java-1.7.0-openjdk (SL5, SL6, SL7)

Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: SLSA-2017:0269-1 Issue Date: 2017-02-13 CVE Numbers: CVE-2016-2183 CVE-2017-3272 CVE-2017-3289 CVE-2017-3253 CVE-2017-3261 CVE-2017-3231 CVE-2016-5547 CVE-2016-5552 CVE-2017-3252 CVE-2016-5546 CVE-2016-5548 CVE-2017-3241 — Security Fix(es): * It was discovered that the RMI registry and DCG implementations in … Read More

spice-server (SL6)

Synopsis: Moderate: spice-server security update Advisory ID: SLSA-2017:0253-1 Issue Date: 2017-02-05 CVE Numbers: CVE-2016-9578 CVE-2016-9577 — Security Fix(es): * A vulnerability was discovered in spice in the server’s protocol handling. An authenticated attacker could send crafted messages to the spice … Read More

ntp (SL6, SL7)

Synopsis: Moderate: ntp security update Advisory ID: SLSA-2017:0252-1 Issue Date: 2017-02-06 CVE Numbers: CVE-2016-9310 CVE-2016-7429 CVE-2016-7426 CVE-2016-7433 CVE-2016-9311 — Security Fix(es): * It was found that when ntp is configured with rate limiting for all associations the limits are also … Read More

spice (SL7)

Synopsis: Moderate: spice security update Advisory ID: SLSA-2017:0254-1 Issue Date: 2017-02-05 CVE Numbers: CVE-2016-9578 CVE-2016-9577 — Security Fix(es): * A vulnerability was discovered in spice in the server’s protocol handling. An authenticated attacker could send crafted messages to the spice … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2017:0238-1 Issue Date: 2017-02-02 CVE Numbers: CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5390 CVE-2017-5396 CVE-2017-5383 — This update upgrades Thunderbird to version 45.7.0. Security Fix(es): * Multiple flaws were found in the processing of … Read More

libtiff (SL6, SL7)

Synopsis: Moderate: libtiff security update Advisory ID: SLSA-2017:0225-1 Issue Date: 2017-02-01 CVE Numbers: CVE-2016-5652 CVE-2016-9534 CVE-2016-9535 CVE-2016-9536 CVE-2016-9537 CVE-2016-9540 CVE-2016-9533 CVE-2015-8870 — Security Fix(es): * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to … Read More

firefox (SL5, SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2017:0190-1 Issue Date: 2017-01-25 CVE Numbers: CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5390 CVE-2017-5396 CVE-2017-5383 CVE-2017-5386 — This update upgrades Firefox to version 45.7.0 ESR. Security Fix(es): * Multiple flaws were found in the … Read More

java-1.8.0-openjdk (SL6, SL7)

Synopsis: Critical: java-1.8.0-openjdk security update Advisory ID: SLSA-2017:0180-1 Issue Date: 2017-01-20 CVE Numbers: CVE-2016-2183 CVE-2017-3272 CVE-2017-3289 CVE-2017-3253 CVE-2017-3261 CVE-2017-3231 CVE-2016-5547 CVE-2016-5552 CVE-2017-3252 CVE-2016-5546 CVE-2016-5548 CVE-2017-3241 — Security Fix(es): * It was discovered that the RMI registry and DCG implementations in … Read More

mysql (SL6)

Synopsis: Important: mysql security update Advisory ID: SLSA-2017:0184-1 Issue Date: 2017-01-24 CVE Numbers: CVE-2016-6662 CVE-2016-5616 CVE-2016-6663 — Security Fix(es): * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a … Read More

squid34 (SL6)

Synopsis: Moderate: squid34 security update Advisory ID: SLSA-2017:0183-1 Issue Date: 2017-01-24 CVE Numbers: CVE-2016-10002 — Security Fix(es): * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote … Read More