openssl (SL6, SL7)

Synopsis: Moderate: openssl security update Advisory ID: SLSA-2017:0286-1 Issue Date: 2017-02-20 CVE Numbers: CVE-2016-8610 CVE-2017-3731 — Security Fix(es): * An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use … Read More

bind (SL7)

Synopsis: Moderate: bind security update Advisory ID: SLSA-2017:0276-1 Issue Date: 2017-02-15 CVE Numbers: CVE-2017-3135 — Security Fix(es): * A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A … Read More

java-1.7.0-openjdk (SL5, SL6, SL7)

Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: SLSA-2017:0269-1 Issue Date: 2017-02-13 CVE Numbers: CVE-2016-2183 CVE-2017-3272 CVE-2017-3289 CVE-2017-3253 CVE-2017-3261 CVE-2017-3231 CVE-2016-5547 CVE-2016-5552 CVE-2017-3252 CVE-2016-5546 CVE-2016-5548 CVE-2017-3241 — Security Fix(es): * It was discovered that the RMI registry and DCG implementations in … Read More

spice-server (SL6)

Synopsis: Moderate: spice-server security update Advisory ID: SLSA-2017:0253-1 Issue Date: 2017-02-05 CVE Numbers: CVE-2016-9578 CVE-2016-9577 — Security Fix(es): * A vulnerability was discovered in spice in the server’s protocol handling. An authenticated attacker could send crafted messages to the spice … Read More

ntp (SL6, SL7)

Synopsis: Moderate: ntp security update Advisory ID: SLSA-2017:0252-1 Issue Date: 2017-02-06 CVE Numbers: CVE-2016-9310 CVE-2016-7429 CVE-2016-7426 CVE-2016-7433 CVE-2016-9311 — Security Fix(es): * It was found that when ntp is configured with rate limiting for all associations the limits are also … Read More

spice (SL7)

Synopsis: Moderate: spice security update Advisory ID: SLSA-2017:0254-1 Issue Date: 2017-02-05 CVE Numbers: CVE-2016-9578 CVE-2016-9577 — Security Fix(es): * A vulnerability was discovered in spice in the server’s protocol handling. An authenticated attacker could send crafted messages to the spice … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2017:0238-1 Issue Date: 2017-02-02 CVE Numbers: CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5390 CVE-2017-5396 CVE-2017-5383 — This update upgrades Thunderbird to version 45.7.0. Security Fix(es): * Multiple flaws were found in the processing of … Read More

libtiff (SL6, SL7)

Synopsis: Moderate: libtiff security update Advisory ID: SLSA-2017:0225-1 Issue Date: 2017-02-01 CVE Numbers: CVE-2016-5652 CVE-2016-9534 CVE-2016-9535 CVE-2016-9536 CVE-2016-9537 CVE-2016-9540 CVE-2016-9533 CVE-2015-8870 — Security Fix(es): * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to … Read More

firefox (SL5, SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2017:0190-1 Issue Date: 2017-01-25 CVE Numbers: CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5390 CVE-2017-5396 CVE-2017-5383 CVE-2017-5386 — This update upgrades Firefox to version 45.7.0 ESR. Security Fix(es): * Multiple flaws were found in the … Read More

java-1.8.0-openjdk (SL6, SL7)

Synopsis: Critical: java-1.8.0-openjdk security update Advisory ID: SLSA-2017:0180-1 Issue Date: 2017-01-20 CVE Numbers: CVE-2016-2183 CVE-2017-3272 CVE-2017-3289 CVE-2017-3253 CVE-2017-3261 CVE-2017-3231 CVE-2016-5547 CVE-2016-5552 CVE-2017-3252 CVE-2016-5546 CVE-2016-5548 CVE-2017-3241 — Security Fix(es): * It was discovered that the RMI registry and DCG implementations in … Read More