java-1.8.0-openjdk (SL6, SL7)

Synopsis: Critical: java-1.8.0-openjdk security update Advisory ID: SLSA-2016:1458-1 Issue Date: 2016-07-20 CVE Numbers: CVE-2016-3606 CVE-2016-3598 CVE-2016-3587 CVE-2016-3610 CVE-2016-3500 CVE-2016-3508 CVE-2016-3458 CVE-2016-3550 — Security Fix(es): * Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java … Read More

httpd (SL5, SL6)

Synopsis: Important: httpd security update Advisory ID: SLSA-2016:1421-1 Issue Date: 2016-07-18 CVE Numbers: CVE-2016-5387 — Security Fix(es): * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for … Read More

httpd (SL7)

Synopsis: Important: httpd security and bug fix update Advisory ID: SLSA-2016:1422-1 Issue Date: 2016-07-18 CVE Numbers: CVE-2016-5387 — Security Fix(es): * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2016:1406-1 Issue Date: 2016-07-12 CVE Numbers: CVE-2016-4565 — Security Fix: * A flaw was found in the way certain interfaces of the Linux kernel’s Infiniband subsystem used write() as bi-directional … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2016:1392-1 Issue Date: 2016-07-11 CVE Numbers: CVE-2016-2818 — This update upgrades Thunderbird to version 45.2.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing … Read More

ocaml (SL7)

Synopsis: Moderate: ocaml security update Advisory ID: SLSA-2016:1296-1 Issue Date: 2016-06-23 CVE Numbers: CVE-2015-8869 — Security Fix(es): * OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2016:1277-1 Issue Date: 2016-06-23 CVE Numbers: CVE-2015-8767 CVE-2016-4565 — To see the complete list of bug fixes, users are directed to the related Knowledge Article: Security Fixes: * A flaw … Read More

setroubleshoot and setroubleshoot-plugins (SL6)

Synopsis: Important: setroubleshoot and setroubleshoot-plugins security update Advisory ID: SLSA-2016:1267-1 Issue Date: 2016-06-21 CVE Numbers: CVE-2016-4444 CVE-2016-4445 CVE-2016-4446 CVE-2016-4989 — The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze … Read More

setroubleshoot and setroubleshoot-plugins (SL7)

Synopsis: Important: setroubleshoot and setroubleshoot-plugins security update Advisory ID: SLSA-2016:1293-1 Issue Date: 2016-06-23 CVE Numbers: CVE-2016-4444 CVE-2016-4446 CVE-2016-4989 — The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux … Read More

libxml2 (SL6, SL7)

Synopsis: Important: libxml2 security update Advisory ID: SLSA-2016:1292-1 Issue Date: 2016-06-23 CVE Numbers: CVE-2016-3627 CVE-2016-3705 CVE-2016-1833 CVE-2016-4447 CVE-2016-1835 CVE-2016-1837 CVE-2016-4448 CVE-2016-4449 CVE-2016-1836 CVE-2016-1839 CVE-2016-1838 CVE-2016-1840 CVE-2016-1834 CVE-2016-1762 — Security Fix(es): A heap-based buffer overflow flaw was found in the way … Read More