Lucene search
RedHatRHSA-2021:1586HistoryMay 18, 2021 - 5:35 a.m.
(RHSA-2021:1586) Moderate: GNOME security, bug fix, and enhancement update
2021-05-1805:35:26
access.redhat.com
116
0.017 Low
EPSS
Percentile
87.7%
GNOME is the default desktop environment of Red Hat Enterprise Linux.
The following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). (BZ#1846376, BZ#1883304)
Security Fix(es):
-
webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948)
-
webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951)
-
webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983)
-
webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543)
-
webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584)
-
glib2: insecure permissions for files and directories (CVE-2019-13012)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | ppc64le | cairomm-debuginfo | < 1.12.0-8.el8 | cairomm-debuginfo-1.12.0-8.el8.ppc64le.rpm |
| RedHat | 8 | aarch64 | geoclue2 | < 2.5.5-2.el8 | geoclue2-2.5.5-2.el8.aarch64.rpm |
| RedHat | 8 | ppc64le | cairomm | < 1.12.0-8.el8 | cairomm-1.12.0-8.el8.ppc64le.rpm |
| RedHat | 8 | s390x | gnome-software | < 3.36.1-5.el8 | gnome-software-3.36.1-5.el8.s390x.rpm |
| RedHat | 8 | ppc64le | libdazzle-debugsource | < 3.28.5-2.el8 | libdazzle-debugsource-3.28.5-2.el8.ppc64le.rpm |
| RedHat | 8 | i686 | gvfs-debugsource | < 1.36.2-11.el8 | gvfs-debugsource-1.36.2-11.el8.i686.rpm |
| RedHat | 8 | i686 | openexr-libs-debuginfo | < 2.2.0-12.el8 | OpenEXR-libs-debuginfo-2.2.0-12.el8.i686.rpm |
| RedHat | 8 | s390x | libsass | < 3.4.5-6.el8 | libsass-3.4.5-6.el8.s390x.rpm |
| RedHat | 8 | ppc64le | gvfs-archive | < 1.36.2-11.el8 | gvfs-archive-1.36.2-11.el8.ppc64le.rpm |
| RedHat | 8 | x86_64 | libdazzle-debuginfo | < 3.28.5-2.el8 | libdazzle-debuginfo-3.28.5-2.el8.x86_64.rpm |
Related
nessus
nessus
RHEL 8 : GNOME (RHSA-2021:1586)
2021-05-19 00:00:00
Rocky Linux 8 : GNOME (RLSA-2021:1586)
2022-02-09 00:00:00
rocky
rocky
GNOME security, bug fix, and enhancement update
2021-05-18 05:35:26
osv
osv
Moderate: GNOME security, bug fix, and enhancement update
2021-05-18 05:35:26
Moderate: GNOME security, bug fix, and enhancement update
2021-05-18 05:35:26
webkit2gtk - security update
2020-11-23 00:00:00
almalinux
almalinux
Moderate: GNOME security, bug fix, and enhancement update
2021-05-18 05:35:26
oraclelinux
oraclelinux
GNOME security, bug fix, and enhancement update
2021-05-25 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4797-1)
2020-11-26 00:00:00
Mageia: Security Advisory (MGASA-2020-0441)
2022-01-28 00:00:00
Apple Safari Security Update (APPLE-SA-2020-09-16-3)
2020-09-22 00:00:00
mageia
mageia
Updated webkit2 packages fix security vulnerabilities
2020-11-27 23:14:57
Updated gdm packages fix a security vulnerability
2021-01-04 17:42:30
gentoo
gentoo
WebkitGTK+: Multiple vulnerabilities
2020-12-23 00:00:00
debian
debian
[SECURITY] [DSA 4797-1] webkit2gtk security update
2020-11-24 18:45:16
[SECURITY] [DLA 2434-1] gdm3 security update
2020-11-05 12:41:14
[SECURITY] [DLA 1866-2] glib2.0 regression update
2019-08-05 22:16:54
archlinux
archlinux
[ASA-202011-28] webkit2gtk: arbitrary code execution
2020-11-26 00:00:00
[ASA-202011-5] gdm: privilege escalation
2020-11-10 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: webkit2gtk3-2.30.3-1.fc33
2020-11-29 01:27:55
[SECURITY] Fedora 32 Update: webkit2gtk3-2.30.3-1.fc32
2020-12-04 00:30:44
suse
suse
Security update for webkit2gtk3 (important)
2020-12-21 00:00:00
Security update for webkit2gtk3 (important)
2020-12-21 00:00:00
Security update for gdm (important)
2020-12-15 00:00:00
ubuntu
ubuntu
WebKitGTK vulnerabilities
2020-11-26 00:00:00
GDM vulnerability
2020-11-03 00:00:00
GLib vulnerability
2019-07-08 00:00:00
apple
apple
About the security content of Safari 14.1
2021-04-26 00:00:00
About the security content of Safari 14.0 - Apple Support
2020-11-12 10:19:34
About the security content of Safari 14.0
2020-09-16 00:00:00
thn
thn
Hackers Exploit 0-Day Gatekeeper Flaw to Attack macOS Computers
2021-04-27 10:29:00
cve
cve
cvelist
cvelist
CVE-2020-16125 gdm3 would start gnome-initial-setup if it cannot contact accountservice
2020-11-06 00:00:00
CVE-2020-13543
2020-12-03 16:24:55
CVE-2020-13584
2020-12-03 17:02:07
redhatcve
redhatcve
nvd
nvd
prion
prion
Code injection
2020-11-10 05:15:00
Remote code execution
2020-12-03 17:15:00
Design/Logic Flaw
2020-12-03 17:15:00
ubuntucve
ubuntucve
cnvd
cnvd
WebKitGTK post-release reuse vulnerability
2020-12-04 00:00:00
talos
talos
Webkit WebSocket code execution vulnerability
2020-11-30 00:00:00
Webkit ImageDecoderGStreamer use-after-free vulnerability
2020-11-30 00:00:00
Apple Safari/Webkit aboutBlankURL() code execution vulnerability
2020-09-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-11-09 05:49:14
Denial Of Service (DoS)
2021-04-29 12:13:09
Remote Code Execution (RCE)
2021-04-29 12:12:08
debiancve
debiancve
alpinelinux
alpinelinux
attackerkb
attackerkb
CVE-2021-30661
2021-09-08 00:00:00
cloudfoundry
cloudfoundry
USN-4049-1: GLib vulnerability | Cloud Foundry
2019-08-29 00:00:00
USN-4049-3: GLib regression | Cloud Foundry
2019-09-30 00:00:00
USN-4049-2: GLib vulnerability | Cloud Foundry
2019-08-29 00:00:00
cbl_mariner
cbl_mariner
CVE-2019-13012 affecting package glib 2.58.0-10
2020-09-09 06:09:08
cisa_kev
cisa_kev
Apple Multiple Products WebKit Storage Use-After-Free Vulnerability
2021-11-03 00:00:00
zdi
zdi
Apple Safari replace Type Confusion Remote Code Execution Vulnerability
2020-09-21 00:00:00