thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:3531-1 Issue Date: 2018-11-09 CVE Numbers: CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 — This update upgrades Thunderbird to version 60.3.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 … Read More

spice-server (SL6)

Synopsis: Important: spice-server security update Advisory ID: SLSA-2018:3522-1 Issue Date: 2018-11-08 CVE Numbers: CVE-2017-7506 — Security Fix(es): * spice: Possible buffer overflow via invalid monitor configurations (CVE-2017-7506) — SL6 x86_64 spice-server-0.12.4-16.el6_10.2.x86_64.rpm spice-server-debuginfo-0.12.4-16.el6_10.2.x86_64.rpm spice-server-devel-0.12.4-16.el6_10.2.x86_64.rpm – Scientific Linux Development Team

java-1.7.0-openjdk (SL6)

Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: SLSA-2018:3409-1 Issue Date: 2018-10-31 CVE Numbers: CVE-2018-3169 CVE-2018-3214 CVE-2018-3139 CVE-2018-3180 CVE-2018-3136 CVE-2018-3149 — Security Fix(es): * OpenJDK: Improper field access checks (Hotspot, 8199226) (CVE-2018-3169) * OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:3403-1 Issue Date: 2018-10-31 CVE Numbers: CVE-2017-16541 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 CVE-2018-12383 CVE-2018-12385 — This update upgrades Thunderbird to version 60.2.1. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 62 and … Read More

python-paramiko (SL6)

Synopsis: Critical: python-paramiko security update Advisory ID: SLSA-2018:3406-1 Issue Date: 2018-10-31 CVE Numbers: CVE-2018-1000805 — Security Fix(es): * python-paramiko: Authentication bypass in auth_handler.py (CVE-2018-1000805) — SL6 noarch python-paramiko-1.7.5-5.el6_10.noarch.rpm python-paramiko-1.7.5-4.el6_7.1.noarch.rpm python-paramiko-1.7.5-4.el6_6.1.noarch.rpm – Scientific Linux Development Team

firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:3006-1 Issue Date: 2018-10-25 CVE Numbers: CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 — This update upgrades Firefox to version 60.3.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 63 … Read More

firefox (SL7)

Synopsis: Critical: firefox security and bug fix update Advisory ID: SLSA-2018:3005-1 Issue Date: 2018-10-25 CVE Numbers: CVE-2018-12389 CVE-2018-12390 CVE-2018-12392 CVE-2018-12393 CVE-2018-12395 CVE-2018-12396 CVE-2018-12397 — This update upgrades Firefox to version 60.3.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed … Read More

java-1.8.0-openjdk (SL6)

Synopsis: Critical: java-1.8.0-openjdk security update Advisory ID: SLSA-2018:2943-1 Issue Date: 2018-10-18 CVE Numbers: CVE-2018-3183 CVE-2018-3169 CVE-2018-3214 CVE-2018-3139 CVE-2018-3180 CVE-2018-3136 CVE-2018-3149 — Security Fix(es): * OpenJDK: Improper field access checks (Hotspot, 8199226) (CVE-2018-3169) * OpenJDK: Unrestricted access to scripting engine (Scripting, … Read More

java-1.8.0-openjdk (SL7)

Synopsis: Critical: java-1.8.0-openjdk security update Advisory ID: SLSA-2018:2942-1 Issue Date: 2018-10-18 CVE Numbers: CVE-2018-3183 CVE-2018-3169 CVE-2018-3214 CVE-2018-3139 CVE-2018-3180 CVE-2018-3136 CVE-2018-3149 — Security Fix(es): * OpenJDK: Improper field access checks (Hotspot, 8199226) (CVE-2018-3169) * OpenJDK: Unrestricted access to scripting engine (Scripting, … Read More

tomcat (SL7)

Synopsis: Important: tomcat security update Advisory ID: SLSA-2018:2921-1 Issue Date: 2018-10-16 CVE Numbers: CVE-2018-1336 — Security Fix(es): * tomcat: A bug in the UTF-8 decoder can lead to DoS (CVE-2018-1336) — SL7 noarch tomcat-servlet-3.0-api-7.0.76-8.el7_5.noarch.rpm tomcat-7.0.76-8.el7_5.noarch.rpm tomcat-admin-webapps-7.0.76-8.el7_5.noarch.rpm tomcat-docs-webapp-7.0.76-8.el7_5.noarch.rpm tomcat-el-2.2-api-7.0.76-8.el7_5.noarch.rpm tomcat-javadoc-7.0.76-8.el7_5.noarch.rpm tomcat-jsp-2.2-api-7.0.76-8.el7_5.noarch.rpm … Read More