thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:0648-1 Issue Date: 2018-04-05 CVE Numbers: CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 CVE-2018-5145 CVE-2018-5146 — This update upgrades Thunderbird to version 52.7.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:0647-1 Issue Date: 2018-04-05 CVE Numbers: CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 CVE-2018-5145 CVE-2018-5146 — This update upgrades Thunderbird to version 52.7.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox … Read More

libvorbis (SL6)

Synopsis: Important: libvorbis security update Advisory ID: SLSA-2018:0649-1 Issue Date: 2018-04-05 CVE Numbers: CVE-2018-5146 — Security Fix(es): * Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) — SL6 x86_64 libvorbis-1.2.3-5.el6_9.1.i686.rpm libvorbis-1.2.3-5.el6_9.1.x86_64.rpm libvorbis-debuginfo-1.2.3-5.el6_9.1.i686.rpm libvorbis-debuginfo-1.2.3-5.el6_9.1.x86_64.rpm libvorbis-devel-1.2.3-5.el6_9.1.i686.rpm libvorbis-devel-1.2.3-5.el6_9.1.x86_64.rpm i386 libvorbis-1.2.3-5.el6_9.1.i686.rpm … Read More

slf4j (SL7)

Synopsis: Important: slf4j security update Advisory ID: SLSA-2018:0592-1 Issue Date: 2018-03-26 CVE Numbers: CVE-2018-8088 — Security Fix(es): * slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088) — SL7 noarch slf4j-1.7.4-4.el7_4.noarch.rpm slf4j-javadoc-1.7.4-4.el7_4.noarch.rpm slf4j-manual-1.7.4-4.el7_4.noarch.rpm – Scientific Linux … Read More

firefox (SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:0549-1 Issue Date: 2018-03-19 CVE Numbers: CVE-2018-5146 — This update upgrades Firefox to version 52.7.2 ESR. Security Fix(es): * Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) — SL6 x86_64 … Read More

firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:0526-1 Issue Date: 2018-03-15 CVE Numbers: CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5130 CVE-2018-5131 CVE-2018-5144 CVE-2018-5145 — This update upgrades Firefox to version 52.7.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:0527-1 Issue Date: 2018-03-15 CVE Numbers: CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5130 CVE-2018-5131 CVE-2018-5144 CVE-2018-5145 — This update upgrades Firefox to version 52.7.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 … Read More

389-ds-base (SL6)

Synopsis: Important: 389-ds-base security update Advisory ID: SLSA-2018:0515-1 Issue Date: 2018-03-13 CVE Numbers: CVE-2017-15135 CVE-2018-1054 — Security Fix(es): * 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c (CVE-2018-1054) * 389-ds-base: Authentication bypass due to lack … Read More

libreoffice (SL6)

Synopsis: Moderate: libreoffice security update Advisory ID: SLSA-2018:0517-1 Issue Date: 2018-03-13 CVE Numbers: CVE-2018-6871 — Security Fix(es): * libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula (CVE-2018-6871) — SL6 x86_64 libreoffice-base-4.3.7.2-2.el6_9.2.x86_64.rpm libreoffice-calc-4.3.7.2-2.el6_9.2.x86_64.rpm libreoffice-core-4.3.7.2-2.el6_9.2.x86_64.rpm libreoffice-debuginfo-4.3.7.2-2.el6_9.2.x86_64.rpm libreoffice-draw-4.3.7.2-2.el6_9.2.x86_64.rpm libreoffice-emailmerge-4.3.7.2-2.el6_9.2.x86_64.rpm libreoffice-graphicfilter-4.3.7.2-2.el6_9.2.x86_64.rpm libreoffice-headless-4.3.7.2-2.el6_9.2.x86_64.rpm libreoffice-impress-4.3.7.2-2.el6_9.2.x86_64.rpm … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2018:0512-1 Issue Date: 2018-03-13 CVE Numbers: CVE-2017-5753 CVE-2017-5715 CVE-2017-5754 — Security Fix(es): * hw: cpu: speculative execution branch target injection (s390-only) (CVE-2017-5715, Important) * hw: cpu: speculative execution bounds-check bypass … Read More