python-paramiko (SL6)

Synopsis: Critical: python-paramiko security update Advisory ID: SLSA-2018:1124-1 Issue Date: 2018-04-12 CVE Numbers: CVE-2018-7750 — Security Fix(es): * python-paramiko: Authentication bypass in transport.py (CVE-2018-7750) — SL6 noarch python-paramiko-1.7.5-4.el6_9.noarch.rpm – Scientific Linux Development Team

firefox (SL6)

Synopsis: Important: firefox security update Advisory ID: SLSA-2018:1098-1 Issue Date: 2018-04-10 CVE Numbers: CVE-2018-5148 — This update upgrades Firefox to version 52.7.3 ESR. Security Fix(es): * firefox: Use-after-free in compositor potentially allows code execution (CVE-2018-5148) — SL6 x86_64 firefox-52.7.3-1.el6_9.x86_64.rpm firefox-debuginfo-52.7.3-1.el6_9.x86_64.rpm … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:0648-1 Issue Date: 2018-04-05 CVE Numbers: CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 CVE-2018-5145 CVE-2018-5146 — This update upgrades Thunderbird to version 52.7.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2018:0647-1 Issue Date: 2018-04-05 CVE Numbers: CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5144 CVE-2018-5145 CVE-2018-5146 — This update upgrades Thunderbird to version 52.7.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox … Read More

libvorbis (SL6)

Synopsis: Important: libvorbis security update Advisory ID: SLSA-2018:0649-1 Issue Date: 2018-04-05 CVE Numbers: CVE-2018-5146 — Security Fix(es): * Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) — SL6 x86_64 libvorbis-1.2.3-5.el6_9.1.i686.rpm libvorbis-1.2.3-5.el6_9.1.x86_64.rpm libvorbis-debuginfo-1.2.3-5.el6_9.1.i686.rpm libvorbis-debuginfo-1.2.3-5.el6_9.1.x86_64.rpm libvorbis-devel-1.2.3-5.el6_9.1.i686.rpm libvorbis-devel-1.2.3-5.el6_9.1.x86_64.rpm i386 libvorbis-1.2.3-5.el6_9.1.i686.rpm … Read More

slf4j (SL7)

Synopsis: Important: slf4j security update Advisory ID: SLSA-2018:0592-1 Issue Date: 2018-03-26 CVE Numbers: CVE-2018-8088 — Security Fix(es): * slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088) — SL7 noarch slf4j-1.7.4-4.el7_4.noarch.rpm slf4j-javadoc-1.7.4-4.el7_4.noarch.rpm slf4j-manual-1.7.4-4.el7_4.noarch.rpm – Scientific Linux … Read More

firefox (SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:0549-1 Issue Date: 2018-03-19 CVE Numbers: CVE-2018-5146 — This update upgrades Firefox to version 52.7.2 ESR. Security Fix(es): * Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) — SL6 x86_64 … Read More

firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:0526-1 Issue Date: 2018-03-15 CVE Numbers: CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5130 CVE-2018-5131 CVE-2018-5144 CVE-2018-5145 — This update upgrades Firefox to version 52.7.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:0527-1 Issue Date: 2018-03-15 CVE Numbers: CVE-2018-5125 CVE-2018-5127 CVE-2018-5129 CVE-2018-5130 CVE-2018-5131 CVE-2018-5144 CVE-2018-5145 — This update upgrades Firefox to version 52.7.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 … Read More

389-ds-base (SL6)

Synopsis: Important: 389-ds-base security update Advisory ID: SLSA-2018:0515-1 Issue Date: 2018-03-13 CVE Numbers: CVE-2017-15135 CVE-2018-1054 — Security Fix(es): * 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c (CVE-2018-1054) * 389-ds-base: Authentication bypass due to lack … Read More