curl (SL7)

Synopsis: Low: curl security and bug fix update Advisory ID: SLSA-2019:2181-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-16842 — Security Fix(es): * curl: Heap-based buffer over-read in the curl tool warning formatting (CVE-2018-16842) — SL7 x86_64 curl-7.29.0-54.el7.x86_64.rpm libcurl-7.29.0-54.el7.x86_64.rpm libcurl-7.29.0-54.el7.i686.rpm libcurl-devel-7.29.0-54.el7.x86_64.rpm libcurl-devel-7.29.0-54.el7.i686.rpm … Read More

libguestfs-winsupport (SL7)

Synopsis: Low: libguestfs-winsupport security update Advisory ID: SLSA-2019:2308-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2019-9755 — Security Fix(es): * ntfs-3g: heap-based buffer overflow leads to local root privilege escalation (CVE-2019-9755) — SL7 x86_64 libguestfs-winsupport-7.2-3.el7.x86_64.rpm – Scientific Linux Development Team

keycloak-httpd-client-install (SL7)

Synopsis: Low: keycloak-httpd-client-install security, bug fix, and Advisory ID: SLSA-2019:2137-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2017-15112 CVE-2017-15111 — Security Fix(es): * keycloak-httpd-client-install: unsafe /tmp log file in –log-file option in keycloak_cli.py (CVE-2017-15111) * keycloak-httpd-client-install: unsafe use of -p/–admin-password on command … Read More

mod_auth_openidc (SL7)

Synopsis: Moderate: mod_auth_openidc security update Advisory ID: SLSA-2019:2112-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2017-6413 CVE-2017-6059 — Security Fix(es): * mod_auth_openidc: OIDC_CLAIM and OIDCAuthNHeader not skipped in an “AuthType oauth20″ configuration (CVE-2017-6413) * mod_auth_openidc: Shows user-supplied content on error pages (CVE-2017-6059) … Read More

libmspack (SL7)

Synopsis: Moderate: libmspack security update Advisory ID: SLSA-2019:2049-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-18584 CVE-2018-18585 — Security Fix(es): * libmspack: Out-of-bounds write in mspack/cab.h (CVE-2018-18584) * libmspack: chmd_read_headers() fails to reject filenames containing NULL bytes (CVE-2018-18585) — SL7 x86_64 libmspack-0.5-0.7.alpha.el7.i686.rpm … Read More

compat-libtiff3 (SL7)

Synopsis: Low: compat-libtiff3 security update Advisory ID: SLSA-2019:2051-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-7456 — Security Fix(es): * libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service (CVE-2018-7456) — SL7 x86_64 compat-libtiff3-3.9.4-12.el7.i686.rpm compat-libtiff3-3.9.4-12.el7.x86_64.rpm compat-libtiff3-debuginfo-3.9.4-12.el7.i686.rpm compat-libtiff3-debuginfo-3.9.4-12.el7.x86_64.rpm – Scientific Linux … Read More

libreoffice (SL7)

Synopsis: Low: libreoffice security and bug fix update Advisory ID: SLSA-2019:2130-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-16858 — Security Fix(es): * libreoffice: Arbitrary python functions in arbitrary modules on the filesystem can be executed without warning (CVE-2018-16858) — SL7 x86_64 … Read More

libcgroup (SL7)

Synopsis: Moderate: libcgroup security update Advisory ID: SLSA-2019:2047-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-14348 — Security Fix(es): * libcgroup: cgrulesengd creates log files with insecure permissions (CVE-2018-14348) — SL7 x86_64 libcgroup-0.41-21.el7.i686.rpm libcgroup-tools-0.41-21.el7.x86_64.rpm libcgroup-0.41-21.el7.x86_64.rpm libcgroup-devel-0.41-21.el7.i686.rpm libcgroup-pam-0.41-21.el7.x86_64.rpm libcgroup-devel-0.41-21.el7.x86_64.rpm libcgroup-pam-0.41-21.el7.i686.rpm libcgroup-debuginfo-0.41-21.el7.i686.rpm libcgroup-debuginfo-0.41-21.el7.x86_64.rpm – … Read More

sssd (SL7)

Synopsis: Moderate: sssd security, bug fix, and enhancement update Advisory ID: SLSA-2019:2177-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-16838 CVE-2019-3811 — The following packages have been upgraded to a later upstream version: sssd (1.16.4). Security Fix(es): * sssd: fallback_homedir returns ‘/’ … Read More

libwpd (SL7)

Synopsis: Low: libwpd security update Advisory ID: SLSA-2019:2126-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-19208 — Security Fix(es): * libwpd: NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp (CVE-2018-19208) — SL7 x86_64 libwpd-0.10.0-2.el7.i686.rpm libwpd-0.10.0-2.el7.x86_64.rpm libwpd-doc-0.10.0-2.el7.noarch.rpm libwpd-devel-0.10.0-2.el7.i686.rpm libwpd-tools-0.10.0-2.el7.x86_64.rpm libwpd-devel-0.10.0-2.el7.x86_64.rpm libwpd-debuginfo-0.10.0-2.el7.i686.rpm libwpd-debuginfo-0.10.0-2.el7.x86_64.rpm … Read More