(Mar 6) Added patch to fix: CVE-2017-18198 (#1549644) Added patch to fix: CVE-2017-18199 (#1549701) Added patches to fix: CVE-2017-18201 (#1549707)
Comment
(Mar 6) This update fixes two minor security vulnerabilities in `malloc` (CVE-2018-6485, CVE-2018-6551, RHBZ#1542102, RHBZ#1542119), and provides a C++ version of `iseqsig`.
(Mar 2) Several vulnerabilities have been discovered in the Dovecot email server. The Common Vulnerabilities and Exposures project identifies the following issues:
(Mar 6) add Xen page-table isolation (XPTI) mitigation and Branch Target Injection (BTI) mitigation for XSA-254 DoS via non-preemptable L3/L4 pagetable freeing [XSA-252] (#1549568) grant table v2 -> v1 transition may crash Xen [XSA-255] (#1549570) x86 PVH guest without LAPIC may DoS the host [XSA-256] (#1549572)
(Mar 6) Several security issues were fixed in Irssi.