openssl (SL6)

Synopsis: Important: openssl security update Advisory ID: SLSA-2016:0996-1 Issue Date: 2016-05-10 CVE Numbers: CVE-2016-0799 CVE-2016-2842 CVE-2016-2109 CVE-2016-2108 CVE-2016-2107 CVE-2016-2105 CVE-2016-2106 — Security Fix(es): * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could … Read More

icedtea-web (SL6)

Synopsis: Moderate: icedtea-web security, bug fix, and Advisory ID: SLSA-2016:0778-1 Issue Date: 2016-05-10 CVE Numbers: CVE-2015-5234 CVE-2015-5235 — The following packages have been upgraded to a newer upstream version: icedtea-web (1.6.2). Security Fix(es): * It was discovered that IcedTea-Web did … Read More

ntp (SL6)

Synopsis: Moderate: ntp security and bug fix update Advisory ID: SLSA-2016:0780-1 Issue Date: 2016-05-10 CVE Numbers: CVE-2015-5194 CVE-2015-5195 CVE-2015-7703 CVE-2015-5219 CVE-2015-7691 CVE-2015-7692 CVE-2015-7702 CVE-2015-7701 CVE-2015-7852 CVE-2015-7977 CVE-2015-7978 — Security Fix(es): * It was found that the fix for CVE-2014-9750 was … Read More

file (SL6)

Synopsis: Moderate: file security, bug fix, and enhancement update Advisory ID: SLSA-2016:0760-1 Issue Date: 2016-05-10 CVE Numbers: CVE-2014-3587 CVE-2014-3538 CVE-2014-3710 CVE-2014-8116 CVE-2014-8117 CVE-2014-9653 CVE-2014-9620 — Security Fix(es): * Multiple flaws were found in the file regular expression rules for detecting … Read More

squid (SL7)

Synopsis: Moderate: squid security update Advisory ID: SLSA-2016:1139-1 Issue Date: 2016-05-31 CVE Numbers: CVE-2016-4051 CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 CVE-2016-4553 CVE-2016-4554 CVE-2016-4555 CVE-2016-4556 — Security Fix(es): * A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely … Read More

spice (SL7)

Synopsis: Important: spice security update Advisory ID: SLSA-2016:1205-1 Issue Date: 2016-06-06 CVE Numbers: CVE-2016-0749 CVE-2016-2150 — Security Fix(es): * A memory allocation flaw, leading to a heap-based buffer overflow, was found in spice’s smartcard interaction, which runs under the QEMU-KVM … Read More

openssl (SL5)

Synopsis: Important: openssl security update Advisory ID: SLSA-2016:1137-1 Issue Date: 2016-05-31 CVE Numbers: CVE-2016-2108 — Security Fix(es): * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a … Read More

libndp (SL7)

Synopsis: Moderate: libndp security update Advisory ID: SLSA-2016:1086-1 Issue Date: 2016-05-17 CVE Numbers: CVE-2016-3698 — Security Fix(es): * It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol (NDP) messages. An attacker on … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2016:1041-1 Issue Date: 2016-05-12 CVE Numbers: CVE-2016-2805 CVE-2016-2807 — This update upgrades Thunderbird to version 38.8.0. Security Fix(es): * Two flaws were found in the processing of malformed web content. A web page … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2016:1033-1 Issue Date: 2016-05-12 CVE Numbers: CVE-2016-0758 — Security Fix(es): * A flaw was found in the way the Linux kernel’s ASN.1 DER decoder processed certain certificate files with tags … Read More