squid (SL7)

Synopsis: Moderate: squid security, bug fix, and enhancement update Advisory ID: SLSA-2016:2600-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-2572 CVE-2016-3948 — The following packages have been upgraded to a newer upstream version: squid (3.5.20). Security Fix(es): * Incorrect … Read More

resteasy-base (SL7)

Synopsis: Important: resteasy-base security and bug fix update Advisory ID: SLSA-2016:2604-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-7050 — Security Fix(es): * It was discovered that under certain conditions RESTEasy could be forced to parse a request with SerializableProvider, resulting in … Read More

systemd (SL7)

Synopsis: Moderate: systemd security and bug fix update Advisory ID: SLSA-2016:2610-1 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-7795 — Security Fix(es): * A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw … Read More

bind (SL7)

Synopsis: Important: bind security update Advisory ID: SLSA-2016:2615-1 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-8864 — Security Fix(es): * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use … Read More

pacemaker (SL7)

Synopsis: Important: pacemaker security and bug fix update Advisory ID: SLSA-2016:2614-1 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-7035 — Security Fix(es): * An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with … Read More

memcached (SL6)

Synopsis: Important: memcached security update Advisory ID: SLSA-2016:2820-1 Issue Date: 2016-11-23 CVE Numbers: CVE-2016-8704 CVE-2016-8705 — Security Fix(es): * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a … Read More

389-ds-base (SL6)

Synopsis: Moderate: 389-ds-base security, bug fix, and enhancement update Advisory ID: SLSA-2016:2765-1 Issue Date: 2016-11-15 CVE Numbers: CVE-2016-4992 CVE-2016-5416 CVE-2016-5405 — Security Fix(es): * It was found that 389 Directory Server was vulnerable to a flaw in which the default … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2016:2766-1 Issue Date: 2016-11-15 CVE Numbers: CVE-2016-2143 CVE-2016-1583 — Security Fix(es): * It was found that stacking a file system over procfs in the Linux kernel could lead to a … Read More

policycoreutils (SL6, SL7)

Synopsis: Important: policycoreutils security update Advisory ID: SLSA-2016:2702-1 Issue Date: 2016-11-14 CVE Numbers: CVE-2016-7545 — Security Fix(es): * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed … Read More

firefox (SL5, SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2016:2780-1 Issue Date: 2016-11-16 CVE Numbers: CVE-2016-5296 CVE-2016-5297 CVE-2016-9064 CVE-2016-9066 CVE-2016-5291 CVE-2016-5290 — This update upgrades Firefox to version 45.5.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed … Read More