Synopsis: Important: dbus security update Advisory ID: SLSA-2019:1726-1 Issue Date: 2019-07-10 CVE Numbers: CVE-2019-12749 — Security Fix(es): * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass (CVE-2019-12749) — SL6 x86_64 dbus-1.2.24-11.el6_10.x86_64.rpm dbus-debuginfo-1.2.24-11.el6_10.i686.rpm dbus-debuginfo-1.2.24-11.el6_10.x86_64.rpm dbus-libs-1.2.24-11.el6_10.i686.rpm dbus-libs-1.2.24-11.el6_10.x86_64.rpm dbus-x11-1.2.24-11.el6_10.x86_64.rpm dbus-devel-1.2.24-11.el6_10.i686.rpm dbus-devel-1.2.24-11.el6_10.x86_64.rpm i386 dbus-1.2.24-11.el6_10.i686.rpm dbus-debuginfo-1.2.24-11.el6_10.i686.rpm dbus-libs-1.2.24-11.el6_10.i686.rpm dbus-x11-1.2.24-11.el6_10.i686.rpm … Read More

Synopsis: Low: qemu-kvm security update Advisory ID: SLSA-2019:1650-1 Issue Date: 2019-07-02 CVE Numbers: CVE-2019-9824 — Security Fix(es): * QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824) — SL6 x86_64 qemu-guest-agent-0.12.1.2-2.506.el6_10.4.x86_64.rpm qemu-img-0.12.1.2-2.506.el6_10.4.x86_64.rpm qemu-kvm-0.12.1.2-2.506.el6_10.4.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.506.el6_10.4.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.506.el6_10.4.x86_64.rpm i386 qemu-guest-agent-0.12.1.2-2.506.el6_10.4.i686.rpm … Read More

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:1626-1 Issue Date: 2019-06-27 CVE Numbers: None — Security Fix(es): * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open … Read More

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:1624-1 Issue Date: 2019-06-27 CVE Numbers: None — Security Fix(es): * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open … Read More

Synopsis: Important: python security update Advisory ID: SLSA-2019:1587-1 Issue Date: 2019-06-20 CVE Numbers: CVE-2019-10160 — Security Fix(es): * python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc (CVE-2019-10160) — SL7 x86_64 python-2.7.5-80.el7_6.x86_64.rpm python-debuginfo-2.7.5-80.el7_6.i686.rpm python-debuginfo-2.7.5-80.el7_6.x86_64.rpm python-libs-2.7.5-80.el7_6.i686.rpm … Read More