<?xml-stylesheet type="text/xsl" href="updateinfo.xsl"?>
<updates><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="enhancement" version="1.4"><id>SL7.5:selinux</id><title>Reissue Selinux Utils</title><description>This package resolves the issue.</description><release>Scientific Linux</release><issued date="1969-12-31 18:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="i686" name="libselinux" release="12.sl7" src="libselinux-2.5-12.sl7.src.rpm" version="2.5"><filename>libselinux-2.5-12.sl7.i686.rpm</filename><sum type="sha256">a7e032073e98b240dd8ecdcb487ed2140cd6a2c3653f19226a19452010022f2b</sum></package><package arch="i686" name="libsemanage-devel" release="11.sl7" src="libsemanage-2.5-11.sl7.src.rpm" version="2.5"><filename>libsemanage-devel-2.5-11.sl7.i686.rpm</filename><sum type="sha256">af9bac6487cc239e4139c6415a9cb14502f658058102bfe6c8b3811deebd9e63</sum></package><package arch="x86_64" name="libsemanage-devel" release="11.sl7" src="libsemanage-2.5-11.sl7.src.rpm" version="2.5"><filename>libsemanage-devel-2.5-11.sl7.x86_64.rpm</filename><sum type="sha256">469b0d826455781ea9364f2d48220715a21aa19cb4e67d3aa0b6d8d1842da104</sum></package><package arch="i686" name="libselinux-devel" release="12.sl7" src="libselinux-2.5-12.sl7.src.rpm" version="2.5"><filename>libselinux-devel-2.5-12.sl7.i686.rpm</filename><sum type="sha256">359e5be500134bf6dce55baba2264210509618d3a8e1eede6a4c6d8703a67f9f</sum></package><package arch="x86_64" name="policycoreutils-sandbox" release="22.sl7" src="policycoreutils-2.5-22.sl7.src.rpm" version="2.5"><filename>policycoreutils-sandbox-2.5-22.sl7.x86_64.rpm</filename><sum type="sha256">12a83c5b6883d4b8d512cceaa0b18468a5dd680bb9e840a7e864b9037a4dbe29</sum></package><package arch="i686" name="libsemanage-static" release="11.sl7" src="libsemanage-2.5-11.sl7.src.rpm" version="2.5"><filename>libsemanage-static-2.5-11.sl7.i686.rpm</filename><sum type="sha256">3e05740408101243b8fff69559fbc85cd3de3bc5adfae68fcdaaa6fbe34637b2</sum></package><package arch="x86_64" name="libselinux-ruby" release="12.sl7" src="libselinux-2.5-12.sl7.src.rpm" version="2.5"><filename>libselinux-ruby-2.5-12.sl7.x86_64.rpm</filename><sum type="sha256">742802fef6c57c9e50962fb368b9d47e13e567f347d02c2f67b70340645c5bc0</sum></package><package arch="i686" name="policycoreutils-devel" release="22.sl7" src="policycoreutils-2.5-22.sl7.src.rpm" version="2.5"><filename>policycoreutils-devel-2.5-22.sl7.i686.rpm</filename><sum type="sha256">b2cc170287161623394a785b24e3520a8bd39e78460ae8082a0c77b5c2a2b444</sum></package><package arch="x86_64" name="libsemanage-python" release="11.sl7" src="libsemanage-2.5-11.sl7.src.rpm" version="2.5"><filename>libsemanage-python-2.5-11.sl7.x86_64.rpm</filename><sum type="sha256">070a9e6d6127280afefd00ffc5112569e1b91292245336b0ca5739eee2bb940e</sum></package><package arch="i686" name="libsemanage" release="11.sl7" src="libsemanage-2.5-11.sl7.src.rpm" version="2.5"><filename>libsemanage-2.5-11.sl7.i686.rpm</filename><sum type="sha256">7ed59cb64d931ce3f772e5cea8895a440fa4237da4f5f84952d17819ae4313f9</sum></package><package arch="x86_64" name="libselinux-python" release="12.sl7" src="libselinux-2.5-12.sl7.src.rpm" version="2.5"><filename>libselinux-python-2.5-12.sl7.x86_64.rpm</filename><sum type="sha256">75495cbcaaf339d1a1d766b1990d9b0b5ff734c66dd0af4d597cf5a5157ce22a</sum></package><package arch="x86_64" name="policycoreutils" release="22.sl7" src="policycoreutils-2.5-22.sl7.src.rpm" version="2.5"><filename>policycoreutils-2.5-22.sl7.x86_64.rpm</filename><sum type="sha256">fd09acaab47c1c0bbb2afd077222e5b89da50145c78128739bef0f2f42387df6</sum></package><package arch="x86_64" name="policycoreutils-devel" release="22.sl7" src="policycoreutils-2.5-22.sl7.src.rpm" version="2.5"><filename>policycoreutils-devel-2.5-22.sl7.x86_64.rpm</filename><sum type="sha256">5884e54d22d0548c25df34887488cf03d6b9337bb65abeb0febfe2efab68992c</sum></package><package arch="x86_64" name="libselinux-devel" release="12.sl7" src="libselinux-2.5-12.sl7.src.rpm" version="2.5"><filename>libselinux-devel-2.5-12.sl7.x86_64.rpm</filename><sum type="sha256">8f53812073275cd898f08b575bb6a274d563dd7a02c40403f74bb99f0af86d53</sum></package><package arch="i686" name="libsepol" release="8.1.sl7" src="libsepol-2.5-8.1.sl7.src.rpm" version="2.5"><filename>libsepol-2.5-8.1.sl7.i686.rpm</filename><sum type="sha256">f3a173380c27646923d378224d7f03c8998e0fd89e68c1cc44464e993648e261</sum></package><package arch="x86_64" name="libsepol" release="8.1.sl7" src="libsepol-2.5-8.1.sl7.src.rpm" version="2.5"><filename>libsepol-2.5-8.1.sl7.x86_64.rpm</filename><sum type="sha256">d3fd29eb8f563ef0498c9ca764cb17559711536da03ef9ccf16cfe82fcd55f94</sum></package><package arch="i686" name="libsepol-static" release="8.1.sl7" src="libsepol-2.5-8.1.sl7.src.rpm" version="2.5"><filename>libsepol-static-2.5-8.1.sl7.i686.rpm</filename><sum type="sha256">17b018cf1ea5eb835f9fb83d5568789163721a785c780d5ca2319f9fc0a3ee5c</sum></package><package arch="i686" name="libsepol-devel" release="8.1.sl7" src="libsepol-2.5-8.1.sl7.src.rpm" version="2.5"><filename>libsepol-devel-2.5-8.1.sl7.i686.rpm</filename><sum type="sha256">7789fa2800a6cbac8c6c3af4719b0735b618c1fb036df936e8f9280b034518d8</sum></package><package arch="x86_64" name="libselinux" release="12.sl7" src="libselinux-2.5-12.sl7.src.rpm" version="2.5"><filename>libselinux-2.5-12.sl7.x86_64.rpm</filename><sum type="sha256">c430435e5b62f26ab36e7dfec7ecebd1863361fb4e5b0d8a21626f0068098020</sum></package><package arch="x86_64" name="policycoreutils-newrole" release="22.sl7" src="policycoreutils-2.5-22.sl7.src.rpm" version="2.5"><filename>policycoreutils-newrole-2.5-22.sl7.x86_64.rpm</filename><sum type="sha256">9d50545fe0ed553b53c1239809106685847cef58c7e62c11847259a89e5dde2c</sum></package><package arch="x86_64" name="policycoreutils-python" release="22.sl7" src="policycoreutils-2.5-22.sl7.src.rpm" version="2.5"><filename>policycoreutils-python-2.5-22.sl7.x86_64.rpm</filename><sum type="sha256">7f193e44b5c1136ac16b28e8320e1688a64be7a4d948b54f78c35d446fe3ea3b</sum></package><package arch="x86_64" name="libsepol-devel" release="8.1.sl7" src="libsepol-2.5-8.1.sl7.src.rpm" version="2.5"><filename>libsepol-devel-2.5-8.1.sl7.x86_64.rpm</filename><sum type="sha256">2e140a4109bbba687b5f50833730d5a49e5f744efe5185dc28141ad8bacf3eb7</sum></package><package arch="x86_64" name="libselinux-utils" release="12.sl7" src="libselinux-2.5-12.sl7.src.rpm" version="2.5"><filename>libselinux-utils-2.5-12.sl7.x86_64.rpm</filename><sum type="sha256">e49940a2b9a2dc431965ffa59e006c635e72705fb4c756c1924cbc990f09b9bb</sum></package><package arch="x86_64" name="policycoreutils-gui" release="22.sl7" src="policycoreutils-2.5-22.sl7.src.rpm" version="2.5"><filename>policycoreutils-gui-2.5-22.sl7.x86_64.rpm</filename><sum type="sha256">6a455e91533694bf8b4482089227d96065ced4d2adb7c361fb940293abd007c7</sum></package><package arch="x86_64" name="policycoreutils-restorecond" release="22.sl7" src="policycoreutils-2.5-22.sl7.src.rpm" version="2.5"><filename>policycoreutils-restorecond-2.5-22.sl7.x86_64.rpm</filename><sum type="sha256">c31f6b51a3872ff9f0699eb586dcd326afde70bd43c48cdc32ce17fe972a7968</sum></package><package arch="x86_64" name="libsemanage" release="11.sl7" src="libsemanage-2.5-11.sl7.src.rpm" version="2.5"><filename>libsemanage-2.5-11.sl7.x86_64.rpm</filename><sum type="sha256">d925642fc606989401822d188eaba437a0747b50d64b018b86ecff2ab6b3d82c</sum></package><package arch="x86_64" name="libselinux-static" release="12.sl7" src="libselinux-2.5-12.sl7.src.rpm" version="2.5"><filename>libselinux-static-2.5-12.sl7.x86_64.rpm</filename><sum type="sha256">78cd6f8a22b4b25bc7aade0271291b3a3eb7f9e1167dd2b60196c3aa82ccd177</sum></package><package arch="x86_64" name="libsemanage-static" release="11.sl7" src="libsemanage-2.5-11.sl7.src.rpm" version="2.5"><filename>libsemanage-static-2.5-11.sl7.x86_64.rpm</filename><sum type="sha256">d9b94f28b0d6bf3a002ea6e149b5327296dc949f515125b3c3c6056212097217</sum></package><package arch="i686" name="libselinux-static" release="12.sl7" src="libselinux-2.5-12.sl7.src.rpm" version="2.5"><filename>libselinux-static-2.5-12.sl7.i686.rpm</filename><sum type="sha256">35a13c016be2797bb67f846d619a3423bc5fe6181e705a7be89e017427efa21e</sum></package><package arch="x86_64" name="libsepol-static" release="8.1.sl7" src="libsepol-2.5-8.1.sl7.src.rpm" version="2.5"><filename>libsepol-static-2.5-8.1.sl7.x86_64.rpm</filename><sum type="sha256">d3cae6f9428529231b7603df1096f74f5d86c77d2d7cb82c1ed055e74b3ac735</sum></package></collection></pkglist><references /></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="bugfix" version="1.4"><id>SLBA-2018:1059-1</id><title>Selinux-Policy Bug Fix Update</title><description>* Prior to this update, a rule for the Snapper module was missing in the SELinux policy. Consequently, the snapperd daemon was not able to unmount a file system. With this update, the missing rule has been added to the selinux-policy packages, and snapperd is now able to unmount a file system with SELinux in enforcing mode.</description><severity>none</severity><release>Scientific Linux</release><issued date="2018-04-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="noarch" name="selinux-policy-sandbox" release="192.el7_5.3" src="selinux-policy-3.13.1-192.el7_5.3.src.rpm" version="3.13.1"><filename>selinux-policy-sandbox-3.13.1-192.el7_5.3.noarch.rpm</filename><sum type="sha256">245d2bc6b2585dd90b0c0fd8048c778e3f3dfee0af3eff011aa85d393dbb98c4</sum></package><package arch="noarch" name="selinux-policy-devel" release="192.el7_5.3" src="selinux-policy-3.13.1-192.el7_5.3.src.rpm" version="3.13.1"><filename>selinux-policy-devel-3.13.1-192.el7_5.3.noarch.rpm</filename><sum type="sha256">7d3057b58e4c4f659ab97cc2ce0a18175cc57e7eb2df82df0f2bed6d60deb04c</sum></package><package arch="noarch" name="selinux-policy-minimum" release="192.el7_5.3" src="selinux-policy-3.13.1-192.el7_5.3.src.rpm" version="3.13.1"><filename>selinux-policy-minimum-3.13.1-192.el7_5.3.noarch.rpm</filename><sum type="sha256">b53a93685bd3684a91c8297f61982ce8ee36ddef0833c5851776ed73dfc913b9</sum></package><package arch="noarch" name="selinux-policy-targeted" release="192.el7_5.3" src="selinux-policy-3.13.1-192.el7_5.3.src.rpm" version="3.13.1"><filename>selinux-policy-targeted-3.13.1-192.el7_5.3.noarch.rpm</filename><sum type="sha256">458ed222a80ad401934612441ecafdfbe877bf130ea4988b2443f57e50531f11</sum></package><package arch="noarch" name="selinux-policy-mls" release="192.el7_5.3" src="selinux-policy-3.13.1-192.el7_5.3.src.rpm" version="3.13.1"><filename>selinux-policy-mls-3.13.1-192.el7_5.3.noarch.rpm</filename><sum type="sha256">d251e6a67d63ef7c543c6f26390de4255468303c32729da98706296e4f67fc32</sum></package><package arch="noarch" name="selinux-policy-doc" release="192.el7_5.3" src="selinux-policy-3.13.1-192.el7_5.3.src.rpm" version="3.13.1"><filename>selinux-policy-doc-3.13.1-192.el7_5.3.noarch.rpm</filename><sum type="sha256">6f036054db119803dd713d5cd0e0bca891c00a5b55636901dd54418cffc29af5</sum></package><package arch="noarch" name="selinux-policy" release="192.el7_5.3" src="selinux-policy-3.13.1-192.el7_5.3.src.rpm" version="3.13.1"><filename>selinux-policy-3.13.1-192.el7_5.3.noarch.rpm</filename><sum type="sha256">1498d2c04a43c6430baa3a480639cc7f7f5af6aad25a5a09ff7014d6c96b8035</sum></package></collection></pkglist><references><reference href="https://access.redhat.com/errata/RHBA-2018:1059" id="RHBA-2018:1059-1" title="Rhba-2018:1059-1" type="self" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1558656" id="1558656" title="Selinux Is Preventing /Usr/Sbin/Snapperd From Mounton Access [Rhel-7.5.Z]" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1561424" id="1561424" title="Selinux Is Preventing Snapperd From Unmount Access On The Filesystem [Rhel-7.5.Z]" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="bugfix" version="1.4"><id>SLBA-2018:1276-1</id><title>Copy-Jdk-Configs Bug Fix Update</title><description /><release>Scientific Linux</release><issued date="2018-05-03 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="noarch" name="copy-jdk-configs" release="10.el7_5" src="copy-jdk-configs-3.3-10.el7_5.src.rpm" version="3.3"><filename>copy-jdk-configs-3.3-10.el7_5.noarch.rpm</filename><sum type="sha256">ca07c882253764becf23d5e861c3557beb73252e4e0116a9cd36099bef4a36ef</sum></package></collection></pkglist><references><reference href="https://access.redhat.com/errata/RHBA-2018:1276" id="RHBA-2018:1276-1" title="Rhba-2018:1276-1" type="self" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1571854" id="1571854" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="bugfix" version="1.4"><id>SLBA-2018:1339-1</id><title>Tzdata Enhancement Update</title><description>* In this update, the upstream project now defaults to using the "vanguard" data implementation which includes negative DST offsets. However, we are continuing to provide the "rearguard" format for data which does not use negative DST offsets to provide better compatibility with existing tools.  We intend to transition to the "vanguard" data implementation in the future.</description><release>Scientific Linux</release><issued date="2018-05-08 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="noarch" name="tzdata" release="3.el7" src="tzdata-2018e-3.el7.src.rpm" version="2018e"><filename>tzdata-2018e-3.el7.noarch.rpm</filename><sum type="sha256">cebba6c918562b8b32aaac0f4b313318ae4248dfa4359d3b40d916e35e87f27b</sum></package><package arch="noarch" name="tzdata-java" release="3.el7" src="tzdata-2018e-3.el7.src.rpm" version="2018e"><filename>tzdata-java-2018e-3.el7.noarch.rpm</filename><sum type="sha256">0cb52d5381c538ef77efe148ef364849a22d533716ea5d5435e1ea637431a4b7</sum></package></collection></pkglist><references><reference href="https://access.redhat.com/errata/RHBA-2018:1339" id="RHBA-2018:1339-1" title="Rhba-2018:1339-1" type="self" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1573295" id="1573295" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1574925" id="1574925" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1574928" id="1574928" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="bugfix" version="1.4"><id>SLBA-2018:1989-1</id><title>Jss Bug Fix Update</title><description>This update fixes the following bug:

* Previously, the ECDSA with SHA* signature Algorithm ID in Java Security Services (JSS) allowed for NULL parameter. As a consequence, the certificates did not conform with RFC 5758. The problem has been fixed. As a result, JSS works as expected.</description><severity>none</severity><release>Scientific Linux</release><issued date="2018-06-26 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="jss" release="12.el7_5" src="jss-4.4.0-12.el7_5.src.rpm" version="4.4.0"><filename>jss-4.4.0-12.el7_5.x86_64.rpm</filename><sum type="sha256">1b263bf56a21d617b81b8ca81cbbee366ddf34f774ed253408160750d5d4f09b</sum></package><package arch="x86_64" name="jss-javadoc" release="12.el7_5" src="jss-4.4.0-12.el7_5.src.rpm" version="4.4.0"><filename>jss-javadoc-4.4.0-12.el7_5.x86_64.rpm</filename><sum type="sha256">da76fcba9567c7ddecfb0f6150313795715dad487c00b88d4c1ae4ba610dac91</sum></package></collection></pkglist><references><reference href="https://access.redhat.com/errata/RHBA-2018:1989" id="RHBA-2018:1989-1" title="Rhba-2018:1989-1" type="self" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1579202" id="1579202" title="Jss Has Wrong Encoding For Ecdsa With Sha* Algorithmidentifier [Rhel-7.5.Z]" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="enhancement" version="1.4"><id>SLEA-2018:1376-1</id><title>Nspr, Nss-Util, Nss-Softokn, And Nss Bug Fix And Enhancement Update</title><description>* The nspr packages have been upgraded to upstream version 4.19.</description><release>Scientific Linux</release><issued date="2018-05-22 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="nss-util" release="1.el7_5" src="nss-util-3.36.0-1.el7_5.src.rpm" version="3.36.0"><filename>nss-util-3.36.0-1.el7_5.x86_64.rpm</filename><sum type="sha256">f287602e907de480b4e945a8de2ec06831f1eaa9984b463fc18c2880d135f9a1</sum></package><package arch="i686" name="nss-util" release="1.el7_5" src="nss-util-3.36.0-1.el7_5.src.rpm" version="3.36.0"><filename>nss-util-3.36.0-1.el7_5.i686.rpm</filename><sum type="sha256">5c1b9d3c5718f5a995ffd86b94704c64c28e97aae5602712e5372a02124a5496</sum></package><package arch="x86_64" name="nss-sysinit" release="5.el7_5" src="nss-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-sysinit-3.36.0-5.el7_5.x86_64.rpm</filename><sum type="sha256">40b53ec4afe52d43f5fe88b86f50013f9be2dd75010f72d35710567eb1ae5bb4</sum></package><package arch="x86_64" name="nspr" release="1.el7_5" src="nspr-4.19.0-1.el7_5.src.rpm" version="4.19.0"><filename>nspr-4.19.0-1.el7_5.x86_64.rpm</filename><sum type="sha256">54eae8421d7029c75559e78c2720654ef8081d3fcd3e5d67721d2b84994ad735</sum></package><package arch="i686" name="nss-softokn-freebl-devel" release="5.el7_5" src="nss-softokn-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-softokn-freebl-devel-3.36.0-5.el7_5.i686.rpm</filename><sum type="sha256">aa07d2954d2f1214a201c4b252255fccfab0e3b53070b8f638dd36f5c1854abf</sum></package><package arch="i686" name="nss-softokn" release="5.el7_5" src="nss-softokn-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-softokn-3.36.0-5.el7_5.i686.rpm</filename><sum type="sha256">49f78448342408ac78b61f7b61383187879e9ff46ca3bb5ba1e0bd1dc33c6760</sum></package><package arch="i686" name="nss-softokn-devel" release="5.el7_5" src="nss-softokn-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-softokn-devel-3.36.0-5.el7_5.i686.rpm</filename><sum type="sha256">32344b97b5a8efa338671ec41b6d22da53a4709c69c239226746b570ed3ec70f</sum></package><package arch="i686" name="nspr-devel" release="1.el7_5" src="nspr-4.19.0-1.el7_5.src.rpm" version="4.19.0"><filename>nspr-devel-4.19.0-1.el7_5.i686.rpm</filename><sum type="sha256">d9d38f1e727c1773e96a580e539cbe4aabb005d3fec5ba17f81365d4e714187d</sum></package><package arch="x86_64" name="nss-util-devel" release="1.el7_5" src="nss-util-3.36.0-1.el7_5.src.rpm" version="3.36.0"><filename>nss-util-devel-3.36.0-1.el7_5.x86_64.rpm</filename><sum type="sha256">babc31b34ac38e5e7614b4a002a0dbc48364d3a009d277520f62fd3fbf409a7e</sum></package><package arch="x86_64" name="nss-devel" release="5.el7_5" src="nss-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-devel-3.36.0-5.el7_5.x86_64.rpm</filename><sum type="sha256">c795eaf51dca313c115bad5fad264965b192e948b1dd7016d315dc758e9fbd72</sum></package><package arch="i686" name="nss-util-devel" release="1.el7_5" src="nss-util-3.36.0-1.el7_5.src.rpm" version="3.36.0"><filename>nss-util-devel-3.36.0-1.el7_5.i686.rpm</filename><sum type="sha256">04ef419ca197595150ce5f2698ae277bc5a8463210784608b604f13a83e31d3d</sum></package><package arch="x86_64" name="nss-softokn-freebl" release="5.el7_5" src="nss-softokn-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-softokn-freebl-3.36.0-5.el7_5.x86_64.rpm</filename><sum type="sha256">5bc50153c42028c45060c1dbf9c535228443568b3e5c3ffb8e0ed8293b4d358a</sum></package><package arch="x86_64" name="nss-softokn" release="5.el7_5" src="nss-softokn-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-softokn-3.36.0-5.el7_5.x86_64.rpm</filename><sum type="sha256">c908b72ec503161a40292eb684e2aae92b32986d20b0b0351810bf4afe0c0ea0</sum></package><package arch="i686" name="nss-devel" release="5.el7_5" src="nss-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-devel-3.36.0-5.el7_5.i686.rpm</filename><sum type="sha256">2f120dddf23fca37bd8cb9e6e7df189f02d6134915e26e59c436dffab81da02b</sum></package><package arch="i686" name="nspr" release="1.el7_5" src="nspr-4.19.0-1.el7_5.src.rpm" version="4.19.0"><filename>nspr-4.19.0-1.el7_5.i686.rpm</filename><sum type="sha256">322552f695442dac0c417f60f1ee12522d85e021398d85dd6e0c91b1dd84cf27</sum></package><package arch="x86_64" name="nspr-devel" release="1.el7_5" src="nspr-4.19.0-1.el7_5.src.rpm" version="4.19.0"><filename>nspr-devel-4.19.0-1.el7_5.x86_64.rpm</filename><sum type="sha256">412e7ef7598ec1183cfbc5eea164c7ab52d1bc7369a2d5c82e7e2b4f291e681f</sum></package><package arch="x86_64" name="nss-softokn-freebl-devel" release="5.el7_5" src="nss-softokn-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-softokn-freebl-devel-3.36.0-5.el7_5.x86_64.rpm</filename><sum type="sha256">2b77fb46485a686e680da3a8da90f7168360a9014e51068361bfab2d3e988332</sum></package><package arch="i686" name="nss-pkcs11-devel" release="5.el7_5" src="nss-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-pkcs11-devel-3.36.0-5.el7_5.i686.rpm</filename><sum type="sha256">d660b206fc5b94d1f8a6a8f42e4bab265e407cd2f701148c8991572865135f82</sum></package><package arch="x86_64" name="nss-softokn-devel" release="5.el7_5" src="nss-softokn-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-softokn-devel-3.36.0-5.el7_5.x86_64.rpm</filename><sum type="sha256">3593246f689eba998b13558efc5480ee452b26c0459a50cba4bd5ca31f8fe4ff</sum></package><package arch="i686" name="nss-softokn-freebl" release="5.el7_5" src="nss-softokn-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-softokn-freebl-3.36.0-5.el7_5.i686.rpm</filename><sum type="sha256">d0288618da287486c2db041e8ed35d0e3a2efcb5fc65b82ac27196e8c7815b71</sum></package><package arch="i686" name="nss" release="5.el7_5" src="nss-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-3.36.0-5.el7_5.i686.rpm</filename><sum type="sha256">b692971233c4f0592cee13ca122849be45e2c1f393295a09503e6393d1b1b3f1</sum></package><package arch="x86_64" name="nss-pkcs11-devel" release="5.el7_5" src="nss-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-pkcs11-devel-3.36.0-5.el7_5.x86_64.rpm</filename><sum type="sha256">4daa7aaafe2555c492f445bc33a4842f102b5339312118046669f8bd5ab6f649</sum></package><package arch="x86_64" name="nss" release="5.el7_5" src="nss-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-3.36.0-5.el7_5.x86_64.rpm</filename><sum type="sha256">1e091cc94ece0d386ccef9ddc06e75253cb097aa0c1decdd2b532974c5acb529</sum></package><package arch="x86_64" name="nss-tools" release="5.el7_5" src="nss-3.36.0-5.el7_5.src.rpm" version="3.36.0"><filename>nss-tools-3.36.0-5.el7_5.x86_64.rpm</filename><sum type="sha256">71a5d9886c7db37881568f127b87861e930da5057228f9be1bc6efbed42469ca</sum></package></collection></pkglist><references><reference href="https://access.redhat.com/errata/RHEA-2018:1376" id="RHEA-2018:1376-1" title="Rhea-2018:1376-1" type="self" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="enhancement" version="1.4"><id>SLEA-2018:1581-1</id><title>Microcode_Ctl Bug Fix And Enhancement Update</title><description /><release>Scientific Linux</release><issued date="2018-05-22 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="2" name="microcode_ctl" release="29.2.el7_5" src="microcode_ctl-2.1-29.2.el7_5.src.rpm" version="2.1"><filename>microcode_ctl-2.1-29.2.el7_5.x86_64.rpm</filename><sum type="sha256">de36a7ccf7f6f1a9c4e28bac6ef5efc1a5b4b5f2a39b6ac02d5a7aba8da97d35</sum></package></collection></pkglist><references><reference href="https://access.redhat.com/errata/RHEA-2018:1581" id="RHEA-2018:1581-1" title="Rhea-2018:1581-1" type="self" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1055-1</id><title>Libvncserver</title><description>Security Fix(es): 
* libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c (CVE-2018-7225)</description><severity>moderate</severity><release>Scientific Linux</release><issued date="2018-04-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="libvncserver" release="12.el7_5" src="libvncserver-0.9.9-12.el7_5.src.rpm" version="0.9.9"><filename>libvncserver-0.9.9-12.el7_5.x86_64.rpm</filename><sum type="sha256">b95f5623842b5467972deadf729abd055f8afb8cd4f397dcca7d66e99592ae29</sum></package><package arch="x86_64" name="libvncserver-devel" release="12.el7_5" src="libvncserver-0.9.9-12.el7_5.src.rpm" version="0.9.9"><filename>libvncserver-devel-0.9.9-12.el7_5.x86_64.rpm</filename><sum type="sha256">d6c1b929c08220019342f628e8c49f04c1900a905bf7127d24923606ab87666f</sum></package><package arch="i686" name="libvncserver-devel" release="12.el7_5" src="libvncserver-0.9.9-12.el7_5.src.rpm" version="0.9.9"><filename>libvncserver-devel-0.9.9-12.el7_5.i686.rpm</filename><sum type="sha256">fc99335fce3d945ceb4923974523a10ac68e10922fa33d015a421955336b32db</sum></package><package arch="i686" name="libvncserver" release="12.el7_5" src="libvncserver-0.9.9-12.el7_5.src.rpm" version="0.9.9"><filename>libvncserver-0.9.9-12.el7_5.i686.rpm</filename><sum type="sha256">737d9be599f73f2ad7595d213aba176d031043602699afa5612f2d302f3cc231</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7225" id="CVE-2018-7225" title="Libvncserver: Improper Input Sanitization In Rfbprocessclientnormalmessage In Rfbserver.C" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1055" id="RHSA-2018:1055-1" title="Rhsa-2018:1055-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#moderate" id="moderate" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1546858" id="1546858" title="Libvncserver: Improper Input Sanitization In Rfbprocessclientnormalmessage In Rfbserver.C" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1060-1</id><title>Pcs</title><description>Security Fix(es): 
* pcs: Privilege escalation via authorized user malicious REST call (CVE-2018-1079) 
* pcs: Debug parameter removal bypass, allowing information disclosure (CVE-2018-1086) 
* rack-protection: Timing attack in authenticity_token.rb (CVE-2018-1000119)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-04-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="pcs" release="5.sl7_5.1" src="pcs-0.9.162-5.sl7_5.1.src.rpm" version="0.9.162"><filename>pcs-0.9.162-5.sl7_5.1.x86_64.rpm</filename><sum type="sha256">6979cdba92ece64ef19654a54ceb3c5d1bba7b278915fd7c1040837441d93ed8</sum></package><package arch="x86_64" name="pcs-snmp" release="5.sl7_5.1" src="pcs-0.9.162-5.sl7_5.1.src.rpm" version="0.9.162"><filename>pcs-snmp-0.9.162-5.sl7_5.1.x86_64.rpm</filename><sum type="sha256">e65088acd2df1f73b55b4894de9cc29fe4c3bd66158e49e5652c8b37ca128e51</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000119" id="CVE-2018-1000119" title="Rack-Protection: Timing Attack In Authenticity_Token.Rb" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1079" id="CVE-2018-1079" title="Pcs: Privilege Escalation Via Authorized User Malicious Rest Call" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1086" id="CVE-2018-1086" title="Pcs: Debug Parameter Removal Bypass, Allowing Information Disclosure" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1060" id="RHSA-2018:1060-1" title="Rhsa-2018:1060-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1534027" id="1534027" title="Rack-Protection: Timing Attack In Authenticity_Token.Rb" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1550243" id="1550243" title="Pcs: Privilege Escalation Via Authorized User Malicious Rest Call" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1557366" id="1557366" title="Pcs: Debug Parameter Removal Bypass, Allowing Information Disclosure" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1099-1</id><title>Firefox</title><description>This update upgrades Firefox to version 52.7.3 ESR. 
Security Fix(es): 
* firefox: Use-after-free in compositor potentially allows code execution (CVE-2018-5148)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-04-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="firefox" release="1.el7_5" src="firefox-52.7.3-1.el7_5.src.rpm" version="52.7.3"><filename>firefox-52.7.3-1.el7_5.x86_64.rpm</filename><sum type="sha256">2cc407d08ccb4711df7a3d9564aaa969de2f42ce167cf3cfcdc36e7b11b92975</sum></package><package arch="i686" name="firefox" release="1.el7_5" src="firefox-52.7.3-1.el7_5.src.rpm" version="52.7.3"><filename>firefox-52.7.3-1.el7_5.i686.rpm</filename><sum type="sha256">071ff38d63c8866ce6177a77b809208f2c03dd8cad69902afcbd201fb266e694</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5148" id="CVE-2018-5148" title="Firefox: Use-After-Free In Compositor Potentially Allows Code Execution" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1099" id="RHSA-2018:1099-1" title="Rhsa-2018:1099-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1560928" id="1560928" title="Firefox: Use-After-Free In Compositor Potentially Allows Code Execution" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1169-1</id><title>Corosync</title><description>Security Fix(es): 
* corosync: Integer overflow in exec/totemcrypto.c:authenticate_nss_2_3() function (CVE-2018-1084)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-04-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="corosynclib-devel" release="2.el7_5.1" src="corosync-2.4.3-2.el7_5.1.src.rpm" version="2.4.3"><filename>corosynclib-devel-2.4.3-2.el7_5.1.x86_64.rpm</filename><sum type="sha256">56669ca0e7bd499937c09bd701abc65b49da3a579249137ea18c187c5fd60eef</sum></package><package arch="x86_64" name="corosynclib" release="2.el7_5.1" src="corosync-2.4.3-2.el7_5.1.src.rpm" version="2.4.3"><filename>corosynclib-2.4.3-2.el7_5.1.x86_64.rpm</filename><sum type="sha256">b0604ae15d7e45296079a2c29176f99b8f804f33103bfe52b6cc8803bf2304f6</sum></package><package arch="i686" name="corosynclib-devel" release="2.el7_5.1" src="corosync-2.4.3-2.el7_5.1.src.rpm" version="2.4.3"><filename>corosynclib-devel-2.4.3-2.el7_5.1.i686.rpm</filename><sum type="sha256">edc2660d6cc89435d074a97040a62a5aa292240f01047c971633665d31079182</sum></package><package arch="x86_64" name="corosync-qdevice" release="2.el7_5.1" src="corosync-2.4.3-2.el7_5.1.src.rpm" version="2.4.3"><filename>corosync-qdevice-2.4.3-2.el7_5.1.x86_64.rpm</filename><sum type="sha256">cd1979538ab68c1ae1a1648dc09d5354c36475cdf0ccfa9256b5534935e0a067</sum></package><package arch="x86_64" name="corosync-qnetd" release="2.el7_5.1" src="corosync-2.4.3-2.el7_5.1.src.rpm" version="2.4.3"><filename>corosync-qnetd-2.4.3-2.el7_5.1.x86_64.rpm</filename><sum type="sha256">a1a381e8d94a3196d07a4ee45076d65d010c6754d63f49ea348d3626db99abc0</sum></package><package arch="i686" name="corosynclib" release="2.el7_5.1" src="corosync-2.4.3-2.el7_5.1.src.rpm" version="2.4.3"><filename>corosynclib-2.4.3-2.el7_5.1.i686.rpm</filename><sum type="sha256">e6469af5a326000f6184abe8523d1446e8991f053571b053c0ae120797d85883</sum></package><package arch="x86_64" name="corosync" release="2.el7_5.1" src="corosync-2.4.3-2.el7_5.1.src.rpm" version="2.4.3"><filename>corosync-2.4.3-2.el7_5.1.x86_64.rpm</filename><sum type="sha256">b8bf78232312631929cc84da8fa9b98d6ef8366fe600360ebc76b00fdeb910d6</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1084" id="CVE-2018-1084" title="Corosync: Integer Overflow In Exec/Totemcrypto.C:Authenticate_Nss_2_3() Function" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1169" id="RHSA-2018:1169-1" title="Rhsa-2018:1169-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1552830" id="1552830" title="Corosync: Integer Overflow In Exec/Totemcrypto.C:Authenticate_Nss_2_3() Function" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1191-1</id><title>Java-1.8.0-Openjdk</title><description>Security Fix(es): 
* OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass (Hotspot, 8192025) (CVE-2018-2814) 
* OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997) (CVE-2018-2794) 
* OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977) (CVE-2018-2795) 
* OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981) (CVE-2018-2796) 
* OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985) (CVE-2018-2797) 
* OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989) (CVE-2018-2798) 
* OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993) (CVE-2018-2799) 
* OpenJDK: RMI HTTP transport enabled by default (RMI, 8193833) (CVE-2018-2800) 
* OpenJDK: unbounded memory allocation during deserialization in StubIORImpl (Serialization, 8192757) (CVE-2018-2815) 
* OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969) (CVE-2018-2790) 
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.</description><severity>critical</severity><release>Scientific Linux</release><issued date="2018-04-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="i686" epoch="1" name="java-1.8.0-openjdk-headless-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-headless-debug-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">dd1162183e2263a79b6ee489827c7b8d8420026d36cc022e16e710c1a1631c96</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-src-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-src-debug-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">bfc3a546a42314ab9f23f6459983e3c0f9754c0014970803270c2c354843a31b</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-javadoc-zip-1.8.0.171-7.b10.el7.noarch.rpm</filename><sum type="sha256">d70b5197f7e19c50d12922568dd459c8f34b2f6d3063ac81742b0b25aa042d23</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-demo-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-demo-debug-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">0febe62191b73dfae5ac9f697aa23118428595f9b4bfa804d67ad61728936545</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-debug-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">d4eee179095edfea0b7548a0ee9066ebf476d9107f42615d8788fc6be3da9d28</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-demo-debug-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">bf876f7980e9cf1231eb5363c47faef771c6f880bc00df2fcb0905414b9208df</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-accessibility-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">80a2ff5b50740b246fbb3fedca09724f00921814ce2f57af9cc77160084d393e</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-accessibility-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-accessibility-debug-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">0414a83f155d515f203f45b7f7108ad3ed57e1717e4d42bedcf67be215f2ae9e</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-devel-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">0f4d55e20e1661ffdddc81cd8f69ad58c6b4bb36fa7e2f8f46bdee5629a1a292</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-src-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">6188daeac7e0ef27a14f5569f8c0055ed0bef42d3b60e224c78988e440d85990</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">7309b8009d6fb87fe2e3ae2d6f7414a72c1b15b1af16a64f89942a61d212dc5a</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-debug-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">fc76914914bfefde5b678a28769734cae4b636b6edfee6d3b14159fd5336009d</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-devel-debug-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">f132e7896361bcf6cf33fcfa55bef55addc2bbb2fd29dc865de7749f6457f0df</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-devel-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-devel-debug-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">5eefcb76a1b397482321d524f0fdaa5d84905b75777d285686767aef798c2bc2</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">c790944ba36ef80e73989e7f4e2f9577b69c40b906c284d408b98a893803dc5b</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.171-7.b10.el7.noarch.rpm</filename><sum type="sha256">44004391fccab5cc3bf84c4b55f8b9d90db67d6997a249a9a14635224e3fc296</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-demo" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-demo-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">fe344b011768922e793aa9b8a7bba8cae4d9d3317a7ade9b318c351be589e174</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-javadoc-1.8.0.171-7.b10.el7.noarch.rpm</filename><sum type="sha256">35eb6f88fa190e751d796de3426b3d64b1da83d89e361fd6602cdcfa6e740512</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-demo-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">3e72bcef0d3341eb61813833fff1149656d0c47299deeb79670a4cc27e9b3834</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-src-debug-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">88d8b2d136b7b38ddfba5ca4c259d89da0d378e9a20a38e6d758cb67805379e2</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-accessibility" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-accessibility-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">2ecefe6ebeb5ba52962ac095cb004559f498a6fd0795aa6461b841009123bf64</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-src" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-src-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">468d1e5841308dbb45b1931dda51f3c1afd76d8fc239d198ae08d717ddc72bba</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-accessibility-debug-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">51b71c800a873eacb061ed964397c47498f82eaf2d9b18a2811188949b88701d</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-headless-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">59c6e44a2fc3ec3d457b2166e1f5883241de596304a36416806e037883f0b50e</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-devel" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-devel-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">104899796257032ecaad8a3105dab00290d5302afd2053935f1464292af1901d</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-headless-debug-1.8.0.171-7.b10.el7.x86_64.rpm</filename><sum type="sha256">4cbec44fd6369c731d3123f2f5cee08f84ccffbd658cf5f9fd0568655898a60e</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-headless" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-headless-1.8.0.171-7.b10.el7.i686.rpm</filename><sum type="sha256">d98723798e217b04f5ca31519ad92059dc73d037a7da623cf34d1e70e060dc21</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-debug" release="7.b10.el7" src="java-1.8.0-openjdk-1.8.0.171-7.b10.el7.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-javadoc-debug-1.8.0.171-7.b10.el7.noarch.rpm</filename><sum type="sha256">04f083a1042ef9fe8ebf52a744109d856e12db788680d2398ea4f9cb955f4826</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2790" id="CVE-2018-2790" title="Openjdk: Incorrect Merging Of Sections In The Jar Manifest (Security, 8189969)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2794" id="CVE-2018-2794" title="Openjdk: Unrestricted Deserialization Of Data From Jceks Key Stores (Security, 8189997)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2795" id="CVE-2018-2795" title="Openjdk: Insufficient Consistency Checks In Deserialization Of Multiple Classes (Security, 8189977)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2796" id="CVE-2018-2796" title="Openjdk: Unbounded Memory Allocation During Deserialization In Priorityblockingqueue (Concurrency, 8189981)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2797" id="CVE-2018-2797" title="Openjdk: Unbounded Memory Allocation During Deserialization In Tabulardatasupport (Jmx, 8189985)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2798" id="CVE-2018-2798" title="Openjdk: Unbounded Memory Allocation During Deserialization In Container (Awt, 8189989)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2799" id="CVE-2018-2799" title="Openjdk: Unbounded Memory Allocation During Deserialization In Namednodemapimpl (Jaxp, 8189993)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2800" id="CVE-2018-2800" title="Openjdk: Rmi Http Transport Enabled By Default (Rmi, 8193833)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2814" id="CVE-2018-2814" title="Openjdk: Incorrect Handling Of Reference Clones Can Lead To Sandbox Bypass (Hotspot, 8192025)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2815" id="CVE-2018-2815" title="Openjdk: Unbounded Memory Allocation During Deserialization In Stubiorimpl (Serialization, 8192757)" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1191" id="RHSA-2018:1191-1" title="Rhsa-2018:1191-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#critical" id="critical" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567121" id="1567121" title="Openjdk: Incorrect Handling Of Reference Clones Can Lead To Sandbox Bypass (Hotspot, 8192025)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567126" id="1567126" title="Openjdk: Unrestricted Deserialization Of Data From Jceks Key Stores (Security, 8189997)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567351" id="1567351" title="Openjdk: Insufficient Consistency Checks In Deserialization Of Multiple Classes (Security, 8189977)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567537" id="1567537" title="Openjdk: Unbounded Memory Allocation During Deserialization In Stubiorimpl (Serialization, 8192757)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567542" id="1567542" title="Openjdk: Unbounded Memory Allocation During Deserialization In Namednodemapimpl (Jaxp, 8189993)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567543" id="1567543" title="Openjdk: Unbounded Memory Allocation During Deserialization In Container (Awt, 8189989)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567545" id="1567545" title="Openjdk: Unbounded Memory Allocation During Deserialization In Tabulardatasupport (Jmx, 8189985)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567546" id="1567546" title="Openjdk: Unbounded Memory Allocation During Deserialization In Priorityblockingqueue (Concurrency, 8189981)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568163" id="1568163" title="Openjdk: Rmi Http Transport Enabled By Default (Rmi, 8193833)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568515" id="1568515" title="Openjdk: Incorrect Merging Of Sections In The Jar Manifest (Security, 8189969)" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1200-1</id><title>Patch</title><description>Patch should be installed because it is a common way of upgrading applications. 
Security Fix(es): 
* patch: Malicious patch files cause ed to execute arbitrary commands (CVE-2018-1000156)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-04-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="patch" release="10.el7_5" src="patch-2.7.1-10.el7_5.src.rpm" version="2.7.1"><filename>patch-2.7.1-10.el7_5.x86_64.rpm</filename><sum type="sha256">1bf9c0f1a233c1f8e9256e7df8d5c5683b9093b2c779d48f86f9e5c98f95d7ef</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000156" id="CVE-2018-1000156" title="Patch: Malicious Patch Files Cause Ed To Execute Arbitrary Commands" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1200" id="RHSA-2018:1200-1" title="Rhsa-2018:1200-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1564326" id="1564326" title="Patch: Malicious Patch Files Cause Ed To Execute Arbitrary Commands" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1223-1</id><title>Librelp</title><description>Security Fix(es): 
* librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c (CVE-2018-1000140)</description><severity>critical</severity><release>Scientific Linux</release><issued date="2018-04-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="i686" name="librelp-devel" release="1.el7_5.1" src="librelp-1.2.12-1.el7_5.1.src.rpm" version="1.2.12"><filename>librelp-devel-1.2.12-1.el7_5.1.i686.rpm</filename><sum type="sha256">c736f758a0978b7604a8c8971fce5e4d041f11a7203487532b5d229bf59a79dc</sum></package><package arch="x86_64" name="librelp" release="1.el7_5.1" src="librelp-1.2.12-1.el7_5.1.src.rpm" version="1.2.12"><filename>librelp-1.2.12-1.el7_5.1.x86_64.rpm</filename><sum type="sha256">5f5bc431e27e21f7e06f6c16022b4335cef8a14dc737e35202ed211c0e09c06c</sum></package><package arch="x86_64" name="librelp-devel" release="1.el7_5.1" src="librelp-1.2.12-1.el7_5.1.src.rpm" version="1.2.12"><filename>librelp-devel-1.2.12-1.el7_5.1.x86_64.rpm</filename><sum type="sha256">a2a03251afcffeff0f70601ad152f5cfc11dbcdab22149299aecea8eb44c7bd7</sum></package><package arch="i686" name="librelp" release="1.el7_5.1" src="librelp-1.2.12-1.el7_5.1.src.rpm" version="1.2.12"><filename>librelp-1.2.12-1.el7_5.1.i686.rpm</filename><sum type="sha256">ed70fcd8412755bfb4f98e2e35976d8a1f3dd2fee607b96daf10696c77dad08b</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000140" id="CVE-2018-1000140" title="Librelp: Stack-Based Buffer Overflow In Relptcpchkpeername Function In Src/Tcp.C" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1223" id="RHSA-2018:1223-1" title="Rhsa-2018:1223-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#critical" id="critical" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1560084" id="1560084" title="Librelp: Stack-Based Buffer Overflow In Relptcpchkpeername Function In Src/Tcp.C" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1224-1</id><title>Packagekit</title><description>Security Fix(es): 
* PackageKit: authentication bypass allows to install signed packages without administrator privileges (CVE-2018-1106)</description><severity>moderate</severity><release>Scientific Linux</release><issued date="2018-04-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="PackageKit-glib-devel" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-glib-devel-1.1.5-2.sl7_5.x86_64.rpm</filename><sum type="sha256">fb674f5ce0dc9bbb66a8385e3cfebcffe961ab29c86bd4744710ae7fed7b35a9</sum></package><package arch="x86_64" name="PackageKit-yum" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-yum-1.1.5-2.sl7_5.x86_64.rpm</filename><sum type="sha256">cce574cb7142fe1e8e47eaae6b80aca1b6871d6ed7d9567c69f0e718eee085b8</sum></package><package arch="i686" name="PackageKit-gtk3-module" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-gtk3-module-1.1.5-2.sl7_5.i686.rpm</filename><sum type="sha256">2b0468e703a71f4982fab37af5b916a577d79b3eb8a1e762bc788e1d0f7f76d6</sum></package><package arch="x86_64" name="PackageKit-gtk3-module" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-gtk3-module-1.1.5-2.sl7_5.x86_64.rpm</filename><sum type="sha256">d5526c4663f3b7df96f7a29d8b185ade334098c77f4bb785d517051757ee02b3</sum></package><package arch="i686" name="PackageKit-glib" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-glib-1.1.5-2.sl7_5.i686.rpm</filename><sum type="sha256">3f6151b10678ff05c5426f003cee59290a944fb637a87cd49fd9cb590be4c530</sum></package><package arch="x86_64" name="PackageKit-glib" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-glib-1.1.5-2.sl7_5.x86_64.rpm</filename><sum type="sha256">3f26eff29eed00ef0ef387fe591dd9b0196656cd0e2c602f1755ee3bbc1c636e</sum></package><package arch="x86_64" name="PackageKit-cron" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-cron-1.1.5-2.sl7_5.x86_64.rpm</filename><sum type="sha256">960139a32812444091a1612164a7c00df8048b2f83065daa116814f205a8a8fd</sum></package><package arch="i686" name="PackageKit" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-1.1.5-2.sl7_5.i686.rpm</filename><sum type="sha256">31bfaa8f712df09b5b09c4ede228a7769366be1c28e481473eba52911b4dc74b</sum></package><package arch="x86_64" name="PackageKit-command-not-found" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-command-not-found-1.1.5-2.sl7_5.x86_64.rpm</filename><sum type="sha256">d6a5ad4b9334942413266cfe4c39e8d785b6585d7f88c625586a6e116be93a2e</sum></package><package arch="x86_64" name="PackageKit-gstreamer-plugin" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-gstreamer-plugin-1.1.5-2.sl7_5.x86_64.rpm</filename><sum type="sha256">adb9268c968165a428505355fb85d549be0839d0e66e8b9bb69802f9f50df2fe</sum></package><package arch="x86_64" name="PackageKit" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-1.1.5-2.sl7_5.x86_64.rpm</filename><sum type="sha256">bbeaee79ac05642289b90d38ea061cdcb4ca70ed80df6cceaac73a46bca29aa3</sum></package><package arch="x86_64" name="PackageKit-yum-plugin" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-yum-plugin-1.1.5-2.sl7_5.x86_64.rpm</filename><sum type="sha256">2069b74f338f7377101b8a23efdc5b6d7a7f2a2e3cc594ccf7a21e68e8dbb129</sum></package><package arch="i686" name="PackageKit-glib-devel" release="2.sl7_5" src="PackageKit-1.1.5-2.sl7_5.src.rpm" version="1.1.5"><filename>PackageKit-glib-devel-1.1.5-2.sl7_5.i686.rpm</filename><sum type="sha256">40c08ff781378cfcb872dd616a8bce7e5cc7946efcc045f48b93e72611c1bad8</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1106" id="CVE-2018-1106" title="Packagekit: Authentication Bypass Allows To Install Signed Packages Without Administrator Privileges" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1224" id="RHSA-2018:1224-1" title="Rhsa-2018:1224-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#moderate" id="moderate" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1565992" id="1565992" title="Packagekit: Authentication Bypass Allows To Install Signed Packages Without Administrator Privileges" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1278-1</id><title>Java-1.7.0-Openjdk</title><description>Security Fix(es): 
* OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass (Hotspot, 8192025) (CVE-2018-2814) 
* OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997) (CVE-2018-2794) 
* OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977) (CVE-2018-2795) 
* OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981) (CVE-2018-2796) 
* OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985) (CVE-2018-2797) 
* OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989) (CVE-2018-2798) 
* OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993) (CVE-2018-2799) 
* OpenJDK: RMI HTTP transport enabled by default (RMI, 8193833) (CVE-2018-2800) 
* OpenJDK: unbounded memory allocation during deserialization in StubIORImpl (Serialization, 8192757) (CVE-2018-2815) 
* OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969) (CVE-2018-2790)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-03 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-headless" release="2.6.14.5.el7" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.5.el7.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-headless-1.7.0.181-2.6.14.5.el7.x86_64.rpm</filename><sum type="sha256">9cdce41b9d7eefc9c549638c277211e07dd24610a45b70a0631361c2ea0eb417</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-accessibility" release="2.6.14.5.el7" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.5.el7.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-accessibility-1.7.0.181-2.6.14.5.el7.x86_64.rpm</filename><sum type="sha256">0f31a913d037ecc136f32c496919dd3b5d638cc33ce65e66722eccbb365a30c9</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-devel" release="2.6.14.5.el7" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.5.el7.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-devel-1.7.0.181-2.6.14.5.el7.x86_64.rpm</filename><sum type="sha256">af9e493197ff05c868118a94a2e9414b21ec272a5fe7582006a79cc758346e6d</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-src" release="2.6.14.5.el7" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.5.el7.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-src-1.7.0.181-2.6.14.5.el7.x86_64.rpm</filename><sum type="sha256">f16c439c67cf1048ce06e2d70d79f2c281aae61e0ed3ccf6779fcc31082fbdaa</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-demo" release="2.6.14.5.el7" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.5.el7.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-demo-1.7.0.181-2.6.14.5.el7.x86_64.rpm</filename><sum type="sha256">264f285712dcc3d6f5e8ab7d7f4f21d34964fff1cccc8535317385a345b077e9</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk" release="2.6.14.5.el7" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.5.el7.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-1.7.0.181-2.6.14.5.el7.x86_64.rpm</filename><sum type="sha256">8ebe99d58d0cea789f97b3fa790385d97db605c44c1f9dcb32607f5c2bc9faf3</sum></package><package arch="noarch" epoch="1" name="java-1.7.0-openjdk-javadoc" release="2.6.14.5.el7" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.5.el7.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-javadoc-1.7.0.181-2.6.14.5.el7.noarch.rpm</filename><sum type="sha256">d343897866a34c0d5d49237efb8b3ef212efebd77afff3a87146e9b7c6b50b13</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2790" id="CVE-2018-2790" title="Openjdk: Incorrect Merging Of Sections In The Jar Manifest (Security, 8189969)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2794" id="CVE-2018-2794" title="Openjdk: Unrestricted Deserialization Of Data From Jceks Key Stores (Security, 8189997)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2795" id="CVE-2018-2795" title="Openjdk: Insufficient Consistency Checks In Deserialization Of Multiple Classes (Security, 8189977)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2796" id="CVE-2018-2796" title="Openjdk: Unbounded Memory Allocation During Deserialization In Priorityblockingqueue (Concurrency, 8189981)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2797" id="CVE-2018-2797" title="Openjdk: Unbounded Memory Allocation During Deserialization In Tabulardatasupport (Jmx, 8189985)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2798" id="CVE-2018-2798" title="Openjdk: Unbounded Memory Allocation During Deserialization In Container (Awt, 8189989)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2799" id="CVE-2018-2799" title="Openjdk: Unbounded Memory Allocation During Deserialization In Namednodemapimpl (Jaxp, 8189993)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2800" id="CVE-2018-2800" title="Openjdk: Rmi Http Transport Enabled By Default (Rmi, 8193833)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2814" id="CVE-2018-2814" title="Openjdk: Incorrect Handling Of Reference Clones Can Lead To Sandbox Bypass (Hotspot, 8192025)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2815" id="CVE-2018-2815" title="Openjdk: Unbounded Memory Allocation During Deserialization In Stubiorimpl (Serialization, 8192757)" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1278" id="RHSA-2018:1278-1" title="Rhsa-2018:1278-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567121" id="1567121" title="Openjdk: Incorrect Handling Of Reference Clones Can Lead To Sandbox Bypass (Hotspot, 8192025)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567126" id="1567126" title="Openjdk: Unrestricted Deserialization Of Data From Jceks Key Stores (Security, 8189997)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567351" id="1567351" title="Openjdk: Insufficient Consistency Checks In Deserialization Of Multiple Classes (Security, 8189977)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567537" id="1567537" title="Openjdk: Unbounded Memory Allocation During Deserialization In Stubiorimpl (Serialization, 8192757)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567542" id="1567542" title="Openjdk: Unbounded Memory Allocation During Deserialization In Namednodemapimpl (Jaxp, 8189993)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567543" id="1567543" title="Openjdk: Unbounded Memory Allocation During Deserialization In Container (Awt, 8189989)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567545" id="1567545" title="Openjdk: Unbounded Memory Allocation During Deserialization In Tabulardatasupport (Jmx, 8189985)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567546" id="1567546" title="Openjdk: Unbounded Memory Allocation During Deserialization In Priorityblockingqueue (Concurrency, 8189981)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568163" id="1568163" title="Openjdk: Rmi Http Transport Enabled By Default (Rmi, 8193833)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568515" id="1568515" title="Openjdk: Incorrect Merging Of Sections In The Jar Manifest (Security, 8189969)" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1318-1</id><title>Kernel</title><description>Security Fix(es): 
* Kernel: KVM: error in exception handling leads to wrong debug stack value (CVE-2018-1087) 
* Kernel: error in exception handling leads to DoS (CVE-2018-8897) 
* Kernel: ipsec: xfrm: use-after-free leading to potential privilege escalation (CVE-2017-16939) 
* kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c (CVE-2018-1068) 
* kernel: ptrace() incorrect error handling leads to corruption and DoS (CVE-2018-1000199) 
* kernel: guest kernel crash during core dump on POWER9 host (CVE-2018-1091)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-08 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="noarch" name="kernel-abi-whitelists" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-abi-whitelists-3.10.0-862.2.3.el7.noarch.rpm</filename><sum type="sha256">189f87cf2bd9b23d4e8eec76884cd5a3579e69a0812898440a3b2f43df5edce2</sum></package><package arch="x86_64" name="kernel-tools" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-tools-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">9a45f4a3e11383af0047a794f78cc9496c42f3454d489859fe886cf7e4ac97b8</sum></package><package arch="x86_64" name="kernel-debug" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-debug-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">b1e589f751be619c57e73b00cfa63c8781dcb8a7f2b45bb94bbaf13a0b70554f</sum></package><package arch="x86_64" name="kernel-tools-libs-devel" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-devel-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">b7d26ecd072e95dd50fed2a4af282476120baa47b77e14b14099d3194f9524a8</sum></package><package arch="noarch" name="kernel-doc" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-doc-3.10.0-862.2.3.el7.noarch.rpm</filename><sum type="sha256">2cd8d59105d4d77e2457cfbf4e2e4a5eea2fceb1d67d85542560790f723957fa</sum></package><package arch="x86_64" name="perf" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>perf-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">1d83dab292017c9202e67ca1e46a909f41100545e9ef9e70e9f60386eb25ae40</sum></package><package arch="x86_64" name="kernel-headers" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-headers-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">75a47b31ea487e5a759e05bc543e29773053ea174b77ec3409f7e8fe9571861f</sum></package><package arch="x86_64" name="python-perf" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>python-perf-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">04932ce8b294ec2d96d37671c89e067eaeb6082b4b119bb8388d2dea54b4a92e</sum></package><package arch="x86_64" name="kernel-tools-libs" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">90c21e11f71e088cc24ad55ca5cc9b3071ca9f6824660389f1e38f759b8de35e</sum></package><package arch="x86_64" name="kernel-debug-devel" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-debug-devel-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">41ee1efa783bb6b42c6b24603442d80886feabb847d202d3c98739a3b57bd008</sum></package><package arch="x86_64" name="kernel" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">0426b49b0d597c2a0ae75e6b58b5ca83d3545bf95fd9796891ba69b65fd5ee58</sum></package><package arch="x86_64" name="kernel-devel" release="862.2.3.el7" src="kernel-3.10.0-862.2.3.el7.src.rpm" version="3.10.0"><filename>kernel-devel-3.10.0-862.2.3.el7.x86_64.rpm</filename><sum type="sha256">279316b9d2625dc7e6cb29a7d965e87f2e9503922f346fe04c52f160bc6cd681</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16939" id="CVE-2017-16939" title="Kernel: Ipsec: Xfrm: Use-After-Free Leading To Potential Privilege Escalation" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000199" id="CVE-2018-1000199" title="Kernel: Ptrace() Incorrect Error Handling Leads To Corruption And Dos" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1068" id="CVE-2018-1068" title="Kernel: Out-Of-Bounds Write Via Userland Offsets In Ebt_Entry Struct In Netfilter/Ebtables.C" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1087" id="CVE-2018-1087" title="Kernel: Kvm: Error In Exception Handling Leads To Wrong Debug Stack Value" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1091" id="CVE-2018-1091" title="Kernel: Guest Kernel Crash During Core Dump On Power9 Host" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897" id="CVE-2018-8897" title="Kernel: Error In Exception Handling Leads To Dos" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1318" id="RHSA-2018:1318-1" title="Rhsa-2018:1318-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1517220" id="1517220" title="Kernel: Ipsec: Xfrm: Use-After-Free Leading To Potential Privilege Escalation" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1552048" id="1552048" title="Kernel: Out-Of-Bounds Write Via Userland Offsets In Ebt_Entry Struct In Netfilter/Ebtables.C" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1558149" id="1558149" title="Kernel: Guest Kernel Crash During Core Dump On Power9 Host" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1566837" id="1566837" title="Kernel: Kvm: Error In Exception Handling Leads To Wrong Debug Stack Value" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567074" id="1567074" title="Kernel: Error In Exception Handling Leads To Dos" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568477" id="1568477" title="Kernel: Ptrace() Incorrect Error Handling Leads To Corruption And Dos" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1380-1</id><title>389-Ds-Base</title><description>Security Fix(es): 
* 389-ds-base: ns-slapd crash via large filter value in ldapsearch (CVE-2018-1089) 
Bug Fix(es): 
* Indexing tasks in Directory Server contain the nsTaskStatus attribute to monitor whether the task is completed and the database is ready to receive updates. Before this update, the server set the value that indexing had completed before the database was ready to receive updates. Applications which monitor nsTaskStatus could start sending updates as soon as indexing completed, but before the database was ready. As a consequence, the server rejected updates with an UNWILLING_TO_PERFORM error. The problem has been fixed. As a result, the nsTaskStatus attribute now shows that indexing is completed after the database is ready to receive updates. 
* Previously, Directory Server did not remember when the first operation, bind, or a connection was started. As a consequence, the server applied in certain situations anonymous resource limits to an authenticated client. With this update, Directory Server properly marks authenticated client connections. As a result, it applies the correct resource limits, and authenticated clients no longer get randomly restricted by anonymous resource limits. 
* When debug replication logging is enabled, Directory Server incorrectly logged an error that updating the replica update vector (RUV) failed when in fact the update succeeded. The problem has been fixed, and the server no longer logs an error if updating the RUV succeeds. 
* This update adds the -W option to the ds-replcheck utility. With this option, ds-replcheck asks for the password, similar to OpenLDAP utilities. As a result, the password is not stored in the shell's history file when the -W option is used. 
* If an administrator moves a group in Directory Server from one subtree to another, the memberOf plug-in deletes the memberOf attribute with the old value and adds a new memberOf attribute with the new group's distinguished name (DN) in affected user entries. Previously, if the old subtree was not within the scope of the memberOf plug-in, deleting the old memberOf attribute failed because the values did not exist. As a consequence, the plug-in did not add the new memberOf value, and the user entry contained an incorrect memberOf value. With this update, the plug-in now checks the return code when deleting the old value. If the return code is "no such value", the plug-in only adds the new memberOf value. As a result, the memberOf attribute information is correct. 
* In a Directory Server replication topology, updates are managed by using Change Sequence Numbers (CSN) based on time stamps. New CSNs must be higher than the highest CSN present in the relative update vector (RUV). In case the server generates a new CSN in the same second as the most recent CSN, the sequence number is increased to ensure that it is higher. However, if the most recent CSN and the new CSN were identical, the sequence number was not increased. In this situation, the new CSN was, except the replica ID, identical to the most recent one. As a consequence, a new update in the directory appeared in certain situations older than the most recent update. With this update, Directory Server increases the CSN if the sequence number is lower or equal to the most recent one. As a result, new updates are no longer considered older than the most recent data.</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-15 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="389-ds-base-snmp" release="21.el7_5" src="389-ds-base-1.3.7.5-21.el7_5.src.rpm" version="1.3.7.5"><filename>389-ds-base-snmp-1.3.7.5-21.el7_5.x86_64.rpm</filename><sum type="sha256">e951ce842cd3d6f67ef139d300d8483b6a8bf3b76635d30915fe5c7db3006cec</sum></package><package arch="x86_64" name="389-ds-base" release="21.el7_5" src="389-ds-base-1.3.7.5-21.el7_5.src.rpm" version="1.3.7.5"><filename>389-ds-base-1.3.7.5-21.el7_5.x86_64.rpm</filename><sum type="sha256">162bec82fc86f8d76b09d515bf15d4f1f112f9125d17f619ec76bb0ac5b2931d</sum></package><package arch="x86_64" name="389-ds-base-libs" release="21.el7_5" src="389-ds-base-1.3.7.5-21.el7_5.src.rpm" version="1.3.7.5"><filename>389-ds-base-libs-1.3.7.5-21.el7_5.x86_64.rpm</filename><sum type="sha256">21c8ac942366ded74d91d93ccad9e6673313c7c53a627790e6c4aa0f16b5b9cf</sum></package><package arch="x86_64" name="389-ds-base-devel" release="21.el7_5" src="389-ds-base-1.3.7.5-21.el7_5.src.rpm" version="1.3.7.5"><filename>389-ds-base-devel-1.3.7.5-21.el7_5.x86_64.rpm</filename><sum type="sha256">8a1feca4ac85046b37c63e42ab1ea984c2687c64c6c300d7519f3e6fac842252</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1089" id="CVE-2018-1089" title="389-Ds-Base: Ns-Slapd Crash Via Large Filter Value In Ldapsearch" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1380" id="RHSA-2018:1380-1" title="Rhsa-2018:1380-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1559802" id="1559802" title="389-Ds-Base: Ns-Slapd Crash Via Large Filter Value In Ldapsearch" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1396-1</id><title>Libvirt</title><description>Security Fix(es): 
* libvirt: Resource exhaustion via qemuMonitorIORead() method (CVE-2018-5748) 
* libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent (CVE-2018-1064) 
The CVE-2018-1064 issue was discovered by Daniel P. Berrang (Red Hat) and the CVE-2018-5748 issue was discovered by Daniel P. Berrange (Red Hat) and Peter Krempa (Red Hat). 
Bug Fix(es): 
* Previously, the check for a non-unique device boot order did not properly handle updates of existing devices when a new device was attached to a guest. Consequently, updating any device with a specified boot order failed. With this update, the duplicity check detects correctly handles updates and ignores the original device, which avoids reporting false conflicts. As a result, updating a device with a boot order succeeds. 
* In Scientific Linux 7.5, guests with SCSI passthrough enabled failed to boot because of changes in kernel CGroup detection. With this update, libvirt fetches dependencies and adds them to the device CGroup. As a result, and the affected guests now start as expected. 
* The VMX parser in libvirt did not parse more than four network interfaces. As a consequence, the esx driver did not expose more than four network interface cards (NICs) for guests running ESXi. With this update, the VMX parser parses all the available NICs in .vmx files. As a result, libvirt reports all the NICs of guests running ESXi. 
* Previously, user aliases for PTY devices that were longer than 32 characters were not supported. Consequently, if a domain included a PTY device with a user alias longer than 32 characters, the domain would not start. With this update, a static buffer was replaced with a dynamic buffer. As a result, the domain starts even if the length of the user alias for a PTY device is longer than 32 characters.</description><severity>low</severity><release>Scientific Linux</release><issued date="2018-05-15 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="libvirt-daemon-driver-storage-logical" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">8be1847ec910ddc6238b8abe2cbbe4801d9cff1828627c2129108ce62bce01c7</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-rbd" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">91269e39af37c30680f9673cc879e1f046f509ebdfcb63261b9701c3ddf65ea7</sum></package><package arch="x86_64" name="libvirt-daemon-kvm" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-kvm-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">7fac744a962d01966e59b50e82172cb8508cca10b1ff548c65218bfe78928903</sum></package><package arch="i686" name="libvirt-devel" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-devel-3.9.0-14.el7_5.4.i686.rpm</filename><sum type="sha256">25df98d4c8bcdd45eedbbf212601c488b77cf83f4b4763e06a5d4d9b9e7382fe</sum></package><package arch="x86_64" name="libvirt-daemon-driver-interface" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-interface-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">edac5cfb44a0c4ea937e6d980b1c231c3b145ede7a26d65e6eb3c701569caaf2</sum></package><package arch="x86_64" name="libvirt-daemon-lxc" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-lxc-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">174627d6e0a08c716d659e64f4fa0c0bba041ee4189b30e5149f050cfaebbca3</sum></package><package arch="x86_64" name="libvirt-daemon-driver-network" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-network-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">d6a36c86d853ce618a019248a505f9f6bff3baaef3446da5608af20aa8e8b89c</sum></package><package arch="i686" name="libvirt-nss" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-nss-3.9.0-14.el7_5.4.i686.rpm</filename><sum type="sha256">f597efc774c3aff7e954a3b9335f67508b350cd6f9115a7042efcfb1a7782e94</sum></package><package arch="x86_64" name="libvirt-libs" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-libs-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">f13638aa120f84002585624e0cab5f25a2e9dffb88a1f2a53a4407dcbe3df2f5</sum></package><package arch="x86_64" name="libvirt-daemon" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">39d315d99174ea1728d4ce342ff4c40572327462a25a6abff51c4d2f276a8a28</sum></package><package arch="x86_64" name="libvirt-docs" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-docs-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">063b4488fd06bce0eaccc5bb3f2709e506a2180a507863a6f24d614396068462</sum></package><package arch="x86_64" name="libvirt-daemon-driver-nwfilter" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">daf97898d532686363cf92bea1c733e4ca0fa84efe0b9243689fa241a31ac078</sum></package><package arch="x86_64" name="libvirt-client" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-client-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">d9c9b8747760dfffa42e62999e168faf284dfc2fa445e26ff090ba51be8c91e9</sum></package><package arch="x86_64" name="libvirt-nss" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-nss-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">3a4d02daccf51b6b0f0ffeb5d8fe067150a7ddb4664257da08908e2950a56a29</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-disk" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">e3da40d559333cfbfa96d4eb41b988b53600a7b0afa8b48b0a04a3e0a51ca573</sum></package><package arch="i686" name="libvirt-libs" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-libs-3.9.0-14.el7_5.4.i686.rpm</filename><sum type="sha256">7093ba44ae8bdb52d48724f090957267015b194e6ce7ea3467e36c82862c5abd</sum></package><package arch="x86_64" name="libvirt-daemon-config-nwfilter" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">849e3fbf3a3061495371fe31b2c78ce1437cead122c9a7ead773b4316afe0930</sum></package><package arch="x86_64" name="libvirt-daemon-config-network" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-config-network-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">1b325edd67c477c1d7039a49616f98abe5904006d7cd8a04262f4285c1a0cb59</sum></package><package arch="i686" name="libvirt-client" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-client-3.9.0-14.el7_5.4.i686.rpm</filename><sum type="sha256">6b3fbe2d8adf3f0397e776c13c90f69f11fd6956a8f7c9b3b4d150957da0b860</sum></package><package arch="x86_64" name="libvirt-daemon-driver-nodedev" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">518ba9e25c3c9685e22f3197a470e8a3ce547dbbb1d3c0a45f2ba3ecd7675785</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-core" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">8a424edd2b1ac51218992910b9bad6aab03cbf0af470030d0f0ab5fc7181af77</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-iscsi" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">49b8da4919b3636727bf915d08c9630b7c700455884242aef456e3e775ce57e4</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-scsi" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">9347919a46f386b962cb174c6b098edbb605ad2152a21856d7a710b4ded4fabc</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-gluster" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">a64ea16b65634ebb76ab70e4e560629de06814d81a62e4c8041047188268325b</sum></package><package arch="x86_64" name="libvirt-daemon-driver-lxc" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-lxc-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">012e812e9c4c0840eb55146245a091bb7296564f41c9e2cfde3ae46a123d6e95</sum></package><package arch="x86_64" name="libvirt-daemon-driver-secret" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-secret-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">880dcbb7e5ec4f1151beae0000a7e9f2dd533590e8476c24259f217a2225cd79</sum></package><package arch="x86_64" name="libvirt-devel" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-devel-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">2a95d2f684b7e9d6b9a27b9bd9d228a4d4ff74a4afb2d842153c01375be430b3</sum></package><package arch="x86_64" name="libvirt" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">7188afc124a0a0d874e2836cd6d42231449074d7f03f804b8d2bac07507fa560</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-mpath" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">be87d66b98bb2ad5529523664c2873b2e82ec67430cf056cb18b304f94899dd8</sum></package><package arch="x86_64" name="libvirt-daemon-driver-qemu" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-qemu-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">b0a9b7afa13cbd748d05043e8239145cfb4c76abe24c89fc539993780ab7f0be</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">8862e69fef8cd56555358388bc317723ff6fdfd96b83c0877fecffb5b0ffdb38</sum></package><package arch="x86_64" name="libvirt-lock-sanlock" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-lock-sanlock-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">e0c9cb3806594d6e7684b3658c3c0aaf8d05e28cc140c91141fe6d2b367963dc</sum></package><package arch="x86_64" name="libvirt-admin" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-admin-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">9a82fb8aa17bfb014a0b5bf161c7995d11bb8da441043bfdb74ca4247beebc26</sum></package><package arch="x86_64" name="libvirt-login-shell" release="14.el7_5.4" src="libvirt-3.9.0-14.el7_5.4.src.rpm" version="3.9.0"><filename>libvirt-login-shell-3.9.0-14.el7_5.4.x86_64.rpm</filename><sum type="sha256">54d6a5bc803dd18d92bbaac2377fc29c4b47732692f05713c2c23e5ea91e5ac8</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1064" id="CVE-2018-1064" title="Libvirt: Incomplete Fix For Cve-2018-5748 Triggered By Qemu Guest Agent" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5748" id="CVE-2018-5748" title="Libvirt: Resource Exhaustion Via Qemumonitorioread() Method" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1396" id="RHSA-2018:1396-1" title="Rhsa-2018:1396-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#low" id="low" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1528396" id="1528396" title="Libvirt: Resource Exhaustion Via Qemumonitorioread() Method" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1550672" id="1550672" title="Libvirt: Incomplete Fix For Cve-2018-5748 Triggered By Qemu Guest Agent" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1415-1</id><title>Firefox</title><description>This update upgrades Firefox to version 52.8.0 ESR. 
Security Fix(es): 
* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150) 
* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183) 
* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154) 
* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155) 
* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157) 
* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158) 
* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159) 
* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168) 
* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)</description><severity>critical</severity><release>Scientific Linux</release><issued date="2018-05-15 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="firefox" release="1.el7_5" src="firefox-52.8.0-1.el7_5.src.rpm" version="52.8.0"><filename>firefox-52.8.0-1.el7_5.x86_64.rpm</filename><sum type="sha256">69bd61ea3fd15e54faf78b346ae8ec868184f3955bd94b2ac450ed58ae188d31</sum></package><package arch="i686" name="firefox" release="1.el7_5" src="firefox-52.8.0-1.el7_5.src.rpm" version="52.8.0"><filename>firefox-52.8.0-1.el7_5.i686.rpm</filename><sum type="sha256">31ed8d356b84291ccc75a8e5ca691ba045d987fa7df8fca1259e20a84c10503d</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" id="CVE-2018-5150" title="Mozilla: Memory Safety Bugs Fixed In Firefox 60 And Firefox Esr 52.8" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" id="CVE-2018-5154" title="Mozilla: Use-After-Free With Svg Animations And Clip Paths" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" id="CVE-2018-5155" title="Mozilla: Use-After-Free With Svg Animations And Text Paths" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" id="CVE-2018-5157" title="Mozilla: Same-Origin Bypass Of Pdf Viewer To View Protected Pdf Files" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" id="CVE-2018-5158" title="Mozilla: Malicious Pdf Can Inject Javascript Into Pdf Viewer" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" id="CVE-2018-5159" title="Mozilla: Integer Overflow And Out-Of-Bounds Write In Skia" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" id="CVE-2018-5168" title="Mozilla: Lightweight Themes Can Be Installed Without User Interaction" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" id="CVE-2018-5178" title="Mozilla: Buffer Overflow During Utf-8 To Unicode String Conversion Through Legacy Extension" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" id="CVE-2018-5183" title="Mozilla: Backport Critical Security Fixes In Skia" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1415" id="RHSA-2018:1415-1" title="Rhsa-2018:1415-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#critical" id="critical" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576250" id="1576250" title="Mozilla: Memory Safety Bugs Fixed In Firefox 60 And Firefox Esr 52.8" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576255" id="1576255" title="Mozilla: Use-After-Free With Svg Animations And Clip Paths" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576257" id="1576257" title="Mozilla: Use-After-Free With Svg Animations And Text Paths" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576258" id="1576258" title="Mozilla: Same-Origin Bypass Of Pdf Viewer To View Protected Pdf Files" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576259" id="1576259" title="Mozilla: Malicious Pdf Can Inject Javascript Into Pdf Viewer" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576260" id="1576260" title="Mozilla: Integer Overflow And Out-Of-Bounds Write In Skia" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576269" id="1576269" title="Mozilla: Lightweight Themes Can Be Installed Without User Interaction" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576278" id="1576278" title="Mozilla: Buffer Overflow During Utf-8 To Unicode String Conversion Through Legacy Extension" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576283" id="1576283" title="Mozilla: Backport Critical Security Fixes In Skia" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1416-1</id><title>Qemu-Kvm</title><description>Security Fix(es): 
* QEMU: cirrus: OOB access when updating VGA display (CVE-2018-7858)</description><severity>moderate</severity><release>Scientific Linux</release><issued date="2018-05-15 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="10" name="qemu-kvm-tools" release="156.el7_5.1" src="qemu-kvm-1.5.3-156.el7_5.1.src.rpm" version="1.5.3"><filename>qemu-kvm-tools-1.5.3-156.el7_5.1.x86_64.rpm</filename><sum type="sha256">da99389da4d4633be047462da30cbffa0478c55486503808c7e4fe2f7232445d</sum></package><package arch="x86_64" epoch="10" name="qemu-kvm" release="156.el7_5.1" src="qemu-kvm-1.5.3-156.el7_5.1.src.rpm" version="1.5.3"><filename>qemu-kvm-1.5.3-156.el7_5.1.x86_64.rpm</filename><sum type="sha256">32d8eb23751fbb7080d273c9051b829fb8dd6d61f289f73c930fce5c9ff930e0</sum></package><package arch="x86_64" epoch="10" name="qemu-kvm-common" release="156.el7_5.1" src="qemu-kvm-1.5.3-156.el7_5.1.src.rpm" version="1.5.3"><filename>qemu-kvm-common-1.5.3-156.el7_5.1.x86_64.rpm</filename><sum type="sha256">1594bcecedaa6bba5d62ae0436d84eed0683597e69bd027d64ac333dc0f1a82f</sum></package><package arch="x86_64" epoch="10" name="qemu-img" release="156.el7_5.1" src="qemu-kvm-1.5.3-156.el7_5.1.src.rpm" version="1.5.3"><filename>qemu-img-1.5.3-156.el7_5.1.x86_64.rpm</filename><sum type="sha256">fee7b10b7399f039b2421b284107514db5de0edf563fc228f24cc36e5f2e6b3d</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7858" id="CVE-2018-7858" title="Qemu: Cirrus: Oob Access When Updating Vga Display" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1416" id="RHSA-2018:1416-1" title="Rhsa-2018:1416-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#moderate" id="moderate" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1553402" id="1553402" title="Qemu: Cirrus: Oob Access When Updating Vga Display" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1453-1</id><title>Dhcp</title><description>Security Fix(es): 
* A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Scientific Linux. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. (CVE-2018-1111)</description><severity>critical</severity><release>Scientific Linux</release><issued date="2018-05-15 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="12" name="dhcp-libs" release="68.sl7_5.1" src="dhcp-4.2.5-68.sl7_5.1.src.rpm" version="4.2.5"><filename>dhcp-libs-4.2.5-68.sl7_5.1.x86_64.rpm</filename><sum type="sha256">8ff4b69e890a8f0109e9fb01b7b3e74cf965f86b9ed1254f8c77c67571f006f4</sum></package><package arch="i686" epoch="12" name="dhcp-libs" release="68.sl7_5.1" src="dhcp-4.2.5-68.sl7_5.1.src.rpm" version="4.2.5"><filename>dhcp-libs-4.2.5-68.sl7_5.1.i686.rpm</filename><sum type="sha256">5a528d86e3ceb7e451fbfc46a09d3bd23aa093a77fbcd524e5ea89c4f5feb060</sum></package><package arch="x86_64" epoch="12" name="dhcp-devel" release="68.sl7_5.1" src="dhcp-4.2.5-68.sl7_5.1.src.rpm" version="4.2.5"><filename>dhcp-devel-4.2.5-68.sl7_5.1.x86_64.rpm</filename><sum type="sha256">f15f0097941f3c8561af7ed28d5cd3e4ca8b04899d290ee83099eee0df76b8e0</sum></package><package arch="x86_64" epoch="12" name="dhclient" release="68.sl7_5.1" src="dhcp-4.2.5-68.sl7_5.1.src.rpm" version="4.2.5"><filename>dhclient-4.2.5-68.sl7_5.1.x86_64.rpm</filename><sum type="sha256">20516e8aab3f77ae33f30010b480c6e0026170860b9e9f7ccbfda56f2b23eddf</sum></package><package arch="x86_64" epoch="12" name="dhcp-common" release="68.sl7_5.1" src="dhcp-4.2.5-68.sl7_5.1.src.rpm" version="4.2.5"><filename>dhcp-common-4.2.5-68.sl7_5.1.x86_64.rpm</filename><sum type="sha256">57c15e95e2501176dba70240bc85155d65a797a06a9fcdca1d7963b14a3dab50</sum></package><package arch="x86_64" epoch="12" name="dhcp" release="68.sl7_5.1" src="dhcp-4.2.5-68.sl7_5.1.src.rpm" version="4.2.5"><filename>dhcp-4.2.5-68.sl7_5.1.x86_64.rpm</filename><sum type="sha256">5508364eba3eaab2b4abcec98c12b6213d810bdd62617a9d44d4a61794f5fea1</sum></package><package arch="i686" epoch="12" name="dhcp-devel" release="68.sl7_5.1" src="dhcp-4.2.5-68.sl7_5.1.src.rpm" version="4.2.5"><filename>dhcp-devel-4.2.5-68.sl7_5.1.i686.rpm</filename><sum type="sha256">23a9f657fd9e4f00d05fa32fde9189aec6858a60795398f813eaccbacc500026</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1111" id="CVE-2018-1111" title="Dhcp: Command Injection Vulnerability In The Dhcp Client Networkmanager Integration Script" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1453" id="RHSA-2018:1453-1" title="Rhsa-2018:1453-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#critical" id="critical" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1567974" id="1567974" title="Dhcp: Command Injection Vulnerability In The Dhcp Client Networkmanager Integration Script" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1629-1</id><title>Kernel</title><description>Security Fix(es): 
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load &amp; Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) 
Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software side of the mitigation for this hardware issue. To be fully functional, up-to-date CPU microcode applied on the system is required. Please refer to References section for further information about this issue, CPU microcode requirements and the potential performance impact. 
In this update mitigations for x86-64 architecture are provided.</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-22 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="kernel-debug" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-debug-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">25371ac66689e6413aee295d511b2eda789ff6d4e6797d2d2ba1eada9e6645d6</sum></package><package arch="x86_64" name="kernel-debug-devel" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-debug-devel-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">a8fb532b0177ae04269962531a37f403b59ba525325b54eb897ac81baffc0824</sum></package><package arch="x86_64" name="perf" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>perf-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">99c1f640691273de40c6088fad258162167263084f0863db4eb545d7abe5aac0</sum></package><package arch="x86_64" name="kernel-tools-libs" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">372812c202de872faff70a19e9310b67a2b34c479c30495d83e33d4544364e22</sum></package><package arch="noarch" name="kernel-doc" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-doc-3.10.0-862.3.2.el7.noarch.rpm</filename><sum type="sha256">22c1153a7c085e8df4e172adbdaad7968b023a1db06934d7b0827d594a380b94</sum></package><package arch="x86_64" name="kernel-devel" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-devel-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">c31bb2bd90c8972bad25815559fb9a76e11da1a0b7475ea11df692262f4f9b7d</sum></package><package arch="x86_64" name="python-perf" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>python-perf-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">5186bff828f7d682029129a711dec2cce3ea2e5a04dcab306ad40ff7d66f46b1</sum></package><package arch="x86_64" name="kernel-headers" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-headers-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">a735351a9dfdae49a97856ec6baf4151b841a1856c087d60f7617b3c2b9eef8f</sum></package><package arch="noarch" name="kernel-abi-whitelists" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-abi-whitelists-3.10.0-862.3.2.el7.noarch.rpm</filename><sum type="sha256">7f7c696167a149493c81b7d189d678be3a613ea37af88a53937d99b707747aa6</sum></package><package arch="x86_64" name="kernel" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">a99da56ca70bae10041a3560a9895c30832a818c642b8142b759389b3ef8c4ae</sum></package><package arch="x86_64" name="kernel-tools-libs-devel" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-devel-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">9bb13eb0883686bd2c3d0c87d98e09afb9539c2c303b8350981c149f02c10ba7</sum></package><package arch="x86_64" name="kernel-tools" release="862.3.2.el7" src="kernel-3.10.0-862.3.2.el7.src.rpm" version="3.10.0"><filename>kernel-tools-3.10.0-862.3.2.el7.x86_64.rpm</filename><sum type="sha256">335c4cd24cceed916947d6807e309dd08d79c7e5ef4801ef3a2fd435158c70e0</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639" id="CVE-2018-3639" title="Hw: Cpu: Speculative Store Bypass" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1629" id="RHSA-2018:1629-1" title="Rhsa-2018:1629-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1566890" id="1566890" title="Hw: Cpu: Speculative Store Bypass" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1632-1</id><title>Libvirt</title><description>Security Fix(es): 
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load &amp; Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) 
Note: This is the libvirt side of the CVE-2018-3639 mitigation.</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-22 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="libvirt-daemon-driver-nwfilter" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">880591e772f5051811df83ceff0123daec50c9703e252898c6310d5162e5ccb8</sum></package><package arch="x86_64" name="libvirt-daemon" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">b3c994a5c0091b64b08e4a69b228dd999b3a7e32f009ea4b10bedebd394b3768</sum></package><package arch="i686" name="libvirt-devel" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-devel-3.9.0-14.el7_5.5.i686.rpm</filename><sum type="sha256">6e60454d128fc119b75d00657927e1a6fa6bd8cbad3d8324e5c1045d5b055660</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-scsi" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">68d3a74485476cf43da87c1d9dae6141110b911e6dab1f11950513bd6e4a60a9</sum></package><package arch="i686" name="libvirt-libs" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-libs-3.9.0-14.el7_5.5.i686.rpm</filename><sum type="sha256">55775f86341d3b288d44a7f89bb7a1b057000c873fa44abeefff38592aeb4b7a</sum></package><package arch="x86_64" name="libvirt-daemon-kvm" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-kvm-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">8a8a7deef491532bdd56cc5e170a764b3db8896fa45bc3baf3e4933748db9718</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-logical" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">29f7d434154999d0c35388c60e09ac7c5161a2c7a29d233ff5036a5b8b77375e</sum></package><package arch="x86_64" name="libvirt-daemon-config-network" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-config-network-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">8ac5e152f50fe2a1d37417845b8483134c36bf6b2862927fb42792454c38a2e2</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">9fae6e4d80f56fa47870807eebc38635f3bcc0eb4e490531c5376e569146fac8</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-core" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">607db5dbe0fb795643a576d37549fa126170d548cbcb44fc941ef0e0259bdf1e</sum></package><package arch="x86_64" name="libvirt-devel" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-devel-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">a99c75c97916a0d1f68d1d37450661c023706cfb457130827900a7010dacf375</sum></package><package arch="x86_64" name="libvirt-login-shell" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-login-shell-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">881daea0c72926512883cb0c82e4ab437c47f29cda7253a342f27a86641d5033</sum></package><package arch="x86_64" name="libvirt-daemon-driver-nodedev" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">0f52f8093aa513085f85cf21dd189c81f6241d716a1dbdf8cc2d240b39346732</sum></package><package arch="x86_64" name="libvirt-lock-sanlock" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-lock-sanlock-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">da1de8b7ed0fcdf5b9f63fdbf1710e67b04c55872acf4567cb86f50db9c61672</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-rbd" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">577e6bbd1a6dc6b26c652eae73152092d357de638626f7f622d0edda566507cf</sum></package><package arch="x86_64" name="libvirt" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">67b8f269e2cad83fc9cdfa34eb5a7f51c744264b7fe6eafc841a87543e10a046</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-disk" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">7b2461fbe41097beb5f47dea26c51ba405995fadbee03b621c705a1f9563bbab</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-mpath" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">7fb4cc383a6202b81c80b0d68bc2976ea99ff3de2e25b766485d22660e62f809</sum></package><package arch="x86_64" name="libvirt-daemon-lxc" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-lxc-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">d02d11f93164e661621593cac5ec693c338c3b13e445fbec5f5232c60e240f8e</sum></package><package arch="x86_64" name="libvirt-client" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-client-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">f026e052d382bdbab344866afda714244cee0e2725232158f8fe7d035f8ae45b</sum></package><package arch="x86_64" name="libvirt-nss" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-nss-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">ae92c8c94603cc9a75e449cd36c3f8ba4d1d42a0da8a012c2bd576ecb427282c</sum></package><package arch="i686" name="libvirt-nss" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-nss-3.9.0-14.el7_5.5.i686.rpm</filename><sum type="sha256">9fb72c0f06a78155c6f011ace1a7412c1d746f2f3f3e0736ab1928b501755392</sum></package><package arch="x86_64" name="libvirt-libs" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-libs-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">cec0014f62995cb54b88946c3be8fb9bc1e2708f38854faf396f917ac99d6e97</sum></package><package arch="x86_64" name="libvirt-daemon-driver-qemu" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-qemu-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">c28f9dc7c8267e5a19cc5a355606584fa22795fe5f0fb6d46decc2399b63956a</sum></package><package arch="x86_64" name="libvirt-admin" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-admin-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">ed3159228590f365ba7847e3137cd03cabd3c7d3a78b9fcbb15dcb0d502b8f4a</sum></package><package arch="x86_64" name="libvirt-docs" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-docs-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">7cb7ccfd02b47e7f56a06491da96994f026ab7cb218ff104c03a95229ba4c911</sum></package><package arch="i686" name="libvirt-client" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-client-3.9.0-14.el7_5.5.i686.rpm</filename><sum type="sha256">d43dd6ba7d04033df8aeefd0217dab4c78e670dfb9014518681e458c98a6cfb2</sum></package><package arch="x86_64" name="libvirt-daemon-driver-secret" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-secret-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">19113e3891ff688500f6637d66deea5ba1eab4ec671463add8e56b0bd82f3e1f</sum></package><package arch="x86_64" name="libvirt-daemon-driver-interface" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-interface-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">e63da7aeb9c56a464c71476599eda1a6a3611cadee58be3f6dbbd03f74eec079</sum></package><package arch="x86_64" name="libvirt-daemon-driver-lxc" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-lxc-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">5c0a7741e6efd82878abf597a6273c41f5c82b34a1f7958cb00f734a41394865</sum></package><package arch="x86_64" name="libvirt-daemon-config-nwfilter" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">986db0c0af33ec45a763be87b7c643cfa8b9f301af96d51ec162e512410e05c5</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-iscsi" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">a212a5983c6ea3582d939898987f6a19225b3c97e0f21e981a8f1c3d2c76ca43</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-gluster" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">aace95d9840377e62368ab61b5a20af3017886530ea118b5178f407e2faafb89</sum></package><package arch="x86_64" name="libvirt-daemon-driver-network" release="14.el7_5.5" src="libvirt-3.9.0-14.el7_5.5.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-network-3.9.0-14.el7_5.5.x86_64.rpm</filename><sum type="sha256">22f7c6de729e685452ecc315c358e8bbc224602f5777e33a8cf9941d9181ed47</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639" id="CVE-2018-3639" title="Hw: Cpu: Speculative Store Bypass" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1632" id="RHSA-2018:1632-1" title="Rhsa-2018:1632-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1566890" id="1566890" title="Hw: Cpu: Speculative Store Bypass" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1633-1</id><title>Qemu-Kvm</title><description>Security Fix(es): 
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load &amp; Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) 
Note: This is the qemu-kvm side of the CVE-2018-3639 mitigation.</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-22 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="10" name="qemu-kvm-common" release="156.el7_5.2" src="qemu-kvm-1.5.3-156.el7_5.2.src.rpm" version="1.5.3"><filename>qemu-kvm-common-1.5.3-156.el7_5.2.x86_64.rpm</filename><sum type="sha256">c6f9c71b979848b0974b11a03d3b74e098f25066262e52eb69bf939ecc097460</sum></package><package arch="x86_64" epoch="10" name="qemu-kvm-tools" release="156.el7_5.2" src="qemu-kvm-1.5.3-156.el7_5.2.src.rpm" version="1.5.3"><filename>qemu-kvm-tools-1.5.3-156.el7_5.2.x86_64.rpm</filename><sum type="sha256">032daf4c92452b5b5c42203cef99ce9e22e63a74a53ef00cdf08d2841aa95a5f</sum></package><package arch="x86_64" epoch="10" name="qemu-kvm" release="156.el7_5.2" src="qemu-kvm-1.5.3-156.el7_5.2.src.rpm" version="1.5.3"><filename>qemu-kvm-1.5.3-156.el7_5.2.x86_64.rpm</filename><sum type="sha256">82fe86bf2269d1964ff2b9769b404cdec82d3e292cb4fda0269fd1df87440458</sum></package><package arch="x86_64" epoch="10" name="qemu-img" release="156.el7_5.2" src="qemu-kvm-1.5.3-156.el7_5.2.src.rpm" version="1.5.3"><filename>qemu-img-1.5.3-156.el7_5.2.x86_64.rpm</filename><sum type="sha256">434d430ab7e852d0926b5472ba67d60af4e9f896fed5caa484a796d8a6f533b4</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639" id="CVE-2018-3639" title="Hw: Cpu: Speculative Store Bypass" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1633" id="RHSA-2018:1633-1" title="Rhsa-2018:1633-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1566890" id="1566890" title="Hw: Cpu: Speculative Store Bypass" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1648-1</id><title>Java-1.7.0-Openjdk</title><description>Security Fix(es): 
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load &amp; Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) 
Note: This is the OpenJDK side of the CVE-2018-3639 mitigation.</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-22 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-demo" release="2.6.14.8.el7_5" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.8.el7_5.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-demo-1.7.0.181-2.6.14.8.el7_5.x86_64.rpm</filename><sum type="sha256">98c33b111862bff43ed2390031c1dc00c8acd97bbf2ba9f9d6ac8d00ffa2683e</sum></package><package arch="noarch" epoch="1" name="java-1.7.0-openjdk-javadoc" release="2.6.14.8.el7_5" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.8.el7_5.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-javadoc-1.7.0.181-2.6.14.8.el7_5.noarch.rpm</filename><sum type="sha256">f866f9a7785cf046db7ab8322bab40fd2b622a578f161c7cd86b224334825c0a</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-accessibility" release="2.6.14.8.el7_5" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.8.el7_5.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-accessibility-1.7.0.181-2.6.14.8.el7_5.x86_64.rpm</filename><sum type="sha256">dc783901ef3a8c037207f408a0225ca8ab8095a9b23133e06a6879b2f85121dd</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-devel" release="2.6.14.8.el7_5" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.8.el7_5.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-devel-1.7.0.181-2.6.14.8.el7_5.x86_64.rpm</filename><sum type="sha256">5fca539272c7d451566cc5e3173cc545fd8f2686e9d1fd4694ec585d795e8f6a</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-headless" release="2.6.14.8.el7_5" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.8.el7_5.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-headless-1.7.0.181-2.6.14.8.el7_5.x86_64.rpm</filename><sum type="sha256">5a67c447648317e475585db6006b0066294fa7e563836d98fe18a989348b7b5a</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk" release="2.6.14.8.el7_5" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.8.el7_5.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-1.7.0.181-2.6.14.8.el7_5.x86_64.rpm</filename><sum type="sha256">43490f9905a993748e8c9afeed2f314893ccccf433db6ea77c442393a7ff507d</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-src" release="2.6.14.8.el7_5" src="java-1.7.0-openjdk-1.7.0.181-2.6.14.8.el7_5.src.rpm" version="1.7.0.181"><filename>java-1.7.0-openjdk-src-1.7.0.181-2.6.14.8.el7_5.x86_64.rpm</filename><sum type="sha256">67efdfe20d8a7baa75701c1d71bf6d446af60bf425e96577a359e8b295e110ef</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639" id="CVE-2018-3639" title="Hw: Cpu: Speculative Store Bypass" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1648" id="RHSA-2018:1648-1" title="Rhsa-2018:1648-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1566890" id="1566890" title="Hw: Cpu: Speculative Store Bypass" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1649-1</id><title>Java-1.8.0-Openjdk</title><description>Security Fix(es): 
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load &amp; Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) 
Note: This is the OpenJDK side of the CVE-2018-3639 mitigation.</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-22 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-devel-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">7b9559d5d37bc1bf9f2950168a51164f974cd0547dff18a2523d4a24a178d745</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-headless-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">1e8609e4fa7da5905d0523cf688e1f29092f8700374d8ae0e7b36b11f36eed50</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-src" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-src-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">ba4084a6bedfc7d5332adf44310359aa21e26ff676652067c040f9555347241b</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-demo-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-demo-debug-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">a548a47a5c1b8458fe4c41684602016336fa9739389964b7e0387b1e24453fe7</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">fc4ccf47c35a4e902b8d5b28a552cd7921efdefbbf9b08acf8519bf6b4dd4296</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-headless" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-headless-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">06fb36213b2d5c6fe218dea8e9b7d539693be94a50e93cf1931f9f362bc08065</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-accessibility" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-accessibility-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">35f698593274f78d0b9997de93bafb5274a07a50064ae15f3d75a0503d027a8b</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-headless-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">0d2806735af6b0bf053424e601a8e4cb382e5cec9a696bfee9a167e6cb207484</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-src-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">374af7d20e7f59b871110ba79cc56f5fea1cc190fa72b745455a5353be4db051</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-demo-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">cee730ad5eb50183b8ccf014ddb453f9d45f4c8ecd442f9677573381beb0b55d</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-demo" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-demo-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">0277801694ca565278981399e3239be7328582a2fe2d1255f8194f582c553145</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-javadoc-1.8.0.171-8.b10.el7_5.noarch.rpm</filename><sum type="sha256">b3e35b015c3460804146f0d0ebb32d365c213d16b9acf4a18545bb9d21abf9a2</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.171-8.b10.el7_5.noarch.rpm</filename><sum type="sha256">f609d73d4f68c3ea108bdbde2a8f69ccfd8c3b675d8a9417938cd5bacee0c8a3</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-javadoc-zip-1.8.0.171-8.b10.el7_5.noarch.rpm</filename><sum type="sha256">3730ad8a11a52f0f0a43ead4040dc3af03fe1868750ac3ef0427c895056c6e94</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-headless-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-headless-debug-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">490f374d0a1bdad12556e93c5d9b5daf150c37b00c7972deb38ffa738e8f4fb2</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-demo-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">0c6c801d2d803bb86dda350e7bcf0d30a0436a5c0360fafdc24b093539dcb32f</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">e0463ce538032cf511af06f955651a583d20ecb5a20ff5c6cb2e408c00c893af</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-src-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-src-debug-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">2a7ba1e9fa22a75025eaef8bb899e9526efaed9c2c3ee2981174f148453c5966</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-devel-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-devel-debug-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">dfaa09b983836aa2b9f2f7f0e539aee8a93aa142a701ece1936da0fdcdc2b93e</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">63c8e2e0a22fe5b44381149c0ab866e98b784ae946c7f161b8b68312e1c54bc3</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-javadoc-debug-1.8.0.171-8.b10.el7_5.noarch.rpm</filename><sum type="sha256">b62204619eac07b68efc923edb56433e7b8731c60950e4c5ee0025e463c7166c</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-devel" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-devel-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">a171f47e69a88545f9010ede8d86aca67f709699a7f4dab84b128611df899df8</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-accessibility-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">3711355fe43309c73e245219538f9c1ab1056ea2ececb4c9597fb03d04ba60df</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-debug-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">8a468360c6c5f4f54f79e0e12ebb20ed053a4d38511ba7ff3c99a4b60358846c</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-src-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">95d7eb9b1fd42ff070a2955ac7e5c9816974b6f657af2f2593a54097e1247ace</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-accessibility-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">08dba4d127268595ed465c99f280de1620ec5baa8155b97cbfa45e77afffaae3</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-devel-debug-1.8.0.171-8.b10.el7_5.x86_64.rpm</filename><sum type="sha256">48e4791a18b0543749c99e1b6b66fdc937481be1455a68961e11ec4ab6aaea4e</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-accessibility-debug" release="8.b10.el7_5" src="java-1.8.0-openjdk-1.8.0.171-8.b10.el7_5.src.rpm" version="1.8.0.171"><filename>java-1.8.0-openjdk-accessibility-debug-1.8.0.171-8.b10.el7_5.i686.rpm</filename><sum type="sha256">5005b12a0b1bc8ccfe430310a0a949616c603df81ce10d69d68a4ca174046ee5</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639" id="CVE-2018-3639" title="Hw: Cpu: Speculative Store Bypass" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1649" id="RHSA-2018:1649-1" title="Rhsa-2018:1649-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1566890" id="1566890" title="Hw: Cpu: Speculative Store Bypass" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1700-1</id><title>Procps-Ng</title><description>Security Fix(es): 
* procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) 
* procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-23 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="procps-ng" release="17.el7_5.2" src="procps-ng-3.3.10-17.el7_5.2.src.rpm" version="3.3.10"><filename>procps-ng-3.3.10-17.el7_5.2.x86_64.rpm</filename><sum type="sha256">517fbebfb1d08f9608924d9707c4582e65603818078eb1bd4a9438b805d786ce</sum></package><package arch="x86_64" name="procps-ng-devel" release="17.el7_5.2" src="procps-ng-3.3.10-17.el7_5.2.src.rpm" version="3.3.10"><filename>procps-ng-devel-3.3.10-17.el7_5.2.x86_64.rpm</filename><sum type="sha256">c724a7d66b812a45a9e079d745cb1e825325ef1dd1697d70ec605083aed6c598</sum></package><package arch="i686" name="procps-ng-devel" release="17.el7_5.2" src="procps-ng-3.3.10-17.el7_5.2.src.rpm" version="3.3.10"><filename>procps-ng-devel-3.3.10-17.el7_5.2.i686.rpm</filename><sum type="sha256">1e2e59398021d89d355e5e338c8be81e781f7a0bc6e97cf874a225479b16a9fa</sum></package><package arch="x86_64" name="procps-ng-i18n" release="17.el7_5.2" src="procps-ng-3.3.10-17.el7_5.2.src.rpm" version="3.3.10"><filename>procps-ng-i18n-3.3.10-17.el7_5.2.x86_64.rpm</filename><sum type="sha256">60104b20d7326ef3ad17ef99597cc0239ed960e29b9702312cd45ecd2be3ccc8</sum></package><package arch="i686" name="procps-ng" release="17.el7_5.2" src="procps-ng-3.3.10-17.el7_5.2.src.rpm" version="3.3.10"><filename>procps-ng-3.3.10-17.el7_5.2.i686.rpm</filename><sum type="sha256">049bcfc751c6d69b3aae3e6ec6335a6c4e80c8a18141f4639f78a5e64e561303</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1124" id="CVE-2018-1124" title="Procps-Ng, Procps: Integer Overflows Leading To Heap Overflow In File2Strvec" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1126" id="CVE-2018-1126" title="Procps-Ng, Procps: Incorrect Integer Size In Proc/Alloc.* Leading To Truncation / Integer Overflow Issues" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1700" id="RHSA-2018:1700-1" title="Rhsa-2018:1700-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1575465" id="1575465" title="Procps-Ng, Procps: Integer Overflows Leading To Heap Overflow In File2Strvec" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1575853" id="1575853" title="Procps-Ng, Procps: Incorrect Integer Size In Proc/Alloc.* Leading To Truncation / Integer Overflow Issues" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1725-1</id><title>Thunderbird</title><description>This update upgrades Thunderbird to version 52.8.0. 
Security Fix(es): 
* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150) 
* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183) 
* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154) 
* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155) 
* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159) 
* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184) 
* Mozilla: Hang via malformed headers (CVE-2018-5161) 
* Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162) 
* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168) 
* Mozilla: Filename spoofing for external attachments (CVE-2018-5170) 
* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178) 
* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-05-24 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="thunderbird" release="1.el7_5" src="thunderbird-52.8.0-1.el7_5.src.rpm" version="52.8.0"><filename>thunderbird-52.8.0-1.el7_5.x86_64.rpm</filename><sum type="sha256">56b27c03046e0f2cb8a9a95b5d32c3600078e929648129a5ca8f67f4aa3cb1eb</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" id="CVE-2018-5150" title="Mozilla: Memory Safety Bugs Fixed In Firefox 60 And Firefox Esr 52.8" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" id="CVE-2018-5154" title="Mozilla: Use-After-Free With Svg Animations And Clip Paths" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" id="CVE-2018-5155" title="Mozilla: Use-After-Free With Svg Animations And Text Paths" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" id="CVE-2018-5159" title="Mozilla: Integer Overflow And Out-Of-Bounds Write In Skia" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161" id="CVE-2018-5161" title="Mozilla: Hang Via Malformed Headers" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162" id="CVE-2018-5162" title="Mozilla: Encrypted Mail Leaks Plaintext Through Src Attribute" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" id="CVE-2018-5168" title="Mozilla: Lightweight Themes Can Be Installed Without User Interaction" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170" id="CVE-2018-5170" title="Mozilla: Filename Spoofing For External Attachments" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" id="CVE-2018-5178" title="Mozilla: Buffer Overflow During Utf-8 To Unicode String Conversion Through Legacy Extension" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" id="CVE-2018-5183" title="Mozilla: Backport Critical Security Fixes In Skia" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184" id="CVE-2018-5184" title="Mozilla: Full Plaintext Recovery In S/Mime Via Chosen-Ciphertext Attack" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185" id="CVE-2018-5185" title="Mozilla: Leaking Plaintext Through Html Forms" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1725" id="RHSA-2018:1725-1" title="Rhsa-2018:1725-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576250" id="1576250" title="Mozilla: Memory Safety Bugs Fixed In Firefox 60 And Firefox Esr 52.8" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576255" id="1576255" title="Mozilla: Use-After-Free With Svg Animations And Clip Paths" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576257" id="1576257" title="Mozilla: Use-After-Free With Svg Animations And Text Paths" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576260" id="1576260" title="Mozilla: Integer Overflow And Out-Of-Bounds Write In Skia" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576269" id="1576269" title="Mozilla: Lightweight Themes Can Be Installed Without User Interaction" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576278" id="1576278" title="Mozilla: Buffer Overflow During Utf-8 To Unicode String Conversion Through Legacy Extension" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1576283" id="1576283" title="Mozilla: Backport Critical Security Fixes In Skia" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1580236" id="1580236" title="Mozilla: Full Plaintext Recovery In S/Mime Via Chosen-Ciphertext Attack" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1580237" id="1580237" title="Mozilla: Hang Via Malformed Headers" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1580239" id="1580239" title="Mozilla: Encrypted Mail Leaks Plaintext Through Src Attribute" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1580240" id="1580240" title="Mozilla: Filename Spoofing For External Attachments" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1580241" id="1580241" title="Mozilla: Leaking Plaintext Through Html Forms" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1780-1</id><title>Xmlrpc</title><description>Security Fix(es): 
* xmlrpc: Deserialization of untrusted Java object through &lt;ex:serializable&gt; tag (CVE-2016-5003)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-06-01 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="noarch" epoch="1" name="xmlrpc-server" release="9.el7_5" src="xmlrpc-3.1.3-9.el7_5.src.rpm" version="3.1.3"><filename>xmlrpc-server-3.1.3-9.el7_5.noarch.rpm</filename><sum type="sha256">8713eeb55cfe3951bb3936e65cc6de0385703c36a1c35059c2391f7d112819b9</sum></package><package arch="noarch" epoch="1" name="xmlrpc-client" release="9.el7_5" src="xmlrpc-3.1.3-9.el7_5.src.rpm" version="3.1.3"><filename>xmlrpc-client-3.1.3-9.el7_5.noarch.rpm</filename><sum type="sha256">0d98ef4f4042328c3a528b64f1fa3d6f6dc9bfca79513463cf2ac46bb71193ca</sum></package><package arch="noarch" epoch="1" name="xmlrpc-common" release="9.el7_5" src="xmlrpc-3.1.3-9.el7_5.src.rpm" version="3.1.3"><filename>xmlrpc-common-3.1.3-9.el7_5.noarch.rpm</filename><sum type="sha256">f01614a98b8f52a408a949cf2469dcd0664d98837f14bfdbdf4109dee533549b</sum></package><package arch="noarch" epoch="1" name="xmlrpc-javadoc" release="9.el7_5" src="xmlrpc-3.1.3-9.el7_5.src.rpm" version="3.1.3"><filename>xmlrpc-javadoc-3.1.3-9.el7_5.noarch.rpm</filename><sum type="sha256">5a99bad47d0d265621402dfac43b0958c15bd390444f1a3102ad805e8dade15a</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5003" id="CVE-2016-5003" title="Xmlrpc: Deserialization Of Untrusted Java Object Through &lt;Ex:Serializable&gt; Tag" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1780" id="RHSA-2018:1780-1" title="Rhsa-2018:1780-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1508123" id="1508123" title="Xmlrpc: Deserialization Of Untrusted Java Object Through &lt;Ex:Serializable&gt; Tag" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1836-1</id><title>Plexus-Archiver</title><description>Security Fix(es): 
* plexus-archiver: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-1002200)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-06-12 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="noarch" name="plexus-archiver" release="5.el7_5" src="plexus-archiver-2.4.2-5.el7_5.src.rpm" version="2.4.2"><filename>plexus-archiver-2.4.2-5.el7_5.noarch.rpm</filename><sum type="sha256">b9ff0d5e282c0e8ac3b94cb83dcc1d767bb7fe8ca700cfd46b746624ac8cd35e</sum></package><package arch="noarch" name="plexus-archiver-javadoc" release="5.el7_5" src="plexus-archiver-2.4.2-5.el7_5.src.rpm" version="2.4.2"><filename>plexus-archiver-javadoc-2.4.2-5.el7_5.noarch.rpm</filename><sum type="sha256">64f255787bc562d507e4aa30d846bb6b4637aee4f8d7027620777b760b7b3c94</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002200" id="CVE-2018-1002200" title="Plexus-Archiver: Arbitrary File Write Vulnerability / Arbitrary Code Execution Using A Specially Crafted Zip File" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1836" id="RHSA-2018:1836-1" title="Rhsa-2018:1836-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1584392" id="1584392" title="Plexus-Archiver: Arbitrary File Write Vulnerability / Arbitrary Code Execution Using A Specially Crafted Zip File" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1852-1</id><title>Kernel</title><description>Security Fix(es): 
* Kernel: FPU state information leakage via lazy FPU restore (CVE-2018-3665)</description><severity>moderate</severity><release>Scientific Linux</release><issued date="2018-06-14 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="kernel-devel" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-devel-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">9b32fc782a485e4f7b953f2dab897d067b7e24965b3ed8f5eefdc22c315e0591</sum></package><package arch="x86_64" name="python-perf" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>python-perf-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">e90be9b26d66c1865b41403a04563284f1a7312c8c13e8bbdcda864836033c8a</sum></package><package arch="x86_64" name="kernel-tools-libs-devel" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-devel-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">e85649104f5abf52387e279f0771fb049031de098349434480be6c3544a1e771</sum></package><package arch="x86_64" name="kernel" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">a586afaaa05acada487fa3f4896285d16261e775f420c5612adf2cad935006e8</sum></package><package arch="x86_64" name="kernel-tools-libs" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">3c524e8ee8559f9d6d04541fe55c5f16a4d773a620b44638052340a476440d4e</sum></package><package arch="x86_64" name="kernel-debug-devel" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-debug-devel-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">d9d0116298a25dc2840bfdc144cc5957584f3a989d9b1289e066c93d4886f8c3</sum></package><package arch="x86_64" name="kernel-tools" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-tools-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">bd5385fb0be3b368f930a1a047d6b2257aee78c9dfda3b2c90d6b838f8dcedce</sum></package><package arch="noarch" name="kernel-doc" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-doc-3.10.0-862.3.3.el7.noarch.rpm</filename><sum type="sha256">ba5a4a45a26dc3dc0c1902c450a65174554ced7a13711c923b440298267c4a24</sum></package><package arch="x86_64" name="kernel-debug" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-debug-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">8d5fe5e64cf4bb64419be5c57c248523be1a65ebeebee827ff89ba4e8e042d03</sum></package><package arch="noarch" name="kernel-abi-whitelists" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-abi-whitelists-3.10.0-862.3.3.el7.noarch.rpm</filename><sum type="sha256">5e219d10faa5c33d37fa2e9e520b57440812533628aebfaff6f886c4dd2a4ae2</sum></package><package arch="x86_64" name="perf" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>perf-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">b47c1052f5abfc8842347a860b79a98bd334b8b6e91dd60ca2d6d0b3d62963e9</sum></package><package arch="x86_64" name="kernel-headers" release="862.3.3.el7" src="kernel-3.10.0-862.3.3.el7.src.rpm" version="3.10.0"><filename>kernel-headers-3.10.0-862.3.3.el7.x86_64.rpm</filename><sum type="sha256">4dece7f9bc150b7e9964c4b822f7ea25ca3e617f3dc61f4ba1f191cc59379ddd</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3665" id="CVE-2018-3665" title="Kernel: Fpu State Information Leakage Via Lazy Fpu Restore" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1852" id="RHSA-2018:1852-1" title="Rhsa-2018:1852-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#moderate" id="moderate" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1585011" id="1585011" title="Kernel: Fpu State Information Leakage Via Lazy Fpu Restore" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1957-1</id><title>Git</title><description>Security Fix(es): 
* git: arbitrary code execution when recursively cloning a malicious repository (CVE-2018-11235)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-06-21 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="noarch" name="git-email" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-email-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">4e1eb28880ab7e8d68d7ea0399369f2d6d7c11abf0f57ce320b179523da92336</sum></package><package arch="noarch" name="git-hg" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-hg-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">3671de306b0ebe40e8897bdeedf68a030f35d88325e9418e1cc262913d365851</sum></package><package arch="x86_64" name="git-svn" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-svn-1.8.3.1-14.el7_5.x86_64.rpm</filename><sum type="sha256">168aba5f0a14349a2ae30e28bb944d309ab6e757d8bf361f134896026a1c31ed</sum></package><package arch="noarch" name="git-p4" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-p4-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">3dfb02d8c7f7ca5b784687b014b5d9d52c48d057d83d75a951d96039ffea27b4</sum></package><package arch="noarch" name="git-gui" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-gui-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">1e93e59228bc71cf6e92d1dd21f27cba148ef54ed922cb869e9e2e1205d2e8c8</sum></package><package arch="noarch" name="git-cvs" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-cvs-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">c4b5dc95fc376fc345a69755ef972517a33c20f5877b7c5ac1f82b1823a71e39</sum></package><package arch="noarch" name="emacs-git" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>emacs-git-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">ddc2dfb4b919aab9add7cd9e5a4ef86ea5d1ea41fde98531a78e7a5050c4b4e4</sum></package><package arch="noarch" name="gitweb" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>gitweb-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">178cfe185259d928b701961c76def2dcaa3f3d7dbfaf8c9591ead42a78827a34</sum></package><package arch="noarch" name="git-all" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-all-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">91ab43e48135962114c738da479dffc0ac1369e4bfc1fbc6c7bd83604a310b69</sum></package><package arch="noarch" name="emacs-git-el" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>emacs-git-el-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">30a795f50ee03e69ab1573599804700d4a136e3958f02c91666b6b23b58c1008</sum></package><package arch="noarch" name="gitk" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>gitk-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">1f64ac713d605efbc0e9d17ccdcb150ff5227fb41d5aa247db94c2da5863fedf</sum></package><package arch="noarch" name="perl-Git-SVN" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>perl-Git-SVN-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">ebf6a9d86925631d193a2680ca78502e0a5ad4cbc0746005b5939f801906a8d5</sum></package><package arch="x86_64" name="git-daemon" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-daemon-1.8.3.1-14.el7_5.x86_64.rpm</filename><sum type="sha256">b017f182e06b68c1cca028a96217110e85b5acb15bc9944b3afc1d23aa812b4d</sum></package><package arch="noarch" name="perl-Git" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>perl-Git-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">db76da7c88efb9d33c4096e7c16f661846239074e79f736953f0c0cee81ce67b</sum></package><package arch="noarch" name="git-bzr" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-bzr-1.8.3.1-14.el7_5.noarch.rpm</filename><sum type="sha256">eeafc3ac4d2208038707d3b1d1d91129c31eafaef722fb74e2b47f8120b4b457</sum></package><package arch="x86_64" name="git" release="14.el7_5" src="git-1.8.3.1-14.el7_5.src.rpm" version="1.8.3.1"><filename>git-1.8.3.1-14.el7_5.x86_64.rpm</filename><sum type="sha256">48fea71ea920f4e4cedbec5731f97c14405927de9565ee8749d3e315fd00f722</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235" id="CVE-2018-11235" title="Git: Arbitrary Code Execution When Recursively Cloning A Malicious Repository" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1957" id="RHSA-2018:1957-1" title="Rhsa-2018:1957-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1583862" id="1583862" title="Git: Arbitrary Code Execution When Recursively Cloning A Malicious Repository" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1965-1</id><title>Kernel</title><description>Security Fix(es): 
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load &amp; Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, PowerPC, x86 AMD) 
* kernel: Out-of-bounds access via an XFRM_MSG_MIGRATE xfrm Netlink message (CVE-2017-11600) 
Bug Fix(es): 
See the descriptions in the related Knowledge Article:</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-06-26 00:00:00" /><reboot_suggested>true</reboot_suggested><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="kernel-tools-libs-devel" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-devel-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">c1263565ee70e5e35cc456e1ad091dd41472625b162fcbe55c67e73dc72d1130</sum></package><package arch="x86_64" name="kernel-debug-devel" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-debug-devel-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">2c159fb363dc88cf096419e14410317f70596e61a59c6938a5ba2c9fce84cb9f</sum></package><package arch="x86_64" name="kernel" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">453d3a410240342190ef4367ee0dc19c7f84fc96f426f7d24a133ab96d7a8402</sum></package><package arch="x86_64" name="python-perf" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>python-perf-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">2c5de5da7ec2901998591baf26a7d5dfb70e0fac602a75576aaac09801153e26</sum></package><package arch="x86_64" name="kernel-tools-libs" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">13fc7e18e61a364aaa5f288947d676aa4b84f5cbedc15f511738bc9936806c5d</sum></package><package arch="noarch" name="kernel-doc" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-doc-3.10.0-862.6.3.el7.noarch.rpm</filename><sum type="sha256">06eeaf1f1713fd956b323e1f15701f036811e3d2662b5b3ee239e0c0488056dd</sum></package><package arch="x86_64" name="kernel-headers" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-headers-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">3d9489c1830726b24ee7f6d7de03ce4192f5b6455f7abecd7487250aa1601f56</sum></package><package arch="x86_64" name="kernel-debug" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-debug-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">cd8aa3a5d401ae5a20c7d1c1342a27279c95018053926f776b80814d4c7f1ec3</sum></package><package arch="x86_64" name="perf" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>perf-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">9a9204a2b80a8bfb723aca294fb395a150e86d7748ff5745ea7d244ca18e0aad</sum></package><package arch="noarch" name="kernel-abi-whitelists" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-abi-whitelists-3.10.0-862.6.3.el7.noarch.rpm</filename><sum type="sha256">ad7a486184d1c2f1972eb3029c8045c5a92f0c108acaf8a30b2befe9f8b4c373</sum></package><package arch="x86_64" name="kernel-tools" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-tools-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">776a532620ad1213682b6b6a3a6322a78b604465f0fccdb54ed83cde2f9faf03</sum></package><package arch="x86_64" name="kernel-devel" release="862.6.3.el7" src="kernel-3.10.0-862.6.3.el7.src.rpm" version="3.10.0"><filename>kernel-devel-3.10.0-862.6.3.el7.x86_64.rpm</filename><sum type="sha256">26419618715c8b6b6d1d727fc847fed1b4f74a5932a58fdc24c54b6e8c937e5f</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11600" id="CVE-2017-11600" title="Kernel: Out-Of-Bounds Access Via An Xfrm_Msg_Migrate Xfrm Netlink Message" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639" id="CVE-2018-3639" title="Hw: Cpu: Speculative Store Bypass" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1965" id="RHSA-2018:1965-1" title="Rhsa-2018:1965-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1474928" id="1474928" title="Kernel: Out-Of-Bounds Access Via An Xfrm_Msg_Migrate Xfrm Netlink Message" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1566890" id="1566890" title="Hw: Cpu: Speculative Store Bypass" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1979-1</id><title>Pki-Core</title><description>Security Fix(es): 
* pki-core: Mishandled ACL configuration in AAclAuthz.java reverses rules that allow and deny access (CVE-2018-1080) 
Bug Fix(es): 
* Previously, when ECC keys were enrolled, Certificate Management over CMS (CMC) authentication failed with a "TokenException: Unable to insert certificate into temporary database" error. As a consequence, the enrollment failed. This update fixes the problem. As a result, the mentioned bug no longer occurs. 
* Previously, Certificate System used the same enrollment profiles for issuing RSA and ECC certificates. As a consequence, the key usage extension in issued certificates did not meet the Common Criteria standard. This update adds ECC-specific enrollment profiles where the key usage extension for TLS server and client certificates are different as described in RFC 6960. Additionally, the update changes existing profiles to issue only RSA certificates. As a result, the key usage extension in ECC certificates now meets the Common Criteria standard. 
* The Certificate System server rejects saving invalid access control lists (ACL). As a consequence, when saving an ACL with an empty expression, the server rejected the update and the pkiconsole utility displayed an StringIndexOutOfBoundsException error. With this update, the utility rejects empty ACL expressions. As a result, invalid ACLs cannot be saved and the error is no longer displayed. 
* Previously, due to a bug in the Certificate System installation procedure, installing a Key Recovery Authority (KRA) with ECC keys failed. To fix the problem, the installation process has been updated to handle both RSA and ECC subsystems automatically. As a result, installing subsystems with ECC keys no longer fail. 
* Previously, during verification, Certificate System encoded the ECC public key incorrectly in CMC Certificate Request Message Format (CRMF) requests. As a consequence, requesting an ECC certificate with Certificate Management over CMS (CMC) in CRMF failed. The problem has been fixed, and as a result, CMC CRMF requests using ECC keys work as expected. 
Enhancement(s): 
* The pkispawn man page has been updated and now describes the - --skip- configuration and --skip-installation parameters. 
* With this update, Certificate System adds the Subject Alternative Name (SAN) extension by default to server certificates and sets it to the Common Name (CN) of the certificate. 
* With this enhancement, users can create Certificate Request Message Format (CRMF) requests without the key archival option when using the CRMFPopClient utility. This feature increases flexibility because a Key Recovery Authority (KRA) certificate is no longer required. Previously, if the user did not pass the "-b transport_certificate_file" option to CRMFPopClient, the utility automatically used the KRA transport certificate stored in the transport.txt file. With this update, if "-b transport_certificate_file" is not specified, Certificate System creates a request without using key archival.</description><severity>moderate</severity><release>Scientific Linux</release><issued date="2018-06-26 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="noarch" name="pki-base-java" release="13.1.el7_5" src="pki-core-10.5.1-13.1.el7_5.src.rpm" version="10.5.1"><filename>pki-base-java-10.5.1-13.1.el7_5.noarch.rpm</filename><sum type="sha256">041655e7cf63f7c0b3dc984087d04bba653d52223c85dfafd7a4c4ffdb3977d3</sum></package><package arch="noarch" name="pki-kra" release="13.1.el7_5" src="pki-core-10.5.1-13.1.el7_5.src.rpm" version="10.5.1"><filename>pki-kra-10.5.1-13.1.el7_5.noarch.rpm</filename><sum type="sha256">6daab18699eed43ec273147d20d44a37e452eaafa5f34670fe94a88df76e6bc4</sum></package><package arch="x86_64" name="pki-tools" release="13.1.el7_5" src="pki-core-10.5.1-13.1.el7_5.src.rpm" version="10.5.1"><filename>pki-tools-10.5.1-13.1.el7_5.x86_64.rpm</filename><sum type="sha256">cdc12bcca6cbc151e0817a1837d9f3adefc9fa9ad3752d6751ba127d70b27a53</sum></package><package arch="noarch" name="pki-base" release="13.1.el7_5" src="pki-core-10.5.1-13.1.el7_5.src.rpm" version="10.5.1"><filename>pki-base-10.5.1-13.1.el7_5.noarch.rpm</filename><sum type="sha256">58262a26678e6d8bc9b650b748d3fe86ee1af169ec24c8a3abb5f004ebae00e9</sum></package><package arch="noarch" name="pki-ca" release="13.1.el7_5" src="pki-core-10.5.1-13.1.el7_5.src.rpm" version="10.5.1"><filename>pki-ca-10.5.1-13.1.el7_5.noarch.rpm</filename><sum type="sha256">e03e212712328bec7dffb05ae4cb48d62194cee78deaf4d3719a624043c47f23</sum></package><package arch="noarch" name="pki-server" release="13.1.el7_5" src="pki-core-10.5.1-13.1.el7_5.src.rpm" version="10.5.1"><filename>pki-server-10.5.1-13.1.el7_5.noarch.rpm</filename><sum type="sha256">087a2b37f7f58bd6ca7e666e70d71d946932c809a67d3f8aa15f0869861c65e5</sum></package><package arch="noarch" name="pki-javadoc" release="13.1.el7_5" src="pki-core-10.5.1-13.1.el7_5.src.rpm" version="10.5.1"><filename>pki-javadoc-10.5.1-13.1.el7_5.noarch.rpm</filename><sum type="sha256">95a4779e118bb0bda58d119e494a9661da71cdb8943d902b636645d63255832f</sum></package><package arch="x86_64" name="pki-symkey" release="13.1.el7_5" src="pki-core-10.5.1-13.1.el7_5.src.rpm" version="10.5.1"><filename>pki-symkey-10.5.1-13.1.el7_5.x86_64.rpm</filename><sum type="sha256">8a7307d75153a57c1547f6c8b861c132a0e176cf3ab71db888991b5bfc654d35</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1080" id="CVE-2018-1080" title="Pki-Core: Mishandled Acl Configuration In Aaclauthz.Java Reverses Rules That Allow And Deny Access" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1979" id="RHSA-2018:1979-1" title="Rhsa-2018:1979-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#moderate" id="moderate" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1556657" id="1556657" title="Pki-Core: Mishandled Acl Configuration In Aaclauthz.Java Reverses Rules That Allow And Deny Access" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:1997-1</id><title>Libvirt</title><description>Security Fix(es): 
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load &amp; Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) 
Note: This is the libvirt side of the CVE-2018-3639 mitigation that includes support for guests running on hosts with AMD processors. 
Bug Fix(es): 
* Previously, the virtlogd service logged redundant AVC denial errors when a guest virtual machine was started. With this update, the virtlogd service no longer attempts to send shutdown inhibition calls to systemd, which prevents the described errors from occurring. 
* Prior to this update, guest virtual machine actions that use a python library in some cases failed and "Hash operation not allowed during iteration" error messages were logged. Several redundant thread access checks have been removed, and the problem no longer occurs. 
* The "virsh capabilities" command previously displayed an inaccurate number of 4 KiB memory pages on systems with very large amounts of memory. This update optimizes the memory diagnostic mechanism to ensure memory page numbers are displayed correctly on such systems.</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-06-26 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="libvirt-daemon-driver-storage-rbd" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">4fc0f30b6c5c22f354a8e873ab4c01750555f5efdc7fd1c29e9cb05e0fc19d1f</sum></package><package arch="x86_64" name="libvirt-daemon-driver-network" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-network-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">766971967707513c7e8180f017be8c852c35aad5fbc3910ac10437058fbceab3</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-mpath" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">2e2ef92f95d299aa80364dbd450be3ffdb38e9bb310d4f4f81ee73b90711adef</sum></package><package arch="x86_64" name="libvirt-admin" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-admin-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">e2bd1255c0d874489b0e62599a48e5e69a4cbe5cb776e555fa4e109b25871dad</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-scsi" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">bd0c71e0ce66b3cf47e2bd50dce9b6edc7c6ad2491658aefaceffbd0e48c6693</sum></package><package arch="x86_64" name="libvirt-libs" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-libs-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">13c1cfc61269ccf06659aad37a8b948473b8582d5d2fdc371855e43d09c24ec2</sum></package><package arch="x86_64" name="libvirt-lock-sanlock" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-lock-sanlock-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">99d03ce1e4cb86f63657609713f78a569635183e2e311c5f2bbb617a28a5cdf7</sum></package><package arch="x86_64" name="libvirt-docs" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-docs-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">7c2a9daba202bc39674f7d0d666b6dfdf38a787dc42c54228cb996d2c3ee8c7f</sum></package><package arch="x86_64" name="libvirt-daemon-driver-interface" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-interface-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">59e296ea34522cf4cf0e4d694eadfedf5dd103855569a439a5929983b74234b0</sum></package><package arch="x86_64" name="libvirt-daemon-config-network" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-config-network-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">e95b2a1c3a2ba0689fb9232131def788b9aa15dd6ddb708223e49c1ca1f1df14</sum></package><package arch="x86_64" name="libvirt-daemon-driver-lxc" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-lxc-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">be4cbbfe1569a5e957a987db447df88b4f3efdedcab6a3570476e113729e1f27</sum></package><package arch="i686" name="libvirt-nss" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-nss-3.9.0-14.el7_5.6.i686.rpm</filename><sum type="sha256">f0a6110e2db5f0b1f6fab0a2cfbc16a0508e03a491ad9a6affa027f642cbe0df</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-iscsi" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">6ac6732091a19d621e0cfd3be3e8d3696fb83443ded706a0333be4a229546394</sum></package><package arch="x86_64" name="libvirt-daemon-driver-nwfilter" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">0f0071f330d5050a2cd1969ea21546d74a6cd2a032ad27bb90d187766aff30fd</sum></package><package arch="i686" name="libvirt-devel" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-devel-3.9.0-14.el7_5.6.i686.rpm</filename><sum type="sha256">17cea5dbfb9c52eaf796fc6343b24463a5ef2be60bb530a29b0984146c4a1f2e</sum></package><package arch="x86_64" name="libvirt-daemon-kvm" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-kvm-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">e236fbc892c906f886eeca53147342ac8d803f9331c8621bf6e2aada2cad9669</sum></package><package arch="x86_64" name="libvirt" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">ae95023bf7b6937ebf5589632a256eaf8a868efe3399b2e6e3c4388a6f71a14c</sum></package><package arch="i686" name="libvirt-client" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-client-3.9.0-14.el7_5.6.i686.rpm</filename><sum type="sha256">25766584762fd6be45e385941b6e8fdc23f64212b7f31fb1f4527d55b1d938d1</sum></package><package arch="x86_64" name="libvirt-daemon" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">ac0e30bafea0cd48b49dab3e6fe2331de96631f66657c78ef77a3612cca69cd0</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-logical" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">895836123cbb904323d7814e640d60b9e5ec29bb29a63951c1ae934f272b269f</sum></package><package arch="x86_64" name="libvirt-daemon-lxc" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-lxc-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">0cf044ba37fb3bfacbc0ddc49b5542955db7a5b57815122154b8030ade89065e</sum></package><package arch="x86_64" name="libvirt-daemon-config-nwfilter" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">05e8eb3250c140b6ae8fed1bed9c26c9cbef99112690a11a53b01ac367f7cdab</sum></package><package arch="x86_64" name="libvirt-daemon-driver-nodedev" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">87db48bb8f64da1d19e3560beee150437e4be52a5babf0ddcb2f6b638e247ca1</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">37fdfcd716ee1d9025607ffa170bc4cd04c901e8f5dd2ff8977810f8c1804599</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-disk" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">c4bb5739d3dff641056a22b537b473323ae0be7c52d284f50ad7193e95d0eba5</sum></package><package arch="x86_64" name="libvirt-client" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-client-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">6dd53aae863372ddfbfe8e34091b4ab00aa22f44e2b7bec08cc68bf364bb5256</sum></package><package arch="x86_64" name="libvirt-devel" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-devel-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">6206797e6dcee249ae2fe0427f276f1c1156a04f5b0bf5e451bedb4f4ea691a8</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-core" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">ed0560d738ae9ff9837b16303964ed26ff6a9cfeffddc5cf70a3c6e17cb7f722</sum></package><package arch="x86_64" name="libvirt-daemon-driver-secret" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-secret-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">9684ef9a910fb5727ae3e32c838fe45e3f277fb3cef6f20f2b23f3678930308b</sum></package><package arch="x86_64" name="libvirt-daemon-driver-storage-gluster" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">d7699a2228de5bbef65e326eaca4999ea13713cd402150835ae95e9ed1792681</sum></package><package arch="x86_64" name="libvirt-login-shell" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-login-shell-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">ad50aa7680f5e3e35162d4eec5c611ff51ccbcee9f08415eb20d71c8b909fc71</sum></package><package arch="x86_64" name="libvirt-nss" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-nss-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">bd409d9b58722d24d14ba5804cbce02144d144de35453f5b15ecccf702347faf</sum></package><package arch="i686" name="libvirt-libs" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-libs-3.9.0-14.el7_5.6.i686.rpm</filename><sum type="sha256">bcdd464ca23f24150efa60fc7dcd0afca87e747ad93b4de2046cc6f6997ef12f</sum></package><package arch="x86_64" name="libvirt-daemon-driver-qemu" release="14.el7_5.6" src="libvirt-3.9.0-14.el7_5.6.src.rpm" version="3.9.0"><filename>libvirt-daemon-driver-qemu-3.9.0-14.el7_5.6.x86_64.rpm</filename><sum type="sha256">92c4d431ef98fc7430dcd7908e0363f28218faff2abc63ebd1cac83bc3f736f7</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639" id="CVE-2018-3639" title="Hw: Cpu: Speculative Store Bypass" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:1997" id="RHSA-2018:1997-1" title="Rhsa-2018:1997-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1566890" id="1566890" title="Hw: Cpu: Speculative Store Bypass" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2001-1</id><title>Qemu-Kvm</title><description>Security Fix(es): 
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load &amp; Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) 
Note: This is the qemu-kvm side of the CVE-2018-3639 mitigation that includes support for guests running on hosts with AMD processors.</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-06-26 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="10" name="qemu-img" release="156.el7_5.3" src="qemu-kvm-1.5.3-156.el7_5.3.src.rpm" version="1.5.3"><filename>qemu-img-1.5.3-156.el7_5.3.x86_64.rpm</filename><sum type="sha256">1a37af576743f52c434fe90e4d1f94ade9461390b10a750cf80a91d0b5033a8f</sum></package><package arch="x86_64" epoch="10" name="qemu-kvm-tools" release="156.el7_5.3" src="qemu-kvm-1.5.3-156.el7_5.3.src.rpm" version="1.5.3"><filename>qemu-kvm-tools-1.5.3-156.el7_5.3.x86_64.rpm</filename><sum type="sha256">f41503c109bf082d3ba2a526d6c2977547e85db0ab450ad0a7c5b5be2774ce0f</sum></package><package arch="x86_64" epoch="10" name="qemu-kvm" release="156.el7_5.3" src="qemu-kvm-1.5.3-156.el7_5.3.src.rpm" version="1.5.3"><filename>qemu-kvm-1.5.3-156.el7_5.3.x86_64.rpm</filename><sum type="sha256">0f1439fe7da1344332360600239adaa0298afde26a3575592ec1fb3e68a86c49</sum></package><package arch="x86_64" epoch="10" name="qemu-kvm-common" release="156.el7_5.3" src="qemu-kvm-1.5.3-156.el7_5.3.src.rpm" version="1.5.3"><filename>qemu-kvm-common-1.5.3-156.el7_5.3.x86_64.rpm</filename><sum type="sha256">30e74d3957b47409fd77b968bb85dd87c1df328f0436e865de500ea9420cb14d</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639" id="CVE-2018-3639" title="Hw: Cpu: Speculative Store Bypass" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2001" id="RHSA-2018:2001-1" title="Rhsa-2018:2001-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1566890" id="1566890" title="Hw: Cpu: Speculative Store Bypass" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2113-1</id><title>Firefox</title><description>This update upgrades Firefox to version 60.1.0 ESR. 
Many older firefox extensions must be updated to work with this new release. 
Security Fix(es): 
* Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 (CVE-2018-5188) 
* Mozilla: Buffer overflow using computed size of canvas element (CVE-2018-12359) 
* Mozilla: Use-after-free using focus() (CVE-2018-12360) 
* Mozilla: Media recorder segmentation fault when track type is changed during capture (CVE-2018-5156) 
* Skia: Heap buffer overflow rasterizing paths in SVG (CVE-2018-6126) 
* Mozilla: Integer overflow in SSSE3 scaler (CVE-2018-12362) 
* Mozilla: Use-after-free when appending DOM nodes (CVE-2018-12363) 
* Mozilla: CSRF attacks through 307 redirects and NPAPI plugins (CVE-2018-12364) 
* Mozilla: address bar username and password spoofing in reader mode (CVE-2017-7762) 
* Mozilla: Compromised IPC child process can list local filenames (CVE-2018-12365) 
* Mozilla: Invalid data handling during QCMS transformations (CVE-2018-12366)</description><severity>critical</severity><release>Scientific Linux</release><issued date="2018-07-05 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="i686" name="firefox" release="4.el7_5" src="firefox-60.1.0-4.el7_5.src.rpm" version="60.1.0"><filename>firefox-60.1.0-4.el7_5.i686.rpm</filename><sum type="sha256">d84a7fc264d1026a99af25400b66d06d95cb0c8a163562694dd62952a9d6ba46</sum></package><package arch="x86_64" name="firefox" release="4.el7_5" src="firefox-60.1.0-4.el7_5.src.rpm" version="60.1.0"><filename>firefox-60.1.0-4.el7_5.x86_64.rpm</filename><sum type="sha256">aa59a857b5d6e2590187ea8f5157a0262159442f78e527ef95d5eb6e491785c6</sum></package><package arch="noarch" name="sl-indexhtml" release="5.sl7" src="sl-indexhtml-7-5.sl7.src.rpm" version="7"><filename>sl-indexhtml-7-5.sl7.noarch.rpm</filename><sum type="sha256">9d5d957e19d67a9538769de75ce89ad27ed5805f0b33ee0df4c591567a3cad2a</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7762" id="CVE-2017-7762" title="Mozilla: Address Bar Username And Password Spoofing In Reader Mode" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" id="CVE-2018-12359" title="Mozilla: Buffer Overflow Using Computed Size Of Canvas Element" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" id="CVE-2018-12360" title="Mozilla: Use-After-Free Using Focus()" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" id="CVE-2018-12362" title="Mozilla: Integer Overflow In Ssse3 Scaler" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" id="CVE-2018-12363" title="Mozilla: Use-After-Free When Appending Dom Nodes" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" id="CVE-2018-12364" title="Mozilla: Csrf Attacks Through 307 Redirects And Npapi Plugins" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" id="CVE-2018-12365" title="Mozilla: Compromised Ipc Child Process Can List Local Filenames" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" id="CVE-2018-12366" title="Mozilla: Invalid Data Handling During Qcms Transformations" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" id="CVE-2018-5156" title="Mozilla: Media Recorder Segmentation Fault When Track Type Is Changed During Capture" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" id="CVE-2018-5188" title="Mozilla: Memory Safety Bugs Fixed In Firefox 61, Firefox Esr 60.1, And Firefox Esr 52.9" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6126" id="CVE-2018-6126" title="Chromium-Browser: Heap Buffer Overflow In Skia" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2113" id="RHSA-2018:2113-1" title="Rhsa-2018:2113-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#critical" id="critical" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1584035" id="1584035" title="Chromium-Browser: Heap Buffer Overflow In Skia" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1590493" id="1590493" title="Mozilla: Address Bar Username And Password Spoofing In Reader Mode" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595024" id="1595024" title="Mozilla: Buffer Overflow Using Computed Size Of Canvas Element" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595025" id="1595025" title="Mozilla: Use-After-Free Using Focus()" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595027" id="1595027" title="Mozilla: Integer Overflow In Ssse3 Scaler" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595028" id="1595028" title="Mozilla: Use-After-Free When Appending Dom Nodes" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595029" id="1595029" title="Mozilla: Csrf Attacks Through 307 Redirects And Npapi Plugins" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595030" id="1595030" title="Mozilla: Compromised Ipc Child Process Can List Local Filenames" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595031" id="1595031" title="Mozilla: Invalid Data Handling During Qcms Transformations" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595037" id="1595037" title="Mozilla: Media Recorder Segmentation Fault When Track Type Is Changed During Capture" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595040" id="1595040" title="Mozilla: Memory Safety Bugs Fixed In Firefox 61, Firefox Esr 60.1, And Firefox Esr 52.9" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2123-1</id><title>Python</title><description>Security Fix(es): 
* A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) 
Note: This update modifies the Python ssl module to disable 3DES cipher suites by default.</description><severity>moderate</severity><release>Scientific Linux</release><issued date="2018-07-03 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="python" release="69.el7_5" src="python-2.7.5-69.el7_5.src.rpm" version="2.7.5"><filename>python-2.7.5-69.el7_5.x86_64.rpm</filename><sum type="sha256">0e35287bf16923976d9a587f96913342f1a61ca13e205c677463fc28469cae98</sum></package><package arch="x86_64" name="python-devel" release="69.el7_5" src="python-2.7.5-69.el7_5.src.rpm" version="2.7.5"><filename>python-devel-2.7.5-69.el7_5.x86_64.rpm</filename><sum type="sha256">1c8c9fe0b7458eed5e1a95d95885d4442ccb8f27a3587596865a53abe39887f3</sum></package><package arch="x86_64" name="python-tools" release="69.el7_5" src="python-2.7.5-69.el7_5.src.rpm" version="2.7.5"><filename>python-tools-2.7.5-69.el7_5.x86_64.rpm</filename><sum type="sha256">2cf9f4a6c1d0c6f241e61b1f263fd1f7224e07150fa1ff11bda246605eb8617c</sum></package><package arch="i686" name="python-libs" release="69.el7_5" src="python-2.7.5-69.el7_5.src.rpm" version="2.7.5"><filename>python-libs-2.7.5-69.el7_5.i686.rpm</filename><sum type="sha256">9bca472a834687da1772c349647aee4ec4fc18ef9c77963ee0083fdd0a6ba52f</sum></package><package arch="x86_64" name="python-debug" release="69.el7_5" src="python-2.7.5-69.el7_5.src.rpm" version="2.7.5"><filename>python-debug-2.7.5-69.el7_5.x86_64.rpm</filename><sum type="sha256">f042ab94c3e17d52f2b8d71674802e09fac5e185618612d172debecea2919618</sum></package><package arch="x86_64" name="python-test" release="69.el7_5" src="python-2.7.5-69.el7_5.src.rpm" version="2.7.5"><filename>python-test-2.7.5-69.el7_5.x86_64.rpm</filename><sum type="sha256">2e6a006462d254e14da0b99b1d588ad23c0eec97175d1f5ec6529c959abe160a</sum></package><package arch="x86_64" name="python-libs" release="69.el7_5" src="python-2.7.5-69.el7_5.src.rpm" version="2.7.5"><filename>python-libs-2.7.5-69.el7_5.x86_64.rpm</filename><sum type="sha256">91354124e23003d6d2dc73d637275ef5f1c4b62f188bd21aa03dce62e128a698</sum></package><package arch="x86_64" name="tkinter" release="69.el7_5" src="python-2.7.5-69.el7_5.src.rpm" version="2.7.5"><filename>tkinter-2.7.5-69.el7_5.x86_64.rpm</filename><sum type="sha256">e49ce6b730b1b6a2e27a9ea1919afa77b6fbb948fd1cda971dd80b2d143cdbbc</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183" id="CVE-2016-2183" title="Ssl/Tls: Birthday Attack Against 64-Bit Block Ciphers (Sweet32)" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2123" id="RHSA-2018:2123-1" title="Rhsa-2018:2123-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#moderate" id="moderate" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1369383" id="1369383" title="Ssl/Tls: Birthday Attack Against 64-Bit Block Ciphers (Sweet32)" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2181-1</id><title>Gnupg2</title><description>Security Fix(es): 
* gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification (CVE-2018-12020)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-07-16 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="gnupg2" release="5.el7_5" src="gnupg2-2.0.22-5.el7_5.src.rpm" version="2.0.22"><filename>gnupg2-2.0.22-5.el7_5.x86_64.rpm</filename><sum type="sha256">2184b2cf83f8a633ca0069bc4faf294de5d87604908a872633c4dc915ac160ed</sum></package><package arch="x86_64" name="gnupg2-smime" release="5.el7_5" src="gnupg2-2.0.22-5.el7_5.src.rpm" version="2.0.22"><filename>gnupg2-smime-2.0.22-5.el7_5.x86_64.rpm</filename><sum type="sha256">dec84bff116b50e850dadfa222a4765c3c8b6ecbb6b24dd31e173cd421bde93e</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020" id="CVE-2018-12020" title="Gnupg2: Improper Sanitization Of Filenames " type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2181" id="RHSA-2018:2181-1" title="Rhsa-2018:2181-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1589620" id="1589620" title="Gnupg2: Improper Sanitization Of Filenames " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2240-1</id><title>Openslp</title><description>Security Fix(es): 
* openslp: Heap memory corruption in slpd/slpd_process.c allows denial of service or potentially code execution (CVE-2017-17833)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-07-23 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="i686" epoch="1" name="openslp" release="7.el7_5" src="openslp-2.0.0-7.el7_5.src.rpm" version="2.0.0"><filename>openslp-2.0.0-7.el7_5.i686.rpm</filename><sum type="sha256">4a00a98f8c9f30c65bc6d7e05e949cf8a3f519ba1c0a60ebcbb91cdcd5130985</sum></package><package arch="i686" epoch="1" name="openslp-devel" release="7.el7_5" src="openslp-2.0.0-7.el7_5.src.rpm" version="2.0.0"><filename>openslp-devel-2.0.0-7.el7_5.i686.rpm</filename><sum type="sha256">38d100fc0d0a403b832dbceeb3d72007e347fb264c6dbc7825740b879d140296</sum></package><package arch="x86_64" epoch="1" name="openslp" release="7.el7_5" src="openslp-2.0.0-7.el7_5.src.rpm" version="2.0.0"><filename>openslp-2.0.0-7.el7_5.x86_64.rpm</filename><sum type="sha256">3e9beb9e1ca1431f78c63ae0fe60c5c68df8662b85a2ef6f9ccc64d3bc1f3231</sum></package><package arch="x86_64" epoch="1" name="openslp-server" release="7.el7_5" src="openslp-2.0.0-7.el7_5.src.rpm" version="2.0.0"><filename>openslp-server-2.0.0-7.el7_5.x86_64.rpm</filename><sum type="sha256">9bbccc4253b1edc0abd561ba03d761e37645c5d7f6f6d0318ca31d9a365a3bb9</sum></package><package arch="x86_64" epoch="1" name="openslp-devel" release="7.el7_5" src="openslp-2.0.0-7.el7_5.src.rpm" version="2.0.0"><filename>openslp-devel-2.0.0-7.el7_5.x86_64.rpm</filename><sum type="sha256">a555822ea1a94734a5b481d04c9e3f8343cf78453b0cc68e9e2da83f1cc7e8b6</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17833" id="CVE-2017-17833" title="Openslp: Heap Memory Corruption In " type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2240" id="RHSA-2018:2240-1" title="Rhsa-2018:2240-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1572166" id="1572166" title="Openslp: Heap Memory Corruption In " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2242-1</id><title>Java-1.8.0-Openjdk</title><description>Security Fix(es): 
* OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547) (CVE-2018-2952) 
Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. 
Bug Fix(es): 
* This update applies changes from OpenJDK upstream version 8u172, which provides a number of bug fixes over the previous version, 8u171. 
* OpenJDK was recently updated to support reading the system certificate authority database (cacerts) directly. As an unintended consequence, this removed the ability to read certificates from the user-provided jssecacerts file. With this update, that ability is restored by reading from that file first, if available.</description><severity>moderate</severity><release>Scientific Linux</release><issued date="2018-07-23 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="i686" epoch="1" name="java-1.8.0-openjdk-src" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">ee95ae9cec75a405e3c3463c47845210073d9cf918cf36048bdacf8e61267b1c</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">06d7c981525bff8f68cf20d6fa174ad1617af8c1ced018579c1de8108afb135f</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">acce1d5ee8402275560b24898489cf729faf2e8221431a43f657d88471fe1717</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-demo-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">04e18d75b5826a594fd73dbb551cc433d245666391fcef3b1f603d75a881c54d</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-devel-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">f66ac65562247c6bc86a390e803c41cac220dcb3200b37601d3f04db1ce5fffa</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-src-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">77d18024cc4a210819cfaee820a9835f3fdf1a1e7857bb4e38e5b3e99155d434</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">bcb60027142e729f4e95aaba9ea1fee92c15c796ed8770f7acfd5f766d73364a</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5.noarch.rpm</filename><sum type="sha256">68b29b01d9863733f8e1816908fed57d8b032b08e49e5321079f96bf8f1646ab</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-accessibility" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">6b1e9c556e9d96a5971fe249a989d6597d1fc5fec84b0bb51531aac1c5e3afff</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-accessibility-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">becaa38a0a64267e5fd73a2ce851d02673a4e1af8b9d7398e7cf73c82cebad8c</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">7de52eba037ab547126613a86d29645ba092e5064139248a5892dcc3730a7796</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">a295e63778f9b33cb0104c9f92ea03ddef7bc3fbb8079aa40e9a23098f857e6f</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-headless" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">e0e5b114203ff896ab81e55c4cbd80b4317775d201127fd0e4d12264bab5448d</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">d40aab5703d33ee01359edff9a3c72bfec2984a7a742f2444c88f12082892f1a</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">c859113c709e475207679ef3835e570cd65729bf9c95fbd26094db3e6feed25d</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">17f7b02ce2bb66783d6fe5bd275301bc4f92112303eb495e4ed220d7e050e48f</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-devel" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">efaa4decbe8c3ed2c09dedc1ef63e7fa8b6077245d44b0be098ddc311e2b01bc</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-headless-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">5e54aec927d85bf521524d6d392693d99056f6c0085437abae3c647d3709d496</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">48359dcd2e2c50f158d08491e26f6dbc01c2122a70579d879c80e64b3bf72835</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5.noarch.rpm</filename><sum type="sha256">d95f52b747cc9a2998ac6ce089572ba370b99437d54798a7a33384f914cc9c3b</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-src" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">5ca6f23404127566150bfba3d4af002c1dd44ea7ad0d86907c15a30fe0a81dbf</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5.noarch.rpm</filename><sum type="sha256">e52ca9401764aa07b73b9743accf922d75d1a7e382c52150dc2b321296d9dda8</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-devel" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">3e13f1c2a1df60af529b276ba27120604f9f69eba7c1445ff4f3b1e2ab793829</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-demo" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">d99ae18d513c244872d7bc3f7251e26b600ebacf192dac4c5ad011b7a61f16f6</sum></package><package arch="i686" epoch="1" name="java-1.8.0-openjdk-accessibility-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.i686.rpm</filename><sum type="sha256">07805aa70a16c533198998585475d004b4894fd3cd2536a2fc980da46a09e7af</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-headless" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">6ad9648fde449dbfb21b842b795bfffc5bb46b35b1d2806e9f0a2fa7aef8bbe2</sum></package><package arch="x86_64" epoch="1" name="java-1.8.0-openjdk-demo-debug" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm</filename><sum type="sha256">45a37ffc4068a55f74ea20efa70f6c73a62b76c455d4c258d4bbd8e932c7f46f</sum></package><package arch="noarch" epoch="1" name="java-1.8.0-openjdk-javadoc-zip" release="3.b13.el7_5" src="java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm" version="1.8.0.181"><filename>java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5.noarch.rpm</filename><sum type="sha256">cd2a1222758c07b4a8ce991b179fd5ead97e012619dfa7f2dda927ed4d494312</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2952" id="CVE-2018-2952" title="Openjdk: Insufficient Index Validation In " type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2242" id="RHSA-2018:2242-1" title="Rhsa-2018:2242-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#moderate" id="moderate" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1588364" id="1588364" title="Update Openjdk To 8U172 Ahead Of The July 2018 Security Update " type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1600925" id="1600925" title="Openjdk: Insufficient Index Validation In " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2252-1</id><title>Thunderbird</title><description>This update upgrades Thunderbird to version 52.9.1. 
Security Fix(es): 
* Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 (CVE-2018-5188) 
* Mozilla: Buffer overflow using computed size of canvas element (CVE-2018-12359) 
* Mozilla: Use-after-free using focus() (CVE-2018-12360) 
* Mozilla: Integer overflow in SSSE3 scaler (CVE-2018-12362) 
* Mozilla: Use-after-free when appending DOM nodes (CVE-2018-12363) 
* Mozilla: CSRF attacks through 307 redirects and NPAPI plugins (CVE-2018-12364) 
* thunderbird: S/MIME and PGP decryption oracles can be built with HTML emails (CVE-2018-12372) 
* thunderbird: S/MIME plaintext can be leaked through HTML reply/forward (CVE-2018-12373) 
* Mozilla: Compromised IPC child process can list local filenames (CVE-2018-12365) 
* Mozilla: Invalid data handling during QCMS transformations (CVE-2018-12366) 
* thunderbird: Using form to exfiltrate encrypted mail part by pressing enter in form field (CVE-2018-12374)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-07-25 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="thunderbird" release="1.el7_5" src="thunderbird-52.9.1-1.el7_5.src.rpm" version="52.9.1"><filename>thunderbird-52.9.1-1.el7_5.x86_64.rpm</filename><sum type="sha256">6584ae59bd0107c74d3cedac466a8ef5bd173b4f76f051a883986cc23df17439</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" id="CVE-2018-12359" title="Mozilla: Buffer Overflow Using Computed Size Of Canvas Element" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" id="CVE-2018-12360" title="Mozilla: Use-After-Free Using Focus()" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" id="CVE-2018-12362" title="Mozilla: Integer Overflow In Ssse3 Scaler" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" id="CVE-2018-12363" title="Mozilla: Use-After-Free When Appending Dom Nodes" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" id="CVE-2018-12364" title="Mozilla: Csrf Attacks Through 307 Redirects And Npapi Plugins" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" id="CVE-2018-12365" title="Mozilla: Compromised Ipc Child Process Can List Local Filenames" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" id="CVE-2018-12366" title="Mozilla: Invalid Data Handling During Qcms Transformations" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372" id="CVE-2018-12372" title="Thunderbird: S/Mime And Pgp Decryption Oracles " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373" id="CVE-2018-12373" title="Thunderbird: S/Mime Plaintext Can Be Leaked " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374" id="CVE-2018-12374" title="Thunderbird: Using Form To Exfiltrate Encrypted " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" id="CVE-2018-5188" title="Mozilla: Memory Safety Bugs Fixed In Firefox 61, Firefox Esr 60.1, And Firefox Esr 52.9" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2252" id="RHSA-2018:2252-1" title="Rhsa-2018:2252-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595024" id="1595024" title="Mozilla: Buffer Overflow Using Computed Size Of Canvas Element" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595025" id="1595025" title="Mozilla: Use-After-Free Using Focus()" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595027" id="1595027" title="Mozilla: Integer Overflow In Ssse3 Scaler" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595028" id="1595028" title="Mozilla: Use-After-Free When Appending Dom Nodes" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595029" id="1595029" title="Mozilla: Csrf Attacks Through 307 Redirects And Npapi Plugins" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595030" id="1595030" title="Mozilla: Compromised Ipc Child Process Can List Local Filenames" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595031" id="1595031" title="Mozilla: Invalid Data Handling During Qcms Transformations" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1595040" id="1595040" title="Mozilla: Memory Safety Bugs Fixed In Firefox 61, Firefox Esr 60.1, And Firefox Esr 52.9" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1598529" id="1598529" title="Thunderbird: S/Mime Plaintext Can Be Leaked " type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1598538" id="1598538" title="Thunderbird: S/Mime And Pgp Decryption Oracles " type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1598543" id="1598543" title="Thunderbird: Using Form To Exfiltrate Encrypted " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2285-1</id><title>Yum-Utils</title><description>Security Fix(es): 
* yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-07-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="noarch" name="yum-plugin-auto-update-debug-info" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-auto-update-debug-info-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">a89a70ac94d132032ab0e6a149efad0d4395a06842fd57a1cb802bdd0584f3ff</sum></package><package arch="noarch" name="yum-plugin-copr" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-copr-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">8f78e3c42e67199d46657c82f78f2e034a426ef572c38e27950a5052cb70f5b5</sum></package><package arch="noarch" name="yum-plugin-upgrade-helper" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-upgrade-helper-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">7490b89fdbcbe6ce3f04d99a0d4d6a079a63a537924d2a626d9b7b9beecabd77</sum></package><package arch="noarch" name="yum-plugin-filter-data" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-filter-data-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">74696089993ef7eeeced56ed39bea8b9474f92eaf63f3150e74bcfbdd6861223</sum></package><package arch="noarch" name="yum-plugin-remove-with-leaves" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-remove-with-leaves-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">bd6f203888527991ff4decdcc7662d7a4bca7da8271c3e7858dd9a91ebf28136</sum></package><package arch="noarch" name="yum-utils" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-utils-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">820bd1a06770241885a1f3e167826f5892c3fe1e34c69cf7089b556cc9f279f4</sum></package><package arch="noarch" name="yum-plugin-tsflags" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-tsflags-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">8317036b11568edc1132b70d48a35d3224e85c17783e7b65069c936d5cc6a4be</sum></package><package arch="noarch" name="yum-plugin-merge-conf" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-merge-conf-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">2b0bbdefa2b22d01ba04124475cbeeeefb392ab440bd681f8f04a9e8bd804115</sum></package><package arch="noarch" name="yum-plugin-rpm-warm-cache" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-rpm-warm-cache-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">7de92a3992cdde9a1454624cd3e39449d519b1b8d4628c67576e1404a6631a25</sum></package><package arch="noarch" name="yum-plugin-post-transaction-actions" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-post-transaction-actions-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">c3598137818e3690fce495f75fd47e294e7f1354c170c35fc4e09aaacec7a602</sum></package><package arch="noarch" name="yum-plugin-changelog" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-changelog-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">f74bdd379a01781d0c3b1be7f790b65f37b0c02b28a3947e5f4cf47d22bf854c</sum></package><package arch="noarch" name="yum-plugin-ps" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-ps-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">838ad4ee2b979f1fd22c41ca259c4a2ebaca38bb021fd43d4f5245972e1a6cf4</sum></package><package arch="noarch" name="yum-plugin-protectbase" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-protectbase-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">d91db99e848718db091e6b148d0e6ff2e1163cbaa8cc17d9b768ba333f841a79</sum></package><package arch="noarch" name="yum-plugin-priorities" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-priorities-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">d9fb1eb2a46bf8c764fa6749455ebb9316e98e7364da79b107485e2a7302b54f</sum></package><package arch="noarch" name="yum-plugin-fastestmirror" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-fastestmirror-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">f7c39ae422958b1d646d2916934e12f2956188ccf9ae7ae54c53f522a5498cd9</sum></package><package arch="noarch" name="yum-plugin-verify" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-verify-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">0d8bede273ff921021f8104d8f07580df8041f17cfa74523a10df18974bfbc99</sum></package><package arch="noarch" name="yum-plugin-fs-snapshot" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-fs-snapshot-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">f193721f18c1d94a295d5ca8742316892a90d4d9d53516d8d303c20372e2f86d</sum></package><package arch="noarch" name="yum-plugin-local" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-local-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">6e9ebab5d7c617d0419329bb68393ba09725de72eb8a18c5298d2d9e43aeb881</sum></package><package arch="noarch" name="yum-plugin-aliases" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-aliases-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">41b62c1c2aa5bc918fc224dc15f91dfcd234f4e950bc73b24ad49e431deb7c39</sum></package><package arch="noarch" name="yum-NetworkManager-dispatcher" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-NetworkManager-dispatcher-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">41f59fbeafcd703ea78dc1d218bf086a5eafd1c3e0bd0aae7d920c7bd971a7f0</sum></package><package arch="noarch" name="yum-plugin-keys" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-keys-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">ea8ef39482ca448c95a1313453160d808e9cf2b23b3d8cb641eda123026f8189</sum></package><package arch="noarch" name="yum-plugin-list-data" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-list-data-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">6aeb1e1244fce5ba0540f86bf8c9ada7bc957c350b305bee0e8290bbceed8083</sum></package><package arch="noarch" name="yum-plugin-show-leaves" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-show-leaves-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">ec989d6f04a9d311d6ff0fd54eb918365c7e00c5964c8658d62458317eb34556</sum></package><package arch="noarch" name="yum-plugin-tmprepo" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-tmprepo-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">55ad5fd1b5f614384873f7188b3ccf49338b3d3bee09a09b11a55afb675cf781</sum></package><package arch="noarch" name="yum-plugin-pre-transaction-actions" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-pre-transaction-actions-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">5f100308ade7e873ae87274f28ef96be8842722c789ab2c589f75f3aa153237d</sum></package><package arch="noarch" name="yum-updateonboot" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-updateonboot-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">85f4ecd82c43ed1cdb1afd8fbd69021070947fa8bca8539d75d54cd330abf0f3</sum></package><package arch="noarch" name="yum-plugin-versionlock" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-versionlock-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">eea648f66c83b7d8d083cc59c559579309441e1a337887e757bb99642375b722</sum></package><package arch="noarch" name="yum-plugin-ovl" release="46.el7_5" src="yum-utils-1.1.31-46.el7_5.src.rpm" version="1.1.31"><filename>yum-plugin-ovl-1.1.31-46.el7_5.noarch.rpm</filename><sum type="sha256">8c0c8c0bc65900d4a2759acfe0d7843f9ec90080eaef0475ddf163a651c3f031</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10897" id="CVE-2018-10897" title="Yum-Utils: Reposync: Improper Path Validation" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2285" id="RHSA-2018:2285-1" title="Rhsa-2018:2285-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1600221" id="1600221" title="Yum-Utils: Reposync: Improper Path Validation" type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2286-1</id><title>Java-1.7.0-Openjdk</title><description>Security Fix(es): 
* OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547) (CVE-2018-2952)</description><severity>moderate</severity><release>Scientific Linux</release><issued date="2018-07-30 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-accessibility" release="2.6.15.4.el7_5" src="java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.src.rpm" version="1.7.0.191"><filename>java-1.7.0-openjdk-accessibility-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm</filename><sum type="sha256">e6757dc36ca62a3057d1e5608189b2ca134d3a49beec2a76e703b56311aafa23</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-headless" release="2.6.15.4.el7_5" src="java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.src.rpm" version="1.7.0.191"><filename>java-1.7.0-openjdk-headless-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm</filename><sum type="sha256">c0a054609d9f1a00be4430b8bf8b6ef322cffc5cc7fc66c67a6e4d0ddfcc4cfe</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-src" release="2.6.15.4.el7_5" src="java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.src.rpm" version="1.7.0.191"><filename>java-1.7.0-openjdk-src-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm</filename><sum type="sha256">980d08f6117c261f63172207191e8cc488d850b5ff6f57ba5d266cf49d44466e</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-devel" release="2.6.15.4.el7_5" src="java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.src.rpm" version="1.7.0.191"><filename>java-1.7.0-openjdk-devel-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm</filename><sum type="sha256">c629432a39964ea37f470add42bbc5125595716f2a3182f383135741ef6b50e6</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk-demo" release="2.6.15.4.el7_5" src="java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.src.rpm" version="1.7.0.191"><filename>java-1.7.0-openjdk-demo-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm</filename><sum type="sha256">a13ab824b72320eccaf4300973f65382bf62ef9fb2112da39877eeb34cfbb68f</sum></package><package arch="noarch" epoch="1" name="java-1.7.0-openjdk-javadoc" release="2.6.15.4.el7_5" src="java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.src.rpm" version="1.7.0.191"><filename>java-1.7.0-openjdk-javadoc-1.7.0.191-2.6.15.4.el7_5.noarch.rpm</filename><sum type="sha256">2e5c8c2744e97683d660b7f8e527eaf9650a362a34f45871e087efdb67557a12</sum></package><package arch="x86_64" epoch="1" name="java-1.7.0-openjdk" release="2.6.15.4.el7_5" src="java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.src.rpm" version="1.7.0.191"><filename>java-1.7.0-openjdk-1.7.0.191-2.6.15.4.el7_5.x86_64.rpm</filename><sum type="sha256">fc1b226533324bcc7ea20389a0447410b41281bacea70cafc6f2532864685090</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2952" id="CVE-2018-2952" title="Openjdk: Insufficient Index Validation In " type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2286" id="RHSA-2018:2286-1" title="Rhsa-2018:2286-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#moderate" id="moderate" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1600925" id="1600925" title="Openjdk: Insufficient Index Validation In " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2384-1</id><title>Kernel</title><description>Security Fix(es): 
* Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. (CVE-2018-3620, CVE-2018-3646) 
* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to influence speculative execution and/or read privileged memory by conducting targeted cache side- channel attacks. (CVE-2018-3693) 
* A flaw named SegmentSmack was found in the way the Linux kernel handled specially crafted TCP packets. A remote attacker could use this flaw to trigger time and calculation expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() functions by sending specially modified packets within ongoing TCP sessions which could lead to a CPU saturation and hence a denial of service on the system. Maintaining the denial of service condition requires continuous two-way TCP sessions to a reachable open port, thus the attacks cannot be performed using spoofed IP addresses. (CVE-2018-5390) 
* kernel: crypto: privilege escalation in skcipher_recvmsg function (CVE-2017-13215) 
* kernel: mm: use-after-free in do_get_mempolicy function allows local DoS or other unspecified impact (CVE-2018-10675) 
* kernel: race condition in snd_seq_write() may lead to UAF or OOB access (CVE-2018-7566)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-08-15 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" name="perf" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>perf-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">1d50ab8b547993213c0984f6afcaffc6fff5bcb10959f0aa47c3b38430becc81</sum></package><package arch="x86_64" name="kernel-headers" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-headers-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">876f698752e6596f7ffe9df68d0875b7db0858d1bc1e806c8d74bed83aee6ae3</sum></package><package arch="noarch" name="kernel-abi-whitelists" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-abi-whitelists-3.10.0-862.11.6.el7.noarch.rpm</filename><sum type="sha256">a59ea9e4f83fceda302fbb8f4a54ad0a9347c24f173298d3571aba9476136f36</sum></package><package arch="x86_64" name="kernel-debug-devel" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-debug-devel-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">83cc0c0a9d41e922914c3a4aa5f4d29fc1811665d1427875a291bea326a4e857</sum></package><package arch="x86_64" name="python-perf" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>python-perf-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">232652ec432f17aa3f76db1738d5e5483fe81f2d7296ccd7c6a09931def1c84d</sum></package><package arch="noarch" name="kernel-doc" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-doc-3.10.0-862.11.6.el7.noarch.rpm</filename><sum type="sha256">91dfa6ece8b083233b19d3f2649429b7c7f8f04e04900b1cd3ce2a27fec624da</sum></package><package arch="x86_64" name="kernel" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">e37d8fb2752cf6b60b60fa3756b7aec75062d7e56a1bed06adfe3e0d60661a12</sum></package><package arch="x86_64" name="kernel-tools" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-tools-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">bb8114155a5aa76a386b7f5935fdff1d24087435e2a1dae1a7125910906afa0c</sum></package><package arch="x86_64" name="kernel-devel" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-devel-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">d95f60d1e39c73614aee3f5f5ea45310f06f2f3a22d47a5c65df84bf64215873</sum></package><package arch="x86_64" name="kernel-tools-libs" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">0067d936364b401d7a151811e3ec130d0a096c1fb6e441cc41ba3da260d56459</sum></package><package arch="x86_64" name="kernel-debug" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-debug-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">a9e25378daeaf1b00bd304e355f1fcaef78e8be074e7c250e2ad7d47703196e7</sum></package><package arch="x86_64" name="kernel-tools-libs-devel" release="862.11.6.el7" src="kernel-3.10.0-862.11.6.el7.src.rpm" version="3.10.0"><filename>kernel-tools-libs-devel-3.10.0-862.11.6.el7.x86_64.rpm</filename><sum type="sha256">e2acd50a4fd5931910b94df76fafecdb3af298f2d9213aea49dd6abe1722fd07</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13215" id="CVE-2017-13215" title="Kernel: Crypto: Privilege Escalation In " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10675" id="CVE-2018-10675" title="Kernel: Use-After-Free Vulnerability In " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646" id="CVE-2018-3646" title="Kernel: Hw: Cpu: L1 Terminal Fault (L1Tf)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3693" id="CVE-2018-3693" title="Kernel: Speculative Bounds Check Bypass Store" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5390" id="CVE-2018-5390" title="Kernel: Tcp Segments With Random Offsets Allow A " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7566" id="CVE-2018-7566" title="Kernel: Race Condition In Snd_Seq_Write() May " type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2384" id="RHSA-2018:2384-1" title="Rhsa-2018:2384-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1535173" id="1535173" title="Kernel: Crypto: Privilege Escalation In " type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1550142" id="1550142" title="Kernel: Race Condition In Snd_Seq_Write() May " type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1575065" id="1575065" title="Kernel: Use-After-Free Vulnerability In " type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1581650" id="1581650" title="Kernel: Speculative Bounds Check Bypass Store" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1585005" id="1585005" title="Kernel: Hw: Cpu: L1 Terminal Fault (L1Tf)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1601704" id="1601704" title="Kernel: Tcp Segments With Random Offsets Allow A " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2439-1</id><title>Mariadb</title><description>The following packages have been upgraded to a later upstream version: mariadb (5.5.60). 
Security Fix(es): 
* mysql: Client programs unspecified vulnerability (CPU Jul 2017) (CVE-2017-3636) 
* mysql: Server: DML unspecified vulnerability (CPU Jul 2017) (CVE-2017-3641) 
* mysql: Client mysqldump unspecified vulnerability (CPU Jul 2017) (CVE-2017-3651) 
* mysql: Server: Replication unspecified vulnerability (CPU Oct 2017) (CVE-2017-10268) 
* mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2017) (CVE-2017-10378) 
* mysql: Client programs unspecified vulnerability (CPU Oct 2017) (CVE-2017-10379) 
* mysql: Server: DDL unspecified vulnerability (CPU Oct 2017) (CVE-2017-10384) 
* mysql: Server: Partition unspecified vulnerability (CPU Jan 2018) (CVE-2018-2562) 
* mysql: Server: DDL unspecified vulnerability (CPU Jan 2018) (CVE-2018-2622) 
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2640) 
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2665) 
* mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2018) (CVE-2018-2668) 
* mysql: Server: Replication unspecified vulnerability (CPU Apr 2018) (CVE-2018-2755) 
* mysql: Client programs unspecified vulnerability (CPU Apr 2018) (CVE-2018-2761) 
* mysql: Server: Locking unspecified vulnerability (CPU Apr 2018) (CVE-2018-2771) 
* mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2018) (CVE-2018-2781) 
* mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2813) 
* mysql: Server: DDL unspecified vulnerability (CPU Apr 2018) (CVE-2018-2817) 
* mysql: InnoDB unspecified vulnerability (CPU Apr 2018) (CVE-2018-2819) 
* mysql: Server: DDL unspecified vulnerability (CPU Jul 2017) (CVE-2017-3653) 
* mysql: use of SSL/TLS not enforced in libmysqld (Return of BACKRONYM) (CVE-2018-2767) 
Bug Fix(es): 
* Previously, the mysqladmin tool waited for an inadequate length of time if the socket it listened on did not respond in a specific way. Consequently, when the socket was used while the MariaDB server was starting, the mariadb service became unresponsive for a long time. With this update, the mysqladmin timeout has been shortened to 2 seconds. As a result, the mariadb service either starts or fails but no longer hangs in the described situation.</description><severity>moderate</severity><release>Scientific Linux</release><issued date="2018-08-16 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="1" name="mariadb-test" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-test-5.5.60-1.el7_5.x86_64.rpm</filename><sum type="sha256">38bcf2fe9ac262c3332b175e5e2b6a4ed3a1698d1048397e30e440c0bae390f1</sum></package><package arch="x86_64" epoch="1" name="mariadb" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-5.5.60-1.el7_5.x86_64.rpm</filename><sum type="sha256">f508c29b492453157f2531e040137de9d9cd79d2be85437e0ded135173ac33bf</sum></package><package arch="i686" epoch="1" name="mariadb-devel" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-devel-5.5.60-1.el7_5.i686.rpm</filename><sum type="sha256">727cd5f83a8fd452c0f734795fd6e4cd3b2bbdb7fb3e07f06137269e582cd46b</sum></package><package arch="x86_64" epoch="1" name="mariadb-libs" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-libs-5.5.60-1.el7_5.x86_64.rpm</filename><sum type="sha256">7ff819fcf7e5d533e026e233e012c5fd4d695fffa568bb898b2e45d3b5579285</sum></package><package arch="i686" epoch="1" name="mariadb-embedded-devel" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-embedded-devel-5.5.60-1.el7_5.i686.rpm</filename><sum type="sha256">cf895464d76189eb8129ee09f22f5c2b6e47ddb1f8eb0ce395ef66a12b03aa78</sum></package><package arch="x86_64" epoch="1" name="mariadb-embedded-devel" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-embedded-devel-5.5.60-1.el7_5.x86_64.rpm</filename><sum type="sha256">a67e40ee7758a3704ff9601bfdde988c9dc560529e564adeee131b11fda886f5</sum></package><package arch="x86_64" epoch="1" name="mariadb-embedded" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-embedded-5.5.60-1.el7_5.x86_64.rpm</filename><sum type="sha256">2359addb39309cb80a0ffee7c63961aef7386511673e7ec65092c59bc34cb1d8</sum></package><package arch="x86_64" epoch="1" name="mariadb-bench" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-bench-5.5.60-1.el7_5.x86_64.rpm</filename><sum type="sha256">b13e9ac9f4d5d9537597c754118e7e0eb73c3f30c5ea7e56e589b8216678dc99</sum></package><package arch="i686" epoch="1" name="mariadb-libs" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-libs-5.5.60-1.el7_5.i686.rpm</filename><sum type="sha256">00aca1e927efca6bbfad7fe393cb34c30ae92563c05f1fa15d762634e9930996</sum></package><package arch="x86_64" epoch="1" name="mariadb-server" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-server-5.5.60-1.el7_5.x86_64.rpm</filename><sum type="sha256">500a9e2da6a9297d5826d74593930df88e53146a13839cb22cd985dc34a19f4f</sum></package><package arch="i686" epoch="1" name="mariadb-embedded" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-embedded-5.5.60-1.el7_5.i686.rpm</filename><sum type="sha256">2a1c1be030c4914deafea0f850e5d8d21bc50101e8680786a4dea806d0c55c34</sum></package><package arch="x86_64" epoch="1" name="mariadb-devel" release="1.el7_5" src="mariadb-5.5.60-1.el7_5.src.rpm" version="5.5.60"><filename>mariadb-devel-5.5.60-1.el7_5.x86_64.rpm</filename><sum type="sha256">f45f3497f9236508d49e668e682bb95a2ffdeb0facd88a885549933574b0a9c9</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10268" id="CVE-2017-10268" title="Mysql: Server: Replication Unspecified Vulnerability (Cpu Oct 2017)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10378" id="CVE-2017-10378" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Oct 2017)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10379" id="CVE-2017-10379" title="Mysql: Client Programs Unspecified Vulnerability (Cpu Oct 2017)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10384" id="CVE-2017-10384" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Oct 2017)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3636" id="CVE-2017-3636" title="Mysql: Client Programs Unspecified Vulnerability (Cpu Jul 2017)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3641" id="CVE-2017-3641" title="Mysql: Server: Dml Unspecified Vulnerability (Cpu Jul 2017)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3651" id="CVE-2017-3651" title="Mysql: Client Mysqldump Unspecified " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3653" id="CVE-2017-3653" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Jul 2017)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2562" id="CVE-2018-2562" title="Mysql: Server : Partition Unspecified Vulnerability (Cpu Jan 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2622" id="CVE-2018-2622" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Jan 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2640" id="CVE-2018-2640" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Jan 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2665" id="CVE-2018-2665" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Jan 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2668" id="CVE-2018-2668" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Jan 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2755" id="CVE-2018-2755" title="Mysql: Server: Replication Unspecified Vulnerability (Cpu Apr 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2761" id="CVE-2018-2761" title="Mysql: Client Programs Unspecified Vulnerability (Cpu Apr 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2767" id="CVE-2018-2767" title="Mysql: Use Of Ssl/Tls Not Enforced In Libmysqld " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2771" id="CVE-2018-2771" title="Mysql: Server: Locking Unspecified Vulnerability (Cpu Apr 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2781" id="CVE-2018-2781" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Apr 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2813" id="CVE-2018-2813" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Apr 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2817" id="CVE-2018-2817" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Apr 2018)" type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2819" id="CVE-2018-2819" title="Mysql: Innodb Unspecified Vulnerability (Cpu Apr 2018)" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2439" id="RHSA-2018:2439-1" title="Rhsa-2018:2439-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#moderate" id="moderate" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1472686" id="1472686" title="Mysql: Client Programs Unspecified Vulnerability (Cpu Jul 2017)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1472693" id="1472693" title="Mysql: Server: Dml Unspecified Vulnerability (Cpu Jul 2017)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1472708" id="1472708" title="Mysql: Client Mysqldump Unspecified " type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1472711" id="1472711" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Jul 2017)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1503656" id="1503656" title="Mysql: Server: Replication Unspecified Vulnerability (Cpu Oct 2017)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1503684" id="1503684" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Oct 2017)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1503685" id="1503685" title="Mysql: Client Programs Unspecified Vulnerability (Cpu Oct 2017)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1503686" id="1503686" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Oct 2017)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1535484" id="1535484" title="Mysql: Server : Partition Unspecified Vulnerability (Cpu Jan 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1535499" id="1535499" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Jan 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1535500" id="1535500" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Jan 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1535504" id="1535504" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Jan 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1535506" id="1535506" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Jan 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1564965" id="1564965" title="Mysql: Use Of Ssl/Tls Not Enforced In Libmysqld " type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568921" id="1568921" title="Mysql: Server: Replication Unspecified Vulnerability (Cpu Apr 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568924" id="1568924" title="Mysql: Client Programs Unspecified Vulnerability (Cpu Apr 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568931" id="1568931" title="Mysql: Server: Locking Unspecified Vulnerability (Cpu Apr 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568942" id="1568942" title="Mysql: Server: Optimizer Unspecified Vulnerability (Cpu Apr 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568951" id="1568951" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Apr 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568954" id="1568954" title="Mysql: Server: Ddl Unspecified Vulnerability (Cpu Apr 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1568956" id="1568956" title="Mysql: Innodb Unspecified Vulnerability (Cpu Apr 2018)" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1584023" id="1584023" title="Systemctl Start Mariadb - Hangs If Sock File Is Used By " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2462-1</id><title>Qemu-Kvm</title><description>Security Fix(es): 
* QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806) 
* QEMU: i386: multiboot OOB access while loading kernel image (CVE-2018-7550) 
Bug Fix(es): 
* Previously, live migrating a Windows guest in some cases caused the guest to become unresponsive. This update ensures that Real-time Clock (RTC) interrupts are not missed, which prevents the problem from occurring.</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-08-16 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="10" name="qemu-kvm-common" release="156.el7_5.5" src="qemu-kvm-1.5.3-156.el7_5.5.src.rpm" version="1.5.3"><filename>qemu-kvm-common-1.5.3-156.el7_5.5.x86_64.rpm</filename><sum type="sha256">5ad2c8831e1417cc6137e301f5ad5b9f964a49f0d98c1d34f2a91387ea02fc29</sum></package><package arch="x86_64" epoch="10" name="qemu-img" release="156.el7_5.5" src="qemu-kvm-1.5.3-156.el7_5.5.src.rpm" version="1.5.3"><filename>qemu-img-1.5.3-156.el7_5.5.x86_64.rpm</filename><sum type="sha256">d2a6b1deaa81a78d675ebb6fb26fd4cc5cb8de37f23eff1ed8f4ae509823db06</sum></package><package arch="x86_64" epoch="10" name="qemu-kvm-tools" release="156.el7_5.5" src="qemu-kvm-1.5.3-156.el7_5.5.src.rpm" version="1.5.3"><filename>qemu-kvm-tools-1.5.3-156.el7_5.5.x86_64.rpm</filename><sum type="sha256">4112db92af431a14ef7dbc6e1c2fef601418086954c0503aee5fd7d9d0cdb9b8</sum></package><package arch="x86_64" epoch="10" name="qemu-kvm" release="156.el7_5.5" src="qemu-kvm-1.5.3-156.el7_5.5.src.rpm" version="1.5.3"><filename>qemu-kvm-1.5.3-156.el7_5.5.x86_64.rpm</filename><sum type="sha256">ce06ba9e207c2d6c7f52fbfa05de9a127aa7703ca77fae805aaa2cc016365c23</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11806" id="CVE-2018-11806" title="Qemu: Slirp: Heap Buffer Overflow While " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7550" id="CVE-2018-7550" title="Qemu: I386: Multiboot Oob Access While Loading Kernel Image" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2462" id="RHSA-2018:2462-1" title="Rhsa-2018:2462-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1549798" id="1549798" title="Qemu: I386: Multiboot Oob Access While Loading Kernel Image" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1586245" id="1586245" title="Qemu: Slirp: Heap Buffer Overflow While " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2526-1</id><title>Mutt</title><description>Security Fix(es): 
* mutt: Remote code injection vulnerability to an IMAP mailbox (CVE-2018-14354) 
* mutt: Remote Code Execution via backquote characters (CVE-2018-14357) 
* mutt: POP body caching path traversal vulnerability (CVE-2018-14362)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-08-21 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="5" name="mutt" release="28.el7_5" src="mutt-1.5.21-28.el7_5.src.rpm" version="1.5.21"><filename>mutt-1.5.21-28.el7_5.x86_64.rpm</filename><sum type="sha256">e5e55dcceab196575a04a2d46b833e825e0807feaaddee6c2e30f9ca542d0c8a</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14354" id="CVE-2018-14354" title="Mutt: Remote Code Injection Vulnerability To An " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14357" id="CVE-2018-14357" title="Mutt: Remote Code Execution Via Backquote " type="cve" /><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14362" id="CVE-2018-14362" title="Mutt: Pop Body Caching Path Traversal Vulnerability" type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2526" id="RHSA-2018:2526-1" title="Rhsa-2018:2526-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1602069" id="1602069" title="Mutt: Remote Code Injection Vulnerability To An " type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1602079" id="1602079" title="Mutt: Pop Body Caching Path Traversal Vulnerability" type="bugzilla" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1602915" id="1602915" title="Mutt: Remote Code Execution Via Backquote " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2557-1</id><title>Postgresql</title><description>The following packages have been upgraded to a later upstream version: postgresql (9.2.24). 
Security Fix(es): 
* postgresql: Certain host connection parameters defeat client-side security defenses (CVE-2018-10915)</description><severity>important</severity><release>Scientific Linux</release><issued date="2018-08-23 00:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="i686" name="postgresql-static" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-static-9.2.24-1.el7_5.i686.rpm</filename><sum type="sha256">2ce91a39e3da43018572fa9746d1089f1a40eb01099d13bc1c2e18b685fc0141</sum></package><package arch="x86_64" name="postgresql-server" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-server-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">9bcc33e5e4235f6d908db74d7b0dd3576a2fd049101852f9e07ce0f3ba52a09c</sum></package><package arch="x86_64" name="postgresql" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">65a2ed539702ddee95c2c1b82a84294e9a3201825b8c58558faee549626a1c8f</sum></package><package arch="x86_64" name="postgresql-devel" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-devel-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">1c27362d280bc88569b987782ebaacda2da116d914303256ca3c447e738fc612</sum></package><package arch="x86_64" name="postgresql-upgrade" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-upgrade-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">3a5bedee456ab20d2505ad427abfd45470ce0b17ffaea4733f926eafb16d630e</sum></package><package arch="x86_64" name="postgresql-contrib" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-contrib-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">638456929914cffdf4006b6ca751554b774e6a37ac61ee97a00d7044fe802bf2</sum></package><package arch="x86_64" name="postgresql-plperl" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-plperl-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">981beb22ff82a8ecf62e63566a6eade0bc72234635c6709383374a3ddfb588c3</sum></package><package arch="i686" name="postgresql-libs" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-libs-9.2.24-1.el7_5.i686.rpm</filename><sum type="sha256">f09717108f448086adf200722c02204a844b3dff7743e5a5e1a8c89a8800fd15</sum></package><package arch="x86_64" name="postgresql-docs" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-docs-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">e7ac3609ed5eb5856f60b4153c293d6d8264ec228678fb9084ec758535facb33</sum></package><package arch="i686" name="postgresql" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-9.2.24-1.el7_5.i686.rpm</filename><sum type="sha256">0972ef973f1d2f5d8dfc1fb7b605346a9f4674940dfa6cbf789235326b4cae2d</sum></package><package arch="x86_64" name="postgresql-libs" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-libs-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">eca17b97bcdb5b6d6757e8eba5cd9037844449e8d3df1950132df9ede59ad50e</sum></package><package arch="x86_64" name="postgresql-test" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-test-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">f60ce91403680931b9a68dfd678edc3d0af56a855b9db8f9abb246dc7f91274d</sum></package><package arch="x86_64" name="postgresql-plpython" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-plpython-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">f3020f80369b40d16a3dfc4d485db3faa926bf78487e04584814bf3129b1a9a5</sum></package><package arch="x86_64" name="postgresql-static" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-static-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">eaa4385646fd0d2c1a8159bd116479ae8354c66a4b83159e351d4b4bc6440d47</sum></package><package arch="x86_64" name="postgresql-pltcl" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-pltcl-9.2.24-1.el7_5.x86_64.rpm</filename><sum type="sha256">f0cebcae0d0739b2a25c0d3875897f6347df0e64fc55e25963bd3da6c0966153</sum></package><package arch="i686" name="postgresql-devel" release="1.el7_5" src="postgresql-9.2.24-1.el7_5.src.rpm" version="9.2.24"><filename>postgresql-devel-9.2.24-1.el7_5.i686.rpm</filename><sum type="sha256">21d0f390b804196016bc95a9ab829f59be8b0d4c4ec1b5fa5a68425305942cd6</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10915" id="CVE-2018-10915" title="Postgresql: Certain Host Connection Parameters " type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2557" id="RHSA-2018:2557-1" title="Rhsa-2018:2557-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1609891" id="1609891" title="Postgresql: Certain Host Connection Parameters " type="bugzilla" /></references></update><update from="SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV" status="final" type="security" version="1.4"><id>SLSA-2018:2570-1</id><title>Bind</title><description>Security Fix(es):

* bind: processing of certain records when "deny-answer-aliases" is in use may trigger an assert leading to a denial of service (CVE-2018-5740)</description><severity>important</severity><release>Scientific Linux</release><issued date="1969-12-31 18:00:00" /><pkglist><collection short="SL7"><name>Scientific Linux 7</name><package arch="x86_64" epoch="32" name="bind-chroot" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-chroot-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">d5d9c2927f55928ba55ae64ddcee781e389fc53e52fe51ffbbb2429fc1acb62e</sum></package><package arch="x86_64" epoch="32" name="bind-libs-lite" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-libs-lite-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">8a7b1ec53b125758b3a836d6f66b91ed7dee20d6bc39e0ddf4d872a8c48001ce</sum></package><package arch="x86_64" epoch="32" name="bind-devel" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-devel-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">2a82d4e4ca76c264e21aa27ef2ed1c8cd00975a0f9e840559b3e989983662124</sum></package><package arch="i686" epoch="32" name="bind-pkcs11-devel" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-pkcs11-devel-9.9.4-61.el7_5.1.i686.rpm</filename><sum type="sha256">e79310658f598b13900702bba6a0568dc7d0b3d1c8f0a954b37b13cf6be31f4e</sum></package><package arch="x86_64" epoch="32" name="bind-lite-devel" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-lite-devel-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">d269f8132152ecb98f3badab69e1f9402dd432d1a9d89b4be3231f8ffc851bde</sum></package><package arch="x86_64" epoch="32" name="bind-sdb" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-sdb-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">0838819d4c3cb2747546111d505fcea519a18d306d62ad4f529abf6e6c4ed33c</sum></package><package arch="i686" epoch="32" name="bind-devel" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-devel-9.9.4-61.el7_5.1.i686.rpm</filename><sum type="sha256">0142f0bf6d9c9c3c3dce8a3f371f2064b5015de8b9d9e3ddef05168fe9e59907</sum></package><package arch="x86_64" epoch="32" name="bind-pkcs11" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-pkcs11-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">e196fdff3a975d42d7007268b4974da024c14b90a1d33d2b0757562c71a90b38</sum></package><package arch="i686" epoch="32" name="bind-libs-lite" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-libs-lite-9.9.4-61.el7_5.1.i686.rpm</filename><sum type="sha256">966387d214f0cf5f0f0fa0876da6745d825def47ca8b038ae2b464c4f42521cd</sum></package><package arch="x86_64" epoch="32" name="bind-pkcs11-devel" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-pkcs11-devel-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">8150978cdfaa82d551bfda2bb796f14adb52f152d12ecc174742db7d62a9fc5d</sum></package><package arch="x86_64" epoch="32" name="bind-libs" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-libs-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">c36f644908ceff19ad5d8f95db24b290c7d5ffd0e0dd97b25fcf144709686d69</sum></package><package arch="x86_64" epoch="32" name="bind" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">1b290ec5e31ab558a141a0aec353929504665642cb0fbebe9efc01eba031a62e</sum></package><package arch="x86_64" epoch="32" name="bind-pkcs11-libs" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-pkcs11-libs-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">449a71b1eff617a64db8809362dfa28b6ca627a26b8e0336f407898054dcc6c6</sum></package><package arch="x86_64" epoch="32" name="bind-pkcs11-utils" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-pkcs11-utils-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">8dfa83be41e1577b1808219c79106753e1eec92639ef26428264cada600e2874</sum></package><package arch="x86_64" epoch="32" name="bind-sdb-chroot" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-sdb-chroot-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">3034cfcc06766a575b430713ebd2662fecdc4ae4736c0db9707628525c6d7e90</sum></package><package arch="i686" epoch="32" name="bind-pkcs11-libs" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-pkcs11-libs-9.9.4-61.el7_5.1.i686.rpm</filename><sum type="sha256">49eae997a99519d211c6daec0224a0c3d71367924b8340619f1df3a83c9dc6d0</sum></package><package arch="i686" epoch="32" name="bind-libs" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-libs-9.9.4-61.el7_5.1.i686.rpm</filename><sum type="sha256">482b59edb3f828cc4ae8cbca899d0f6c6a4465fb0da7d748c8a2c70541a66d91</sum></package><package arch="x86_64" epoch="32" name="bind-utils" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-utils-9.9.4-61.el7_5.1.x86_64.rpm</filename><sum type="sha256">8062dbd29c39b6d22a0dea93ea68fb381e1ae2d2118d0d16565cf960eba1efb0</sum></package><package arch="noarch" epoch="32" name="bind-license" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-license-9.9.4-61.el7_5.1.noarch.rpm</filename><sum type="sha256">2ce8d8c9884afc9f476a5dbb1052258ab19faf6e17db44823ef180cd3ea3f9ab</sum></package><package arch="i686" epoch="32" name="bind-lite-devel" release="61.el7_5.1" src="bind-9.9.4-61.el7_5.1.src.rpm" version="9.9.4"><filename>bind-lite-devel-9.9.4-61.el7_5.1.i686.rpm</filename><sum type="sha256">7c7844cb5897428e2266037a30b68c38aa8daa5176f169641d70ac5c9318765b</sum></package></collection></pkglist><references><reference href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5740" id="CVE-2018-5740" title="Bind: Processing Of Certain Records When " type="cve" /><reference href="https://access.redhat.com/errata/RHSA-2018:2570" id="RHSA-2018:2570-1" title="Rhsa-2018:2570-1" type="self" /><reference href="https://access.redhat.com/security/updates/classification/#important" id="important" title="Issue Severity Classification" type="other" /><reference href="https://bugzilla.redhat.com/show_bug.cgi?id=1613595" id="1613595" title="Bind: Processing Of Certain Records When " type="bugzilla" /></references></update></updates>