kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2018:0169-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-9074 CVE-2017-11176 CVE-2017-7542 — Security Fix(es): * An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) … Read More

nautilus (SL7)

Synopsis: Moderate: nautilus security update Advisory ID: SLSA-2018:0223-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-14604 — Security Fix(es): * An untrusted .desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when opened … Read More

dhcp (SL7)

Synopsis: Moderate: dhcp security update Advisory ID: SLSA-2018:0158-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-3144 — Security Fix(es): * It was found that the DHCP daemon did not properly clean up closed OMAPI connections in certain cases. A remote attacker able … Read More

389-ds-base (SL7)

Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: SLSA-2018:0163-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-15134 — Security Fix(es): * A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2018:0151-1 Issue Date: 2018-01-25 CVE Numbers: CVE-2017-5753 CVE-2017-5715 CVE-2017-5754 CVE-2015-8539 CVE-2017-7472 CVE-2017-12192 CVE-2017-12193 CVE-2017-15649 — Security Fix(es): An industry-wide issue was found in the way many modern microprocessor designs have … Read More

firefox (SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:0122-1 Issue Date: 2018-01-24 CVE Numbers: CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117 — This update upgrades Firefox to version 52.6.0 ESR. Security Fix(es): * Multiple flaws were found … Read More

bind (SL6)

Synopsis: Important: bind security update Advisory ID: SLSA-2018:0101-1 Issue Date: 2018-01-22 CVE Numbers: CVE-2017-3145 — Security Fix(es): * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch … Read More

bind (SL7)

Synopsis: Important: bind security update Advisory ID: SLSA-2018:0102-1 Issue Date: 2018-01-22 CVE Numbers: CVE-2017-3145 — Security Fix(es): * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch … Read More

java-1.8.0-openjdk (SL6, SL7)

Synopsis: Important: java-1.8.0-openjdk security update Advisory ID: SLSA-2018:0095-1 Issue Date: 2018-01-17 CVE Numbers: CVE-2018-2678 CVE-2018-2677 CVE-2018-2663 CVE-2018-2579 CVE-2018-2588 CVE-2018-2602 CVE-2018-2599 CVE-2018-2603 CVE-2018-2629 CVE-2018-2618 CVE-2018-2641 CVE-2018-2582 CVE-2018-2634 CVE-2018-2637 CVE-2018-2633 — Security Fix(es): * Multiple flaws were found in the Hotspot and … Read More

linux-firmware (SL7)

Synopsis: Important: linux-firmware security update Advisory ID: SLSA-2018:0094-1 Issue Date: 2018-01-16 CVE Numbers: CVE-2017-5715 — This update supersedes the previous microcode update provided with the CVE-2017-5715 (Spectre) CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode … Read More