Synopsis: Important: spice-gtk and spice-server security update Advisory ID: SLSA-2018:2732-1 Issue Date: 2018-09-20 CVE Numbers: CVE-2018-10873 — The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple Protocol for Independent Computing Environments (SPICE) clients. Both Virtual Machine Manager and … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:2693-1 Issue Date: 2018-09-12 CVE Numbers: CVE-2017-16541 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 — This update upgrades Firefox to version 60.2.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox … Read More
Synopsis: Moderate: OpenAFS Advisory ID: OPENAFS-SA-2018-001:2:3 Issue Date: 2018-09-11 CVE Numbers: None — These releases include fixes for three security advisories, OPENAFS-SA-2018-001, OPENAFS-SA-2018-002, and OPENAFS-SA-2018-003. OPENAFS-SA-2018-001 only affects deployments that run the ‘butc’ utility as part of the in-tree backup … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:2692-1 Issue Date: 2018-09-12 CVE Numbers: CVE-2017-16541 CVE-2018-12376 CVE-2018-12377 CVE-2018-12378 CVE-2018-12379 — This update upgrades Firefox to version 60.2.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox … Read More
Synopsis: Important: bind security update Advisory ID: SLSA-2018:2571-1 Issue Date: 2018-08-27 CVE Numbers: CVE-2018-5740 — Security Fix(es): * bind: processing of certain records when “deny-answer-aliases” is in use may trigger an assert leading to a denial of service (CVE-2018-5740) — … Read More
Synopsis: Important: bind security update Advisory ID: Advisory ID: SLSA-2018:2570-1 Issue Date: 2018-08-27 CVE Numbers: CVE-2018-5740 — Security Fix(es): * bind: processing of certain records when “deny-answer-aliases” is in use may trigger an assert leading to a denial of service … Read More
Synopsis: Important: postgresql security update Advisory ID: SLSA-2018:2557-1 Issue Date: 2018-08-23 CVE Numbers: CVE-2018-10915 — The following packages have been upgraded to a later upstream version: postgresql (9.2.24). Security Fix(es): * postgresql: Certain host connection parameters defeat client-side security defenses … Read More
Synopsis: Important: mutt security update Advisory ID: SLSA-2018:2526-1 Issue Date: 2018-08-21 CVE Numbers: CVE-2018-14354 CVE-2018-14362 CVE-2018-14357 — Security Fix(es): * mutt: Remote code injection vulnerability to an IMAP mailbox (CVE-2018-14354) * mutt: Remote Code Execution via backquote characters (CVE-2018-14357) * … Read More
Synopsis: Moderate: mariadb security and bug fix update Advisory ID: SLSA-2018:2439-1 Issue Date: 2018-08-16 CVE Numbers: CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 CVE-2017-10268 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384 CVE-2018-2562 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-2755 CVE-2018-2761 CVE-2018-2771 CVE-2018-2781 CVE-2018-2813 CVE-2018-2817 CVE-2018-2819 CVE-2017-3651 CVE-2018-2767 — The following … Read More
Synopsis: Important: qemu-kvm security and bug fix update Advisory ID: SLSA-2018:2462-1 Issue Date: 2018-08-16 CVE Numbers: CVE-2018-7550 CVE-2018-11806 — Security Fix(es): * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806) * QEMU: i386: multiboot OOB access while loading … Read More
