xen (SL5)

Synopsis: Important: xen security update Advisory ID: SLSA-2016:2963-1 Issue Date: 2016-12-20 CVE Numbers: CVE-2016-9637 — Security Fix(es): * An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It … Read More

kernel (SL5)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2016:2962-1 Issue Date: 2016-12-20 CVE Numbers: CVE-2016-7117 — Security Fix(es): * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory … Read More

OpenAFS (SL5, SL6, SL7)

Synopsis: Moderate: openafs security and enhancement update Advisory ID: OPENAFS-SA-2016-003 Issue Date: 2016-12-14 — Security Fix(es): There are three different kinds of “dead” residual directory entry leaks, each with a different cause: 1. There may be partial name data after … Read More

firefox (SL5, SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2016:2946-1 Issue Date: 2016-12-14 CVE Numbers: CVE-2016-9899 CVE-2016-9895 CVE-2016-9897 CVE-2016-9898 CVE-2016-9900 CVE-2016-9904 CVE-2016-9905 CVE-2016-9893 CVE-2016-9901 CVE-2016-9902 — This update upgrades Firefox to version 45.6.0 ESR. Security Fix(es): * Multiple flaws were found in … Read More

sudo (SL6, SL7)

Synopsis: Moderate: sudo security update Advisory ID: SLSA-2016:2872-1 Issue Date: 2016-12-06 CVE Numbers: CVE-2016-7032 CVE-2016-7076 — Security Fix(es): * It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system(), popen(), or … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2016:2850-1 Issue Date: 2016-12-05 CVE Numbers: CVE-2016-9079 — This update upgrades Thunderbird to version 45.5.1. Security Fix(es): * A flaw was found in the processing of malformed web content. A web page containing … Read More

firefox (SL5, SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2016:2843-1 Issue Date: 2016-12-01 CVE Numbers: CVE-2016-9079 — This update upgrades Firefox to version 45.5.1 ESR. Security Fix(es): * A flaw was found in the processing of malformed web content. A web page … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2016:2825-1 Issue Date: 2016-11-29 CVE Numbers: CVE-2016-5290 — This update upgrades Thunderbird to version 45.5.0 Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing … Read More

expat (SL6, SL7)

Synopsis: Moderate: expat security update Advisory ID: SLSA-2016:2824-1 Issue Date: 2016-11-28 CVE Numbers: CVE-2016-0718 — Security Fix(es): * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, … Read More

memcached (SL7)

Synopsis: Important: memcached security update Advisory ID: SLSA-2016:2819-1 Issue Date: 2016-11-23 CVE Numbers: CVE-2016-8704 CVE-2016-8705 CVE-2016-8706 — Security Fix(es): * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create … Read More