ruby (SL7)

Synopsis: Important: ruby security update Advisory ID: SLSA-2018:0378-1 Issue Date: 2018-02-28 CVE Numbers: CVE-2017-14064 CVE-2017-0901 CVE-2017-0900 CVE-2017-0902 CVE-2017-0899 CVE-2017-14033 CVE-2017-10784 CVE-2017-0898 CVE-2017-0903 CVE-2017-17405 CVE-2017-17790 — Security Fix(es): * It was discovered that the Net::FTP module did not properly process filenames … Read More

java-1.7.0-openjdk (SL6, SL7)

Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: SLSA-2018:0349-1 Issue Date: 2018-02-26 CVE Numbers: CVE-2018-2678 CVE-2018-2677 CVE-2018-2663 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2599 CVE-2018-2603 CVE-2018-2629 CVE-2018-2618 CVE-2018-2641 CVE-2018-2634 CVE-2018-2637 CVE-2018-2633 — Security Fix(es): * A flaw was found in the AWT component of … Read More

gcab (SL7)

Synopsis: Important: gcab security update Advisory ID: SLSA-2018:0350-1 Issue Date: 2018-02-26 CVE Numbers: CVE-2018-5345 — Security Fix(es): * gcab: Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code execution (CVE-2018-5345) — SL7 x86_64 gcab-debuginfo-0.7-4.el7_4.i686.rpm gcab-debuginfo-0.7-4.el7_4.x86_64.rpm libgcab1-0.7-4.el7_4.i686.rpm libgcab1-0.7-4.el7_4.x86_64.rpm … Read More

thunderbird (SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:0262-1 Issue Date: 2018-02-01 CVE Numbers: CVE-2018-5089 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117 — This update upgrades Thunderbird to version 52.6.0. Security Fix(es): * Multiple flaws were found in the … Read More

systemd (SL7)

Synopsis: Moderate: systemd security update Advisory ID: SLSA-2018:0260-1 Issue Date: 2018-01-31 CVE Numbers: CVE-2018-1049 — Security Fix(es): * A race condition was found in systemd. This could result in automount requests not being serviced and processes using them could hang, … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2018:0169-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-9074 CVE-2017-11176 CVE-2017-7542 — Security Fix(es): * An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) … Read More

nautilus (SL7)

Synopsis: Moderate: nautilus security update Advisory ID: SLSA-2018:0223-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-14604 — Security Fix(es): * An untrusted .desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when opened … Read More

dhcp (SL7)

Synopsis: Moderate: dhcp security update Advisory ID: SLSA-2018:0158-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-3144 — Security Fix(es): * It was found that the DHCP daemon did not properly clean up closed OMAPI connections in certain cases. A remote attacker able … Read More

389-ds-base (SL7)

Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: SLSA-2018:0163-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-15134 — Security Fix(es): * A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2018:0151-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-5753 CVE-2017-5715 CVE-2017-5754 CVE-2015-8539 CVE-2017-7472 CVE-2017-12192 CVE-2017-12193 CVE-2017-15649 — Security Fix(es): An industry-wide issue was found in the way many modern microprocessor designs have … Read More