mysql (SL5)

Synopsis: Important: mysql security update Issue Date: 2013-01-22 CVE Numbers: CVE-2012-2749 CVE-2012-5611 CVE-2012-2122 — A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the … Read More

kernel (SL5)

Synopsis: Moderate: kernel security and bug fix update Issue Date: 2013-01-22 CVE Numbers: CVE-2012-1568 CVE-2012-4444 CVE-2012-5515 — This update fixes the following security issues: * It was found that the Xen hypervisor implementation did not perform range checking on the … Read More

Moderate: vino (SL6)

Synopsis: Moderate: vino security update Issue Date: 2013-01-21 CVE Numbers: CVE-2011-1164 CVE-2011-1165 CVE-2011-0904 CVE-2011-0905 CVE-2012-4429 — It was found that Vino transmitted all clipboard activity on the system running Vino to all clients connected to port 5900, even those who … Read More

Important: java-1.7.0-openjdk (SL5, SL6)

Synopsis: Important: java-1.7.0-openjdk security update Issue Date: 2013-01-16 CVE Numbers: CVE-2013-0422 CVE-2012-3174 — Two improper permission check issues were discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox … Read More

autofs (SL5)

Synopsis: Low: autofs security, bug fix, and enhancement update Issue Date: 2013-01-08 CVE Numbers: CVE-2012-2697 — A bug fix included in SLBA-2012:0264 introduced a denial of service flaw in autofs. When using autofs with LDAP, a local user could use … Read More

freeradius2 (SL5)

Synopsis: Low: freeradius2 security and bug fix update Issue Date: 2013-01-08 CVE Numbers: CVE-2011-4966 — It was found that the “unix” module ignored the password expiration setting in “/etc/shadow”. If FreeRADIUS was configured to use this module for user authentication, … Read More

hplip3 (SL5)

Synopsis: Low: hplip3 security and bug fix update Issue Date: 2013-01-08 CVE Numbers: CVE-2011-2722 — It was found that the HP CUPS (Common UNIX Printing System) fax filter in HPLIP created a temporary file in an insecure way. A local … Read More

gtk2 (SL5)

Synopsis: Low: gtk2 security and bug fix update Issue Date: 2013-01-08 CVE Numbers: CVE-2012-2370 — An integer overflow flaw was found in the X BitMap (XBM) image file loader in GTK+. A remote attacker could provide a specially-crafted XBM image … Read More

ruby (SL5)

Synopsis: Moderate: ruby security and bug fix update Issue Date: 2013-01-08 CVE Numbers: CVE-2012-4481 CVE-2012-4522 — It was found that certain methods did not sanitize file names before passing them to lower layer routines in Ruby. If a Ruby application … Read More

httpd (SL5)

Synopsis: Low: httpd security, bug fix, and enhancement update Issue Date: 2013-01-08 CVE Numbers: CVE-2012-2687 CVE-2008-0455 CVE-2008-0456 — Input sanitization flaws were found in the mod_negotiation module. A remote attacker able to upload or create files with arbitrary names in … Read More