python (SL7)

Synopsis: Low: python security, bug fix, and enhancement update Advisory ID: SLSA-2016:2586-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5636 — Security Fix(es): * A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a … Read More

mariadb (SL7)

Synopsis: Important: mariadb security and bug fix update Advisory ID: SLSA-2016:2595-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-6662 CVE-2016-3492 CVE-2016-5612 CVE-2016-5616 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-8283 CVE-2016-6663 — The following packages have been upgraded to a newer upstream version: mariadb (5.5.52). Security … Read More

php (SL7)

Synopsis: Moderate: php security and bug fix update Advisory ID: SLSA-2016:2598-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5399 — Security Fix(es): * A flaw was found in the way certain error conditions were handled by bzread() function in … Read More

krb5 (SL7)

Synopsis: Low: krb5 security, bug fix, and enhancement update Advisory ID: SLSA-2016:2591-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-3119 CVE-2016-3120 — The following packages have been upgraded to a newer upstream version: krb5 (1.14.1). Security Fix(es): * A NULL pointer dereference … Read More

fontconfig (SL7)

Synopsis: Moderate: fontconfig security and bug fix update Advisory ID: SLSA-2016:2601-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5384 — Security Fix(es): * It was found that cache files were insufficiently validated in fontconfig. A local attacker could create a specially crafted … Read More

libreswan (SL7)

Synopsis: Moderate: libreswan security and bug fix update Advisory ID: SLSA-2016:2603-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5361 — Security Fix(es): * A traffic amplification flaw was found in the Internet Key Exchange version 1 (IKEv1) protocol. A remote attacker could … Read More

sudo (SL7)

Synopsis: Low: sudo security, bug fix, and enhancement update Advisory ID: SLSA-2016:2593-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-7091 — Security Fix(es): * It was discovered that the default sudo configuration preserved the value of INPUTRC from the user’s environment, which … Read More

mod_nss (SL7)

Synopsis: Low: mod_nss security, bug fix, and enhancement update Advisory ID: SLSA-2016:2602-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-3099 — The following packages have been upgraded to a newer upstream version: mod_nss (1.0.14). Security Fix(es): * A flaw was found in … Read More

dhcp (SL7)

Synopsis: Moderate: dhcp security, bug fix, and enhancement update Advisory ID: SLSA-2016:2590-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-2774 — Security Fix(es): * A resource-consumption flaw was discovered in the DHCP server. dhcpd did not restrict the number of open connections … Read More

postgresql (SL7)

Synopsis: Moderate: postgresql security and bug fix update Advisory ID: SLSA-2016:2606-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5423 CVE-2016-5424 — The following packages have been upgraded to a newer upstream version: postgresql (9.2.18). Security Fix(es): * A flaw was found in … Read More