bind (SL5)

Synopsis: Important: bind security and bug fix update Issue Date: 2012-09-14 CVE Numbers: CVE-2012-4244 — The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library … Read More

bind97 (SL5)

Synopsis: Important: bind97 security update Issue Date: 2012-09-14 CVE Numbers: CVE-2012-4244 — The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications … Read More

libxslt (SL5, SL6)

Synopsis: Important: libxslt security update Issue Date: 2012-09-13 CVE Numbers: CVE-2011-1202 CVE-2011-3970 CVE-2012-2825 CVE-2012-2871 CVE-2012-2870 — A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this … Read More

postgresql (SL5)

Synopsis: Moderate: postgresql security update Issue Date: 2012-09-13 CVE Numbers: CVE-2012-3488 — It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges of the database … Read More

Moderate: postgresql and postgresql84 (SL5, SL6)

Synopsis: Moderate: postgresql and postgresql84 security update Issue Date: 2012-09-13 CVE Numbers: CVE-2012-3488 CVE-2012-3489 — It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges … Read More

Moderate: dbus (SL6)

Synopsis: Moderate: dbus security update Issue Date: 2012-09-13 CVE Numbers: CVE-2012-3524 — It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, … Read More

Moderate: quagga (SL6)

Synopsis: Moderate: quagga security update Issue Date: 2012-09-12 CVE Numbers: CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 CVE-2012-0249 CVE-2012-0250 CVE-2012-0255 CVE-2012-1820 — A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An … Read More

quagga (SL5)

Synopsis: Moderate: quagga security update Issue Date: 2012-09-12 CVE Numbers: CVE-2010-1674 CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 CVE-2012-0249 CVE-2012-0250 — A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker … Read More

Moderate: ghostscript (SL5, SL6)

Synopsis: Moderate: ghostscript security update Issue Date: 2012-09-11 CVE Numbers: CVE-2012-4405 — Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) … Read More

Moderate: libexif (SL5, SL6)

Synopsis: Moderate: libexif security update Issue Date: 2012-09-11 CVE Numbers: CVE-2012-2813 CVE-2012-2814 CVE-2012-2836 CVE-2012-2837 CVE-2012-2840 CVE-2012-2841 CVE-2012-2812 — The libexif packages provide an Exchangeable image file format (Exif) library. Exif allows metadata to be added to and read from certain … Read More