Download
| Alert*
oval:org.secpod.oval:def:89003320
This update for java-1_8_0-openjdk to version 8u191 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ... oval:org.secpod.oval:def:704322 lcms2: Little CMS color management library Several security issues were fixed in Little CMS. oval:org.secpod.oval:def:603503 Quang Nguyen discovered an integer overflow in the Little CMS 2 colour management library, which could in denial of service and potentially the execution of arbitrary code if a malformed IT8 calibration file is processed. oval:org.secpod.oval:def:505370 Chromium is an open-source web browser, powered by WebKit . This update upgrades Chromium to version 70.0.3538.67. Security Fix: * chromium-browser: Sandbox escape in AppCache * chromium-browser: Remote code execution in V8 * chromium-browser: URL spoof in Omnibox * chromium-browser: Use after fr ... oval:org.secpod.oval:def:115148 LittleCMS intends to be a small-footprint, speed optimized color management engine in open source form. LCMS2 is the current version of LCMS, and can be parallel installed with the original lcms. oval:org.secpod.oval:def:603508 Several vulnerabilities have been discovered in the chromium web browser. CVE-2018-16065 Brendon Tiszka discovered an out-of-bounds write issue in the v8 javascript library. CVE-2018-16066 cloudfuzzer discovered an out-of-bounds read issue in blink/webkit. CVE-2018-16067 Zhe Jin discovered an out-of ... oval:org.secpod.oval:def:115174 LittleCMS intends to be a small-footprint, speed optimized color management engine in open source form. LCMS2 is the current version of LCMS, and can be parallel installed with the original lcms. oval:org.secpod.oval:def:89049647 This update for lcms2 fixes the following issues: - CVE-2018-16435: A integer overflow was fixed in the AllocateDataSet function in cmscgats.c, that could lead to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile oval:org.secpod.oval:def:51129 lcms2: Little CMS color management library Several security issues were fixed in Little CMS. oval:org.secpod.oval:def:53407 Quang Nguyen discovered an integer overflow in the Little CMS 2 colour management library, which could in denial of service and potentially the execution of arbitrary code if a malformed IT8 calibration file is processed. oval:org.secpod.oval:def:89043582 This update for lcms2 fixes the following security issues: - CVE-2016-10165: The Type_MLU_Read function allowed remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggered an out-of-bounds heap read . - CVE-2018-16435: A inte ... oval:org.secpod.oval:def:89003406 This update for java-1_7_0-openjdk to version 7u201 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ... |