httpd (SL6)

Synopsis: Important: httpd security update Advisory ID: SLSA-2017:2478-1 Issue Date: 2017-08-15 CVE Numbers: CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 CVE-2017-9788 — Security Fix(es): * It was discovered that the httpd’s mod_auth_digest module did not properly initialize memory before using it when processing certain … Read More

tomcat (SL7)

Synopsis: Important: tomcat security update Advisory ID: SLSA-2017:1809-1 Issue Date: 2017-07-27 CVE Numbers: CVE-2017-5648 CVE-2017-5664 — Security Fix(es): * A vulnerability was discovered in the error page mechanism in Tomcat’s DefaultServlet implementation. A crafted HTTP request could cause undesired side … Read More

graphite2 (SL7)

Synopsis: Important: graphite2 security update Advisory ID: SLSA-2017:1793-1 Issue Date: 2017-07-21 CVE Numbers: CVE-2017-7778 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 — The following packages have been upgraded to a newer upstream version: graphite2 (1.3.10). Security Fix(es): * Various vulnerabilities … Read More

java-1.8.0-openjdk (SL6, SL7)

Synopsis: Critical: java-1.8.0-openjdk security update Advisory ID: SLSA-2017:1789-1 Issue Date: 2017-07-20 CVE Numbers: CVE-2017-10107 CVE-2017-10089 CVE-2017-10090 CVE-2017-10087 CVE-2017-10110 CVE-2017-10111 CVE-2017-10101 CVE-2017-10096 CVE-2017-10074 CVE-2017-10067 CVE-2017-10109 CVE-2017-10081 CVE-2017-10193 CVE-2017-10116 CVE-2017-10115 CVE-2017-10135 CVE-2017-10108 CVE-2017-10053 CVE-2017-10078 CVE-2017-10198 CVE-2017-10102 — Security Fix(es): * It was … Read More

freeradius (SL6)

Synopsis: Important: freeradius security update Advisory ID: SLSA-2017:1759-1 Issue Date: 2017-07-18 CVE Numbers: CVE-2017-10978 CVE-2017-10979 CVE-2017-10980 CVE-2017-10981 CVE-2017-10982 CVE-2017-10983 — Security Fix(es): * An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. … Read More

httpd (SL6)

Synopsis: Moderate: httpd security and bug fix update Advisory ID: SLSA-2017:1721-1 Issue Date: 2017-07-11 CVE Numbers: CVE-2016-8743 — Security Fix(es): * It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:1723-1 Issue Date: 2017-07-11 CVE Numbers: CVE-2017-7895 — Security Fix(es): * The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of … Read More

bind (SL6)

Synopsis: Important: bind security and bug fix update Advisory ID: SLSA-2017:1679-1 Issue Date: 2017-07-05 CVE Numbers: CVE-2017-3142 CVE-2017-3143 — Security Fix(es): * A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able … Read More

bind (SL7)

Synopsis: Important: bind security and bug fix update Advisory ID: SLSA-2017:1680-1 Issue Date: 2017-07-05 CVE Numbers: CVE-2017-3142 CVE-2017-3143 — Security Fix(es): * A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able … Read More

qemu-kvm (SL7)

Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2017:1681-1 Issue Date: 2017-07-05 CVE Numbers: CVE-2017-9524 — Security Fix(es): * Quick Emulator (QEMU) built with Network Block Device (NBD) Server support was vulnerable to a null-pointer dereference issue. The flaw could occur … Read More