augeas (SL7)

Synopsis: Important: augeas security update Advisory ID: SLSA-2017:2788-1 Issue Date: 2017-09-21 CVE Numbers: CVE-2017-7555 — Security Fix(es): * A vulnerability was discovered in augeas affecting the handling of escaped strings. An attacker could send crafted strings that would cause the … Read More

emacs (SL7)

Synopsis: Important: emacs security update Advisory ID: SLSA-2017:2771-1 Issue Date: 2017-09-19 CVE Numbers: CVE-2017-14482 — Security Fix(es): * A command injection flaw within the Emacs “enriched mode” handling has been discovered. By tricking an unsuspecting user into opening a specially … Read More

postgresql (SL7)

Synopsis: Moderate: postgresql security update Advisory ID: SLSA-2017:2728-1 Issue Date: 2017-09-14 CVE Numbers: CVE-2017-7546 CVE-2017-7547 — The following packages have been upgraded to a later upstream version: postgresql (9.2.23). Security Fix(es): * It was found that authenticating to a PostgreSQL … Read More

kernel (SL6)

Synopsis: Important: kernel security update Advisory ID: SLSA-2017:2681-1 Issue Date: 2017-09-12 CVE Numbers: CVE-2017-1000251 — Security Fix(es): * A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses … Read More

kernel (SL7)

Synopsis: Important: kernel security update Advisory ID: SLSA-2017:2679-1 Issue Date: 2017-09-12 CVE Numbers: CVE-2017-1000251 — Security Fix(es): * A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses … Read More

bluez (SL6, SL7)

Synopsis: Moderate: bluez security update Advisory ID: SLSA-2017:2685-1 Issue Date: 2017-09-12 CVE Numbers: CVE-2017-1000250 — Security Fix(es): * An information-disclosure flaw was found in the bluetoothd implementation of the Service Discovery Protocol (SDP). A specially crafted Bluetooth device could, without … Read More

389-ds-base (SL7)

Synopsis: Moderate: 389-ds-base security and bug fix update Advisory ID: SLSA-2017:2569-1 Issue Date: 2017-09-05 CVE Numbers: CVE-2017-7551 — Security Fix(es): * A flaw was found in the way 389-ds-base handled authentication attempts against locked accounts. A remote attacker could potentially … Read More

openssh (SL6)

Synopsis: Moderate: openssh security update Advisory ID: SLSA-2017:2563-1 Issue Date: 2017-08-31 CVE Numbers: CVE-2016-6210 — Security Fix(es): * A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly … Read More

poppler (SL6)

Synopsis: Moderate: poppler security update Advisory ID: SLSA-2017:2550-1 Issue Date: 2017-08-30 CVE Numbers: CVE-2017-9776 — Security Fix(es): * An integer overflow leading to heap-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file … Read More

poppler (SL7)

Synopsis: Moderate: poppler security update Advisory ID: SLSA-2017:2551-1 Issue Date: 2017-08-30 CVE Numbers: CVE-2017-9775 CVE-2017-9776 — Security Fix(es): * A stack-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause … Read More