thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:2807-1 Issue Date: 2019-09-19 CVE Numbers: CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11752 CVE-2019-11739 — This update upgrades Thunderbird to version 60.9.0. Security Fix(es): * Mozilla: Covert Content Attack on S/MIME encryption using a … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:2773-1 Issue Date: 2019-09-18 CVE Numbers: CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11752 CVE-2019-11739 — This update upgrades Thunderbird to version 60.9.0. Security Fix(es): * Mozilla: Covert Content Attack on S/MIME encryption using a … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:2736-1 Issue Date: 2019-09-12 CVE Numbers: CVE-2018-9568 CVE-2019-11810 — Security Fix(es): * kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568) * kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading … Read More

firefox (SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:2729-1 Issue Date: 2019-09-11 CVE Numbers: CVE-2019-9812 CVE-2019-11733 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11752 — Security Fix(es): * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox … Read More

qemu-kvm (SL7)

Synopsis: Low: qemu-kvm security update Advisory ID: SLSA-2019:2607-1 Issue Date: 2019-09-03 CVE Numbers: CVE-2019-12155 — Security Fix(es): * QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155) — SL7 x86_64 qemu-img-1.5.3-167.el7_7.1.x86_64.rpm qemu-kvm-1.5.3-167.el7_7.1.x86_64.rpm qemu-kvm-common-1.5.3-167.el7_7.1.x86_64.rpm qemu-kvm-debuginfo-1.5.3-167.el7_7.1.x86_64.rpm qemu-kvm-tools-1.5.3-167.el7_7.1.x86_64.rpm – Scientific Linux Development … Read More

kdelibs and kde-settings (SL7)

Synopsis: Important: kdelibs and kde-settings security and bug fix update Advisory ID: SLSA-2019:2606-1 Issue Date: 2019-09-03 CVE Numbers: CVE-2019-14744 — * kdelibs: malicious desktop files and configuration files lead to code execution with minimal user interaction (CVE-2019-14744) Bug Fix(es): * … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:2600-1 Issue Date: 2019-09-03 CVE Numbers: CVE-2019-1125 CVE-2019-9500 — Security Fix(es): * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) * kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500) Bug Fix(es): … Read More

ghostscript (SL7)

Synopsis: Important: ghostscript security update Advisory ID: SLSA-2019:2586-1 Issue Date: 2019-09-03 CVE Numbers: CVE-2019-14813 CVE-2019-14812 CVE-2019-14811 CVE-2019-14817 — Security Fix(es): * ghostscript: Safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator (701445) (CVE-2019-14811) * ghostscript: Safer mode bypass by .forceput exposure … Read More

pango (SL7)

Synopsis: Important: pango security update Advisory ID: SLSA-2019:2571-1 Issue Date: 2019-08-28 CVE Numbers: CVE-2019-1010238 — Security Fix(es): * pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow (CVE-2019-1010238) — SL7 x86_64 pango-1.42.4-4.el7_7.i686.rpm pango-1.42.4-4.el7_7.x86_64.rpm pango-debuginfo-1.42.4-4.el7_7.i686.rpm pango-debuginfo-1.42.4-4.el7_7.x86_64.rpm pango-devel-1.42.4-4.el7_7.i686.rpm pango-devel-1.42.4-4.el7_7.x86_64.rpm pango-tests-1.42.4-4.el7_7.x86_64.rpm – Scientific Linux Development Team

ghostscript (SL7)

Synopsis: Important: ghostscript security update Advisory ID: SLSA-2019:2462-1 Issue Date: 2019-08-12 CVE Numbers: CVE-2019-10216 — Security Fix(es): * ghostscript: -dSAFER escape via .buildfont1 (701394) (CVE-2019-10216) — SL7 x86_64 ghostscript-9.25-2.el7_7.1.i686.rpm ghostscript-9.25-2.el7_7.1.x86_64.rpm ghostscript-cups-9.25-2.el7_7.1.x86_64.rpm ghostscript-debuginfo-9.25-2.el7_7.1.i686.rpm ghostscript-debuginfo-9.25-2.el7_7.1.x86_64.rpm libgs-9.25-2.el7_7.1.i686.rpm libgs-9.25-2.el7_7.1.x86_64.rpm ghostscript-gtk-9.25-2.el7_7.1.x86_64.rpm libgs-devel-9.25-2.el7_7.1.i686.rpm libgs-devel-9.25-2.el7_7.1.x86_64.rpm noarch ghostscript-doc-9.25-2.el7_7.1.noarch.rpm … Read More