ALSA-2021:1586
See a problem?- Source
- https://errata.almalinux.org/8/ALSA-2021-1586.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1586.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2021:1586
- Related
- Published
- 2021-05-18T05:35:26Z
- Modified
- 2021-11-12T10:20:56Z
- Summary
- Moderate: GNOME security, bug fix, and enhancement update
- Details
-
GNOME is the default desktop environment of AlmaLinux.
The following packages have been upgraded to a later upstream version: accountsservice (0.6.55), webkit2gtk3 (2.30.4). (BZ#1846376, BZ#1883304)
Security Fix(es):
webkitgtk: type confusion may lead to arbitrary code execution (CVE-2020-9948)
webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-9951)
webkitgtk: out-of-bounds write may lead to code execution (CVE-2020-9983)
webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13543)
webkitgtk: use-after-free may lead to arbitrary code execution (CVE-2020-13584)
glib2: insecure permissions for files and directories (CVE-2019-13012)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
- References
-
- https://errata.almalinux.org/8/ALSA-2021-1586.html
- https://vulners.com/cve/CVE-2019-13012
- https://vulners.com/cve/CVE-2020-13543
- https://vulners.com/cve/CVE-2020-13584
- https://vulners.com/cve/CVE-2020-16125
- https://vulners.com/cve/CVE-2020-9948
- https://vulners.com/cve/CVE-2020-9951
- https://vulners.com/cve/CVE-2020-9983
- https://vulners.com/cve/CVE-2021-1817
- https://vulners.com/cve/CVE-2021-1820
- https://vulners.com/cve/CVE-2021-1825
- https://vulners.com/cve/CVE-2021-1826
- https://vulners.com/cve/CVE-2021-30661
Affected packages
AlmaLinux:8 / OpenEXR-devel
Package
- Name
- OpenEXR-devel
AlmaLinux:8 / OpenEXR-libs
Package
- Name
- OpenEXR-libs
AlmaLinux:8 / accountsservice-devel
Package
- Name
- accountsservice-devel
AlmaLinux:8 / atkmm
Package
- Name
- atkmm
AlmaLinux:8 / atkmm-devel
Package
- Name
- atkmm-devel
AlmaLinux:8 / atkmm-doc
Package
- Name
- atkmm-doc
AlmaLinux:8 / cairomm
Package
- Name
- cairomm
AlmaLinux:8 / cairomm-devel
Package
- Name
- cairomm-devel
AlmaLinux:8 / cairomm-doc
Package
- Name
- cairomm-doc
AlmaLinux:8 / chrome-gnome-shell
Package
- Name
- chrome-gnome-shell
AlmaLinux:8 / dleyna-core
Package
- Name
- dleyna-core
AlmaLinux:8 / dleyna-server
Package
- Name
- dleyna-server
AlmaLinux:8 / enchant2
Package
- Name
- enchant2
AlmaLinux:8 / enchant2-devel
Package
- Name
- enchant2-devel
AlmaLinux:8 / gamin
Package
- Name
- gamin
AlmaLinux:8 / gamin-devel
Package
- Name
- gamin-devel
AlmaLinux:8 / geoclue2
Package
- Name
- geoclue2
AlmaLinux:8 / geoclue2-demos
Package
- Name
- geoclue2-demos
AlmaLinux:8 / geoclue2-devel
Package
- Name
- geoclue2-devel
AlmaLinux:8 / geoclue2-libs
Package
- Name
- geoclue2-libs
AlmaLinux:8 / geocode-glib
Package
- Name
- geocode-glib
AlmaLinux:8 / geocode-glib-devel
Package
- Name
- geocode-glib-devel
AlmaLinux:8 / gjs
Package
- Name
- gjs
AlmaLinux:8 / gjs-devel
Package
- Name
- gjs-devel
AlmaLinux:8 / glib2-doc
Package
- Name
- glib2-doc
AlmaLinux:8 / glib2-static
Package
- Name
- glib2-static
AlmaLinux:8 / glibmm24
Package
- Name
- glibmm24
AlmaLinux:8 / glibmm24-devel
Package
- Name
- glibmm24-devel
AlmaLinux:8 / glibmm24-doc
Package
- Name
- glibmm24-doc
AlmaLinux:8 / gnome-boxes
Package
- Name
- gnome-boxes
AlmaLinux:8 / gnome-photos
Package
- Name
- gnome-photos
AlmaLinux:8 / gnome-photos-tests
Package
- Name
- gnome-photos-tests
AlmaLinux:8 / gnome-terminal
Package
- Name
- gnome-terminal
AlmaLinux:8 / gnome-terminal-nautilus
Package
- Name
- gnome-terminal-nautilus
AlmaLinux:8 / gtk-doc
Package
- Name
- gtk-doc
AlmaLinux:8 / gtk2
Package
- Name
- gtk2
AlmaLinux:8 / gtk2-devel
Package
- Name
- gtk2-devel
AlmaLinux:8 / gtk2-devel-docs
Package
- Name
- gtk2-devel-docs
AlmaLinux:8 / gtk2-immodule-xim
Package
- Name
- gtk2-immodule-xim
AlmaLinux:8 / gtk2-immodules
Package
- Name
- gtk2-immodules
AlmaLinux:8 / gtkmm24
Package
- Name
- gtkmm24
AlmaLinux:8 / gtkmm24-devel
Package
- Name
- gtkmm24-devel
AlmaLinux:8 / gtkmm24-docs
Package
- Name
- gtkmm24-docs
AlmaLinux:8 / gtkmm30
Package
- Name
- gtkmm30
AlmaLinux:8 / gtkmm30-devel
Package
- Name
- gtkmm30-devel
AlmaLinux:8 / gtkmm30-doc
Package
- Name
- gtkmm30-doc
AlmaLinux:8 / gvfs
Package
- Name
- gvfs
AlmaLinux:8 / gvfs-afc
Package
- Name
- gvfs-afc
AlmaLinux:8 / gvfs-afp
Package
- Name
- gvfs-afp
AlmaLinux:8 / gvfs-archive
Package
- Name
- gvfs-archive
AlmaLinux:8 / gvfs-client
Package
- Name
- gvfs-client
AlmaLinux:8 / gvfs-devel
Package
- Name
- gvfs-devel
AlmaLinux:8 / gvfs-fuse
Package
- Name
- gvfs-fuse
AlmaLinux:8 / gvfs-goa
Package
- Name
- gvfs-goa
AlmaLinux:8 / gvfs-gphoto2
Package
- Name
- gvfs-gphoto2
AlmaLinux:8 / gvfs-mtp
Package
- Name
- gvfs-mtp
AlmaLinux:8 / gvfs-smb
Package
- Name
- gvfs-smb
AlmaLinux:8 / libdazzle
Package
- Name
- libdazzle
AlmaLinux:8 / libdazzle-devel
Package
- Name
- libdazzle-devel
AlmaLinux:8 / libepubgen
Package
- Name
- libepubgen
AlmaLinux:8 / libepubgen-devel
Package
- Name
- libepubgen-devel
AlmaLinux:8 / libsass
Package
- Name
- libsass
AlmaLinux:8 / libsass-devel
Package
- Name
- libsass-devel
AlmaLinux:8 / libsigc++20
Package
- Name
- libsigc++20
AlmaLinux:8 / libsigc++20-devel
Package
- Name
- libsigc++20-devel
AlmaLinux:8 / libsigc++20-doc
Package
- Name
- libsigc++20-doc
AlmaLinux:8 / libvisual
Package
- Name
- libvisual
AlmaLinux:8 / libvisual-devel
Package
- Name
- libvisual-devel
AlmaLinux:8 / mutter-devel
Package
- Name
- mutter-devel
AlmaLinux:8 / nautilus
Package
- Name
- nautilus
AlmaLinux:8 / nautilus-devel
Package
- Name
- nautilus-devel
AlmaLinux:8 / nautilus-extensions
Package
- Name
- nautilus-extensions
AlmaLinux:8 / pangomm
Package
- Name
- pangomm
AlmaLinux:8 / pangomm-devel
Package
- Name
- pangomm-devel
AlmaLinux:8 / pangomm-doc
Package
- Name
- pangomm-doc
AlmaLinux:8 / soundtouch
Package
- Name
- soundtouch
AlmaLinux:8 / soundtouch-devel
Package
- Name
- soundtouch-devel
AlmaLinux:8 / vala
Package
- Name
- vala
AlmaLinux:8 / vala-devel
Package
- Name
- vala-devel
AlmaLinux:8 / woff2
Package
- Name
- woff2