gnutls (SL7)

Synopsis: Moderate: gnutls security, bug fix, and enhancement Advisory ID: SLSA-2017:2292-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-5337 CVE-2017-5335 CVE-2017-5336 CVE-2016-7444 CVE-2017-5334 CVE-2017-7869 CVE-2017-7507 — The following packages have been upgraded to a later upstream version: gnutls (3.3.26). Security Fix(es): * … Read More

tcpdump (SL7)

Synopsis: Moderate: tcpdump security, bug fix, and enhancement Advisory ID: SLSA-2017:1871-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2015-0261 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 — The following packages have been upgraded to a later upstream version: tcpdump (4.9.0). Security Fix(es): * Multiple out of … Read More

NetworkManager and libnl3 (SL7)

Synopsis: Moderate: NetworkManager and libnl3 security, bug fix Advisory ID: SLSA-2017:2299-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-0553 — The libnl3 packages contain a convenience library that simplifies using the Linux kernel’s Netlink sockets interface for network manipulation. The following packages … Read More

libreoffice (SL7)

Synopsis: Moderate: libreoffice security and bug fix update Advisory ID: SLSA-2017:1975-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-7870 — Security Fix(es): * An out-of-bounds write flaw was found in the way Libreoffice rendered certain documents containing Polygon images. By tricking a … Read More

authconfig (SL7)

Synopsis: Moderate: authconfig security, bug fix, and Advisory ID: SLSA-2017:2285-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-7488 — Security Fix(es): * A flaw was found where authconfig could configure sssd in a way that treats existing and non-existing logins differently, leaking … Read More

tomcat (SL7)

Synopsis: Low: tomcat security, bug fix, and enhancement update Advisory ID: SLSA-2017:2247-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2016-6797 CVE-2016-6796 CVE-2016-6794 CVE-2016-5018 CVE-2016-0762 — The following packages have been upgraded to a later upstream version: tomcat (7.0.76). Security Fix(es): * The … Read More

GStreamer (SL7)

Synopsis: Moderate: GStreamer security, bug fix, and Advisory ID: SLSA-2017:2060-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2016-9446 CVE-2016-9810 CVE-2016-9811 CVE-2016-10198 CVE-2016-10199 CVE-2017-5845 CVE-2017-5848 CVE-2017-5837 CVE-2017-5839 CVE-2017-5838 CVE-2017-5840 CVE-2017-5841 CVE-2017-5842 CVE-2017-5843 CVE-2017-5844 — The following packages have been upgraded to a later … Read More

evince (SL7)

Synopsis: Important: evince security update Advisory ID: SLSA-2017:2388-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2017-1000083 — Security Fix(es): * It was found that evince did not properly sanitize the command line which is run to untar Comic Book Tar (CBT) files, … Read More

freeradius (SL7)

Synopsis: Important: freeradius security update Advisory ID: SLSA-2017:2389-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2017-10978 CVE-2017-10983 CVE-2017-10984 CVE-2017-10985 CVE-2017-10986 CVE-2017-10987 — Security Fix(es): * An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. … Read More

ghostscript (SL7)

Synopsis: Low: ghostscript security and bug fix update Advisory ID: SLSA-2017:2180-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2017-7207 — Security Fix(es): * A NULL pointer dereference flaw was found in ghostscript’s mem_get_bits_rectangle function. A specially crafted postscript document could cause a … Read More