Slackware Security Advisory - New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

Slackware Security Advisory - New wavpack packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix a security issue.

Slackware Security Advisory - New tigervnc packages are available for Slackware 14.2 and -current to fix security issues.

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue.

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.

Slackware Security Advisory - New sudo packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues.

Slackware Security Advisory - New libarchive packages are available for Slackware 14.1, 14.2, and -current to fix security issues.

Slackware Security Advisory - New proftpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

Red Hat Security Advisory 2020-1797-01 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Issues addressed include denial of service, integer overflow, and out of bounds read vulnerabilities.

Red Hat Security Advisory 2020-1787-01 - The unzip utility is used to list, test, and extract files from zip archives. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2020-1665-01 - Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2020-1581-01 - WavPack is a completely open audio compression format providing lossless, high-quality lossy, and a unique hybrid compression mode. Issues addressed include denial of service and out of bounds read vulnerabilities.

Red Hat Security Advisory 2020-1659-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB and OpenTSDB. Issues addressed include a denial of service vulnerability.

A vulnerability associated with Use of Hard-coded Credentials (CWE-798) exists in Simulation Process Intelligence (3DOrchestrate Services) on premises licensed program. The security risk is evaluated as High (CVSS v.3.0 Base Score 8.0) and affects all 3DEXPERIENCE releases (from 3DEXPERIENCE R2014x to 3DEXPERIENCE R2020x).

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Red Hat Security Advisory 2020-1351-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.

Red Hat Security Advisory 2020-1378-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2020-1352-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.

Red Hat Security Advisory 2020-1372-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2020-1358-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds access vulnerability.

Red Hat Security Advisory 2020-1403-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.

Red Hat Security Advisory 2020-1460-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. BR/EDR encryption key negotiation attacks were addressed.

Red Hat Security Advisory 2020-1473-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2020-1465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2020-1493-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, heap overflow, and null pointer vulnerabilities.

Red Hat Security Advisory 2020-1505-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds heap access vulnerability was addressed.

Red Hat Security Advisory 2020-1524-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

Red Hat Security Advisory 2020-1769-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, information leakage, integer overflow, null pointer, out of bounds read, and use-after-free vulnerabilities.

Red Hat Security Advisory 2020-1966-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

Qualys has discovered that OpenBSD suffers from multiple authentication bypass and local privilege escalation vulnerabilities.

Qualys discovered a local privilege escalation in OpenBSD's dynamic loader (ld.so). This vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges. They developed a simple proof of concept and successfully tested it against OpenBSD 6.6 (the current release), 6.5, 6.2, and 6.1, on both amd64 and i386; other releases and architectures are probably also exploitable.