Moderate: jakarta-commons-httpclient (SL5, SL6)

Synopsis: Moderate: jakarta-commons-httpclient security update Issue Date: 2013-02-19 CVE Numbers: CVE-2012-5783 — The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject’s Common Name (CN) or subjectAltName field in X.509 certificates. … Read More

Critical: thunderbird (SL5, SL6)

Synopsis: Critical: thunderbird security update Issue Date: 2013-02-19 CVE Numbers: CVE-2013-0783 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 — Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the … Read More

Critical: firefox (SL5, SL6)

Synopsis: Critical: firefox security update Issue Date: 2013-02-19 CVE Numbers: CVE-2013-0783 CVE-2013-0775 CVE-2013-0776 CVE-2013-0780 CVE-2013-0782 — Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, … Read More

Moderate: axis (SL6)

Synopsis: Moderate: axis security update Issue Date: 2013-02-19 CVE Numbers: CVE-2012-5784 — Apache Axis did not verify that the server hostname matched the domain name in the subject’s Common Name (CN) or subjectAltName field in X.509 certificates. This could allow … Read More

Critical: java-1.6.0-sun (SL5, SL6)

Synopsis: Critical: java-1.6.0-sun security update Issue Date: 2013-02-05 CVE Numbers: CVE-2013-0440 CVE-2013-1475 CVE-2013-0424 CVE-2013-0435 CVE-2013-1478 CVE-2013-0442 CVE-2013-0445 CVE-2013-1480 CVE-2013-0450 CVE-2012-1541 CVE-2013-0446 CVE-2012-3342 CVE-2013-0419 CVE-2013-0423 CVE-2013-0351 CVE-2013-0430 CVE-2013-1473 CVE-2013-0438 CVE-2013-0428 CVE-2013-0432 CVE-2012-3213 CVE-2013-1481 CVE-2013-0409 CVE-2013-0443 CVE-2013-0425 CVE-2013-0426 CVE-2013-0434 CVE-2013-0427 CVE-2013-0433 CVE-2013-1476 … Read More

Moderate: elinks (SL5, SL6)

Synopsis: Moderate: elinks security update Issue Date: 2013-02-11 CVE Numbers: CVE-2012-4545 — It was found that ELinks performed client credentials delegation during the client-to-server GSS security mechanisms negotiation. A rogue server could use this flaw to obtain the client’s credentials … Read More

Important: java-1.7.0-openjdk (SL5, SL6)

Synopsis: Important: java-1.7.0-openjdk security update Issue Date: 2013-02-08 CVE Numbers: CVE-2013-0440 CVE-2013-1475 CVE-2013-0424 CVE-2013-0435 CVE-2013-1478 CVE-2013-0442 CVE-2013-0445 CVE-2013-1480 CVE-2013-0450 CVE-2013-0428 CVE-2013-0432 CVE-2013-0443 CVE-2013-0425 CVE-2013-0426 CVE-2013-0434 CVE-2013-0427 CVE-2013-0433 CVE-2013-1476 CVE-2013-0441 CVE-2013-0429 CVE-2013-0431 CVE-2013-0444 — Multiple improper permission check issues were discovered … Read More

java-1.6.0-openjdk (SL5)

Synopsis: Important: java-1.6.0-openjdk security update Issue Date: 2013-02-08 CVE Numbers: CVE-2013-0440 CVE-2013-1475 CVE-2013-0424 CVE-2013-0435 CVE-2013-1478 CVE-2013-0442 CVE-2013-0445 CVE-2013-1480 CVE-2013-0450 CVE-2013-0428 CVE-2013-0432 CVE-2013-0443 CVE-2013-0425 CVE-2013-0426 CVE-2013-0434 CVE-2013-0427 CVE-2013-0433 CVE-2013-1476 CVE-2013-0441 CVE-2013-0429 — Multiple improper permission check issues were discovered in the … Read More

java-1.6.0-openjdk (SL6)

Synopsis: Critical: java-1.6.0-openjdk security update Issue Date: 2013-02-08 CVE Numbers: CVE-2013-0440 CVE-2013-1475 CVE-2013-0424 CVE-2013-0435 CVE-2013-1478 CVE-2013-0442 CVE-2013-0445 CVE-2013-1480 CVE-2013-0450 CVE-2013-0428 CVE-2013-0432 CVE-2013-0443 CVE-2013-0425 CVE-2013-0426 CVE-2013-0434 CVE-2013-0427 CVE-2013-0433 CVE-2013-1476 CVE-2013-0441 CVE-2013-0429 — Multiple improper permission check issues were discovered in the … Read More

xen (SL5)

Synopsis: Moderate: xen security update Issue Date: 2013-02-07 CVE Numbers: CVE-2012-4544 — A flaw was found in the way libxc, the Xen control library, handled excessively large kernel and ramdisk images when starting new guests. A privileged guest user in … Read More