openssl (SL7)

Synopsis: Moderate: openssl security and bug fix update Advisory ID: SLSA-2019:0483-1 Issue Date: 2019-03-13 CVE Numbers: CVE-2018-5407 — Security Fix(es): * openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash) (CVE-2018-5407) Bug Fix(es): * Perform the RSA signature self-tests with SHA-256 — … Read More

java-1.7.0-openjdk (SL6)

Synopsis: Moderate: java-1.7.0-openjdk security update Advisory ID: SLSA-2019:0462-1 Issue Date: 2019-03-05 CVE Numbers: CVE-2019-2422 — Security Fix(es): * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422) — SL6 x86_64 java-1.7.0-openjdk-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.211-2.6.17.1.el6_10.x86_64.rpm i386 java-1.7.0-openjdk-1.7.0.211-2.6.17.1.el6_10.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.211-2.6.17.1.el6_10.i686.rpm java-1.7.0-openjdk-devel-1.7.0.211-2.6.17.1.el6_10.i686.rpm java-1.7.0-openjdk-demo-1.7.0.211-2.6.17.1.el6_10.i686.rpm java-1.7.0-openjdk-src-1.7.0.211-2.6.17.1.el6_10.i686.rpm … Read More

java-1.7.0-openjdk (SL7)

Synopsis: Moderate: java-1.7.0-openjdk security update Advisory ID: SLSA-2019:0464-1 Issue Date: 2019-03-05 CVE Numbers: CVE-2019-2422 — Security Fix(es): * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422) — SL7 x86_64 java-1.7.0-openjdk-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-accessibility-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.211-2.6.17.1.el7_6.x86_64.rpm java-1.7.0-openjdk-1.7.0.211-2.6.17.1.el7_6.src.rpm noarch java-1.7.0-openjdk-javadoc-1.7.0.211-2.6.17.1.el7_6.noarch.rpm – … Read More

java-1.8.0-openjdk (SL7)

Synopsis: Moderate: java-1.8.0-openjdk security update Advisory ID: SLSA-2019:0435-1 Issue Date: 2019-02-28 CVE Numbers: CVE-2019-2422 — Security Fix(es): * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422) — SL7 x86_64 java-1.8.0-openjdk-1.8.0.201.b09-0.el7_6.i686.rpm java-1.8.0-openjdk-1.8.0.201.b09-0.el7_6.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.201.b09-0.el7_6.i686.rpm java-1.8.0-openjdk-debuginfo-1.8.0.201.b09-0.el7_6.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.201.b09-0.el7_6.i686.rpm java-1.8.0-openjdk-headless-1.8.0.201.b09-0.el7_6.x86_64.rpm java-1.8.0-openjdk-accessibility-1.8.0.201.b09-0.el7_6.i686.rpm java-1.8.0-openjdk-accessibility-1.8.0.201.b09-0.el7_6.x86_64.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.201.b09-0.el7_6.i686.rpm java-1.8.0-openjdk-accessibility-debug-1.8.0.201.b09-0.el7_6.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.201.b09-0.el7_6.i686.rpm … Read More

java-11-openjdk (SL7)

Synopsis: Moderate: java-11-openjdk security update Advisory ID: SLSA-2019:0436-1 Issue Date: 2019-02-28 CVE Numbers: CVE-2019-2422 — Security Fix(es): * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422) — SL7 x86_64 java-11-openjdk-11.0.2.7-0.el7_6.i686.rpm java-11-openjdk-11.0.2.7-0.el7_6.x86_64.rpm java-11-openjdk-debuginfo-11.0.2.7-0.el7_6.i686.rpm java-11-openjdk-debuginfo-11.0.2.7-0.el7_6.x86_64.rpm java-11-openjdk-headless-11.0.2.7-0.el7_6.i686.rpm java-11-openjdk-headless-11.0.2.7-0.el7_6.x86_64.rpm java-11-openjdk-debug-11.0.2.7-0.el7_6.i686.rpm java-11-openjdk-debug-11.0.2.7-0.el7_6.x86_64.rpm java-11-openjdk-demo-11.0.2.7-0.el7_6.i686.rpm java-11-openjdk-demo-11.0.2.7-0.el7_6.x86_64.rpm java-11-openjdk-demo-debug-11.0.2.7-0.el7_6.i686.rpm … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:0415-1 Issue Date: 2019-02-26 CVE Numbers: CVE-2018-10902 — Security Fix(es): * kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902) Bug Fix(es): * Previously backported upstream patch caused a … Read More

java-1.8.0-openjdk (SL6)

Synopsis: Moderate: java-1.8.0-openjdk security update Advisory ID: SLSA-2019:0416-1 Issue Date: 2019-02-26 CVE Numbers: CVE-2019-2422 — Security Fix(es): * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422) — SL6 x86_64 java-1.8.0-openjdk-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-debuginfo-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-headless-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-debug-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-demo-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-demo-debug-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-devel-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-devel-debug-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-headless-debug-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-src-1.8.0.201.b09-1.el6_10.x86_64.rpm java-1.8.0-openjdk-src-debug-1.8.0.201.b09-1.el6_10.x86_64.rpm … Read More

polkit (SL6)

Synopsis: Important: polkit security update Advisory ID: SLSA-2019:0420-1 Issue Date: 2019-02-26 CVE Numbers: CVE-2019-6133 — Security Fix(es): * polkit: Temporary auth hijacking via PID reuse and non-atomic fork (CVE-2019-6133) — SL6 x86_64 polkit-0.96-11.el6_10.1.i686.rpm polkit-0.96-11.el6_10.1.x86_64.rpm polkit-debuginfo-0.96-11.el6_10.1.i686.rpm polkit-debuginfo-0.96-11.el6_10.1.x86_64.rpm polkit-devel-0.96-11.el6_10.1.i686.rpm polkit-devel-0.96-11.el6_10.1.x86_64.rpm polkit-docs-0.96-11.el6_10.1.x86_64.rpm i386 … Read More

flatpak (SL7)

Synopsis: Important: flatpak security update Advisory ID: SLSA-2019:0375-1 Issue Date: 2019-02-21 CVE Numbers: CVE-2019-8308 — Security Fix(es): * flatpak: potential /proc based sandbox escape (CVE-2019-8308) — SL7 x86_64 flatpak-1.0.2-4.el7_6.x86_64.rpm flatpak-builder-1.0.0-4.el7_6.x86_64.rpm flatpak-debuginfo-1.0.2-4.el7_6.x86_64.rpm flatpak-devel-1.0.2-4.el7_6.x86_64.rpm flatpak-libs-1.0.2-4.el7_6.x86_64.rpm firefox-60.5.1-1.el7_6.i686.rpm firefox-60.5.1-1.el7_6.x86_64.rpm firefox-debuginfo-60.5.1-1.el7_6.i686.rpm firefox-debuginfo-60.5.1-1.el7_6.x86_64.rpm – Scientific Linux … Read More

firefox (SL7)

Synopsis: Important: firefox security update Advisory ID: SLSA-2019:0374-1 Issue Date: 2019-02-21 CVE Numbers: None — Security Fix(es): This update upgrades Firefox to version 60.5.1 ESR. Security Fix(es): * chromium-browser, mozilla: Use after free in Skia (CVE-2018-18356) * mozilla: Integer overflow … Read More