Firefox
-
Updated Firefox browser to version 60.8.0 ESR.
-
Fixes for mfsa2019-22, also known as:
-
Fixes for mfsa2019-19, also known as: CVE-2019-11708.
-
Fixes for mfsa2019-18, also known as: CVE-2019-11707.
-
Fixes for mfsa2019-08, also known as:
-
Fixes for mfsa2019-05, also known as: CVE-2018-18356, CVE-2019-5785.
-
Fixes for mfsa2019-02, also known as: CVE-2018-18500, CVE-2018-18505, and CVE-2018-18501.
-
Added allowance for Firefox to access Yubikey (FIDO/U2F) if apparmor is active.
Base system
-
Set default umask to 0077 for all non-root users.
-
Remote users home is now /home/ruser.
-
Fixed policykit-1 security issue CVE-2019-6133.
-
Fixed tiff security issues:
-
Fixed lcms2 security issue CVE-2018-16435.
-
Fixed libpng1.6 security issues CVE-2019-7317 and CVE-2018-13785.
-
Fixed nss security issues CVE-2018-18508, CVE-2019-11729, and CVE-2019-11719.
-
Fixed procps security issues:
-
Fixed evince security issues CVE-2019-11459 and CVE-2019-1010006.
-
Fixed gdk-pixbuf security issue CVE-2017-12447.
-
Fixed gst-plugins-base0.10 security issue CVE-2019-9928.
-
Fixed bind9 security issues CVE-2019-6465, CVE-2018-5745 and CVE-2018-5743.
-
Fixed libgd2 security issues CVE-2019-6978 and CVE-2019-6977.
-
Fixed ghostscript security issues CVE-2019-3839, CVE-2019-3838 and CVE-2019-3835.
-
Fixed ldb security issue CVE-2019-3824.
-
Fixed file security issues CVE-2019-8907 and CVE-2019-8905.
-
Fixed poppler security issues:
-
Fixed samba security issues CVE-2019-3880 and CVE-2018-16860.
-
Fixed openssl security issue CVE-2019-1559.
-
Fixed libxslt security issue CVE-2019-11068.
-
Fixed openssh security issue CVE-2019-6111.
-
Fixed wget security issue CVE-2019-5953.
-
Fixed wpa security issues:
-
Fixed gtk+2.0 security issue CVE-2013-7447.
-
Fixed heimdal security issues CVE-2019-12098 and CVE-2018-16860.
-
Fixed webkit2gtk security issues CVE-2019-8615, CVE-2019-8607, and CVE-2019-8595.
-
Fixed gimp security issues:
-
Fixed libtomcrypt security issue CVE-2018-12437.
-
Fixed unzip security issues CVE-2019-13232, CVE-2018-1000035, CVE-2016-9844, and CVE-2014-9913.
-
Fixed curl security issues:
-
Fixed gnutls28 security issues CVE-2018-10846, CVE-2018-10845, CVE-2018-10844, and CVE-2018-1084.
-
Fixed db5.3 security issue CVE-2019-8457.
-
Fixed qtbase-opensource-src security issues CVE-2018-19873, CVE-2018-19870, and CVE-2018-15518.
-
Fixed libssh2 security issues:
-
Fixed network-manager security issue CVE-2018-15688.
-
Fixed elfutils security issues:
-
Fixed libsndfile security issues:
-
Fixed dbus security issue CVE-2019-12749.
-
Fixed vim security issues CVE-2019-12735 and CVE-2017-5953.
-
Fixed glib2.0 security issue CVE-2019-12450.
-
Fixed openssl (1.1.x) security issues:
-
Fixed sqlite3 security issues:
-
Fixed systemd security issues:
-
Fixed libseccomp security issue CVE-2019-9893.
-
Fixed bzip2 security issues CVE-2019-12900 and CVE-2016-3189.
-
Fixed imagemagick security issues:
-
Fixed expat security issue CVE-2018-20843.
-
Fixed glib2.0 security issue CVE-2019-13012.
-
Fixed libvirt security issues CVE-2019-10167 and CVE-2019-10161.
-
Fixed gvfs security issue CVE-2019-12795.
-
Fixed libmspack security issue CVE-2019-1010305.
-
Fixed bash security issue CVE-2019-9924.
-
Fixed openldap security issues CVE-2019-13565 and CVE-2019-13057.
-
Updated libwebkit2gtk-4.0-37 to version 2.24.2.
Security fixes: -
Fixed a vulnerability in the custom environment variable framework.
-
Fixed possible malicious owner change within TC setup configuration.
-
Fixed kernel TCP vulnerabilities CVE-2019-11477: SACK Panic, CVE-2019-11478: SACK Slowness, and CVE-2019-11479: Excess resource consumption due to low MSS values.
-
Changed minimally allowed MSS size to 1000 to prevent possible Denial of Service attacks.
-
Fixed a vulnerability in Java configuration script.