firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2017:1104-1 Issue Date: 2017-04-20 CVE Numbers: CVE-2017-5442 CVE-2017-5443 CVE-2017-5429 CVE-2017-5464 CVE-2017-5465 CVE-2017-5460 CVE-2017-5448 CVE-2017-5449 CVE-2017-5446 CVE-2017-5447 CVE-2017-5444 CVE-2017-5445 CVE-2017-5469 CVE-2017-5440 CVE-2017-5441 CVE-2017-5439 CVE-2017-5438 CVE-2017-5437 CVE-2017-5436 CVE-2017-5435 CVE-2017-5434 CVE-2017-5433 CVE-2017-5432 CVE-2017-5459 — This update … Read More

bind (SL6)

Synopsis: Important: bind security update Advisory ID: SLSA-2017:1105-1 Issue Date: 2017-04-20 CVE Numbers: CVE-2017-3136 CVE-2017-3137 — Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records … Read More

libreoffice (SL6)

Synopsis: Moderate: libreoffice security update Advisory ID: SLSA-2017:0979-1 Issue Date: 2017-04-18 CVE Numbers: CVE-2017-3157 — Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object’s preview. An attacker could potentially use this … Read More

bind (SL7)

Synopsis: Important: bind security update Advisory ID: SLSA-2017:1095-1 Issue Date: 2017-04-19 CVE Numbers: CVE-2017-3136 CVE-2017-3137 — Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records … Read More

qemu-kvm (SL7)

Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2017:0987-1 Issue Date: 2017-04-18 CVE Numbers: CVE-2016-9603 — Security Fix(es): * A heap buffer overflow flaw was found in QEMU’s Cirrus CLGD 54xx VGA emulator’s VNC display driver support; the issue could occur … Read More

tomcat (SL7)

Synopsis: Moderate: tomcat security update Advisory ID: SLSA-2017:0935-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2016-6816 CVE-2016-8745 — Security Fix(es): * It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction … Read More

389-ds-base (SL7)

Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: SLSA-2017:0920-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2017-2668 — Security Fix(es): * An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker … Read More

libreoffice (SL7)

Synopsis: Moderate: libreoffice security and bug fix update Advisory ID: SLSA-2017:0914-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2017-3157 — Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object’s preview. An attacker could … Read More

httpd (SL7)

Synopsis: Moderate: httpd security and bug fix update Advisory ID: SLSA-2017:0906-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 — Security Fix(es): * It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity … Read More

util-linux (SL7)

Synopsis: Moderate: util-linux security and bug fix update Advisory ID: SLSA-2017:0907-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2017-2616 — Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker … Read More