krb5 (SL7)

Synopsis: Low: krb5 security, bug fix, and enhancement update Advisory ID: SLSA-2016:2591-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-3119 CVE-2016-3120 — The following packages have been upgraded to a newer upstream version: krb5 (1.14.1). Security Fix(es): * A NULL pointer dereference … Read More

fontconfig (SL7)

Synopsis: Moderate: fontconfig security and bug fix update Advisory ID: SLSA-2016:2601-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5384 — Security Fix(es): * It was found that cache files were insufficiently validated in fontconfig. A local attacker could create a specially crafted … Read More

libreswan (SL7)

Synopsis: Moderate: libreswan security and bug fix update Advisory ID: SLSA-2016:2603-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5361 — Security Fix(es): * A traffic amplification flaw was found in the Internet Key Exchange version 1 (IKEv1) protocol. A remote attacker could … Read More

sudo (SL7)

Synopsis: Low: sudo security, bug fix, and enhancement update Advisory ID: SLSA-2016:2593-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-7091 — Security Fix(es): * It was discovered that the default sudo configuration preserved the value of INPUTRC from the user’s environment, which … Read More

mod_nss (SL7)

Synopsis: Low: mod_nss security, bug fix, and enhancement update Advisory ID: SLSA-2016:2602-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-3099 — The following packages have been upgraded to a newer upstream version: mod_nss (1.0.14). Security Fix(es): * A flaw was found in … Read More

dhcp (SL7)

Synopsis: Moderate: dhcp security, bug fix, and enhancement update Advisory ID: SLSA-2016:2590-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-2774 — Security Fix(es): * A resource-consumption flaw was discovered in the DHCP server. dhcpd did not restrict the number of open connections … Read More

postgresql (SL7)

Synopsis: Moderate: postgresql security and bug fix update Advisory ID: SLSA-2016:2606-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5423 CVE-2016-5424 — The following packages have been upgraded to a newer upstream version: postgresql (9.2.18). Security Fix(es): * A flaw was found in … Read More

tomcat (SL7)

Synopsis: Moderate: tomcat security, bug fix, and enhancement update Advisory ID: SLSA-2016:2599-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2015-5174 CVE-2016-0714 CVE-2016-0706 CVE-2015-5345 CVE-2015-5351 CVE-2016-0763 CVE-2016-3092 — The following packages have been upgraded to a newer upstream version: tomcat (7.0.69). Security Fix(es): … Read More

util-linux (SL7)

Synopsis: Low: util-linux security, bug fix, and enhancement update Advisory ID: SLSA-2016:2605-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5011 — Security Fix(es): * It was found that util-linux’s libblkid library did not properly handle Extended Boot Record (EBR) partitions when reading … Read More

pcs (SL7)

Synopsis: Moderate: pcs security, bug fix, and enhancement update Advisory ID: SLSA-2016:2596-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-0720 CVE-2016-0721 — The following packages have been upgraded to a newer upstream version: pcs (0.9.152). Security Fix(es): * A Cross-Site Request Forgery … Read More