Low: sssd (SL6)

Synopsis: Low: sssd security, bug fix and enhancement update Issue Date: 2013-02-21 CVE Numbers: CVE-2013-0219 CVE-2013-0220 — A race condition was found in the way SSSD copied and removed user home directories. A local attacker who is able to write … Read More

Low: util-linux-ng (SL6)

Synopsis: Low: util-linux-ng security, bug fix and enhancement update Issue Date: 2013-02-21 CVE Numbers: CVE-2013-0157 — An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the … Read More

Low: rdma (SL6)

Synopsis: Low: rdma security, bug fix and enhancement update Issue Date: 2013-02-21 CVE Numbers: CVE-2012-4517 CVE-2012-4518 — A denial of service flaw was found in the way ibacm managed reference counts for multicast connections. An attacker could send specially-crafted multicast … Read More

Moderate: openchange (SL6)

Synopsis: Moderate: openchange security, bug fix and enhancement update Issue Date: 2013-02-21 CVE Numbers: CVE-2012-1182 — A flaw was found in the Samba suite’s Perl-based DCE/RPC IDL (PIDL) compiler. As OpenChange uses code generated by PIDL, this could have resulted … Read More

Low: dovecot (SL6)

Synopsis: Low: dovecot security and bug fix update Issue Date: 2013-02-21 CVE Numbers: CVE-2011-2166 CVE-2011-2167 CVE-2011-4318 — Two flaws were found in the way some settings were enforced by the script-login functionality of Dovecot. A remote, authenticated user could use … Read More

Low: hplip (SL6)

Synopsis: Low: hplip security, bug fix and enhancement update Issue Date: 2013-02-21 CVE Numbers: CVE-2011-2722 CVE-2013-0200 — Several temporary file handling flaws were found in HPLIP. A local attacker could use these flaws to perform a symbolic link attack, overwriting … Read More

Moderate: samba4 (SL6)

Synopsis: Moderate: samba4 security, bug fix and enhancement update Issue Date: 2013-02-21 CVE Numbers: CVE-2012-1182 — A flaw was found in the Samba suite’s Perl-based DCE/RPC IDL (PIDL) compiler, used to generate code to handle RPC calls. This could result … Read More

Moderate: libxml2 (SL5, SL6)

Synopsis: Moderate: libxml2 security update Issue Date: 2013-02-28 CVE Numbers: CVE-2013-0338 — A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide … Read More

Moderate: cups (SL5, SL6)

Synopsis: Moderate: cups security update Issue Date: 2013-02-28 CVE Numbers: CVE-2012-5519 — It was discovered that CUPS administrative users (members of the SystemGroups groups) who are permitted to perform CUPS configuration changes via the CUPS web interface could manipulate the … Read More

dbus-glib (SL5, SL6)

Synopsis: Important: dbus-glib security update Issue Date: 2013-02-26 CVE Numbers: CVE-2013-0292 — A flaw was found in the way dbus-glib filtered the message sender (message source subject) when the “NameOwnerChanged” signal was received. This could trick a system service using … Read More