httpd (SL6)

Synopsis: Moderate: httpd security and bug fix update Advisory ID: SLSA-2017:1721-1 Issue Date: 2017-07-11 CVE Numbers: CVE-2016-8743 — Security Fix(es): * It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:1723-1 Issue Date: 2017-07-11 CVE Numbers: CVE-2017-7895 — Security Fix(es): * The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of … Read More

bind (SL6)

Synopsis: Important: bind security and bug fix update Advisory ID: SLSA-2017:1679-1 Issue Date: 2017-07-05 CVE Numbers: CVE-2017-3142 CVE-2017-3143 — Security Fix(es): * A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able … Read More

bind (SL7)

Synopsis: Important: bind security and bug fix update Advisory ID: SLSA-2017:1680-1 Issue Date: 2017-07-05 CVE Numbers: CVE-2017-3142 CVE-2017-3143 — Security Fix(es): * A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able … Read More

qemu-kvm (SL7)

Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2017:1681-1 Issue Date: 2017-07-05 CVE Numbers: CVE-2017-9524 — Security Fix(es): * Quick Emulator (QEMU) built with Network Block Device (NBD) Server support was vulnerable to a null-pointer dereference issue. The flaw could occur … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:1615-1 Issue Date: 2017-06-28 CVE Numbers: CVE-2017-6214 CVE-2017-2583 CVE-2017-7645 CVE-2017-7477 CVE-2017-7895 — Security Fix(es): * A flaw was found in the way Linux kernel allocates heap memory to build the … Read More

freeradius (SL7)

Synopsis: Important: freeradius security update Advisory ID: SLSA-2017:1581-1 Issue Date: 2017-06-28 CVE Numbers: CVE-2017-9148 — Security Fix(es): * An authentication bypass flaw was found in the way the EAP module in FreeRADIUS handled TLS session resumption. A remote unauthenticated attacker … Read More

mercurial (SL6, SL7)

Synopsis: Important: mercurial security update Advisory ID: SLSA-2017:1576-1 Issue Date: 2017-06-27 CVE Numbers: CVE-2017-9462 — Security Fix(es): * A flaw was found in the way “hg serve –stdio” command in Mercurial handled command-line options. A remote, authenticated attacker could use … Read More

sudo (SL6, SL7)

Synopsis: Moderate: sudo security update Advisory ID: SLSA-2017:1574-1 Issue Date: 2017-06-23 CVE Numbers: CVE-2017-1000368 — Security Fix(es): * It was found that the original fix for CVE-2017-1000367 was incomplete. A flaw was found in the way sudo parsed tty information … Read More

thunderbird (SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2017:1561-1 Issue Date: 2017-06-21 CVE Numbers: CVE-2017-5472 CVE-2017-7749 CVE-2017-7750 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754 CVE-2017-7756 CVE-2017-7757 CVE-2017-7778 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7758 CVE-2017-7764 CVE-2017-5470 — This update upgrades Thunderbird to version 52.2.0. Security Fix(es): * Multiple … Read More