libvirt (SL7)

Synopsis: Important: libvirt security and bug fix update Advisory ID: SLSA-2019:1579-1 Issue Date: 2019-06-20 CVE Numbers: CVE-2019-10161 CVE-2019-10166 CVE-2019-10167 CVE-2019-10168 — Security Fix(es): * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients … Read More

kernel (SL7)

Synopsis: Important: kernel security update Advisory ID: SLSA-2019:1481-1 Issue Date: 2019-06-17 CVE Numbers: CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 — Security Fix(es): * An integer overflow flaw was found in the way the Linux kernel’s networking subsystem processed TCP Selective Acknowledgment (SACK) segments. … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:1488-1 Issue Date: 2019-06-17 CVE Numbers: CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-3896 — Security Fix(es): * An integer overflow flaw was found in the way the Linux kernel’s networking subsystem processed TCP … Read More

bind (SL6)

Synopsis: Important: bind security update Advisory ID: SLSA-2019:1492-1 Issue Date: 2019-06-17 CVE Numbers: CVE-2018-5743 — Security Fix(es): * bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743) — SL6 x86_64 bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm i386 … Read More

python (SL6)

Synopsis: Important: python security update Advisory ID: SLSA-2019:1467-1 Issue Date: 2019-06-13 CVE Numbers: CVE-2019-9636 — Security Fix(es): * python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) — SL6 x86_64 python-2.6.6-68.el6_10.x86_64.rpm python-debuginfo-2.6.6-68.el6_10.i686.rpm python-debuginfo-2.6.6-68.el6_10.x86_64.rpm python-libs-2.6.6-68.el6_10.i686.rpm python-libs-2.6.6-68.el6_10.x86_64.rpm tkinter-2.6.6-68.el6_10.x86_64.rpm python-devel-2.6.6-68.el6_10.i686.rpm python-devel-2.6.6-68.el6_10.x86_64.rpm python-test-2.6.6-68.el6_10.x86_64.rpm … Read More

thunderbird (SL6)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:1310-1 Issue Date: 2019-06-04 CVE Numbers: None — Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800) * Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797) … Read More

thunderbird (SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2019:1309-1 Issue Date: 2019-06-04 CVE Numbers: None — Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800) * Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797) … Read More

bind (SL7)

Synopsis: Important: bind security update Advisory ID: SLSA-2019:1294-1 Issue Date: 2019-05-29 CVE Numbers: CVE-2018-5743 — Security Fix(es): * bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743) — SL7 x86_64 bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-9.9.4-74.el7_6.1.i686.rpm bind-libs-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-lite-9.9.4-74.el7_6.1.i686.rpm bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm bind-utils-9.9.4-74.el7_6.1.x86_64.rpm bind-9.9.4-74.el7_6.1.x86_64.rpm bind-chroot-9.9.4-74.el7_6.1.x86_64.rpm bind-devel-9.9.4-74.el7_6.1.i686.rpm bind-devel-9.9.4-74.el7_6.1.x86_64.rpm … Read More

pacemaker (SL7)

Synopsis: Important: pacemaker security update Advisory ID: SLSA-2019:1278-1 Issue Date: 2019-05-28 CVE Numbers: None — Security Fix(es): * pacemaker: Insufficient local IPC client-server authentication on the client’s side can lead to local privesc (CVE-2018-16877) * pacemaker: Insufficient verification inflicted preference … Read More

firefox (SL6)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:1267-1 Issue Date: 2019-05-23 CVE Numbers: None — Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800) * Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797) … Read More