List of announced AOSAs (2019)

Security updates for 2019

Security updates

AOSA Package Branch Vendor Advisory
AOSA-2019-0001 flashplayer-ppapi: update to stable Adobe Security Bulletin APSB18-42
AOSA-2019-0002 vivaldi: update to 2.2.1388.37 stable (Chrome) Stable Channel Update for Desktop Tuesday, December 4, 2018, Stable Channel Update for Desktop Wednesday, December 12, 2018
AOSA-2019-0003 opera: update to 57.0.3098.106 stable Opera 57.0.3098.106 Stable update
AOSA-2019-0004 django: update to 2.1.5 stable Django security releases issued: 2.1.5, 2.0.10, and 1.11.18
AOSA-2019-0005 dotnet-{runtime,sdk}: update to 2.1.7, 2.1.503 stable, runtime stable, sdk .NET Core 2.1.7 Update - January 08, 2019
AOSA-2019-0006 firefox: update to 64.0.2 stable Mozilla Foundation Security Advisory 2018-29
AOSA-2019-0007 go: update to 1.11.4 stable [security] Go 1.11.3 and Go 1.10.6 are released
AOSA-2019-0008 tcpdump: patch stable The Problem
AOSA-2019-0009 systemd: patch stable tmpfiles: symlinks are followed in non-terminal path components (CVE-2018-6954)
AOSA-2019-0010 nettle: update to 3.4.1 stable The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations
AOSA-2019-0011 wget: patch stable [Bug-wget] CVE-2018-20483 counter-measure
AOSA-2019-0012 aria2: patch stable Metadata and potential password leaks via --log=
AOSA-2019-0013 uriparser: update to 0.9.1 stable ChangeLog
AOSA-2019-0014 units: update to 2.18 stable units_cur: missing input validation
AOSA-2019-0015 imagemagick: update to 6.9.10-23 stable convert hang until 100% CPU 100% mem
AOSA-2019-0016 openjpeg: patch stable Out-of-bound left shift in opj_j2k_setup_encoder (src/lib/openjp2/j2k.c), Excessive Iteration in opj_t1_encode_cblks (src/lib/openjp2/t1.c), OPENJPEG null ptr dereference in openjpeg-2.3.0/src/bin/jp2/convert.c:2243
AOSA-2019-0017 systemd: patch stable CVE-2018-16864 systemd: stack overflow when calling syslog from a command with long cmdline, CVE-2018-16865 systemd: stack overflow when receiving many journald entries, CVE-2018-16866 systemd: out-of-bounds read when parsing a crafted syslog message