kernel (SL6)

Synopsis: Important: kernel security update Advisory ID: SLSA-2018:0008-1 Issue Date: 2018-01-03 CVE Numbers: CVE-2017-5753 CVE-2017-5715 CVE-2017-5754 — Security Fix(es): An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used … Read More

microcode_ctl (SL7)

Synopsis: Important: microcode_ctl security update Advisory ID: SLSA-2018:0012-1 Issue Date: 2018-01-03 CVE Numbers: CVE-2017-5715 — Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance … Read More

kernel (SL7)

Synopsis: Important: kernel security update Advisory ID: SLSA-2018:0007-1 Issue Date: 2018-01-03 CVE Numbers: CVE-2017-5753 CVE-2017-5715 CVE-2017-5754 — Security Fix(es): An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used … Read More

postgresql (SL7)

Synopsis: Moderate: postgresql security update Advisory ID: SLSA-2017:3402-1 Issue Date: 2017-12-19 CVE Numbers: CVE-2017-12172 CVE-2017-15097 — Security Fix(es): * Privilege escalation flaws were found in the initialization scripts of PostgreSQL. An attacker with access to the postgres user account could … Read More

Important: Openafs Security Update (SL6, SL7)

Synopsis: Important: Openafs Security Update Advisory ID: OPENAFS-SA-2017-001 Issue Date: 2017-12-06 — Security Fix(es): * Certain values transmitted in RX ACK packets were not sanity checked by OpenAFS receiving peers, which could lead to an assertion being triggered during construction … Read More

java-1.7.0-openjdk (SL6, SL7)

Synopsis: Important: java-1.7.0-openjdk security and bug fix update Advisory ID: SLSA-2017:3392-1 Issue Date: 2017-12-06 CVE Numbers: CVE-2017-10193 CVE-2017-10198 CVE-2017-10285 CVE-2017-10346 CVE-2017-10388 CVE-2017-10274 CVE-2017-10349 CVE-2017-10357 CVE-2017-10348 CVE-2017-10347 CVE-2017-10350 CVE-2017-10281 CVE-2017-10295 CVE-2017-10345 CVE-2017-10355 CVE-2017-10356 — Security Fix(es): * Multiple flaws were discovered … Read More

firefox (SL6, SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2017:3382-1 Issue Date: 2017-12-05 CVE Numbers: CVE-2017-7843 — This update upgrades Firefox to version 52.5.1 ESR. Security Fix(es): * A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker … Read More

sssd (SL7)

Synopsis: Moderate: sssd security and bug fix update Advisory ID: SLSA-2017:3379-1 Issue Date: 2017-12-05 CVE Numbers: CVE-2017-12173 — Security Fix(es): * It was found that sssd’s sysdb_search_user_by_upn_res() function did not sanitize requests when querying its local cache and was vulnerable … Read More

liblouis (SL7)

Synopsis: Moderate: liblouis security update Advisory ID: SLSA-2017:3384-1 Issue Date: 2017-12-05 CVE Numbers: CVE-2017-15101 — Security Fix(es): * A missing fix for one stack-based buffer overflow in findTable() for CVE-2014-8184 was discovered. An attacker could cause denial of service or … Read More

thunderbird (SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2017:3372-1 Issue Date: 2017-12-04 CVE Numbers: CVE-2017-7826 CVE-2017-7828 CVE-2017-7830 — This update upgrades Thunderbird to version 52.5.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web … Read More