squid (SL7)

Synopsis: Moderate: squid security update Advisory ID: SLSA-2017:0182-1 Issue Date: 2017-01-24 CVE Numbers: CVE-2016-10002 — Security Fix(es): * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote … Read More

qemu-kvm (SL7)

Synopsis: Low: qemu-kvm security and bug fix update Advisory ID: SLSA-2017:0083-1 Issue Date: 2017-01-17 CVE Numbers: CVE-2016-2857 — Security Fix(es): * An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur … Read More

kernel (SL7)

Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2017:0086-1 Issue Date: 2017-01-17 CVE Numbers: CVE-2016-7117 CVE-2016-6828 CVE-2016-9555 — To see the complete list of bug fixes, users are directed to the related Knowledge Article: Security Fix(es): * … Read More

bind (SL5, SL6)

Synopsis: Important: bind security update Advisory ID: SLSA-2017:0063-1 Issue Date: 2017-01-16 CVE Numbers: CVE-2016-9147 — Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker … Read More

bind97 (SL5)

Synopsis: Important: bind97 security update Advisory ID: SLSA-2017:0064-1 Issue Date: 2017-01-16 CVE Numbers: CVE-2016-9147 — Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker … Read More

bind (SL7)

Synopsis: Important: bind security update Advisory ID: SLSA-2017:0062-1 Issue Date: 2017-01-16 CVE Numbers: CVE-2016-9147 CVE-2016-9131 CVE-2016-9444 — Security Fix(es): * A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote … Read More

java-1.6.0-openjdk (SL5, SL6, SL7)

Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: SLSA-2017:0061-1 Issue Date: 2017-01-13 CVE Numbers: CVE-2016-5582 CVE-2016-5573 CVE-2016-5554 CVE-2016-5542 CVE-2016-5597 — Security Fix(es): * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function … Read More

kernel (SL6)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2017:0036-1 Issue Date: 2017-01-10 CVE Numbers: CVE-2016-4998 CVE-2016-7117 CVE-2016-6828 — Security Fix(es): * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to … Read More

subscription-manager (SL7)

Synopsis: Moderate: subscription-manager security, bug fix, and enhancement update Advisory ID: SLSA-2016:2592-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-4455 — * It was found that subscription-manager set weak permissions on files in /var/lib/rhsm/, causing an information disclosure. A local, unprivileged user … Read More

gstreamer-plugins-good (SL7)

Synopsis: Moderate: gstreamer-plugins-good security update Advisory ID: SLSA-2017:0019-1 Issue Date: 2017-01-05 CVE Numbers: CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 CVE-2016-9807 — Security Fix(es): * Multiple flaws were discovered in GStreamer’s FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these … Read More