kernel (SL7)

Synopsis: Important: kernel security update Advisory ID: SLSA-2019:3834-1 Issue Date: 2019-11-13 CVE Numbers: None — Security Fix(es): * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * hw: Intel GPU … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:3756-1 Issue Date: 2019-11-06 CVE Numbers: CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15903 — This update upgrades Thunderbird to version 68.2.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox … Read More

sudo (SL6)

Synopsis: Important: sudo security update Advisory ID: SLSA-2019:3755-1 Issue Date: 2019-11-06 CVE Numbers: CVE-2019-14287 — Security Fix(es): * sudo: Privilege escalation via ‘Runas’ specification with ‘ALL’ keyword (CVE-2019-14287) — SL6 x86_64 sudo-1.8.6p3-29.el6_10.2.x86_64.rpm sudo-debuginfo-1.8.6p3-29.el6_10.2.x86_64.rpm sudo-debuginfo-1.8.6p3-29.el6_10.2.i686.rpm sudo-devel-1.8.6p3-29.el6_10.2.i686.rpm sudo-devel-1.8.6p3-29.el6_10.2.x86_64.rpm i386 sudo-1.8.6p3-29.el6_10.2.i686.rpm sudo-debuginfo-1.8.6p3-29.el6_10.2.i686.rpm sudo-devel-1.8.6p3-29.el6_10.2.i686.rpm … Read More

firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:3281-1 Issue Date: 2019-10-31 CVE Numbers: CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 — Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: … Read More

php (SL6)

Synopsis: Critical: php security update Advisory ID: SLSA-2019:3287-1 Issue Date: 2019-10-31 CVE Numbers: CVE-2019-11043 — Security Fix(es): * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) — SL6 x86_64 php-5.3.3-50.el6_10.x86_64.rpm php-bcmath-5.3.3-50.el6_10.x86_64.rpm php-cli-5.3.3-50.el6_10.x86_64.rpm php-common-5.3.3-50.el6_10.x86_64.rpm php-dba-5.3.3-50.el6_10.x86_64.rpm php-debuginfo-5.3.3-50.el6_10.x86_64.rpm php-devel-5.3.3-50.el6_10.x86_64.rpm php-embedded-5.3.3-50.el6_10.x86_64.rpm php-enchant-5.3.3-50.el6_10.x86_64.rpm php-fpm-5.3.3-50.el6_10.x86_64.rpm php-gd-5.3.3-50.el6_10.x86_64.rpm php-imap-5.3.3-50.el6_10.x86_64.rpm … Read More

php (SL7)

Synopsis: Critical: php security update Advisory ID: SLSA-2019:3286-1 Issue Date: 2019-10-31 CVE Numbers: CVE-2019-11043 — Security Fix(es): * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043) — SL7 x86_64 php-5.4.16-46.1.el7_7.x86_64.rpm php-bcmath-5.4.16-46.1.el7_7.x86_64.rpm php-cli-5.4.16-46.1.el7_7.x86_64.rpm php-common-5.4.16-46.1.el7_7.x86_64.rpm php-dba-5.4.16-46.1.el7_7.x86_64.rpm php-debuginfo-5.4.16-46.1.el7_7.x86_64.rpm php-devel-5.4.16-46.1.el7_7.x86_64.rpm php-embedded-5.4.16-46.1.el7_7.x86_64.rpm php-enchant-5.4.16-46.1.el7_7.x86_64.rpm php-fpm-5.4.16-46.1.el7_7.x86_64.rpm php-gd-5.4.16-46.1.el7_7.x86_64.rpm php-intl-5.4.16-46.1.el7_7.x86_64.rpm … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:3210-1 Issue Date: 2019-10-29 CVE Numbers: CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 CVE-2019-15903 — This update upgrades Thunderbird to version 68.2.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox … Read More

sudo (SL7)

Synopsis: Important: sudo security update Advisory ID: SLSA-2019:3197-1 Issue Date: 2019-10-24 CVE Numbers: CVE-2019-14287 — Security Fix(es): * sudo: Privilege escalation via ‘Runas’ specification with ‘ALL’ keyword (CVE-2019-14287) — SL7 x86_64 sudo-1.8.23-4.el7_7.1.x86_64.rpm sudo-debuginfo-1.8.23-4.el7_7.1.x86_64.rpm sudo-debuginfo-1.8.23-4.el7_7.1.i686.rpm sudo-devel-1.8.23-4.el7_7.1.i686.rpm sudo-devel-1.8.23-4.el7_7.1.x86_64.rpm – Scientific Linux Development … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:3193-1 Issue Date: 2019-10-23 CVE Numbers: CVE-2019-11757 CVE-2019-11758 CVE-2019-11759 CVE-2019-11760 CVE-2019-11761 CVE-2019-11762 CVE-2019-11763 CVE-2019-11764 — This update upgrades Firefox to version 68.2.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox … Read More

Important: OpenAFS (SL6, SL7)

Synopsis: Important: OpenAFS security update Advisory ID: RITM0891205 Issue Date: 2019-10-23 — Security Fixes: * Fix OPENAFS-SA-2019-001: information leakage in failed RPC output Generated RPC handler routines ran output variables through XDR encoding even when the call had failed and … Read More