gstreamer-plugins-good (SL6)

Synopsis: Important: gstreamer-plugins-good security update Advisory ID: SLSA-2016:2975-1 Issue Date: 2016-12-21 CVE Numbers: CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 CVE-2016-9807 — Security Fix(es): * Multiple flaws were discovered in GStreamer’s FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these … Read More

gstreamer-plugins-bad-free (SL6)

Synopsis: Important: gstreamer-plugins-bad-free security update Advisory ID: SLSA-2016:2974-1 Issue Date: 2016-12-21 CVE Numbers: CVE-2016-9447 CVE-2016-9445 — Security Fix(es): * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer’s VMware VMnc video file format decoding plug-in. … Read More

xen (SL5)

Synopsis: Important: xen security update Advisory ID: SLSA-2016:2963-1 Issue Date: 2016-12-20 CVE Numbers: CVE-2016-9637 — Security Fix(es): * An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It … Read More

kernel (SL5)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2016:2962-1 Issue Date: 2016-12-20 CVE Numbers: CVE-2016-7117 — Security Fix(es): * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory … Read More

OpenAFS (SL5, SL6, SL7)

Synopsis: Moderate: openafs security and enhancement update Advisory ID: OPENAFS-SA-2016-003 Issue Date: 2016-12-14 — Security Fix(es): There are three different kinds of “dead” residual directory entry leaks, each with a different cause: 1. There may be partial name data after … Read More

firefox (SL5, SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2016:2946-1 Issue Date: 2016-12-14 CVE Numbers: CVE-2016-9899 CVE-2016-9895 CVE-2016-9897 CVE-2016-9898 CVE-2016-9900 CVE-2016-9904 CVE-2016-9905 CVE-2016-9893 CVE-2016-9901 CVE-2016-9902 — This update upgrades Firefox to version 45.6.0 ESR. Security Fix(es): * Multiple flaws were found in … Read More

sudo (SL6, SL7)

Synopsis: Moderate: sudo security update Advisory ID: SLSA-2016:2872-1 Issue Date: 2016-12-06 CVE Numbers: CVE-2016-7032 CVE-2016-7076 — Security Fix(es): * It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system(), popen(), or … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2016:2850-1 Issue Date: 2016-12-05 CVE Numbers: CVE-2016-9079 — This update upgrades Thunderbird to version 45.5.1. Security Fix(es): * A flaw was found in the processing of malformed web content. A web page containing … Read More

firefox (SL5, SL6, SL7)

Synopsis: Critical: firefox security update Advisory ID: SLSA-2016:2843-1 Issue Date: 2016-12-01 CVE Numbers: CVE-2016-9079 — This update upgrades Firefox to version 45.5.1 ESR. Security Fix(es): * A flaw was found in the processing of malformed web content. A web page … Read More

thunderbird (SL5, SL6, SL7)

Synopsis: Important: thunderbird security update Advisory ID: SLSA-2016:2825-1 Issue Date: 2016-11-29 CVE Numbers: CVE-2016-5290 — This update upgrades Thunderbird to version 45.5.0 Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing … Read More