ruby (SL7)

Synopsis: Important: ruby security update Advisory ID: SLSA-2019:1235-1 Issue Date: 2019-05-15 CVE Numbers: CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 — Security Fix(es): * rubygems: Installing a malicious gem may lead to arbitrary code execution (CVE-2019-8324) * rubygems: Escape sequence injection vulnerability in … Read More

qemu-kvm (SL6)

Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2019:1181-1 Issue Date: 2019-05-14 CVE Numbers: CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 — Security Fix(es): * A flaw was found in the implementation of the “fill buffer”, a mechanism used by modern CPUs when a … Read More

libvirt (SL6)

Synopsis: Important: libvirt security update Advisory ID: SLSA-2019:1180-1 Issue Date: 2019-05-14 CVE Numbers: CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 — Security Fix(es): * A flaw was found in the implementation of the “fill buffer”, a mechanism used by modern CPUs when a … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:1169-1 Issue Date: 2019-05-14 CVE Numbers: CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 — Security Fix(es): * A flaw was found in the implementation of the “fill buffer”, a mechanism used by modern … Read More

kernel (SL7)

Synopsis: Important: kernel security update Advisory ID: SLSA-2019:1168-1 Issue Date: 2019-05-14 CVE Numbers: CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 — Security Fix(es): * A flaw was found in the implementation of the “fill buffer”, a mechanism used by modern CPUs when a … Read More

qemu-kvm (SL7)

Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2019:1178-1 Issue Date: 2019-05-14 CVE Numbers: CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 — Security Fix(es): * A flaw was found in the implementation of the “fill buffer”, a mechanism used by modern CPUs when a … Read More

libvirt (SL7)

Synopsis: Important: libvirt security update Advisory ID: SLSA-2019:1177-1 Issue Date: 2019-05-14 CVE Numbers: CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 — Security Fix(es): * A flaw was found in the implementation of the “fill buffer”, a mechanism used by modern CPUs when a … Read More

wget (SL7)

Synopsis: Important: wget security update Advisory ID: SLSA-2019:1228-1 Issue Date: 2019-05-14 CVE Numbers: CVE-2019-5953 — Security Fix(es): * wget: do_conversion() heap-based buffer overflow vulnerability (CVE-2019-5953) — SL7 x86_64 wget-1.14-18.el7_6.1.x86_64.rpm wget-debuginfo-1.14-18.el7_6.1.x86_64.rpm – Scientific Linux Development Team

python-jinja2 (SL7)

Synopsis: Important: python-jinja2 security update Advisory ID: SLSA-2019:1022-1 Issue Date: 2019-05-07 CVE Numbers: CVE-2016-10745 — * python-jinja2: Sandbox escape due to information disclosure via str.format (CVE-2016-10745) — SL7 noarch python-jinja2-2.7.2-3.el7_6.noarch.rpm – Scientific Linux Development Team

freeradius (SL7)

Synopsis: Important: freeradius security update Advisory ID: SLSA-2019:1131-1 Issue Date: 2019-05-09 CVE Numbers: CVE-2019-11235 CVE-2019-11234 — Security Fix(es): * freeradius: eap-pwd: authentication bypass via an invalid curve attack (CVE-2019-11235) * freeradius: eap-pwd: fake authentication using reflection (CVE-2019-11234) — SL7 x86_64 … Read More