firefox (SL6)

Synopsis: Important: firefox security update Advisory ID: SLSA-2019:0373-1 Issue Date: 2019-02-19 CVE Numbers: CVE-2018-18356 CVE-2019-5785 — This update upgrades Firefox to version 60.5.1 ESR. Security Fix(es): * chromium-browser, mozilla: Use after free in Skia (CVE-2018-18356) * mozilla: Integer overflow in … Read More

systemd (SL7)

Synopsis: Important: systemd security update Advisory ID: SLSA-2019:0368-1 Issue Date: 2019-02-21 CVE Numbers: CVE-2019-6454 — Security Fix(es): * systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454) — SL7 x86_64 libgudev1-219-62.el7_6.5.i686.rpm libgudev1-219-62.el7_6.5.x86_64.rpm libgudev1-devel-219-62.el7_6.5.i686.rpm libgudev1-devel-219-62.el7_6.5.x86_64.rpm systemd-219-62.el7_6.5.x86_64.rpm systemd-debuginfo-219-62.el7_6.5.i686.rpm systemd-debuginfo-219-62.el7_6.5.x86_64.rpm … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:0270-1 Issue Date: 2019-02-04 CVE Numbers: CVE-2018-18500 CVE-2018-18501 CVE-2018-18505 CVE-2016-5824 — This update upgrades Thunderbird to version 60.5.0. Security Fix(es): * Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500) * Mozilla: Memory safety bugs fixed … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:0269-1 Issue Date: 2019-02-04 CVE Numbers: CVE-2018-18500 CVE-2018-18501 CVE-2018-18505 CVE-2016-5824 — This update upgrades Thunderbird to version 60.5.0. Security Fix(es): * Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500) * Mozilla: Memory safety bugs fixed … Read More

polkit (SL7)

Synopsis: Important: polkit security update Advisory ID: SLSA-2019:0230-1 Issue Date: 2019-01-31 CVE Numbers: CVE-2019-6133 — Security Fix(es): * polkit: Temporary auth hijacking via PID reuse and non-atomic fork (CVE-2019-6133) — SL7 x86_64 polkit-0.112-18.el7_6.1.i686.rpm polkit-0.112-18.el7_6.1.x86_64.rpm polkit-debuginfo-0.112-18.el7_6.1.i686.rpm polkit-debuginfo-0.112-18.el7_6.1.x86_64.rpm polkit-devel-0.112-18.el7_6.1.i686.rpm polkit-devel-0.112-18.el7_6.1.x86_64.rpm noarch polkit-docs-0.112-18.el7_6.1.noarch.rpm … Read More

ghostscript (SL7)

Synopsis: Important: ghostscript security and bug fix update Advisory ID: SLSA-2019:0229-1 Issue Date: 2019-01-31 CVE Numbers: CVE-2018-16540 CVE-2018-19475 CVE-2018-19476 CVE-2018-19477 CVE-2019-6116 — Security Fix(es): * ghostscript: use-after-free in copydevice handling (699661) (CVE-2018-16540) * ghostscript: access bypass in psi/zdevice2.c (700153) (CVE-2018-19475) … Read More

spice-server (SL6)

Synopsis: Important: spice-server security update Advisory ID: SLSA-2019:0232-1 Issue Date: 2019-01-31 CVE Numbers: CVE-2019-3813 — Security Fix(es): * spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813) — SL6 x86_64 spice-server-0.12.4-16.el6_10.3.x86_64.rpm spice-server-debuginfo-0.12.4-16.el6_10.3.x86_64.rpm – Scientific Linux Development Team

spice (SL7)

Synopsis: Important: spice security update Advisory ID: SLSA-2019:0231-1 Issue Date: 2019-01-31 CVE Numbers: CVE-2019-3813 — Security Fix(es): * spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813) — SL7 x86_64 spice-debuginfo-0.14.0-6.el7_6.1.x86_64.rpm spice-server-0.14.0-6.el7_6.1.x86_64.rpm spice-server-devel-0.14.0-6.el7_6.1.x86_64.rpm – Scientific Linux Development Team

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:0219-1 Issue Date: 2019-01-30 CVE Numbers: CVE-2018-18500 CVE-2018-18501 CVE-2018-18505 — This update upgrades Firefox to version 60.5.0 ESR. Security Fix(es): * Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500) * Mozilla: Memory safety bugs fixed … Read More

firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:0218-1 Issue Date: 2019-01-30 CVE Numbers: CVE-2018-18500 CVE-2018-18501 CVE-2018-18505 — This update upgrades Firefox to version 60.5.0 ESR. Security Fix(es): * Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500) * Mozilla: Memory safety bugs fixed … Read More