Important: Red Hat Security Advisory: sudo security update

An update for sudo is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CLSA-2024-1725385588 clamav: Fix of 2 CVEs

Update to 0.103.11 - CVE-2023-20032: fix missing buffer size check that may result in a heap buffer overflow write - Don't apply clamav-check.patch and CVE-2022-20698.patch as they have already been applied in new 0.103.11 version - Don't apply clamav-clamonacc-service.patch since el6 doesn't...

UBUNTU-CVE-2017-15121

A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary...

openssl: Crash in ssleay_rand_bytes due to locking regression

A regression was found in the ssleayrandbytes function in the versions of OpenSSL shipped with Red Hat Enterprise Linux 6 and 7. This regression could cause a multi-threaded application to crash...

DEBIAN-CVE-2012-4453

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information...