kernel (SL6)

Synopsis: Moderate: kernel security and bug fix update Advisory ID: SLSA-2017:1372-1 Issue Date: 2017-05-31 CVE Numbers: CVE-2017-6214 — Security Fix(es): * A flaw was found in the Linux kernel’s handling of packets with the URG flag. Applications using the splice() … Read More

sudo (SL6, SL7)

Synopsis: Important: sudo security update Advisory ID: SLSA-2017:1382-1 Issue Date: 2017-05-30 CVE Numbers: CVE-2017-1000367 — Security Fix(es): * A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local … Read More

nss (SL6)

Synopsis: Important: nss security and bug fix update Advisory ID: SLSA-2017:1364-1 Issue Date: 2017-05-30 CVE Numbers: CVE-2017-7502 — Security Fix(es): * A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use … Read More

nss (SL7)

Synopsis: Important: nss security and bug fix update Advisory ID: SLSA-2017:1365-3 Issue Date: 2017-05-30 CVE Numbers: CVE-2017-7502 — Security Fix(es): * A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use … Read More

kernel (SL7)

Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2017:1308-1 Issue Date: 2017-05-25 CVE Numbers: CVE-2016-8646 CVE-2016-10208 CVE-2016-7910 CVE-2017-5986 CVE-2017-7308 — Security Fix(es): * It was found that the packet_set_ring() function of the Linux kernel’s networking implementation did … Read More

samba (SL6, SL7)

Synopsis: Important: samba security update Advisory ID: SLSA-2017:1270-1 Issue Date: 2017-05-24 CVE Numbers: CVE-2017-7494 — Security Fix(es): * A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could … Read More

samba4 (SL6)

Synopsis: Important: samba4 security update Advisory ID: SLSA-2017:1271-1 Issue Date: 2017-05-24 CVE Numbers: CVE-2017-7494 — Security Fix(es): * A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could … Read More

rpcbind (SL6)

Synopsis: Important: rpcbind security update Advisory ID: SLSA-2017:1267-1 Issue Date: 2017-05-23 CVE Numbers: CVE-2017-8779 — Security Fix(es): * It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR … Read More

libtirpc (SL6)

Synopsis: Important: libtirpc security update Advisory ID: SLSA-2017:1268-1 Issue Date: 2017-05-23 CVE Numbers: CVE-2017-8779 — Security Fix(es): * It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR … Read More

kdelibs (SL7)

Synopsis: Important: kdelibs security update Advisory ID: SLSA-2017:1264-1 Issue Date: 2017-05-22 CVE Numbers: CVE-2017-8422 — Security Fix(es): * A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to … Read More