firefox (SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2017:2831-1 Issue Date: 2017-09-29 CVE Numbers: CVE-2017-7793 CVE-2017-7810 CVE-2017-7814 CVE-2017-7818 CVE-2017-7819 CVE-2017-7823 CVE-2017-7824 — This update upgrades Firefox to version 52.4.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of … Read More

kernel (SL6)

Synopsis: Important: kernel security update Advisory ID: SLSA-2017:2795-1 Issue Date: 2017-09-26 CVE Numbers: CVE-2017-1000253 — Security Fix(es): * A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent … Read More

samba (SL6)

Synopsis: Moderate: samba security update Advisory ID: SLSA-2017:2789-1 Issue Date: 2017-09-21 CVE Numbers: CVE-2017-2619 CVE-2017-12150 CVE-2017-12163 — Security Fix(es): * A race condition was found in samba server. A malicious samba client could use this flaw to access files and … Read More

samba (SL7)

Synopsis: Moderate: samba security update Advisory ID: SLSA-2017:2790-1 Issue Date: 2017-09-21 CVE Numbers: CVE-2017-12150 CVE-2017-12163 CVE-2017-12151 — Security Fix(es): * It was found that samba did not enforce “SMB signing” when certain configuration options were enabled. A remote attacker could … Read More

samba4 (SL6)

Synopsis: Moderate: samba4 security update Advisory ID: SLSA-2017:2791-1 Issue Date: 2017-09-21 CVE Numbers: CVE-2017-12150 CVE-2017-12163 — Security Fix(es): * It was found that samba did not enforce “SMB signing” when certain configuration options were enabled. A remote attacker could launch … Read More

augeas (SL7)

Synopsis: Important: augeas security update Advisory ID: SLSA-2017:2788-1 Issue Date: 2017-09-21 CVE Numbers: CVE-2017-7555 — Security Fix(es): * A vulnerability was discovered in augeas affecting the handling of escaped strings. An attacker could send crafted strings that would cause the … Read More

emacs (SL7)

Synopsis: Important: emacs security update Advisory ID: SLSA-2017:2771-1 Issue Date: 2017-09-19 CVE Numbers: CVE-2017-14482 — Security Fix(es): * A command injection flaw within the Emacs “enriched mode” handling has been discovered. By tricking an unsuspecting user into opening a specially … Read More

postgresql (SL7)

Synopsis: Moderate: postgresql security update Advisory ID: SLSA-2017:2728-1 Issue Date: 2017-09-14 CVE Numbers: CVE-2017-7546 CVE-2017-7547 — The following packages have been upgraded to a later upstream version: postgresql (9.2.23). Security Fix(es): * It was found that authenticating to a PostgreSQL … Read More

kernel (SL6)

Synopsis: Important: kernel security update Advisory ID: SLSA-2017:2681-1 Issue Date: 2017-09-12 CVE Numbers: CVE-2017-1000251 — Security Fix(es): * A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses … Read More

kernel (SL7)

Synopsis: Important: kernel security update Advisory ID: SLSA-2017:2679-1 Issue Date: 2017-09-12 CVE Numbers: CVE-2017-1000251 — Security Fix(es): * A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses … Read More