Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in the arbitrary execution of code. Continue Reading — Gentoo: GLSA-202008-24: OpenJDK: Multiple vulnerabilities>
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
A vulnerability in chrony may allow a privileged attacker to cause data loss via a symlink. Continue Reading — Gentoo: GLSA-202008-23: chrony: Symlink vulnerability>
Multiple vulnerabilities have been found in targetcli-fb, the worst of which could result in privilege escalation. Continue Reading — Gentoo: GLSA-202008-22: targetcli-fb: Multiple vulnerabilities>
A vulnerability in Kleopatra allows arbitrary execution of code. Continue Reading — Gentoo: GLSA-202008-21: Kleopatra: Remote code execution>
This update is based on the upstream 5.7.19 kernel and fixes at least the following security issue: In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can Continue Reading — Mageia...
Use of unsafe yaml load was fixed in ros-actionlib, the Robot OS actionlib library. For Debian 9 stretch, this problem has been fixed in version Continue Reading — Debian LTS: DLA-2357-1: ros-actionlib security update>
Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository (CVE-2020-24614). The fossil package has been updated to versi… Continue Reading — Mageia 2020-0354: fossil security update>