kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:0818-1 Issue Date: 2019-04-23 CVE Numbers: CVE-2019-7221 CVE-2019-6974 — Security Fix(es): * Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974) * Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of … Read More

ovmf (SL7)

Synopsis: Important: ovmf security update Advisory ID: SLSA-2019:0809-1 Issue Date: 2019-04-23 CVE Numbers: CVE-2018-12180 — Security Fix(es): * edk2: Buffer Overflow in BlockIo service for RAM disk (CVE-2018-12180) — SL7 noarch OVMF-20180508-3.gitee3198e672e2.el7_6.1.noarch.rpm – Scientific Linux Development Team

java-1.7.0-openjdk (SL6)

Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: SLSA-2019:0790-1 Issue Date: 2019-04-22 CVE Numbers: CVE-2019-2602 CVE-2019-2698 CVE-2019-2684 — Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long … Read More

java-1.7.0-openjdk (SL7)

Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: SLSA-2019:0791-1 Issue Date: 2019-04-22 CVE Numbers: CVE-2019-2602 CVE-2019-2698 CVE-2019-2684 — Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long … Read More

java-11-openjdk (SL7)

Synopsis: Moderate: java-11-openjdk security update Advisory ID: SLSA-2019:0778-1 Issue Date: 2019-04-17 CVE Numbers: CVE-2019-2602 CVE-2019-2684 — Security Fix(es): * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling … Read More

java-1.8.0-openjdk (SL6)

Synopsis: Important: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2019:0774-1 Issue Date: 2019-04-17 CVE Numbers: CVE-2019-2602 CVE-2019-2698 CVE-2019-2684 — Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of … Read More

java-1.8.0-openjdk (SL7)

Synopsis: Important: java-1.8.0-openjdk security update Advisory ID: SLSA-2019:0775-1 Issue Date: 2019-04-17 CVE Numbers: CVE-2019-2602 CVE-2019-2698 CVE-2019-2684 — Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long … Read More

mod_auth_mellon (SL7)

Synopsis: Important: mod_auth_mellon security and bug fix update Advisory ID: SLSA-2019:0766-1 Issue Date: 2019-04-16 CVE Numbers: CVE-2019-3877 CVE-2019-3878 — Security Fix(es): * mod_auth_mellon: authentication bypass in ECP flow (CVE-2019-3878) * mod_auth_mellon: open redirect in logout url when using URLs with … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:0717-1 Issue Date: 2019-04-09 CVE Numbers: CVE-2018-13405 — Security Fix(es): * kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405) — SL6 x86_64 kernel-2.6.32-754.12.1.el6.x86_64.rpm … Read More

openssh (SL6)

Synopsis: Low: openssh security update Advisory ID: SLSA-2019:0711-1 Issue Date: 2019-04-09 CVE Numbers: CVE-2018-15473 — Security Fix(es): * openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473) — SL6 x86_64 openssh-5.3p1-124.el6_10.x86_64.rpm openssh-askpass-5.3p1-124.el6_10.x86_64.rpm openssh-clients-5.3p1-124.el6_10.x86_64.rpm openssh-debuginfo-5.3p1-124.el6_10.x86_64.rpm openssh-server-5.3p1-124.el6_10.x86_64.rpm openssh-debuginfo-5.3p1-124.el6_10.i686.rpm openssh-ldap-5.3p1-124.el6_10.x86_64.rpm pam_ssh_agent_auth-0.9.3-124.el6_10.i686.rpm pam_ssh_agent_auth-0.9.3-124.el6_10.x86_64.rpm … Read More