cloud-init (SL7)

Synopsis: Moderate: cloud-init security update Advisory ID: SLSA-2019:0597-1 Issue Date: 2019-03-18 CVE Numbers: CVE-2019-0816 — Security Fix(es): * cloud-init: extra ssh keys added to authorized_keys on the Azure platform (CVE-2019-0816) — SL7 x86_64 cloud-init-18.2-1.el7_6.2.x86_64.rpm – Scientific Linux Development Team

cloud-init (SL7)

Synopsis: Moderate: cloud-init security update Advisory ID: SLSA-2019:0597-1 Issue Date: 2019-03-18 CVE Numbers: CVE-2019-0816 — Security Fix(es): * cloud-init: extra ssh keys added to authorized_keys on the Azure platform (CVE-2019-0816) — SL7 x86_64 cloud-init-18.2-1.el7_6.2.x86_64.rpm – Scientific Linux Development Team

cloud-init (SL7)

Synopsis: Moderate: cloud-init security update Advisory ID: SLSA-2019:0597-1 Issue Date: 2019-03-18 CVE Numbers: CVE-2019-0816 — Security Fix(es): * cloud-init: extra ssh keys added to authorized_keys on the Azure platform (CVE-2019-0816) — SL7 x86_64 cloud-init-18.2-1.el7_6.2.x86_64.rpm – Scientific Linux Development Team

kernel (SL7)

Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2019:0512-1 Issue Date: 2019-03-14 CVE Numbers: CVE-2018-17972 CVE-2018-18445 CVE-2018-9568 — Security Fix(es): * kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568) * kernel: Unprivileged users able to inspect … Read More

tomcat (SL7)

Synopsis: Moderate: tomcat security update Advisory ID: SLSA-2019:0485-1 Issue Date: 2019-03-13 CVE Numbers: CVE-2018-11784 — Security Fix(es): * tomcat: Open redirect in default servlet (CVE-2018-11784) — SL7 noarch tomcat-servlet-3.0-api-7.0.76-9.el7_6.noarch.rpm tomcat-7.0.76-9.el7_6.noarch.rpm tomcat-admin-webapps-7.0.76-9.el7_6.noarch.rpm tomcat-docs-webapp-7.0.76-9.el7_6.noarch.rpm tomcat-el-2.2-api-7.0.76-9.el7_6.noarch.rpm tomcat-javadoc-7.0.76-9.el7_6.noarch.rpm tomcat-jsp-2.2-api-7.0.76-9.el7_6.noarch.rpm tomcat-jsvc-7.0.76-9.el7_6.noarch.rpm tomcat-lib-7.0.76-9.el7_6.noarch.rpm tomcat-webapps-7.0.76-9.el7_6.noarch.rpm tomcat-7.0.76-9.el7_6.src.rpm – … Read More

cockpit (SL7)

Synopsis: Moderate: cockpit security update Advisory ID: SLSA-2019:0482-1 Issue Date: 2019-03-13 CVE Numbers: CVE-2019-3804 — Security Fix(es): * cockpit: Crash when parsing invalid base64 headers (CVE-2019-3804) — SL7 x86_64 cockpit-173.2-1.el7.x86_64.rpm cockpit-bridge-173.2-1.el7.x86_64.rpm cockpit-debuginfo-173.2-1.el7.i686.rpm cockpit-debuginfo-173.2-1.el7.x86_64.rpm cockpit-ws-173.2-1.el7.i686.rpm cockpit-ws-173.2-1.el7.x86_64.rpm cockpit-doc-173.2-1.el7.x86_64.rpm cockpit-173.2-1.el7.src.rpm noarch cockpit-system-173.2-1.el7.noarch.rpm cockpit-machines-ovirt-173.2-1.el7.noarch.rpm … Read More

openssl (SL7)

Synopsis: Moderate: openssl security and bug fix update Advisory ID: SLSA-2019:0483-1 Issue Date: 2019-03-13 CVE Numbers: CVE-2018-5407 — Security Fix(es): * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) Bug Fix(es): * Perform the RSA signature self-tests with SHA-256 — … Read More

openssl (SL7)

Synopsis: Moderate: openssl security and bug fix update Advisory ID: SLSA-2019:0483-1 Issue Date: 2019-03-13 CVE Numbers: CVE-2018-5407 — Security Fix(es): * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) Bug Fix(es): * Perform the RSA signature self-tests with SHA-256 — … Read More

java-1.7.0-openjdk (SL6)

Synopsis: Moderate: java-1.7.0-openjdk security update Advisory ID: SLSA-2019:0462-1 Issue Date: 2019-03-05 CVE Numbers: CVE-2019-2422 — Security Fix(es): * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422) — SL6 x86_64 java-1.7.0-openjdk-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm i386 java-1.7.0-openjdk-1.7.0.211-2.6.17.1.el6_10.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.211-2.6.17.1.el6_10.i686.rpm java-1.7.0-openjdk-devel-1.7.0.211-2.6.17.1.el6_10.i686.rpm java-1.7.0-openjdk-demo-1.7.0.211-2.6.17.1.el6_10.i686.rpm java-1.7.0-openjdk-src-1.7.0.211-2.6.17.1.el6_10.i686.rpm … Read More

java-1.7.0-openjdk (SL7)

Synopsis: Moderate: java-1.7.0-openjdk security update Advisory ID: SLSA-2019:0464-1 Issue Date: 2019-03-05 CVE Numbers: CVE-2019-2422 — Security Fix(es): * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422) — SL7 x86_64 java-1.7.0-openjdk-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-accessibility-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-1.7.0.211-2.6.17.1.el7_6.src.rpm noarch java-1.7.0-openjdk-javadoc-1.7.0.211-2.6.17.1.el7_6.noarch.rpm – … Read More