Synopsis: Moderate: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2017:1108-1 Issue Date: 2017-04-21 CVE Numbers: CVE-2017-3511 CVE-2017-3509 CVE-2017-3544 CVE-2017-3533 CVE-2017-3539 CVE-2017-3526 — Security Fix(es): * An untrusted library search path flaw was found in the JCE component of OpenJDK. … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2017:1106-1 Issue Date: 2017-04-20 CVE Numbers: CVE-2017-5442 CVE-2017-5443 CVE-2017-5429 CVE-2017-5464 CVE-2017-5465 CVE-2017-5460 CVE-2017-5448 CVE-2017-5449 CVE-2017-5446 CVE-2017-5447 CVE-2017-5444 CVE-2017-5445 CVE-2017-5469 CVE-2017-5440 CVE-2017-5441 CVE-2017-5439 CVE-2017-5438 CVE-2017-5437 CVE-2017-5436 CVE-2017-5435 CVE-2017-5434 CVE-2017-5433 CVE-2017-5432 CVE-2017-5459 CVE-2017-5456 CVE-2017-5466 CVE-2017-5467 … Read More
Synopsis: Critical: nss and nss-util security update Advisory ID: SLSA-2017:1100-1 Issue Date: 2017-04-20 CVE Numbers: CVE-2017-5461 — The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer … Read More
Synopsis: Critical: nss-util security update Advisory ID: SLSA-2017:1102-1 Issue Date: 2017-04-20 CVE Numbers: CVE-2017-5461 — Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create … Read More
Synopsis: Critical: firefox security update Advisory ID: SLSA-2017:1104-1 Issue Date: 2017-04-20 CVE Numbers: CVE-2017-5442 CVE-2017-5443 CVE-2017-5429 CVE-2017-5464 CVE-2017-5465 CVE-2017-5460 CVE-2017-5448 CVE-2017-5449 CVE-2017-5446 CVE-2017-5447 CVE-2017-5444 CVE-2017-5445 CVE-2017-5469 CVE-2017-5440 CVE-2017-5441 CVE-2017-5439 CVE-2017-5438 CVE-2017-5437 CVE-2017-5436 CVE-2017-5435 CVE-2017-5434 CVE-2017-5433 CVE-2017-5432 CVE-2017-5459 — This update … Read More
Synopsis: Important: bind security update Advisory ID: SLSA-2017:1105-1 Issue Date: 2017-04-20 CVE Numbers: CVE-2017-3136 CVE-2017-3137 — Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records … Read More
Synopsis: Moderate: libreoffice security update Advisory ID: SLSA-2017:0979-1 Issue Date: 2017-04-18 CVE Numbers: CVE-2017-3157 — Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object’s preview. An attacker could potentially use this … Read More
Synopsis: Important: bind security update Advisory ID: SLSA-2017:1095-1 Issue Date: 2017-04-19 CVE Numbers: CVE-2017-3136 CVE-2017-3137 — Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records … Read More
Synopsis: Important: qemu-kvm security update Advisory ID: SLSA-2017:0987-1 Issue Date: 2017-04-18 CVE Numbers: CVE-2016-9603 — Security Fix(es): * A heap buffer overflow flaw was found in QEMU’s Cirrus CLGD 54xx VGA emulator’s VNC display driver support; the issue could occur … Read More
Synopsis: Moderate: tomcat security update Advisory ID: SLSA-2017:0935-1 Issue Date: 2017-04-12 CVE Numbers: CVE-2016-6816 CVE-2016-8745 — Security Fix(es): * It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction … Read More
