Low: cups (SL6)

Synopsis: Low: cups security and bug fix update Issue Date: 2011-12-06 CVE Numbers: CVE-2011-2896 — The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch … Read More

Low: ruby (SL6)

Synopsis: Low: ruby security, bug fix, and enhancement update Issue Date: 2011-12-06 CVE Numbers: CVE-2011-2686 CVE-2011-2705 CVE-2011-3009 — Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. It … Read More

Low: resource-agents (SL6)

Synopsis: Low: resource-agents security, bug fix, and enhancement update Issue Date: 2011-12-06 CVE Numbers: CVE-2010-3389 — The resource-agents package contains a set of scripts to interface with several services to operate in a High Availability environment for both Pacemaker and … Read More

sos (SL6)

Synopsis: Low: sos security, bug fix, and enhancement update Issue Date: 2011-12-06 CVE Numbers: CVE-2011-4083 — Sos is a set of tools that gather information about system hardware and configuration. The sosreport utility incorrectly included Certificate-based RHN private entitlement keys … Read More

Moderate: kexec-tools (SL6)

Synopsis: Moderate: kexec-tools security, bug fix, and enhancement update Issue Date: 2011-12-06 CVE Numbers: CVE-2011-3588 CVE-2011-3589 CVE-2011-3590 — Kexec allows for booting a Linux kernel from the context of an already running kernel. Kdump used the SSH (Secure Shell) “StrictHostKeyChecking=no” … Read More

Low: glibc (SL6)

Synopsis: Low: glibc security, bug fix, and enhancement update Issue Date: 2011-12-06 CVE Numbers: CVE-2011-1089 — CVE-2009-5064 The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the … Read More

Moderate: tomcat6 (SL6)

Synopsis: Moderate: tomcat6 security and bug fix update Issue Date: 2011-12-05 CVE Numbers: CVE-2011-2204 CVE-2011-2526 CVE-2011-3190 CVE-2011-1184 — APR (Apache Portable Runtime) as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. … Read More

Moderate: cyrus-imapd (SL4, SL5, SL6)

Synopsis: Moderate: cyrus-imapd security update Issue Date: 2011-12-01 CVE Numbers: CVE-2011-3481 CVE-2011-3372 — The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. … Read More

Moderate: libarchive (SL6)

Synopsis: Moderate: libarchive security update Issue Date: 2011-12-01 CVE Numbers: CVE-2010-4666 CVE-2011-1777 CVE-2011-1778 CVE-2011-1779 — The libarchive programming library can create and read several different streaming archive formats, including GNU tar and cpio. It can also read ISO 9660 CD-ROM … Read More

kernel (SL5)

Synopsis: Important: kernel security, bug fix, and enhancement update Issue Date: 2011-11-29 CVE Numbers: CVE-2011-1898 CVE-2011-2494 CVE-2011-1162 CVE-2011-3363 CVE-2011-2203 CVE-2011-4110 — The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following … Read More