libreoffice (SL7)

Synopsis: Moderate: libreoffice security and bug fix update Advisory ID: SLSA-2017:0914-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2017-3157 — Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object’s preview. An attacker could … Read More

httpd (SL7)

Synopsis: Moderate: httpd security and bug fix update Advisory ID: SLSA-2017:0906-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 — Security Fix(es): * It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity … Read More

util-linux (SL7)

Synopsis: Moderate: util-linux security and bug fix update Advisory ID: SLSA-2017:0907-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2017-2616 — Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker … Read More

kernel (SL7)

Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2017:0933-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2017-2636 CVE-2016-8650 CVE-2016-9793 CVE-2017-2618 — Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf … Read More

389-ds-base (SL6)

Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: SLSA-2017:0893-1 Issue Date: 2017-04-11 CVE Numbers: CVE-2017-2668 — Security Fix(es): * An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:0892-1 Issue Date: 2017-04-11 CVE Numbers: CVE-2016-7910 CVE-2017-2636 — Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can … Read More

tigervnc (SL6)

Synopsis: Moderate: tigervnc security and bug fix update Advisory ID: SLSA-2017:0630-1 Issue Date: 2017-03-21 CVE Numbers: CVE-2017-5581 CVE-2016-10207 — Security Fix(es): * A denial of service flaw was found in the TigerVNC’s Xvnc server. A remote unauthenticated attacker could use … Read More

bash (SL6)

Synopsis: Moderate: bash security and bug fix update Advisory ID: SLSA-2017:0725-1 Issue Date: 2017-03-21 CVE Numbers: CVE-2016-0634 CVE-2016-7543 CVE-2016-9401 — Security Fix(es): * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious … Read More

samba (SL6)

Synopsis: Moderate: samba security and bug fix update Advisory ID: SLSA-2017:0662-1 Issue Date: 2017-03-21 CVE Numbers: CVE-2016-2125 CVE-2016-2126 — Security Fix(es): * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba … Read More

subscription-manager (SL6)

Synopsis: Moderate: subscription-manager security, bug fix, and enhancement update Advisory ID: SLSA-2017:0698-1 Issue Date: 2017-03-21 CVE Numbers: CVE-2016-4455 — Security Fix(es): * It was found that subscription-manager set weak permissions on files in /var/lib/rhsm/, causing an information disclosure. A local, … Read More