ImageMagick (SL6, SL7)

Synopsis: Important: ImageMagick security update Advisory ID: SLSA-2016:1237-1 Issue Date: 2016-06-17 CVE Numbers: CVE-2015-8895 CVE-2015-8896 CVE-2016-5240 CVE-2016-5239 CVE-2016-5118 CVE-2015-8898 CVE-2015-8897 — Security Fix(es): * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke … Read More

firefox (SL5, SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2016:1217-1 Issue Date: 2016-06-08 CVE Numbers: CVE-2016-2818 CVE-2016-2819 CVE-2016-2821 CVE-2016-2822 CVE-2016-2828 CVE-2016-2831 — This update upgrades Firefox to version 45.2.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed … Read More

ntp (SL6, SL7)

Synopsis: Moderate: ntp security update Advisory ID: SLSA-2016:1141-1 Issue Date: 2016-05-31 CVE Numbers: CVE-2015-7979 CVE-2016-1547 CVE-2016-1548 CVE-2016-1550 CVE-2016-2518 — Security Fix(es): * It was found that when NTP was configured in broadcast mode, a remote attacker could broadcast packets with … Read More

spice-server (SL6)

Synopsis: Important: spice-server security update Advisory ID: SLSA-2016:1204-1 Issue Date: 2016-06-06 CVE Numbers: CVE-2016-0749 CVE-2016-2150 — Security Fix(es): * A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice’s smartcard interaction, which runs under the QEMU-KVM … Read More

squid (SL6)

Synopsis: Moderate: squid security update Advisory ID: SLSA-2016:1138-1 Issue Date: 2016-05-31 CVE Numbers: CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 CVE-2016-4554 CVE-2016-4556 — Security Fix(es): * A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid … Read More

squid34 (SL6)

Synopsis: Moderate: squid34 security update Advisory ID: SLSA-2016:1140-1 Issue Date: 2016-05-31 CVE Numbers: CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 CVE-2016-4553 CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 — Security Fix(es): * A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely … Read More

kernel (SL6)

Synopsis: Moderate: kernel security, bug fix, and enhancement Advisory ID: SLSA-2016:0855-1 Issue Date: 2016-05-10 CVE Numbers: CVE-2015-5156 CVE-2010-5313 CVE-2014-7842 CVE-2014-8134 CVE-2015-7509 CVE-2015-8324 CVE-2015-8215 CVE-2015-8543 CVE-2013-4312 — Security Fix(es): * It was found that reporting emulation failures to user space could … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2016:1041-1 Issue Date: 2016-05-12 CVE Numbers: CVE-2016-2805 CVE-2016-2807 — This update upgrades Thunderbird to version 38.8.0. Security Fix(es): * Two flaws were found in the processing of malformed web content. A web page … Read More

openssh (SL6)

Synopsis: Moderate: openssh security, bug fix, and enhancement Advisory ID: SLSA-2016:0741-1 Issue Date: 2016-05-10 CVE Numbers: CVE-2015-6563 CVE-2015-6564 CVE-2016-1908 CVE-2015-5352 — Security Fix(es): * It was found that the OpenSSH client did not properly enforce the ForwardX11Timeout setting. A malicious … Read More

qemu-kvm (SL6)

Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2016:0997-1 Issue Date: 2016-05-10 CVE Numbers: CVE-2016-3710 — Security Fix(es): * An out-of-bounds read/write access flaw was found in the way QEMU’s VGA emulation with VESA BIOS Extensions (VBE) support performed read/write operations … Read More