python-jinja2 (SL7)

Synopsis: Important: python-jinja2 security update Advisory ID: SLSA-2019:1022-1 Issue Date: 2019-05-07 CVE Numbers: CVE-2016-10745 — * python-jinja2: Sandbox escape due to information disclosure via str.format (CVE-2016-10745) — SL7 noarch python-jinja2-2.7.2-3.el7_6.noarch.rpm – Scientific Linux Development Team

freeradius (SL7)

Synopsis: Important: freeradius security update Advisory ID: SLSA-2019:1131-1 Issue Date: 2019-05-09 CVE Numbers: CVE-2019-11235 CVE-2019-11234 — Security Fix(es): * freeradius: eap-pwd: authentication bypass via an invalid curve attack (CVE-2019-11235) * freeradius: eap-pwd: fake authentication using reflection (CVE-2019-11234) — SL7 x86_64 … Read More

flatpak (SL7)

Synopsis: Important: flatpak security update Advisory ID: SLSA-2019:1024-1 Issue Date: 2019-05-08 CVE Numbers: CVE-2019-10063 — Security Fix(es): * flatpak: Sandbox bypass via IOCSTI (incomplete fix for CVE-2017-5226) (CVE-2019-10063) — SL7 x86_64 flatpak-1.0.2-5.el7_6.x86_64.rpm flatpak-debuginfo-1.0.2-5.el7_6.x86_64.rpm flatpak-libs-1.0.2-5.el7_6.x86_64.rpm flatpak-builder-1.0.0-5.el7_6.x86_64.rpm flatpak-devel-1.0.2-5.el7_6.x86_64.rpm flatpak-1.0.2-5.el7_6.src.rpm – Scientific Linux … Read More

ghostscript (SL7)

Synopsis: Important: ghostscript security update Advisory ID: SLSA-2019:1017-1 Issue Date: 2019-05-07 CVE Numbers: CVE-2019-3839 — Security Fix(es): * ghostscript: missing attack vector protections for CVE-2019-6116 (CVE-2019-3839) — SL7 x86_64 ghostscript-9.07-31.el7_6.11.i686.rpm ghostscript-9.07-31.el7_6.11.x86_64.rpm ghostscript-cups-9.07-31.el7_6.11.x86_64.rpm ghostscript-debuginfo-9.07-31.el7_6.11.i686.rpm ghostscript-debuginfo-9.07-31.el7_6.11.x86_64.rpm ghostscript-devel-9.07-31.el7_6.11.i686.rpm ghostscript-devel-9.07-31.el7_6.11.x86_64.rpm ghostscript-gtk-9.07-31.el7_6.11.x86_64.rpm ghostscript-9.07-31.el7_6.11.src.rpm noarch ghostscript-doc-9.07-31.el7_6.11.noarch.rpm … Read More

kernel (SL7)

Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2019:0818-1 Issue Date: 2019-04-23 CVE Numbers: CVE-2019-7221 CVE-2019-6974 — Security Fix(es): * Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974) * Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of … Read More

ovmf (SL7)

Synopsis: Important: ovmf security update Advisory ID: SLSA-2019:0809-1 Issue Date: 2019-04-23 CVE Numbers: CVE-2018-12180 — Security Fix(es): * edk2: Buffer Overflow in BlockIo service for RAM disk (CVE-2018-12180) — SL7 noarch OVMF-20180508-3.gitee3198e672e2.el7_6.1.noarch.rpm – Scientific Linux Development Team

java-1.7.0-openjdk (SL6)

Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: SLSA-2019:0790-1 Issue Date: 2019-04-22 CVE Numbers: CVE-2019-2602 CVE-2019-2698 CVE-2019-2684 — Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long … Read More

java-1.7.0-openjdk (SL7)

Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: SLSA-2019:0791-1 Issue Date: 2019-04-22 CVE Numbers: CVE-2019-2602 CVE-2019-2698 CVE-2019-2684 — Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long … Read More

java-11-openjdk (SL7)

Synopsis: Moderate: java-11-openjdk security update Advisory ID: SLSA-2019:0778-1 Issue Date: 2019-04-17 CVE Numbers: CVE-2019-2602 CVE-2019-2684 — Security Fix(es): * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling … Read More

java-1.8.0-openjdk (SL6)

Synopsis: Important: java-1.8.0-openjdk security and bug fix update Advisory ID: SLSA-2019:0774-1 Issue Date: 2019-04-17 CVE Numbers: CVE-2019-2602 CVE-2019-2698 CVE-2019-2684 — Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of … Read More