Synopsis:          Important: slf4j security update

Advisory ID:       SLSA-2018:0592-1

Issue Date:        2018-03-26

CVE Numbers:       CVE-2018-8088

--



Security Fix(es):



* slf4j: Deserialisation vulnerability in EventData constructor can allow

for arbitrary code execution (CVE-2018-8088)

--



SL7

  noarch

    slf4j-1.7.4-4.el7_4.noarch.rpm

    slf4j-javadoc-1.7.4-4.el7_4.noarch.rpm

    slf4j-manual-1.7.4-4.el7_4.noarch.rpm



- Scientific Linux Development Team