Synopsis: Important: keepalived security update Advisory ID: SLSA-2019:0022-1 Issue Date: 2019-01-03 CVE Numbers: CVE-2018-19115 — Security Fix(es): * keepalived: Heap-based buffer overflow when parsing HTTP status codes allows for denial of service or possibly arbitrary code execution (CVE-2018-19115) — SL7 … Read More
Synopsis: Low: ntp security update Advisory ID: SLSA-2018:3854-1 Issue Date: 2018-12-20 CVE Numbers: CVE-2018-12327 — Security Fix(es): * ntp: Stack-based buffer overflow in ntpq and ntpdc allows denial of service or code execution (CVE-2018-12327) — SL6 x86_64 ntp-4.2.6p5-15.el6_10.x86_64.rpm ntp-debuginfo-4.2.6p5-15.el6_10.x86_64.rpm ntpdate-4.2.6p5-15.el6_10.x86_64.rpm … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:3831-1 Issue Date: 2018-12-17 CVE Numbers: CVE-2018-17466 CVE-2018-12405 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 — This update upgrades Firefox to version 60.4.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 64 and … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2018:3833-1 Issue Date: 2018-12-17 CVE Numbers: CVE-2018-17466 CVE-2018-12405 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 — This update upgrades Firefox to version 60.4.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 64 and … Read More
Synopsis: Important: ghostscript security and bug fix update Advisory ID: SLSA-2018:3834-1 Issue Date: 2018-12-17 CVE Numbers: CVE-2018-15911 CVE-2018-16541 CVE-2018-16802 CVE-2018-17183 CVE-2018-17961 CVE-2018-18073 CVE-2018-18284 CVE-2018-19409 CVE-2018-19134 — Security Fix(es): * ghostscript: Incorrect free logic in pagedevice replacement (699664) (CVE-2018-16541) * ghostscript: … Read More
Synopsis: Important: ghostscript security update Advisory ID: SLSA-2018:3760-1 Issue Date: 2018-12-04 CVE Numbers: CVE-2018-16509 — Security Fix(es): * It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the – … Read More
Synopsis: Important: ghostscript security and bug fix update Advisory ID: SLSA-2018:3761-1 Issue Date: 2018-12-04 CVE Numbers: CVE-2018-16863 — Security Fix(es): * ghostscript: incomplete fix for CVE-2018-16509 (CVE-2018-16863) Bug Fix(es): * Previously, the flushpage operator has been removed as part of … Read More
Synopsis: Important: ruby security update Advisory ID: SLSA-2018:3738-1 Issue Date: 2018-11-30 CVE Numbers: CVE-2018-16395 — Security Fix(es): * ruby: OpenSSL::X509::Name equality check does not work correctly (CVE-2018-16395) — SL7 x86_64 ruby-2.0.0.648-34.el7_6.x86_64.rpm ruby-debuginfo-2.0.0.648-34.el7_6.i686.rpm ruby-debuginfo-2.0.0.648-34.el7_6.x86_64.rpm ruby-libs-2.0.0.648-34.el7_6.i686.rpm ruby-libs-2.0.0.648-34.el7_6.x86_64.rpm rubygem-bigdecimal-1.2.0-34.el7_6.x86_64.rpm rubygem-io-console-0.4.2-34.el7_6.x86_64.rpm rubygem-json-1.7.7-34.el7_6.x86_64.rpm rubygem-psych-2.0.0-34.el7_6.x86_64.rpm ruby-devel-2.0.0.648-34.el7_6.x86_64.rpm … Read More
Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2018:3651-1 Issue Date: 2018-11-27 CVE Numbers: CVE-2018-14633 CVE-2018-14646 — Security Fix(es): * kernel: stack-based buffer overflow in chap_server_compute_md5() in iscsi target (CVE-2018-14633) * kernel: NULL pointer dereference in af_netlink.c:__netlink_ns_capable() … Read More
Synopsis: Important: NetworkManager security update Advisory ID: SLSA-2018:3665-1 Issue Date: 2018-11-27 CVE Numbers: CVE-2018-15688 — Security Fix(es): * systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) — SL7 x86_64 NetworkManager-1.12.0-8.el7_6.x86_64.rpm NetworkManager-adsl-1.12.0-8.el7_6.x86_64.rpm NetworkManager-bluetooth-1.12.0-8.el7_6.x86_64.rpm NetworkManager-debuginfo-1.12.0-8.el7_6.i686.rpm NetworkManager-debuginfo-1.12.0-8.el7_6.x86_64.rpm NetworkManager-glib-1.12.0-8.el7_6.i686.rpm NetworkManager-glib-1.12.0-8.el7_6.x86_64.rpm NetworkManager-libnm-1.12.0-8.el7_6.i686.rpm NetworkManager-libnm-1.12.0-8.el7_6.x86_64.rpm … Read More
