Moderate: spice-gtk (SL6)

Synopsis: Moderate: spice-gtk security update Issue Date: 2012-09-17 CVE Numbers: CVE-2012-4425 — The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for SPICE (Simple Protocol for Independent Computing Environments) clients. Both Virtual Machine Manager and Virtual Machine Viewer can make … Read More

Important: openjpeg (SL6)

Synopsis: Important: openjpeg security update Issue Date: 2012-09-17 CVE Numbers: CVE-2012-3535 — OpenJPEG is an open source library for reading and writing image files in JPEG 2000 format. It was found that OpenJPEG failed to sanity-check an image header field … Read More

Important: bind (SL6)

Synopsis: Important: bind security update Issue Date: 2012-09-14 CVE Numbers: CVE-2012-4244 — The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications … Read More

bind (SL5)

Synopsis: Important: bind security and bug fix update Issue Date: 2012-09-14 CVE Numbers: CVE-2012-4244 — The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library … Read More

bind97 (SL5)

Synopsis: Important: bind97 security update Issue Date: 2012-09-14 CVE Numbers: CVE-2012-4244 — The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications … Read More

libxslt (SL5, SL6)

Synopsis: Important: libxslt security update Issue Date: 2012-09-13 CVE Numbers: CVE-2011-1202 CVE-2011-3970 CVE-2012-2825 CVE-2012-2871 CVE-2012-2870 — A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this … Read More

postgresql (SL5)

Synopsis: Moderate: postgresql security update Issue Date: 2012-09-13 CVE Numbers: CVE-2012-3488 — It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges of the database … Read More

Moderate: postgresql and postgresql84 (SL5, SL6)

Synopsis: Moderate: postgresql and postgresql84 security update Issue Date: 2012-09-13 CVE Numbers: CVE-2012-3488 CVE-2012-3489 — It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges … Read More

Moderate: dbus (SL6)

Synopsis: Moderate: dbus security update Issue Date: 2012-09-13 CVE Numbers: CVE-2012-3524 — It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, … Read More

Moderate: quagga (SL6)

Synopsis: Moderate: quagga security update Issue Date: 2012-09-12 CVE Numbers: CVE-2011-3323 CVE-2011-3324 CVE-2011-3325 CVE-2011-3326 CVE-2011-3327 CVE-2012-0249 CVE-2012-0250 CVE-2012-0255 CVE-2012-1820 — A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An … Read More