firefox (SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2017:3247-1 Issue Date: 2017-11-17 CVE Numbers: CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 — This update upgrades Firefox to version 52.5.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:3200-1 Issue Date: 2017-11-15 CVE Numbers: CVE-2017-1000111 CVE-2017-1000112 CVE-2017-14106 — Security Fix(es): * A race condition issue leading to a use-after-free flaw was found in the way the raw packet … Read More

php (SL7)

Synopsis: Moderate: php security update Advisory ID: SLSA-2017:3221-1 Issue Date: 2017-11-15 CVE Numbers: CVE-2016-10167 CVE-2016-10168 — Security Fix(es): * A null pointer dereference flaw was found in libgd. An attacker could use a specially-crafted .gd2 file to cause an application … Read More

liblouis (SL7)

Synopsis: Moderate: liblouis security update Advisory ID: SLSA-2017:3111-1 Issue Date: 2017-11-02 CVE Numbers: CVE-2017-13738 CVE-2017-13744 CVE-2017-13740 CVE-2017-13741 CVE-2017-13742 CVE-2017-13743 CVE-2014-8184 — Security Fix(es): * Multiple flaws were found in the processing of translation tables in liblouis. An attacker could crash … Read More

tomcat6 (SL6)

Synopsis: Important: tomcat6 security update Advisory ID: SLSA-2017:3080-1 Issue Date: 2017-10-30 CVE Numbers: CVE-2017-5664 CVE-2017-5647 CVE-2017-12615 CVE-2017-12617 — Security Fix(es): * A vulnerability was discovered in Tomcat’s handling of pipelined requests when “Sendfile” was used. If sendfile processing completed quickly, … Read More

tomcat (SL7)

Synopsis: Important: tomcat security update Advisory ID: SLSA-2017:3081-1 Issue Date: 2017-10-30 CVE Numbers: CVE-2017-5647 CVE-2017-7674 CVE-2017-12615 CVE-2017-12617 — Security Fix(es): * A vulnerability was discovered in Tomcat’s handling of pipelined requests when “Sendfile” was used. If sendfile processing completed quickly, … Read More

wget (SL7)

Synopsis: Important: wget security update Advisory ID: SLSA-2017:3075-1 Issue Date: 2017-10-26 CVE Numbers: CVE-2017-13089 CVE-2017-13090 — Security Fix(es): * A stack-based and a heap-based buffer overflow flaws were found in wget when processing chunked encoded HTTP responses. By tricking an … Read More

ntp (SL6)

Synopsis: Moderate: ntp security update Advisory ID: SLSA-2017:3071-1 Issue Date: 2017-10-26 CVE Numbers: CVE-2017-6464 CVE-2017-6462 CVE-2017-6463 — Security Fix(es): * Two vulnerabilities were discovered in the NTP server’s parsing of configuration directives. A remote, authenticated attacker could cause ntpd to … Read More

java-1.8.0-openjdk (SL6, SL7)

Synopsis: Critical: java-1.8.0-openjdk security update Advisory ID: SLSA-2017:2998-1 Issue Date: 2017-10-20 CVE Numbers: CVE-2017-10285 CVE-2017-10346 CVE-2017-10388 CVE-2017-10274 CVE-2017-10349 CVE-2017-10357 CVE-2017-10348 CVE-2017-10347 CVE-2017-10350 CVE-2017-10281 CVE-2017-10295 CVE-2017-10345 CVE-2017-10355 CVE-2017-10356 — Security Fix(es): * Multiple flaws were discovered in the RMI and Hotspot … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:2930-1 Issue Date: 2017-10-19 CVE Numbers: CVE-2016-8399 CVE-2017-7541 CVE-2017-7184 CVE-2017-11176 CVE-2017-7542 CVE-2017-1000111 CVE-2017-1000112 CVE-2017-7558 CVE-2017-14106 — Security Fix(es): * Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel’s IP … Read More