kernel (SL5)

Synopsis: Important: kernel security, bug fix, and enhancement update Issue Date: 2012-12-04 CVE Numbers: CVE-2012-2372 CVE-2012-3552 CVE-2012-4508 CVE-2012-4535 CVE-2012-4537 CVE-2012-5513 — Security fixes: * A race condition in the way asynchronous I/O and fallocate() interacted when using ext4 could allow … Read More

Important: libxml2 (SL5, SL6)

Synopsis: Important: libxml2 security update Issue Date: 2012-11-29 CVE Numbers: CVE-2012-5134 — A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially-crafted XML file that, when opened in an … Read More

Critical: firefox (SL5, SL6)

Synopsis: Critical: firefox security update Issue Date: 2012-11-20 CVE Numbers: CVE-2012-5842 CVE-2012-4202 CVE-2012-4201 CVE-2012-5841 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 CVE-2012-4210 — Several flaws were found in the processing of malformed web content. A web … Read More

Critical: thunderbird (SL5, SL6)

Synopsis: Critical: thunderbird security update Issue Date: 2012-11-20 CVE Numbers: CVE-2012-5842 CVE-2012-4202 CVE-2012-4201 CVE-2012-5841 CVE-2012-4207 CVE-2012-4209 CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 — Several flaws were found in the processing of malformed content. Malicious content could cause … Read More

Important: mysql (SL6)

Synopsis: Important: mysql security update Issue Date: 2012-11-14 CVE Numbers: CVE-2012-1688 CVE-2012-1690 CVE-2012-1703 CVE-2012-2749 CVE-2012-0540 CVE-2012-1689 CVE-2012-1734 CVE-2012-3163 CVE-2012-3158 CVE-2012-3177 CVE-2012-3166 CVE-2012-3173 CVE-2012-3150 CVE-2012-3180 CVE-2012-3167 CVE-2012-3197 CVE-2012-3160 — This update fixes several vulnerabilities in the MySQL database server. Information about … Read More

Moderate: libproxy (SL6)

Synopsis: Moderate: libproxy security update Issue Date: 2012-11-14 CVE Numbers: CVE-2012-4505 — A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration (PAC) files. A malicious server hosting a PAC file or a man-in-the-middle … Read More

kernel (SL5)

Synopsis: Low: kernel security and bug fix update Issue Date: 2012-11-13 CVE Numbers: CVE-2012-2100 — The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: * It was found … Read More

Low: nspluginwrapper (SL6)

Synopsis: Low: nspluginwrapper security and bug fix update Issue Date: 2012-11-13 CVE Numbers: CVE-2011-2486 — It was not possible for plug-ins wrapped by nspluginwrapper to discover whether the browser was running in Private Browsing mode. This flaw could lead to … Read More

Moderate: gegl (SL6)

Synopsis: Moderate: gegl security update Issue Date: 2012-11-12 CVE Numbers: CVE-2012-4433 — An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the gegl utility processed .ppm (Portable Pixel Map) image files. An attacker could … Read More

Critical: icedtea-web (SL6)

Synopsis: Critical: icedtea-web security update Issue Date: 2012-11-07 CVE Numbers: CVE-2012-4540 — A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, … Read More