qemu-kvm (SL6)

Synopsis: Moderate: qemu-kvm security update Advisory ID: SLSA-2018:0516-1 Issue Date: 2018-03-13 CVE Numbers: CVE-2017-15289 — Security Fix(es): * Qemu: cirrus: OOB access issue in mode4and5 write functions (CVE-2017-15289) — SL6 x86_64 qemu-guest-agent-0.12.1.2-2.503.el6_9.5.x86_64.rpm qemu-img-0.12.1.2-2.503.el6_9.5.x86_64.rpm qemu-kvm-0.12.1.2-2.503.el6_9.5.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.5.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.503.el6_9.5.x86_64.rpm i386 qemu-guest-agent-0.12.1.2-2.503.el6_9.5.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.5.i686.rpm – … Read More

mailman (SL6)

Synopsis: Moderate: mailman security update Advisory ID: SLSA-2018:0504-1 Issue Date: 2018-03-13 CVE Numbers: CVE-2018-5950 — Security Fix(es): * mailman: Cross-site scripting (XSS) vulnerability in web UI (CVE-2018-5950) — SL6 x86_64 mailman-2.1.12-26.el6_9.3.x86_64.rpm mailman-debuginfo-2.1.12-26.el6_9.3.x86_64.rpm i386 mailman-2.1.12-26.el6_9.3.i686.rpm mailman-debuginfo-2.1.12-26.el6_9.3.i686.rpm – Scientific Linux Development Team

mailman (SL7)

Synopsis: Moderate: mailman security update Advisory ID: SLSA-2018:0505-1 Issue Date: 2018-03-13 CVE Numbers: CVE-2018-5950 — Security Fix(es): * mailman: Cross-site scripting (XSS) vulnerability in web UI (CVE-2018-5950) — SL7 x86_64 mailman-2.1.15-26.el7_4.1.x86_64.rpm mailman-debuginfo-2.1.15-26.el7_4.1.x86_64.rpm – Scientific Linux Development Team

dhcp (SL7)

Synopsis: Important: dhcp security update Advisory ID: SLSA-2018:0483-1 Issue Date: 2018-03-12 CVE Numbers: CVE-2018-5732 CVE-2018-5733 — Security Fix(es): * dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count overflow in dhcpd … Read More

dhcp (SL6)

Synopsis: Important: dhcp security and bug fix update Advisory ID: SLSA-2018:0469-1 Issue Date: 2018-03-08 CVE Numbers: CVE-2018-5732 CVE-2018-5733 — Security Fix(es): * dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2018:0395-1 Issue Date: 2018-03-06 CVE Numbers: CVE-2017-7518 CVE-2017-12188 — Security Fix(es): * Kernel: KVM: MMU potential stack buffer overrun during page walks (CVE-2017-12188, Important) * Kernel: KVM: debug exception via … Read More

libreoffice (SL7)

Synopsis: Moderate: libreoffice security update Advisory ID: SLSA-2018:0418-1 Issue Date: 2018-03-06 CVE Numbers: CVE-2018-6871 — Security Fix(es): * libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula (CVE-2018-6871) — SL7 x86_64 libreoffice-base-5.0.6.2-15.el7_4.x86_64.rpm libreoffice-calc-5.0.6.2-15.el7_4.x86_64.rpm libreoffice-core-5.0.6.2-15.el7_4.x86_64.rpm libreoffice-debuginfo-5.0.6.2-15.el7_4.x86_64.rpm libreoffice-draw-5.0.6.2-15.el7_4.x86_64.rpm libreoffice-emailmerge-5.0.6.2-15.el7_4.x86_64.rpm libreoffice-graphicfilter-5.0.6.2-15.el7_4.x86_64.rpm libreoffice-impress-5.0.6.2-15.el7_4.x86_64.rpm libreoffice-langpack-af-5.0.6.2-15.el7_4.x86_64.rpm … Read More

php (SL7)

Synopsis: Moderate: php security update Advisory ID: SLSA-2018:0406-1 Issue Date: 2018-03-06 CVE Numbers: CVE-2017-7890 — Security Fix(es): * php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function (CVE-2017-7890) — SL7 x86_64 php-5.4.16-43.el7_4.1.x86_64.rpm php-bcmath-5.4.16-43.el7_4.1.x86_64.rpm php-cli-5.4.16-43.el7_4.1.x86_64.rpm php-common-5.4.16-43.el7_4.1.x86_64.rpm php-dba-5.4.16-43.el7_4.1.x86_64.rpm php-debuginfo-5.4.16-43.el7_4.1.x86_64.rpm php-devel-5.4.16-43.el7_4.1.x86_64.rpm php-embedded-5.4.16-43.el7_4.1.x86_64.rpm php-enchant-5.4.16-43.el7_4.1.x86_64.rpm … Read More

389-ds-base (SL7)

Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: SLSA-2018:0414-1 Issue Date: 2018-03-06 CVE Numbers: CVE-2017-15135 CVE-2018-1054 — Security Fix(es): * 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c (CVE-2018-1054) * 389-ds-base: Authentication bypass … Read More

quagga (SL7)

Synopsis: Important: quagga security update Advisory ID: SLSA-2018:0377-1 Issue Date: 2018-02-28 CVE Numbers: CVE-2018-5379 — Security Fix(es): * quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code (CVE-2018-5379) … Read More