firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:0219-1 Issue Date: 2019-01-30 CVE Numbers: CVE-2018-18500 CVE-2018-18501 CVE-2018-18505 — This update upgrades Firefox to version 60.5.0 ESR. Security Fix(es): * Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500) * Mozilla: Memory safety bugs fixed … Read More

firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:0218-1 Issue Date: 2019-01-30 CVE Numbers: CVE-2018-18500 CVE-2018-18501 CVE-2018-18505 — This update upgrades Firefox to version 60.5.0 ESR. Security Fix(es): * Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500) * Mozilla: Memory safety bugs fixed … Read More

systemd (SL7)

Synopsis: Low: systemd security update Advisory ID: SLSA-2019:0201-1 Issue Date: 2019-01-29 CVE Numbers: CVE-2019-3815 — Security Fix(es): * systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864 (CVE-2019-3815) — SL7 x86_64 libgudev1-219-62.el7_6.3.i686.rpm libgudev1-219-62.el7_6.3.x86_64.rpm systemd-219-62.el7_6.3.x86_64.rpm systemd-debuginfo-219-62.el7_6.3.i686.rpm systemd-debuginfo-219-62.el7_6.3.x86_64.rpm systemd-libs-219-62.el7_6.3.i686.rpm systemd-libs-219-62.el7_6.3.x86_64.rpm systemd-python-219-62.el7_6.3.x86_64.rpm … Read More

bind (SL7)

Synopsis: Moderate: bind security update Advisory ID: SLSA-2019:0194-1 Issue Date: 2019-01-29 CVE Numbers: CVE-2018-5742 — Security Fix(es): * bind: Crash from assertion error when debug log level is 10 and log entries meet buffer boundary (CVE-2018-5742) — SL7 x86_64 bind-debuginfo-9.9.4-73.el7_6.i686.rpm … Read More

kernel (SL7)

Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2019:0163-1 Issue Date: 2019-01-29 CVE Numbers: CVE-2018-18397 CVE-2018-18559 — Security Fix(es): * kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559) * kernel: userfaultfd bypasses tmpfs file permissions … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:0159-1 Issue Date: 2019-01-25 CVE Numbers: CVE-2018-17466 CVE-2018-12405 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 — This update upgrades Thunderbird to version 60.4.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:0160-1 Issue Date: 2019-01-25 CVE Numbers: CVE-2018-17466 CVE-2018-12405 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 — This update upgrades Thunderbird to version 60.4.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox … Read More

perl (SL7)

Synopsis: Important: perl security update Advisory ID: SLSA-2019:0109-1 Issue Date: 2019-01-22 CVE Numbers: CVE-2018-18311 — Security Fix(es): * perl: Integer overflow leading to buffer overflow in Perl_my_setenv() (CVE-2018-18311) — SL7 x86_64 perl-5.16.3-294.el7_6.x86_64.rpm perl-Time-Piece-1.20.1-294.el7_6.x86_64.rpm perl-core-5.16.3-294.el7_6.x86_64.rpm perl-debuginfo-5.16.3-294.el7_6.i686.rpm perl-debuginfo-5.16.3-294.el7_6.x86_64.rpm perl-devel-5.16.3-294.el7_6.i686.rpm perl-devel-5.16.3-294.el7_6.x86_64.rpm perl-libs-5.16.3-294.el7_6.i686.rpm perl-libs-5.16.3-294.el7_6.x86_64.rpm … Read More

libvncserver (SL7)

Synopsis: Important: libvncserver security update Advisory ID: SLSA-2019:0059-1 Issue Date: 2019-01-15 CVE Numbers: CVE-2018-15127 — Security Fix(es): * libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (CVE-2018-15127) — SL7 x86_64 libvncserver-0.9.9-13.el7_6.i686.rpm libvncserver-0.9.9-13.el7_6.x86_64.rpm libvncserver-debuginfo-0.9.9-13.el7_6.i686.rpm libvncserver-debuginfo-0.9.9-13.el7_6.x86_64.rpm libvncserver-devel-0.9.9-13.el7_6.i686.rpm … Read More

libvncserver (SL7)

Synopsis: Important: libvncserver security update Advisory ID: SLSA-2019:0059-1 Issue Date: 2019-01-15 CVE Numbers: CVE-2018-15127 — Security Fix(es): * libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution (CVE-2018-15127) — SL7 x86_64 libvncserver-0.9.9-13.el7_6.i686.rpm libvncserver-0.9.9-13.el7_6.x86_64.rpm libvncserver-debuginfo-0.9.9-13.el7_6.i686.rpm libvncserver-debuginfo-0.9.9-13.el7_6.x86_64.rpm libvncserver-devel-0.9.9-13.el7_6.i686.rpm … Read More