X.org X11 libraries (SL7)

Synopsis: Moderate: X.org X11 libraries security, bug fix and Advisory ID: SLSA-2017:1865-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2016-10164 CVE-2017-2625 CVE-2017-2626 — The following packages have been upgraded to a later upstream version: libX11 (1.6.5), libXaw (1.0.13), libXdmcp (1.1.2), libXfixes (5.0.3), … Read More

pki-core (SL7)

Synopsis: Moderate: pki-core security update Advisory ID: SLSA-2017:2335-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-7537 — Security Fix(es): * It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package. … Read More

gnutls (SL7)

Synopsis: Moderate: gnutls security, bug fix, and enhancement Advisory ID: SLSA-2017:2292-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-5337 CVE-2017-5335 CVE-2017-5336 CVE-2016-7444 CVE-2017-5334 CVE-2017-7869 CVE-2017-7507 — The following packages have been upgraded to a later upstream version: gnutls (3.3.26). Security Fix(es): * … Read More

tcpdump (SL7)

Synopsis: Moderate: tcpdump security, bug fix, and enhancement Advisory ID: SLSA-2017:1871-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2015-0261 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 — The following packages have been upgraded to a later upstream version: tcpdump (4.9.0). Security Fix(es): * Multiple out of … Read More

NetworkManager and libnl3 (SL7)

Synopsis: Moderate: NetworkManager and libnl3 security, bug fix Advisory ID: SLSA-2017:2299-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-0553 — The libnl3 packages contain a convenience library that simplifies using the Linux kernel’s Netlink sockets interface for network manipulation. The following packages … Read More

libreoffice (SL7)

Synopsis: Moderate: libreoffice security and bug fix update Advisory ID: SLSA-2017:1975-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-7870 — Security Fix(es): * An out-of-bounds write flaw was found in the way Libreoffice rendered certain documents containing Polygon images. By tricking a … Read More

authconfig (SL7)

Synopsis: Moderate: authconfig security, bug fix, and Advisory ID: SLSA-2017:2285-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-7488 — Security Fix(es): * A flaw was found where authconfig could configure sssd in a way that treats existing and non-existing logins differently, leaking … Read More

tomcat (SL7)

Synopsis: Low: tomcat security, bug fix, and enhancement update Advisory ID: SLSA-2017:2247-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2016-6797 CVE-2016-6796 CVE-2016-6794 CVE-2016-5018 CVE-2016-0762 — The following packages have been upgraded to a later upstream version: tomcat (7.0.76). Security Fix(es): * The … Read More

GStreamer (SL7)

Synopsis: Moderate: GStreamer security, bug fix, and Advisory ID: SLSA-2017:2060-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2016-9446 CVE-2016-9810 CVE-2016-9811 CVE-2016-10198 CVE-2016-10199 CVE-2017-5845 CVE-2017-5848 CVE-2017-5837 CVE-2017-5839 CVE-2017-5838 CVE-2017-5840 CVE-2017-5841 CVE-2017-5842 CVE-2017-5843 CVE-2017-5844 — The following packages have been upgraded to a later … Read More

evince (SL7)

Synopsis: Important: evince security update Advisory ID: SLSA-2017:2388-1 Issue Date: 2017-08-02 CVE Numbers: CVE-2017-1000083 — Security Fix(es): * It was found that evince did not properly sanitize the command line which is run to untar Comic Book Tar (CBT) files, … Read More