freerdp and vinagre (SL7)

Synopsis: Low: freerdp and vinagre security, bug fix, and enhancement update Advisory ID: SLSA-2019:2157-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-1000852 — The vinagre packages provide the Vinagre remote desktop viewer for the GNOME desktop. The following packages have been upgraded … Read More

bind (SL7)

Synopsis: Moderate: bind security, bug fix, and enhancement update Advisory ID: SLSA-2019:2057-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-5741 — The following packages have been upgraded to a later upstream version: bind (9.11.4). Security Fix(es): * bind: Incorrect documentation of krb5-subdomain … Read More

glibc (SL7)

Synopsis: Moderate: glibc security and bug fix update Advisory ID: SLSA-2019:2118-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2016-10739 — Security Fix(es): * glibc: getaddrinfo should reject IP addresses with trailing characters (CVE-2016-10739) — SL7 x86_64 glibc-2.17-292.el7.x86_64.rpm glibc-devel-2.17-292.el7.i686.rpm glibc-2.17-292.el7.i686.rpm glibc-common-2.17-292.el7.x86_64.rpm glibc-headers-2.17-292.el7.x86_64.rpm nscd-2.17-292.el7.x86_64.rpm … Read More

rsyslog (SL7)

Synopsis: Moderate: rsyslog security and bug fix update Advisory ID: SLSA-2019:2110-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-16881 — Security Fix(es): * rsyslog: imptcp: integer overflow when Octet-Counted TCP Framing is enabled (CVE-2018-16881) — SL7 x86_64 rsyslog-relp-8.24.0-38.el7.x86_64.rpm rsyslog-mysql-8.24.0-38.el7.x86_64.rpm rsyslog-gnutls-8.24.0-38.el7.x86_64.rpm rsyslog-gssapi-8.24.0-38.el7.x86_64.rpm rsyslog-8.24.0-38.el7.x86_64.rpm … Read More

elfutils (SL7)

Synopsis: Low: elfutils security, bug fix, and enhancement update Advisory ID: SLSA-2019:2197-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-16062 CVE-2019-7665 CVE-2018-18310 CVE-2018-18520 CVE-2019-7664 CVE-2019-7150 CVE-2019-7149 CVE-2018-18521 CVE-2018-16403 CVE-2018-16402 — The following packages have been upgraded to a later upstream version: elfutils … Read More

libsolv (SL7)

Synopsis: Low: libsolv security and bug fix update Advisory ID: SLSA-2019:2290-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-20534 CVE-2018-20532 CVE-2018-20533 — Security Fix(es): * libsolv: NULL pointer dereference in function testcase_read (CVE-2018-20532) * libsolv: NULL pointer dereference in function testcase_str2dep_complex (CVE-2018-20533) … Read More

qemu-kvm (SL7)

Synopsis: Low: qemu-kvm security, bug fix, and enhancement update Advisory ID: SLSA-2019:2078-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2019-9824 — Security Fix(es): * QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824) — SL7 x86_64 qemu-kvm-common-1.5.3-167.el7.x86_64.rpm qemu-kvm-tools-1.5.3-167.el7.x86_64.rpm qemu-img-1.5.3-167.el7.x86_64.rpm … Read More

zziplib (SL7)

Synopsis: Low: zziplib security update Advisory ID: SLSA-2019:2196-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-6541 CVE-2018-16548 — Security Fix(es): * zziplib: Bus error caused by loading of a misaligned address inzzip/zip.c (CVE-2018-6541) * zziplib: Memory leak triggered in the function __zzip_parse_root_directory … Read More

python (SL7)

Synopsis: Moderate: python security and bug fix update Advisory ID: SLSA-2019:2030-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2019-9947 CVE-2018-14647 CVE-2019-9740 CVE-2019-9948 CVE-2019-5010 — Security Fix(es): * python: Missing salt initialization in _elementtree.c module (CVE-2018-14647) * python: NULL pointer dereference using a … Read More

spice-gtk (SL7)

Synopsis: Moderate: spice-gtk security and bug fix update Advisory ID: SLSA-2019:2229-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-10893 — The libgovirt packages contain a library that allows applications to use the oVirt Representational State Transfer (REST) API to list virtual machines … Read More