ipsilon (SL7)

Synopsis: Important: ipsilon security update Advisory ID: SLSA-2016:2809-1 Issue Date: 2016-11-21 CVE Numbers: CVE-2016-8638 — Security Fix(es): * A vulnerability was found in ipsilon in the SAML2 provider’s handling of sessions. An attacker able to hit the logout URL could … Read More

glibc (SL7)

Synopsis: Low: glibc security, bug fix, and enhancement update Advisory ID: SLSA-2016:2573-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-3075 — Security Fix(es): * A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include “networks: dns” with … Read More

curl (SL7)

Synopsis: Moderate: curl security, bug fix, and enhancement update Advisory ID: SLSA-2016:2575-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5419 CVE-2016-5420 CVE-2016-7141 — Security Fix(es): * It was found that the libcurl library did not prevent TLS session resumption when the client … Read More

kernel (SL7)

Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2016:2574-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2015-8543 CVE-2013-4312 CVE-2016-5829 CVE-2015-8374 CVE-2015-8746 CVE-2016-2053 CVE-2016-2069 CVE-2015-8812 CVE-2016-2384 CVE-2016-3070 CVE-2016-2117 CVE-2016-2847 CVE-2016-3156 CVE-2015-8845 CVE-2015-8844 CVE-2016-3699 CVE-2016-4581 CVE-2016-4569 CVE-2016-4578 CVE-2016-4794 CVE-2016-5412 CVE-2016-5828 CVE-2016-6136 … Read More

ntp (SL7)

Synopsis: Moderate: ntp security and bug fix update Advisory ID: SLSA-2016:2583-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2015-5194 CVE-2015-5195 CVE-2015-7703 CVE-2015-5219 CVE-2015-7691 CVE-2015-7692 CVE-2015-7702 CVE-2015-7701 CVE-2015-7852 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-7974 CVE-2015-8158 — Security Fix(es): * It was found that the fix … Read More

openssh (SL7)

Synopsis: Moderate: openssh security, bug fix, and enhancement update Advisory ID: SLSA-2016:2588-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2015-8325 — Security Fix(es): * It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In … Read More

NetworkManager (SL7)

Synopsis: Low: NetworkManager security, bug fix, and enhancement update Advisory ID: SLSA-2016:2581-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-0764 — The following packages have been upgraded to a newer upstream version: NetworkManager (1.4.0), NetworkManager-libreswan (1.2.4), network-manager- applet (1.4.0), libnl3 (3.2.28). Security … Read More

pacemaker (SL7)

Synopsis: Moderate: pacemaker security, bug fix, and enhancement update Advisory ID: SLSA-2016:2578-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-7797 — The following packages have been upgraded to a newer upstream version: pacemaker (1.1.15). Security Fix(es): * It was found that the … Read More

poppler (SL7)

Synopsis: Moderate: poppler security and bug fix update Advisory ID: SLSA-2016:2580-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2015-8868 — Security Fix(es): * A heap-buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would … Read More

firewalld (SL7)

Synopsis: Moderate: firewalld security, bug fix, and enhancement update Advisory ID: SLSA-2016:2597-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-5410 — The following packages have been upgraded to a newer upstream version: firewalld (0.4.3.2). Security Fix(es): * A flaw was found in … Read More