Details:

An update that solves two vulnerabilities and has three fixes is now available.

This update for tomcat fixes the following issues:
Security issues fixed:

  o CVE-2020-13943: Fixed a HTTP/2 Request mix-up (bsc#1177582).
  o CVE-2020-17527: Fixed…

 

Details:

This update for python-paramiko fixes the following issue:

  o CVE-2018-1000805: Fixed an authentication bypass in auth_handler.py (bsc#
    1111151).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation…

 

Details:

This update for python-defusedxml, python-freezegun, python-pkgconfig,
python-python3-saml, python-xmlsec fixes the following issues:

 

Details:

This update for tomcat fixes the following issue:

  o CVE-2020-17527: Fixed a HTTP/2 request header mix-up (bsc#1179602).

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update…

 

Details:

USN-4687-1: Firefox vulnerability
08 January 2021

Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Releases

  o Ubuntu 20.10
  o Ubuntu 20.04 LTS
  o Ubuntu 18.04 LTS
  o Ubuntu 16.04 LTS

Packages…

 

Details:

A security issue was found in the Mozilla Firefox web browser, which
could potentially result in the execution of arbitrary code.

 

 

Affected Versions:

 

For Debian 9 stretch, this problem has been fixed in version
78.6.1esr-1~deb9u1.
…

 

Details:

 

Zhiyuan OA is a collaboration management program developed by Beijing Zhiyuan Internet Software Co., Ltd. (hereinafter referred to as Zhiyuan Company), which provides medium and large-scale and community organisations with a digital collaborative…

 

Details:

Struts2 is the second-generation Java enterprise-level web application framework based on the Model-View-Controller (MVC) model and has become a popular container software middleware at home and abroad.