git (SL7)

Synopsis: Important: git security update Advisory ID: SLSA-2018:1957-1 Issue Date: 2018-06-20 CVE Numbers: CVE-2018-11235 — Security Fix(es): * git: arbitrary code execution when recursively cloning a malicious repository (CVE-2018-11235) — SL7 x86_64 git-1.8.3.1-14.el7_5.x86_64.rpm git-daemon-1.8.3.1-14.el7_5.x86_64.rpm git-debuginfo-1.8.3.1-14.el7_5.x86_64.rpm git-svn-1.8.3.1-14.el7_5.x86_64.rpm noarch emacs-git-1.8.3.1-14.el7_5.noarch.rpm emacs-git-el-1.8.3.1-14.el7_5.noarch.rpm git-all-1.8.3.1-14.el7_5.noarch.rpm … Read More

kernel (SL7)

Synopsis: Moderate: kernel security update Advisory ID: SLSA-2018:1852-1 Issue Date: 2018-06-14 CVE Numbers: CVE-2018-3665 — Security Fix(es): * Kernel: FPU state information leakage via lazy FPU restore (CVE-2018-3665) — SL7 x86_64 kernel-3.10.0-862.3.3.el7.x86_64.rpm kernel-debug-3.10.0-862.3.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-862.3.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-862.3.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-862.3.3.el7.x86_64.rpm kernel-devel-3.10.0-862.3.3.el7.x86_64.rpm kernel-headers-3.10.0-862.3.3.el7.x86_64.rpm kernel-tools-3.10.0-862.3.3.el7.x86_64.rpm … Read More

plexus-archiver (SL7)

Synopsis: Important: plexus-archiver security update Advisory ID: SLSA-2018:1836-1 Issue Date: 2018-06-12 CVE Numbers: CVE-2018-1002200 — Security Fix(es): * plexus-archiver: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-1002200) — SL7 noarch plexus-archiver-2.4.2-5.el7_5.noarch.rpm plexus-archiver-javadoc-2.4.2-5.el7_5.noarch.rpm – … Read More

xmlrpc (SL7)

Synopsis: Important: xmlrpc security update Advisory ID: SLSA-2018:1780-1 Issue Date: 2018-05-31 CVE Numbers: CVE-2016-5003 — Security Fix(es): * xmlrpc: Deserialization of untrusted Java object through tag (CVE-2016-5003) — SL7 noarch xmlrpc-client-3.1.3-9.el7_5.noarch.rpm xmlrpc-common-3.1.3-9.el7_5.noarch.rpm xmlrpc-javadoc-3.1.3-9.el7_5.noarch.rpm xmlrpc-server-3.1.3-9.el7_5.noarch.rpm – Scientific Linux Development Team

xmlrpc3 (SL6)

Synopsis: Important: xmlrpc3 security update Advisory ID: SLSA-2018:1779-1 Issue Date: 2018-05-31 CVE Numbers: CVE-2016-5003 — Security Fix(es): * xmlrpc: Deserialization of untrusted Java object through tag (CVE-2016-5003) — SL6 noarch xmlrpc3-client-3.0-4.17.el6_9.noarch.rpm xmlrpc3-common-3.0-4.17.el6_9.noarch.rpm xmlrpc3-client-devel-3.0-4.17.el6_9.noarch.rpm xmlrpc3-common-devel-3.0-4.17.el6_9.noarch.rpm xmlrpc3-javadoc-3.0-4.17.el6_9.noarch.rpm xmlrpc3-server-3.0-4.17.el6_9.noarch.rpm xmlrpc3-server-devel-3.0-4.17.el6_9.noarch.rpm – Scientific Linux … Read More

procps (SL6)

Synopsis: Important: procps security update Advisory ID: SLSA-2018:1777-1 Issue Date: 2018-05-31 CVE Numbers: CVE-2018-1124 CVE-2018-1126 — Security Fix(es): * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:1726-1 Issue Date: 2018-05-24 CVE Numbers: CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5159 CVE-2018-5168 CVE-2018-5178 CVE-2018-5183 CVE-2018-5184 CVE-2018-5161 CVE-2018-5162 CVE-2018-5170 CVE-2018-5185 — This update upgrades Thunderbird to version 52.8.0. Security Fix(es): * Mozilla: Memory safety bugs … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:1725-1 Issue Date: 2018-05-24 CVE Numbers: CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5159 CVE-2018-5168 CVE-2018-5178 CVE-2018-5183 CVE-2018-5184 CVE-2018-5161 CVE-2018-5162 CVE-2018-5170 CVE-2018-5185 — This update upgrades Thunderbird to version 52.8.0. Security Fix(es): * Mozilla: Memory safety bugs … Read More

procps-ng (SL7)

Synopsis: Important: procps-ng security update Advisory ID: SLSA-2018:1700-1 Issue Date: 2018-05-23 CVE Numbers: CVE-2018-1124 CVE-2018-1126 — Security Fix(es): * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to … Read More

libvirt (SL7)

Synopsis: Important: libvirt security update Advisory ID: SLSA-2018:1632-1 Issue Date: 2018-05-22 CVE Numbers: CVE-2018-3639 — Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a … Read More