kernel (SL7)

Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2017:1308-1 Issue Date: 2017-05-25 CVE Numbers: CVE-2016-8646 CVE-2016-10208 CVE-2016-7910 CVE-2017-5986 CVE-2017-7308 — Security Fix(es): * It was found that the packet_set_ring() function of the Linux kernel’s networking implementation did … Read More

samba (SL6, SL7)

Synopsis: Important: samba security update Advisory ID: SLSA-2017:1270-1 Issue Date: 2017-05-24 CVE Numbers: CVE-2017-7494 — Security Fix(es): * A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could … Read More

samba4 (SL6)

Synopsis: Important: samba4 security update Advisory ID: SLSA-2017:1271-1 Issue Date: 2017-05-24 CVE Numbers: CVE-2017-7494 — Security Fix(es): * A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could … Read More

rpcbind (SL6)

Synopsis: Important: rpcbind security update Advisory ID: SLSA-2017:1267-1 Issue Date: 2017-05-23 CVE Numbers: CVE-2017-8779 — Security Fix(es): * It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR … Read More

libtirpc (SL6)

Synopsis: Important: libtirpc security update Advisory ID: SLSA-2017:1268-1 Issue Date: 2017-05-23 CVE Numbers: CVE-2017-8779 — Security Fix(es): * It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR … Read More

kdelibs (SL7)

Synopsis: Important: kdelibs security update Advisory ID: SLSA-2017:1264-1 Issue Date: 2017-05-22 CVE Numbers: CVE-2017-8422 — Security Fix(es): * A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to … Read More

samba (SL7)

Synopsis: Moderate: samba security and bug fix update Advisory ID: SLSA-2017:1265-1 Issue Date: 2017-05-22 CVE Numbers: CVE-2016-2125 CVE-2016-2126 CVE-2017-2619 — Security Fix(es): * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which … Read More

rpcbind (SL7)

Synopsis: Important: rpcbind security update Advisory ID: SLSA-2017:1262-1 Issue Date: 2017-05-21 CVE Numbers: CVE-2017-8779 — Security Fix(es): * It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR … Read More

libtirpc (SL7)

Synopsis: Important: libtirpc security update Advisory ID: SLSA-2017:1263-1 Issue Date: 2017-05-21 CVE Numbers: CVE-2017-8779 — Security Fix(es): * It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR … Read More

ghostscript (SL6, SL7)

Synopsis: Important: ghostscript security update Advisory ID: SLSA-2017:1230-1 Issue Date: 2017-05-12 CVE Numbers: CVE-2017-8291 — Security Fix(es): * It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a … Read More