mysql (SL6)

Synopsis: Important: mysql security update Advisory ID: SLSA-2017:0184-1 Issue Date: 2017-01-24 CVE Numbers: CVE-2016-6662 CVE-2016-5616 CVE-2016-6663 — Security Fix(es): * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a … Read More

squid34 (SL6)

Synopsis: Moderate: squid34 security update Advisory ID: SLSA-2017:0183-1 Issue Date: 2017-01-24 CVE Numbers: CVE-2016-10002 — Security Fix(es): * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote … Read More

squid (SL7)

Synopsis: Moderate: squid security update Advisory ID: SLSA-2017:0182-1 Issue Date: 2017-01-24 CVE Numbers: CVE-2016-10002 — Security Fix(es): * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote … Read More

qemu-kvm (SL7)

Synopsis: Low: qemu-kvm security and bug fix update Advisory ID: SLSA-2017:0083-1 Issue Date: 2017-01-17 CVE Numbers: CVE-2016-2857 — Security Fix(es): * An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur … Read More

kernel (SL7)

Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2017:0086-1 Issue Date: 2017-01-17 CVE Numbers: CVE-2016-7117 CVE-2016-6828 CVE-2016-9555 — To see the complete list of bug fixes, users are directed to the related Knowledge Article: Security Fix(es): * … Read More

bind (SL5, SL6)

Synopsis: Important: bind security update Advisory ID: SLSA-2017:0063-1 Issue Date: 2017-01-16 CVE Numbers: CVE-2016-9147 — Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker … Read More

bind97 (SL5)

Synopsis: Important: bind97 security update Advisory ID: SLSA-2017:0064-1 Issue Date: 2017-01-16 CVE Numbers: CVE-2016-9147 — Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker … Read More

bind (SL7)

Synopsis: Important: bind security update Advisory ID: SLSA-2017:0062-1 Issue Date: 2017-01-16 CVE Numbers: CVE-2016-9147 CVE-2016-9131 CVE-2016-9444 — Security Fix(es): * A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote … Read More

java-1.6.0-openjdk (SL5, SL6, SL7)

Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: SLSA-2017:0061-1 Issue Date: 2017-01-13 CVE Numbers: CVE-2016-5582 CVE-2016-5573 CVE-2016-5554 CVE-2016-5542 CVE-2016-5597 — Security Fix(es): * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:0036-1 Issue Date: 2017-01-10 CVE Numbers: CVE-2016-4998 CVE-2016-7117 CVE-2016-6828 — Security Fix(es): * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to … Read More