java-1.6.0-openjdk (SL5, SL6, SL7)

Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: SLSA-2017:0061-1 Issue Date: 2017-01-13 CVE Numbers: CVE-2016-5582 CVE-2016-5573 CVE-2016-5554 CVE-2016-5542 CVE-2016-5597 — Security Fix(es): * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:0036-1 Issue Date: 2017-01-10 CVE Numbers: CVE-2016-4998 CVE-2016-7117 CVE-2016-6828 — Security Fix(es): * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to … Read More

subscription-manager (SL7)

Synopsis: Moderate: subscription-manager security, bug fix, and enhancement update Advisory ID: SLSA-2016:2592-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-4455 — * It was found that subscription-manager set weak permissions on files in /var/lib/rhsm/, causing an information disclosure. A local, unprivileged user … Read More

gstreamer-plugins-good (SL7)

Synopsis: Moderate: gstreamer-plugins-good security update Advisory ID: SLSA-2017:0019-1 Issue Date: 2017-01-05 CVE Numbers: CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 CVE-2016-9807 — Security Fix(es): * Multiple flaws were discovered in GStreamer’s FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these … Read More

gstreamer1-plugins-bad-free (SL7)

Synopsis: Moderate: gstreamer1-plugins-bad-free security update Advisory ID: SLSA-2017:0021-1 Issue Date: 2017-01-05 CVE Numbers: CVE-2016-9445 CVE-2016-9809 CVE-2016-9812 CVE-2016-9813 — Security Fix(es): * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer’s VMware VMnc video file format … Read More

gstreamer1-plugins-good (SL7)

Synopsis: Moderate: gstreamer1-plugins-good security update Advisory ID: SLSA-2017:0020-1 Issue Date: 2017-01-05 CVE Numbers: CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 CVE-2016-9807 — Security Fix(es): * Multiple flaws were discovered in GStreamer’s FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these … Read More

gstreamer-plugins-bad-free (SL7)

Synopsis: Moderate: gstreamer-plugins-bad-free security update Advisory ID: SLSA-2017:0018-1 Issue Date: 2017-01-05 CVE Numbers: CVE-2016-9447 CVE-2016-9445 CVE-2016-9809 — Security Fix(es): * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer’s VMware VMnc video file format decoding … Read More

ghostscript (SL6)

Synopsis: Moderate: ghostscript security update Advisory ID: SLSA-2017:0014-1 Issue Date: 2017-01-04 CVE Numbers: CVE-2013-5653 CVE-2016-7977 CVE-2016-7979 CVE-2016-8602 — Security Fix(es): * It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used … Read More

ghostscript (SL7)

Synopsis: Moderate: ghostscript security update Advisory ID: SLSA-2017:0013-1 Issue Date: 2017-01-04 CVE Numbers: CVE-2013-5653 CVE-2016-7977 CVE-2016-7978 CVE-2016-7979 CVE-2016-8602 — Security Fix(es): * It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually … Read More

ipa (SL7)

Synopsis: Moderate: ipa security update Advisory ID: SLSA-2017:0001-1 Issue Date: 2017-01-02 CVE Numbers: CVE-2016-7030 CVE-2016-9575 — Security Fix(es): * It was discovered that the default IdM password policies that lock out accounts after a certain number of failed login attempts … Read More