tomcat (SL7)

Synopsis: Low: tomcat security, bug fix, and enhancement update Advisory ID: SLSA-2017:2247-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2016-6797 CVE-2016-6796 CVE-2016-6794 CVE-2016-5018 CVE-2016-0762 — The following packages have been upgraded to a later upstream version: tomcat (7.0.76). Security Fix(es): * The … Read More

GStreamer (SL7)

Synopsis: Moderate: GStreamer security, bug fix, and Advisory ID: SLSA-2017:2060-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2016-9446 CVE-2016-9810 CVE-2016-9811 CVE-2016-10198 CVE-2016-10199 CVE-2017-5845 CVE-2017-5848 CVE-2017-5837 CVE-2017-5839 CVE-2017-5838 CVE-2017-5840 CVE-2017-5841 CVE-2017-5842 CVE-2017-5843 CVE-2017-5844 — The following packages have been upgraded to a later … Read More

evince (SL7)

Synopsis: Important: evince security update Advisory ID: SLSA-2017:2388-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2017-1000083 — Security Fix(es): * It was found that evince did not properly sanitize the command line which is run to untar Comic Book Tar (CBT) files, … Read More

freeradius (SL7)

Synopsis: Important: freeradius security update Advisory ID: SLSA-2017:2389-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2017-10978 CVE-2017-10983 CVE-2017-10984 CVE-2017-10985 CVE-2017-10986 CVE-2017-10987 — Security Fix(es): * An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. … Read More

ghostscript (SL7)

Synopsis: Low: ghostscript security and bug fix update Advisory ID: SLSA-2017:2180-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2017-7207 — Security Fix(es): * A NULL pointer dereference flaw was found in ghostscript’s mem_get_bits_rectangle function. A specially crafted postscript document could cause a … Read More

gdm and gnome-session (SL7)

Synopsis: Moderate: gdm and gnome-session security, bug fix, Advisory ID: SLSA-2017:2128-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2015-7496 — The following packages have been upgraded to a later upstream version: gdm (3.22.3), gnome-session (3.22.3). Security Fix(es): * It was found that … Read More

java-1.7.0-openjdk (SL6, SL7)

Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: SLSA-2017:2424-1 Issue Date: 2017-08-07 CVE Numbers: CVE-2017-10107 CVE-2017-10089 CVE-2017-10090 CVE-2017-10087 CVE-2017-10110 CVE-2017-10101 CVE-2017-10096 CVE-2017-10074 CVE-2017-10067 CVE-2017-10109 CVE-2017-10081 CVE-2017-10116 CVE-2017-10115 CVE-2017-10135 CVE-2017-10108 CVE-2017-10053 CVE-2017-10102 CVE-2017-10243 — Security Fix(es): * It was discovered that the … Read More

log4j (SL7)

Synopsis: Important: log4j security update Advisory ID: SLSA-2017:2423-1 Issue Date: 2017-08-07 CVE Numbers: CVE-2017-5645 — Security Fix(es): * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via … Read More

httpd (SL7)

Synopsis: Important: httpd security update Advisory ID: SLSA-2017:2479-1 Issue Date: 2017-08-15 CVE Numbers: CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 CVE-2017-9788 CVE-2017-7668 — Security Fix(es): * It was discovered that the httpd’s mod_auth_digest module did not properly initialize memory before using it when processing … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:2473-1 Issue Date: 2017-08-15 CVE Numbers: CVE-2017-7533 — Security Fix(es): * A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads … Read More