qemu-kvm (SL6)

Synopsis: Moderate: qemu-kvm security and bug fix update Advisory ID: SLSA-2017:0621-1 Issue Date: 2017-03-21 CVE Numbers: CVE-2016-3712 — Security Fix(es): * An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU’s VGA emulator set certain … Read More

ocaml (SL6)

Synopsis: Moderate: ocaml security update Advisory ID: SLSA-2017:0565-1 Issue Date: 2017-03-21 CVE Numbers: CVE-2015-8869 — Security Fix(es): * An integer conversion flaw was found in the way OCaml’s String handled its length. Certain operations on an excessively long String could … Read More

gnutls (SL6)

Synopsis: Moderate: gnutls security, bug fix, and enhancement update Advisory ID: SLSA-2017:0574-1 Issue Date: 2017-03-21 CVE Numbers: CVE-2016-8610 CVE-2017-5337 CVE-2017-5335 CVE-2017-5336 — The following packages have been upgraded to a later upstream version: gnutls (2.12.23). Security Fix(es): * A denial … Read More

curl (SL6)

Synopsis: Moderate: curl security update Advisory ID: SLSA-2017:0847-1 Issue Date: 2017-03-29 CVE Numbers: CVE-2017-2628 — Security Fix(es): * It was found that the fix for CVE-2015-3148 in curl was incomplete. An application using libcurl with HTTP Negotiate authentication could incorrectly … Read More

openjpeg (SL7)

Synopsis: Moderate: openjpeg security update Advisory ID: SLSA-2017:0838-1 Issue Date: 2017-03-22 CVE Numbers: CVE-2016-5139 CVE-2016-5158 CVE-2016-5159 CVE-2016-7163 CVE-2016-9675 CVE-2016-9573 — Security Fix(es): * Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 … Read More

icoutils (SL7)

Synopsis: Important: icoutils security update Advisory ID: SLSA-2017:0837-1 Issue Date: 2017-03-22 CVE Numbers: CVE-2017-5208 CVE-2017-5333 CVE-2017-5332 CVE-2017-6009 CVE-2017-6010 CVE-2017-6011 — Security Fix(es): * Multiple vulnerabilities were found in icoutils, in the wrestool program. An attacker could create a crafted executable … Read More

openjpeg (SL6)

Synopsis: Moderate: openjpeg security update Advisory ID: SLSA-2017:0559-1 Issue Date: 2017-03-19 CVE Numbers: CVE-2016-5139 CVE-2016-5158 CVE-2016-5159 CVE-2016-7163 CVE-2016-9675 — Security Fix(es): * Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2017:0558-1 Issue Date: 2017-03-17 CVE Numbers: CVE-2017-5428 — Security Fix(es): * A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash … Read More

tomcat6 (SL6)

Synopsis: Moderate: tomcat6 security update Advisory ID: SLSA-2017:0527-1 Issue Date: 2017-03-15 CVE Numbers: CVE-2016-6816 CVE-2016-8745 — Security Fix(es): * It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2017:0498-1 Issue Date: 2017-03-14 CVE Numbers: CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5407 CVE-2017-5410 CVE-2017-5408 CVE-2017-5405 CVE-2017-5398 — This update upgrades Thunderbird to version 45.8.0. Security Fix(es): * Multiple flaws were found in the processing … Read More