kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:0717-1 Issue Date: 2019-04-09 CVE Numbers: CVE-2018-13405 — Security Fix(es): * kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405) — SL6 x86_64 kernel-2.6.32-754.12.1.el6.x86_64.rpm … Read More

openssh (SL6)

Synopsis: Low: openssh security update Advisory ID: SLSA-2019:0711-1 Issue Date: 2019-04-09 CVE Numbers: CVE-2018-15473 — Security Fix(es): * openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473) — SL6 x86_64 openssh-5.3p1-124.el6_10.x86_64.rpm openssh-askpass-5.3p1-124.el6_10.x86_64.rpm openssh-clients-5.3p1-124.el6_10.x86_64.rpm openssh-debuginfo-5.3p1-124.el6_10.x86_64.rpm openssh-server-5.3p1-124.el6_10.x86_64.rpm openssh-debuginfo-5.3p1-124.el6_10.i686.rpm openssh-ldap-5.3p1-124.el6_10.x86_64.rpm pam_ssh_agent_auth-0.9.3-124.el6_10.i686.rpm pam_ssh_agent_auth-0.9.3-124.el6_10.x86_64.rpm … Read More

python (SL7)

Synopsis: Important: python security update Advisory ID: SLSA-2019:0710-1 Issue Date: 2019-04-08 CVE Numbers: CVE-2019-9636 — Security Fix(es): * python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) — SL7 x86_64 python-2.7.5-77.el7_6.x86_64.rpm python-debuginfo-2.7.5-77.el7_6.i686.rpm python-debuginfo-2.7.5-77.el7_6.x86_64.rpm python-libs-2.7.5-77.el7_6.i686.rpm python-libs-2.7.5-77.el7_6.x86_64.rpm python-debug-2.7.5-77.el7_6.x86_64.rpm python-devel-2.7.5-77.el7_6.x86_64.rpm python-test-2.7.5-77.el7_6.x86_64.rpm python-tools-2.7.5-77.el7_6.x86_64.rpm … Read More

freerdp (SL7)

Synopsis: Important: freerdp security update Advisory ID: SLSA-2019:0697-1 Issue Date: 2019-04-02 CVE Numbers: CVE-2018-8786 CVE-2018-8787 CVE-2018-8788 — Security Fix(es): * freerdp: Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update() function (CVE-2018-8786) * freerdp: Integer overflow leading to heap-based buffer … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:0680-1 Issue Date: 2019-03-28 CVE Numbers: CVE-2018-18506 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9795 CVE-2019-9796 CVE-2019-9810 CVE-2019-9813 — Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788) … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:0681-1 Issue Date: 2019-03-28 CVE Numbers: CVE-2018-18506 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9795 CVE-2019-9796 CVE-2019-9810 CVE-2019-9813 — Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788) … Read More

libssh2 (SL7)

Synopsis: Important: libssh2 security update Advisory ID: SLSA-2019:0679-1 Issue Date: 2019-03-28 CVE Numbers: CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3863 — Security Fix(es): * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard … Read More

firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:0672-1 Issue Date: 2019-03-27 CVE Numbers: CVE-2019-9810 CVE-2019-9813 — This update upgrades Firefox to version 60.6.1 ESR. Security Fix(es): * Mozilla: IonMonkey MArraySlice has incorrect alias information (CVE-2019-9810) * Mozilla: Ionmonkey type confusion … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:0671-1 Issue Date: 2019-03-27 CVE Numbers: CVE-2019-9810 CVE-2019-9813 — This update upgrades Firefox to version 60.6.1 ESR. Security Fix(es): * Mozilla: IonMonkey MArraySlice has incorrect alias information (CVE-2019-9810) * Mozilla: Ionmonkey type confusion … Read More

openwsman (SL7)

Synopsis: Important: openwsman security update Advisory ID: SLSA-2019:0638-1 Issue Date: 2019-03-26 CVE Numbers: CVE-2019-3816 — Security Fix(es): * openwsman: Disclosure of arbitrary files outside of the registered URIs (CVE-2019-3816) — SL7 x86_64 libwsman1-2.6.3-6.git4391e5c.el7_6.i686.rpm libwsman1-2.6.3-6.git4391e5c.el7_6.x86_64.rpm openwsman-client-2.6.3-6.git4391e5c.el7_6.i686.rpm openwsman-client-2.6.3-6.git4391e5c.el7_6.x86_64.rpm openwsman-debuginfo-2.6.3-6.git4391e5c.el7_6.i686.rpm openwsman-debuginfo-2.6.3-6.git4391e5c.el7_6.x86_64.rpm openwsman-server-2.6.3-6.git4391e5c.el7_6.i686.rpm openwsman-server-2.6.3-6.git4391e5c.el7_6.x86_64.rpm … Read More