1fa08c489ec7e4bd974libreoffice-help-sk-5.3.6.1-26.el7_9.x86_64.rpm8df067fa0f0f155a2517b52a8f39dff9fdf58146ac3b1d4c919deeafd62e3814libreoffice-langpack-bn-5.3.6.1-26.el7_9.x86_64.rpmee199201fb21b69e8e25b9c29526e40ee4bd652e4b9fe6a6c65801be41c079cflibreoffice-officebean-common-5.3.6.1-26.el7_9.noarch.rpm334f80ce2aab0f6c0f33e3f1f2b9bf05f6e0ad655703244ba6e3d4ef97890219libreoffice-langpack-zh-Hans-5.3.6.1-26.el7_9.x86_64.rpmec9274963208072c1f6c4470df6218e8b4ea9ac14737ceff7dd740ae4637085elibreoffice-help-tr-5.3.6.1-26.el7_9.x86_64.rpmf5a010af43e703876c4a74f30c3ee7af4a0c3991938ee093998e4f875b9748f6libreoffice-ure-5.3.6.1-26.el7_9.x86_64.rpm48854e4dc8f6413a9f690cc09c49b28206647460b08a37a6e33fa57fb9bcbc4alibreoffice-help-ja-5.3.6.1-26.el7_9.x86_64.rpm81f10f5b9362393c38f4f74862b43e409ffbba4d54abae792ed40da4b2be054alibreoffice-langpack-br-5.3.6.1-26.el7_9.x86_64.rpmd332519afe269f839027e500eed27758f17f7b4eac67572a6cee419fa23b2a3flibreoffice-langpack-pt-BR-5.3.6.1-26.el7_9.x86_64.rpm333d7fbf850c543ac052c68dda2215ba101649262c2806ea36a79adfff503836libreoffice-help-it-5.3.6.1-26.el7_9.x86_64.rpm41b57fac5e159ac5690d69197802663581feedb27870b12c8c82ab2054c82423autocorr-lb-5.3.6.1-26.el7_9.noarch.rpmdb63268d90efacc2f86247c92ab4c488eb43177c046719bb6584426319e6f24dlibreoffice-langpack-nn-5.3.6.1-26.el7_9.x86_64.rpmec645e165a51e39ee0435ecdd7a697235e3c9ac9e880837f6c9eeff36ec8a8d9autocorr-is-5.3.6.1-26.el7_9.noarch.rpmff4ef613698619f75c15a019e09c690f64ea2d1a1ebd795f75d3c6262271d589libreoffice-gtk3-5.3.6.1-26.el7_9.x86_64.rpm3687079db1ff18a60b37e231b27bdf87d5d3a7f71fa66c23aef0443ad4525089libreoffice-langpack-mr-5.3.6.1-26.el7_9.x86_64.rpm1fd217d63028a4ef826e52d84c1fd8dad8c5fc3c0c24687bb57fb732e5b2677elibreoffice-langpack-et-5.3.6.1-26.el7_9.x86_64.rpm288ceb03920fc5f0a86b05912f10672773c2a1fc254875ff2e2beee0cfd6c1dcautocorr-ru-5.3.6.1-26.el7_9.noarch.rpm25c50dd0bb305a7ece72c2df068c383cdfc037ea996211f31326c2c9c4616b96autocorr-ca-5.3.6.1-26.el7_9.noarch.rpm21be9612e49226d7289f16ff17af4bc3e1a12631a2508c136be57e66c4be8c0elibreoffice-calc-5.3.6.1-26.el7_9.x86_64.rpm1a17f28e96cdde37d2ad0fa5ee0c326f282ce2b88271e9ea79f60d57f2328ad1libreoffice-langpack-ja-5.3.6.1-26.el7_9.x86_64.rpm6687646ea51414a2551f2c7a0d744ccfdca6a61697545afd6abd187eae26cdf9libreoffice-data-5.3.6.1-26.el7_9.noarch.rpm00efa97a7fe7c760f897a3cb717062501892d5dc992b3b7038c07035ca53274cautocorr-mn-5.3.6.1-26.el7_9.noarch.rpm4b257004d48893b2a2abeeeaaeddbc5c85dcf157d1ae583e3f51ea9f9a7115b0libreoffice-help-id-5.3.6.1-26.el7_9.x86_64.rpm36716fca79c44542452d4129d51873cf51d0ed9a8ef1d57b7cd5adc4d85f46c5libreoffice-langpack-zh-Hant-5.3.6.1-26.el7_9.x86_64.rpm824536c5233463106a41b7b722f583086968eec27528fe875797cb5c7cf51f9clibreoffice-langpack-kk-5.3.6.1-26.el7_9.x86_64.rpmd78dbe6fc27e8c6548bd63a233a1b730ba4dcc886535395617a20fae00062e0clibreoffice-langpack-el-5.3.6.1-26.el7_9.x86_64.rpm62d5df20e227175ae561ec2ce7ddd47092664842dbf122f9723b642c08ab4502libreoffice-help-pt-BR-5.3.6.1-26.el7_9.x86_64.rpmd2d74225259875f0673655306938564bab0fae9fd84cf62608b3d78359663a22libreoffice-help-fr-5.3.6.1-26.el7_9.x86_64.rpm46f22749f99bc1581165da3234e3cb3b1ca323691c86b5fd1c37851ea273aa06autocorr-tr-5.3.6.1-26.el7_9.noarch.rpm54183d51af640e75658296d35bb8f066eab608baf98ae60fd1e2baed646ae44elibreoffice-help-pl-5.3.6.1-26.el7_9.x86_64.rpm74d441b41d8b72166b9f635fc0c57ca0eb0a64a636707e5a32fdcbcd466133ablibreoffice-langpack-af-5.3.6.1-26.el7_9.x86_64.rpm6110c4ebca1618ddf81ae018ea17daa41f706aef71d980a7234489dee4989739libreoffice-help-hu-5.3.6.1-26.el7_9.x86_64.rpm0cde7a2b19ddc7fd5e1182cd683be4b8a057a8c7798c52eb3099c4f169b11d9elibreoffice-langpack-mai-5.3.6.1-26.el7_9.x86_64.rpm523b178440946fad18b97182bab88fe329e09b5066e99e2e290eb7cec888733dautocorr-hr-5.3.6.1-26.el7_9.noarch.rpm3dfbd19ff767da26f4d39f2bc17138451560210143eb01929feb4c03c37fa572autocorr-es-5.3.6.1-26.el7_9.noarch.rpmba23453b2fc17a40dec5b4369c25cc18c051dd885c686a87fdc31389cb2922d3libreoffice-langpack-or-5.3.6.1-26.el7_9.x86_64.rpma5761c8380a85423d4ccfd9f76e9576a3b36ca188d3b049c8572d67eb42caad9libreoffice-langpack-cs-5.3.6.1-26.el7_9.x86_64.rpm1a8c71e08c7ec16b62edac787e5a4811fa0a816d9f93a6fa7b46cd6c8b958770autocorr-nl-5.3.6.1-26.el7_9.noarch.rpm6e89ea348468878aa44181b4960d1a000db0a9508f07409cfc497c74beb28b00autocorr-hu-5.3.6.1-26.el7_9.noarch.rpm03a142f4d6c65427bee84e6d0c2183368347c16c102f5a1bd502ffb32243f487libreoffice-help-lv-5.3.6.1-26.el7_9.x86_64.rpme3eae24e2368fc10c93aa3c362971ac4de8cfebb765406901df5731a6d941720autocorr-vi-5.3.6.1-26.el7_9.noarch.rpmae4097650f241639b5c19eff8de2aa1a21476787f7827e816652130261870ed7autocorr-fr-5.3.6.1-26.el7_9.noarch.rpmd851171b4adec774afb0e2e51cc1bac0bdeb284b1152b8201f7ef1083f6d4238libreoffice-langpack-ga-5.3.6.1-26.el7_9.x86_64.rpmbd903c8d3132bbb7d6560c03135ee372cdf94191e9c0532f0e93f071573554c8libreoffice-langpack-fa-5.3.6.1-26.el7_9.x86_64.rpm900eeac9034f995c1167ff5d923325719fbfdcc3658a59b30746decad89ca707libreoffice-ure-common-5.3.6.1-26.el7_9.noarch.rpmfea4a0314953a510d994c065168bb8232ef9c8b59ccc51b7812c7d97bc597a7clibreoffice-langpack-lt-5.3.6.1-26.el7_9.x86_64.rpm0b07524e0d217876e66e60cf4da6ee8044e2970986a4b292d43eee1b5e45850flibreoffice-langpack-fr-5.3.6.1-26.el7_9.x86_64.rpmfcd175d83ea8b1a746990f1122f38c0bca2e24e3c263f2252378d515276f0647libreoffice-help-gu-5.3.6.1-26.el7_9.x86_64.rpm34bb7c1405956a5ef18327b95c1ee5f50c3193f56d763463f56a34490a683dcflibreoffice-ogltrans-5.3.6.1-26.el7_9.x86_64.rpm08576a8f22c052528909f8c2c353ddac1b7be69eff91b43f774ca5388c61accdlibreoffice-x11-5.3.6.1-26.el7_9.x86_64.rpm6b13eb1ba3ec8391015d8f7449445978c3a7dd78e36b832e57a2401a7903eed8libreoffice-pyuno-5.3.6.1-26.el7_9.x86_64.rpmf5103765444de86e1f0ae5ac0ad0151c8a677276a8040102c2ac60b1dab72a04autocorr-sv-5.3.6.1-26.el7_9.noarch.rpmf54dae95768f650fbe80910d4d8fa72ebed2e95279d2b5bc475f6637c4d2dc5alibreoffice-impress-5.3.6.1-26.el7_9.x86_64.rpm2d83d8093b8a33ac201107a1033384681084230f96c2a0fb3c5c04e6e73bc465libreoffice-core-5.3.6.1-26.el7_9.x86_64.rpme2dbc3f59ac23d790170a212d1ecd32479264af09f8c861d497dbc4bd4b3f99alibreoffice-help-el-5.3.6.1-26.el7_9.x86_64.rpm52b51d96924f8dda4101302a14e2c5d4235396446bbb83bc649ec96056b6e623libreoffice-help-he-5.3.6.1-26.el7_9.x86_64.rpm66ef1a83208d83739a80d830c0784cdf31e1b3adc85b268d53600cdfd8e459b5libreoffice-langpack-pt-PT-5.3.6.1-26.el7_9.x86_64.rpm9c32f7dcb80371360a266b61a8c079b3056068ae280d702a05ce1134060a918blibreoffice-langpack-kn-5.3.6.1-26.el7_9.x86_64.rpm40210b470382e6a8e8a735f0f46dbfeed39baddcb4cd42ff28dfbb6d7411e347libreoffice-help-ca-5.3.6.1-26.el7_9.x86_64.rpm89c2d9397d0860f1cb5b554751bbe3f2dafd7334570e85f302bba63cd0d8494blibreoffice-langpack-cy-5.3.6.1-26.el7_9.x86_64.rpmc74f06e24587429d98cc8061bef080838afeceb9f7716813418740ebd8273e18libreofficekit-devel-5.3.6.1-26.el7_9.x86_64.rpm0a878b76c7266a437493e95de61d472ed74f376777149100fba53a328e75dd89libreoffice-help-nl-5.3.6.1-26.el7_9.x86_64.rpme745e70ab7050fd535b37d8519da0c9593a94139c9e932f189937276cb86fba6libreoffice-langpack-pl-5.3.6.1-26.el7_9.x86_64.rpm6e2085402b65195e469936a84c4e0ada2df03470098fa406ef14cb3d7abebaealibreoffice-langpack-ro-5.3.6.1-26.el7_9.x86_64.rpmc9d2c929ba2e6f77324b8a0d0000286e9d2f5b35cb8672be20580b367e3f7d07libreoffice-langpack-id-5.3.6.1-26.el7_9.x86_64.rpm273ed25018114ade0859ecba406f22f583eb45d97e4c04069da6b36bcf82430eautocorr-af-5.3.6.1-26.el7_9.noarch.rpm9f0aee2ce44078eece54d5efedf9472cdd17e5b721083bd24a68fae7b8077489libreoffice-langpack-hi-5.3.6.1-26.el7_9.x86_64.rpm10a8d0d0c113f8ed3ea7c7eb8de006e306d4b8125fbc7dbc0c161088466acaf2libreoffice-langpack-sv-5.3.6.1-26.el7_9.x86_64.rpmaae7c8bf2edf349a3121d67bbd605f2d6b47e16b9fc02bff54bd75a1d9260c2cautocorr-sr-5.3.6.1-26.el7_9.noarch.rpmeabeb1624e04b2e8e1e4b026c3db53592eafbc89510834ba9358386e8fbb4070autocorr-lt-5.3.6.1-26.el7_9.noarch.rpmadc1951c23af6b856d8e53a934536c42f522cc21ff6579c0275579db8c77302blibreoffice-nlpsolver-5.3.6.1-26.el7_9.x86_64.rpm7d6c23a3e0b5848db9023e790378fbb7d0f3bad8a1b2eb1df1023dc513da33delibreoffice-help-hi-5.3.6.1-26.el7_9.x86_64.rpm28713067ec261e59919feb54b5daf1f59d89629cb8ebbcc31d69e997642a2b7flibreoffice-langpack-it-5.3.6.1-26.el7_9.x86_64.rpm68e2261a2d676040bb18a21c6829562ef86f6f9cbc74410f58b80bd9e4b92bf6libreoffice-langpack-ko-5.3.6.1-26.el7_9.x86_64.rpm57379ba16ce0de4f414f07417310bbe575380bed1a5defe9541c2680da83cfe6libreoffice-langpack-pa-5.3.6.1-26.el7_9.x86_64.rpmf2df0d8663d1f81b965e1f07f86905fe33316b436161bbfffec1a0e3c6634839libreoffice-sdk-5.3.6.1-26.el7_9.x86_64.rpmdca5a1fe45d1658c1d892adf7f350cd423a7696fd70add7c2852195e8f7291adlibreoffice-graphicfilter-5.3.6.1-26.el7_9.x86_64.rpmb061cbb168be3d761ccec90bacacc8685a405796b5abc8edb8193565b56e4164libreoffice-help-zh-Hant-5.3.6.1-26.el7_9.x86_64.rpm4c1723f66ce9ac592922eda9c8b22365c37037afd020126589f6abf841c9a8d1libreoffice-help-ru-5.3.6.1-26.el7_9.x86_64.rpmbae1548b3606ea5073e3f08868648bdbe8843445fee75b0a2403920b1a1d5501libreoffice-langpack-ml-5.3.6.1-26.el7_9.x86_64.rpmf333b058fab1f284630e34b82048d54f948c7673b8ed7ff2c7ed224aefe0f977libreoffice-xsltfilter-5.3.6.1-26.el7_9.x86_64.rpm23d2b26cdcc91af44ce506930636e784e6f2b2b8c3f5b8152e7fca8698faaf18libreoffice-wiki-publisher-5.3.6.1-26.el7_9.x86_64.rpmfd29596b851b2930224e5f6e17976d821074ac141da6c47ae9091c434a16f990autocorr-ja-5.3.6.1-26.el7_9.noarch.rpmadbc8344ba0e583dd7bcd01b3831888f371e5c3bf21269cb8a408791051bc82elibreoffice-5.3.6.1-26.el7_9.x86_64.rpmb3c9af8786aec0e834aa04e420696eb699c249d7c6ae5ec500b000ac6b32170elibreoffice-langpack-sr-5.3.6.1-26.el7_9.x86_64.rpme897a412b36520ab68996404bed0c71f8a4153fb957b2a8af8b6aa8d5e086ba9libreoffice-help-zh-Hans-5.3.6.1-26.el7_9.x86_64.rpm7be137e30909aae32b7c166c9b0f98c1b4153d97c36400873a7638a8c2670448libreoffice-langpack-fi-5.3.6.1-26.el7_9.x86_64.rpmd0157252bf2cedcc0bb2222319be3c75bb0064b6d84a0789a01db6c65186800dlibreoffice-librelogo-5.3.6.1-26.el7_9.x86_64.rpmdc83fdcb2f43ca05652f7927cf00cf5f6143438152da7a408bac3fe583081161libreoffice-base-5.3.6.1-26.el7_9.x86_64.rpm887102cc2db652b08fd0f58637b3d369f3473e5153b02f0588a0ee19f3db95d9autocorr-cs-5.3.6.1-26.el7_9.noarch.rpm013be391bb6fa2f2ffa93f94dbfa4edd4bfbd491dd9d831e43b8c3479a76d565libreoffice-sdk-doc-5.3.6.1-26.el7_9.x86_64.rpm67bc2d543bc622a9d633fe99e1c936b18e06509fbeffdb4594da4b7626ee16a7libreoffice-help-dz-5.3.6.1-26.el7_9.x86_64.rpm0c2a60070ad1da0e058dd41256e27533a983e224bb2887557bec928fbd239dc2libreoffice-math-5.3.6.1-26.el7_9.x86_64.rpmab630ec793f92a7f88a219094c8e04cedde06f7bb94cc05d1dce8f2c76c928e4libreoffice-help-bg-5.3.6.1-26.el7_9.x86_64.rpm66b7e7596c7ab3df5f3fd0182811b11837f5e84a0f96febc44857a0a69bcbe73autocorr-pt-5.3.6.1-26.el7_9.noarch.rpmd0f87aef7a5feff20056de6819f24b2eb47cd8e396051492b8e74eeb209a7cfelibreoffice-langpack-si-5.3.6.1-26.el7_9.x86_64.rpm66706e23d5e356fbabbd9b1dd9c69cd5f1f2a0ec0ef8d7bba31cc5a9b55c9c79libreoffice-langpack-tr-5.3.6.1-26.el7_9.x86_64.rpm3151bae8d9e845b8820b79764f22bd2fa9d6426540586d098077eba36ca9d5e2libreoffice-glade-5.3.6.1-26.el7_9.x86_64.rpmd75a3342f47bff83ee73c8ea1b59026981c96f5eabf176581448a89a95b264cblibreoffice-langpack-lv-5.3.6.1-26.el7_9.x86_64.rpm231063843eecf371187f6a93f64da1fd64da0be46047094e24df3c84f18e87a1libreoffice-langpack-sl-5.3.6.1-26.el7_9.x86_64.rpm66c768f7007f7c7d414b7296ce61e0296937fae21c8a2039c9f63c2e56956991libreoffice-langpack-ca-5.3.6.1-26.el7_9.x86_64.rpm0e4a2ffcb832c103935da256e7d70f9489649921a15c0c19b3590afcef2831ealibreoffice-langpack-dz-5.3.6.1-26.el7_9.x86_64.rpmd6e5eef25576f02eeeb978707eb21b89801b277e69c36ec7867bd831af1d280elibreoffice-help-ar-5.3.6.1-26.el7_9.x86_64.rpm12fe3abfa03244318f8987e03b81a3caafe523b68877ef3edbdc88be7348bcd2libreoffice-help-eu-5.3.6.1-26.el7_9.x86_64.rpm2cf8ba3b420635ef922c4cb00f529b801a17d195c54ae12ec4b6251f9a18fecdlibreoffice-langpack-gl-5.3.6.1-26.el7_9.x86_64.rpm52ef4f9297e0e368c60f0ab98566fc36d9626232fb4f236e3e3ed98709e96654autocorr-it-5.3.6.1-26.el7_9.noarch.rpm19a45ccd5f50ed266d11730b04ee76ac2a82d08aaba1934c0fd1e1ac6886ab81libreoffice-bsh-5.3.6.1-26.el7_9.x86_64.rpm0b03509e72ea4609309321ec64ff1daf6239cb5159594ade10aa4916fe9f26bclibreoffice-help-si-5.3.6.1-26.el7_9.x86_64.rpm733aa7715ca452e249242ef23a771ed3ed5a0e5c3c0af55bab664e084ee98699libreoffice-langpack-th-5.3.6.1-26.el7_9.x86_64.rpm7a02caf1b3e27b52f981aeeaf0b0fd23e83a9f73df7088d0a3421fca44026bd1libreoffice-opensymbol-fonts-5.3.6.1-26.el7_9.noarch.rpmc05ffb252ef26f4f92684828b6202a25c5e78218e4ad55c12973406bf1cd3d45libreoffice-langpack-es-5.3.6.1-26.el7_9.x86_64.rpmc43335de3d14ae55f043111782317c055cf2cf8cbb5fd533f7c1c83daa2aed35libreoffice-draw-5.3.6.1-26.el7_9.x86_64.rpm8fe78c5ec0028bd7e8a0862c9d4cf290fbf3f61f17b5644e82849ee8ba375ca7libreoffice-help-ro-5.3.6.1-26.el7_9.x86_64.rpm5be883281076f9071937161c50a136b6553ffb46c4a0a268b0309f952936272flibreoffice-langpack-ss-5.3.6.1-26.el7_9.x86_64.rpm9b1a8e7376040cef9dd8ead12ad46b24787373cac049a6da2aa84a908657ac87SLSA-2024:3588The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: Out of bounds write in iconv may lead to remote code execution (CVE-2024-2961) * glibc: stack-based buffer overflow in netgroup cache (CVE-2024-33599) * glibc: null pointer dereferences after failed netgroup cache insertion (CVE-2024-33600) * glibc: netgroup cache may terminate daemon on memory allocation failure (CVE-2024-33601) * glibc: netgroup cache assumes NSS callback uses in-buffer strings (CVE-2024-33602) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7glibc-2.17-326.el7_9.3.i686.rpmc8c61117617e6794ebadc6510b43c5e721fae3f77a1aea9fbb7e2b6a531e98b5glibc-headers-2.17-326.el7_9.3.x86_64.rpm843dd0d3534fe6de4d95ad59b4e49ed8ec36148e16a5be1024bd64c62a17db0dglibc-static-2.17-326.el7_9.3.i686.rpmd39f99534f379dd0ec18247727d0a01ec9251de985d75d9f63f200337cfbebccglibc-utils-2.17-326.el7_9.3.x86_64.rpm7665222bf18b4e0b158a3e9bb6a4da884f20ef0e0c8db284bf10b7c5d0d89c5fglibc-static-2.17-326.el7_9.3.x86_64.rpm7670b83eefa3e11179becdbcb635147df98cc1c0331612d2b4f2d40317b738e4glibc-devel-2.17-326.el7_9.3.i686.rpmbb730c521722df672043b2b40f49625768e9bad4ffd700790e09bd63900d8500glibc-devel-2.17-326.el7_9.3.x86_64.rpm4ab00831127885d667821613eae4e2dbed1d7eebb1287325c0c1fdc4dda42819nscd-2.17-326.el7_9.3.x86_64.rpmbc1c535d0db6187e128a5af7965d1346c3cf0492045602b3cb2ecdb083bfed64glibc-common-2.17-326.el7_9.3.x86_64.rpm6e7f04ad6991bc8f7a6b8fb30137c2ca7760aba5f7d81572a2fb1d0a3cd560a9glibc-2.17-326.el7_9.3.x86_64.rpm8a4fd18dc3dae3f8f3c6f2595feb00b528d2cc3fd8104e7e8c794f5fff8e1c26SLSA-2024:3591389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: potential denial of service via specially crafted kerberos AS-REQ request (CVE-2024-3657) * 389-ds-base: Malformed userPassword may cause crash at do_modify in slapd/modify.c (CVE-2024-2199) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7389-ds-base-1.3.11.1-5.el7_9.x86_64.rpm4bb008c67054c254644ed9a188102cb4b1b0fd7db5f89b1abd1eaee2e7447aba389-ds-base-snmp-1.3.11.1-5.el7_9.x86_64.rpm2f6a187729fd8008655829d30a03a9815705703d6e6542300457e3c7c01cb463389-ds-base-devel-1.3.11.1-5.el7_9.x86_64.rpmc248d741ee208387787d00e8fc5b6495693ccb0ebf51e284d6e4da368a2e4dca389-ds-base-libs-1.3.11.1-5.el7_9.x86_64.rpm4243aa3daf6677e330b5d5070f6a23bc08189c76f4c7f7045d6572533a1dfbd5SLSA-2024:3669The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors. Security Fix(es): * less: OS command injection (CVE-2024-32487) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7less-458-10.el7_9.x86_64.rpm7d95fae06c53a8ff59f8d569fe46081129eecf1d791b94d9ff3b6d46c8c9bd04SLSA-2024:3741The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Bind-dyndb-ldap provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix(es): * bind: KeyTrap - Extreme CPU consumption in DNSSEC validator (CVE-2023-50387) * bind: Preparing an NSEC3 closest encloser proof can exhaust CPU resources (CVE-2023-50868) * bind: Parsing large DNS messages may cause excessive CPU load (CVE-2023-4408) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Scientific Linux 7bind-libs-lite-9.11.4-26.P2.el7_9.16.x86_64.rpmb044f5a4c39d1dd29ce2ccff898f9ca792351959be1c08b4610acba6a1fe58b9bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.i686.rpmd24c1e0b80bd65c8251468edf20361dce51914038ea58a76b78af3b36dd78f06bind-utils-9.11.4-26.P2.el7_9.16.x86_64.rpmfcef407deaff523bd33246988e7b8a225328b4b994edd029ab00d44294eaf4cdbind-sdb-9.11.4-26.P2.el7_9.16.x86_64.rpmfce5eb3650a9d7c2521368afbb5e605bc03375bf094563d2cd77d8ca45833e40bind-lite-devel-9.11.4-26.P2.el7_9.16.i686.rpm7239f50fe947c5ac7f39c1a01075306f971286044c9218e9d58f3cc101e0ca08dhcp-libs-4.2.5-83.sl7_9.2.i686.rpme0dff60c3ed7241a26409728873c760de880266ba724ce8142520a1ad5b1fee1bind-lite-devel-9.11.4-26.P2.el7_9.16.x86_64.rpm0534337fe5307e8d85d0625084b5f624ce304d777f48191c12c50146f66853eebind-9.11.4-26.P2.el7_9.16.x86_64.rpmbd5e70a0212accd5936d046ed9fb4c5a8d2dddd4fa7ad8b75af8e091fb5bb8d2bind-chroot-9.11.4-26.P2.el7_9.16.x86_64.rpm8643b0b2c5e2f71c4df53fe6211e994ea852a88f631f910949dbbe2a58ee796cdhcp-devel-4.2.5-83.sl7_9.2.i686.rpmc3303bca874a8ac6dab1fb338cada5e9a2dbf59fedbe101cf48b2a4d1a5595febind-pkcs11-9.11.4-26.P2.el7_9.16.x86_64.rpm1b8aede2173ffa6bd9289d4bc77a420238c59d11b0ea3d1da9f66045c8e01805bind-license-9.11.4-26.P2.el7_9.16.noarch.rpm3c6cfe6a108e6d941d432f6ebae3078f9325041699498eafc1ad3035185eacc7bind-pkcs11-libs-9.11.4-26.P2.el7_9.16.x86_64.rpm56a99c96032ac99d323a9f83823a4917122ac100ab4bc6e1616cf78ce9f58928bind-pkcs11-devel-9.11.4-26.P2.el7_9.16.i686.rpmc40153a8d482a16f43689a92dd75bb0c130ebd094c294e7981c4f0a2292933c6bind-export-libs-9.11.4-26.P2.el7_9.16.x86_64.rpma8311e89008970b7f435d37d08840003edc0485ca9452f3b9080062f4eec04cabind-pkcs11-utils-9.11.4-26.P2.el7_9.16.x86_64.rpm9f9e9992dcbcbd5720ced850ac16d28a0326a39ef42f9669e3e80df4280cd525dhclient-4.2.5-83.sl7_9.2.x86_64.rpm8c2ff2529378c6abf141528f974b617367815d0197f11598a09ac8820edddde4bind-export-devel-9.11.4-26.P2.el7_9.16.i686.rpm853121aefeeb2034ab53a9ba2fd9767de727d4e93183f3ababf92334c7c38d43bind-export-devel-9.11.4-26.P2.el7_9.16.x86_64.rpm321f572da23c12f51a046c20862ecf1d7d0844778c944b9ba1d52e4e17335918dhcp-common-4.2.5-83.sl7_9.2.x86_64.rpm53490b53a48f1d43b8016ace88b6fb33690e6d0c2695f9670886c5c9db6dd9febind-export-libs-9.11.4-26.P2.el7_9.16.i686.rpm76cca9b75645f52f5edb6ed39fc5a1d160a5aad3a6970ae56df01dcb84e7260bdhcp-libs-4.2.5-83.sl7_9.2.x86_64.rpm20f7d3db9eff4dc2ca1e7980bff380be5b4715f98b6bc2d7cfb5320f0f86607bbind-libs-9.11.4-26.P2.el7_9.16.i686.rpm92c35f94753224ecbff8cd57f0dbf638a730c5c1eed246974f29c64e04bbce95bind-libs-lite-9.11.4-26.P2.el7_9.16.i686.rpmbf6c365df6a147fd248a08810bdc4ff6b818bfa957010fca0bbddab55cc9c485bind-sdb-chroot-9.11.4-26.P2.el7_9.16.x86_64.rpm3f058a758221e6b4a7fa74f29406c9779766f8f38a9828a1302a45caf9724a30bind-devel-9.11.4-26.P2.el7_9.16.i686.rpm031585ec8dc96c4fd5dfe1ce220340a60a557ae2bf7899df13c5be3d6f5a2ce5dhcp-4.2.5-83.sl7_9.2.x86_64.rpm834691aae0477a2f149b66ae29c42bd7b3066b4240836acaa5d5ef8719f24d68dhcp-devel-4.2.5-83.sl7_9.2.x86_64.rpm807f6702ae1bde7cdbb67ff748525b2209ae5497a2947cae53b9d9471758dd83bind-devel-9.11.4-26.P2.el7_9.16.x86_64.rpm5adaafa30648022229bc65fd33b6676c658482a11aa919f733fa5ac68903656dbind-pkcs11-devel-9.11.4-26.P2.el7_9.16.x86_64.rpma78b617d9ea3cc0d893b0ab2c12fb4606e1bec7a1153d6c2174312a57e55f907bind-dyndb-ldap-11.1-7.el7_9.1.x86_64.rpm891a2dd866f20045a500b99c2e15b34d8d0f3c71ad6f27a26df9f03d4fabf1d0bind-libs-9.11.4-26.P2.el7_9.16.x86_64.rpm1ce23641aec877c25ea87627b60d907e1882bf8b51fe4eca4d6f72be97445686SLSA-2024:3760Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * ipa: user can obtain a hash of the passwords of all domain users and perform offline brute force (CVE-2024-3183) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. importantScientific Linux 7ipa-client-common-4.6.8-5.sl7_9.17.noarch.rpm7821701b54f781b31921062f9fe63e974a21123e9190ede8f5187a67d586d982ipa-server-dns-4.6.8-5.sl7_9.17.noarch.rpm91f72ff9818e271628763b73470d0af7890196d4878118288e30b18bd07be825ipa-common-4.6.8-5.sl7_9.17.noarch.rpmfa2f9dd34d8046319715933616a82e39bae58008145c5c3492de1a296c2e1384python2-ipalib-4.6.8-5.sl7_9.17.noarch.rpm068d077c2c07089fe3edecc5e44ff8fb5aa2766136207a0ddb0473bae25ed422ipa-server-common-4.6.8-5.sl7_9.17.noarch.rpm8d67fb74ee961ff0b2f415baae48692945350964f9516117a217449423fa4d3aipa-server-trust-ad-4.6.8-5.sl7_9.17.x86_64.rpm3b0f0ad7a2147d1f1f10d932152de92d1dcb357df6730254e2e9559580d7733bipa-server-4.6.8-5.sl7_9.17.x86_64.rpm36f137526fceb17fe43af9a0ac6eab125cdb4df6c80c7c486ab8c74298d04a31ipa-python-compat-4.6.8-5.sl7_9.17.noarch.rpm8f54bcec34e770e33290bd3059dc06d38d3f315c93587a5693525c28dfdf5285python2-ipaclient-4.6.8-5.sl7_9.17.noarch.rpm36c75ccabfcc8b38143e63be8041ee675af3c9cd2f5dabfd72ec0fecda00a3fdpython2-ipaserver-4.6.8-5.sl7_9.17.noarch.rpmf763230923cb440bc060d9ac2280a90d77795a1ee5e26b7b7f06ea8219b6709fipa-client-4.6.8-5.sl7_9.17.x86_64.rpm93a87fc0e2212cf1e31ad00298ea392d9ad94739874fad14c04b0f2b7fb6410bSLSA-2024:3939The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (CVE-2022-46329) * hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635) * hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-40964) * hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi (CVE-2022-36351) * hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi (CVE-2022-38076) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Scientific Linux 7iwl5000-firmware-8.83.5.1_1-83.el7_9.noarch.rpm971551d77a561506a1454c441d5127fc64f1e0ad7f40b39072602d9e3b4145d4linux-firmware-20200421-83.git78c0348.el7_9.noarch.rpmca8cb0dbabae917a72b4843c4d4f884cc381e8176bd65e0969b3665c96aa8312iwl135-firmware-18.168.6.1-83.el7_9.noarch.rpmdcf942aa2f2faf0e6a3b6ef4f1052dadc381159cb4ef4629b15c8a54db33febaiwl7260-firmware-25.30.13.0-83.el7_9.noarch.rpm946714c1fa268dbb4e08437b0300a82d7502b214f2fbce77802fa5628d326b13iwl6050-firmware-41.28.5.1-83.el7_9.noarch.rpm9f166724d8478f203194ac63efeab50449daa38d0cd0cc994dddee9511878cdfiwl3160-firmware-25.30.13.0-83.el7_9.noarch.rpme7177f501675aab4fac5cfc957f315fd4f80df283ee5460f2a95cddcf623a8beiwl100-firmware-39.31.5.1-83.el7_9.noarch.rpmda392ebb2385ed063ab4c8fbd17f3a9396ef72fb9d2a441bd5b4bdd8f6c31b9ciwl4965-firmware-228.61.2.24-83.el7_9.noarch.rpmcd2b70ee45202cacd7ded2c6904c3931cd2f665f4468d19d3046ed9d4b48d699iwl1000-firmware-39.31.5.1-83.el7_9.noarch.rpmb70316faf331baff817139200b7d02fb64bd6f60f7997af330bcd58c619c9367iwl6000g2a-firmware-18.168.6.1-83.el7_9.noarch.rpm1b433786cc7bf5829a3993953d376776a484893a76868b102e92de20f58e53d3iwl3945-firmware-15.32.2.9-83.el7_9.noarch.rpm39dfe518a7de51399501c7b8d8d35c6e9dfc54ac4bbfb69128a3cf98f3db34e1iwl6000g2b-firmware-18.168.6.1-83.el7_9.noarch.rpm4d77048815d0695d8f291972a83a9aed8b31382cafcab4fbc914a5b5987743f8iwl105-firmware-18.168.6.1-83.el7_9.noarch.rpma95c72b8a7a95e1382045ce454596ffeaaa69489565da2965939ae25b857fd49iwl6000-firmware-9.221.4.1-83.el7_9.noarch.rpm4f7099c4686c0a5e23b3a3aba6637a67680ac60ddf0357fcf2325d465d87dda5iwl2000-firmware-18.168.6.1-83.el7_9.noarch.rpma6f9f3d124b68eaa5cd65e78dce1cecca07fe5fed3042426dfc5a1db16f30554iwl2030-firmware-18.168.6.1-83.el7_9.noarch.rpmc9de442c37261b41d340289a80d0a501999d78517f39e35cf3fa4ea9b955a6c5iwl5150-firmware-8.24.2.2-83.el7_9.noarch.rpm9bed3e483a07f2f8106eba69a19f6ef97f370094cec44d03ef022392219a7d5bSLSA-2024:3951Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 115.12.0 ESR. Security Fix(es): * firefox: Use-after-free in networking (CVE-2024-5702) * firefox: Use-after-free in JavaScript object transplant (CVE-2024-5688) * firefox: External protocol handlers leaked by timing attack (CVE-2024-5690) * firefox: Sandboxed iframes were able to bypass sandbox restrictions to open a new window (CVE-2024-5691) * firefox: Cross-Origin Image leak via Offscreen Canvas (CVE-2024-5693) * firefox: Memory Corruption in Text Fragments (CVE-2024-5696) * firefox: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 (CVE-2024-5700) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Scientific Linux 7firefox-115.12.0-1.el7_9.i686.rpm41e8de5dbaf7edd561b02da9f156216c5982e2f4326644467119227a823fdae3firefox-115.12.0-1.el7_9.x86_64.rpm2feb1182f4e9c3847308dc41f7149bbe823c5079ed219674ceec70caf01b8355sl-release-7.9-2.sl7Correct directory ownershipScientific LinuxScientific Linux 7sl-release-7.9-2.sl7.x86_64.rpm289b140ca6f06841ea1278e1facf869476d60ede9b85b638f8f4d4c06efdefaeyum-conf-sl7x-7.9-2.sl7.noarch.rpm7f07f6a9a55bda5a75990f124b0f91fc30284984285adb7e8db67c038f6fe593