mariadb (SL7)

Synopsis: Moderate: mariadb security and bug fix update Advisory ID: SLSA-2018:2439-1 Issue Date: 2018-08-16 CVE Numbers: CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 CVE-2017-10268 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384 CVE-2018-2562 CVE-2018-2622 CVE-2018-2640 CVE-2018-2665 CVE-2018-2668 CVE-2018-2755 CVE-2018-2761 CVE-2018-2771 CVE-2018-2781 CVE-2018-2813 CVE-2018-2817 CVE-2018-2819 CVE-2017-3651 CVE-2018-2767 — The following … Read More

qemu-kvm (SL7)

Synopsis: Important: qemu-kvm security and bug fix update Advisory ID: SLSA-2018:2462-1 Issue Date: 2018-08-16 CVE Numbers: CVE-2018-7550 CVE-2018-11806 — Security Fix(es): * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806) * QEMU: i386: multiboot OOB access while loading … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2018:2390-1 Issue Date: 2018-08-14 CVE Numbers: CVE-2018-1000004 CVE-2017-15265 CVE-2018-7566 CVE-2017-0861 CVE-2018-3693 CVE-2018-3646 CVE-2018-10901 — Security Fix(es): * Modern operating systems implement virtualization of physical memory to efficiently use available system … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2018:2384-1 Issue Date: 2018-08-14 CVE Numbers: CVE-2018-10675 CVE-2018-7566 CVE-2018-3693 CVE-2018-3646 CVE-2017-13215 CVE-2018-5390 — Security Fix(es): * Modern operating systems implement virtualization of physical memory to efficiently use available system resources … Read More

openslp (SL6)

Synopsis: Important: openslp security update Advisory ID: SLSA-2018:2308-1 Issue Date: 2018-08-02 CVE Numbers: CVE-2017-17833 — Security Fix(es): * openslp: Heap memory corruption in slpd/slpd_process.c allows denial of service or potentially code execution (CVE-2017-17833) — SL6 x86_64 openslp-2.0.0-3.el6.i686.rpm openslp-2.0.0-3.el6.x86_64.rpm openslp-debuginfo-2.0.0-3.el6.i686.rpm openslp-debuginfo-2.0.0-3.el6.x86_64.rpm … Read More

yum-utils (SL6)

Synopsis: Important: yum-utils security update Advisory ID: SLSA-2018:2284-1 Issue Date: 2018-07-30 CVE Numbers: CVE-2018-10897 — Security Fix(es): * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) — SL6 noarch yum-plugin-aliases-1.1.30-42.el6_10.noarch.rpm yum-plugin-changelog-1.1.30-42.el6_10.noarch.rpm yum-plugin-ovl-1.1.30-42.el6_10.noarch.rpm yum-plugin-security-1.1.30-42.el6_10.noarch.rpm yum-plugin-tmprepo-1.1.30-42.el6_10.noarch.rpm yum-plugin-verify-1.1.30-42.el6_10.noarch.rpm yum-plugin-versionlock-1.1.30-42.el6_10.noarch.rpm yum-utils-1.1.30-42.el6_10.noarch.rpm … Read More

java-1.7.0-openjdk (SL6)

Synopsis: Moderate: java-1.7.0-openjdk security update Advisory ID: SLSA-2018:2283-1 Issue Date: 2018-07-30 CVE Numbers: CVE-2018-2952 — Security Fix(es): * OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547) (CVE-2018-2952) — SL6 x86_64 java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el6_10.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.191-2.6.15.4.el6_10.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.191-2.6.15.4.el6_10.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.191-2.6.15.4.el6_10.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.191-2.6.15.4.el6_10.x86_64.rpm i386 java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el6_10.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.191-2.6.15.4.el6_10.i686.rpm java-1.7.0-openjdk-devel-1.7.0.191-2.6.15.4.el6_10.i686.rpm … Read More

yum-utils (SL7)

Synopsis: Important: yum-utils security update Advisory ID: SLSA-2018:2285-1 Issue Date: 2018-07-30 CVE Numbers: CVE-2018-10897 — Security Fix(es): * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) — SL7 noarch yum-plugin-aliases-1.1.31-46.el7_5.noarch.rpm yum-plugin-changelog-1.1.31-46.el7_5.noarch.rpm yum-plugin-ovl-1.1.31-46.el7_5.noarch.rpm yum-plugin-tmprepo-1.1.31-46.el7_5.noarch.rpm yum-plugin-verify-1.1.31-46.el7_5.noarch.rpm yum-plugin-versionlock-1.1.31-46.el7_5.noarch.rpm yum-utils-1.1.31-46.el7_5.noarch.rpm yum-NetworkManager-dispatcher-1.1.31-46.el7_5.noarch.rpm … Read More

java-1.7.0-openjdk (SL7)

Synopsis: Moderate: java-1.7.0-openjdk security update Advisory ID: SLSA-2018:2286-1 Issue Date: 2018-07-30 CVE Numbers: CVE-2018-2952 — Security Fix(es): * OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547) (CVE-2018-2952) — SL7 x86_64 java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm java-1.7.0-openjdk-accessibility-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.src.rpm noarch … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:2251-1 Issue Date: 2018-07-25 CVE Numbers: CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-5188 CVE-2018-12373 CVE-2018-12372 CVE-2018-12374 — This update upgrades Thunderbird to version 52.9.1. Security Fix(es): * Mozilla: Memory safety bugs fixed … Read More