Synopsis: Moderate: subscription-manager security, bug fix, and enhancement update Advisory ID: SLSA-2016:2592-2 Issue Date: 2016-11-03 CVE Numbers: CVE-2016-4455 -- * It was found that subscription-manager set weak permissions on files in /var/lib/rhsm/, causing an information disclosure. A local, unprivileged user could use this flaw to access sensitive data that could potentially be used in a social engineering attack. (CVE-2016-4455) -- SL7 x86_64 python-rhsm-1.17.9-1.el7.x86_64.rpm python-rhsm-certificates-1.17.9-1.el7.x86_64.rpm python-rhsm-debuginfo-1.17.9-1.el7.x86_64.rpm subscription-manager-1.17.15-1.el7.x86_64.rpm subscription-manager-debuginfo-1.17.15-1.el7.x86_64.rpm subscription-manager-gui-1.17.15-1.el7.x86_64.rpm subscription-manager-initial-setup-addon-1.17.15-1.el7.x86_64.rpm subscription-manager-migration-1.17.15-1.el7.x86_64.rpm subscription-manager-plugin-container-1.17.15-1.el7.x86_64.rpm subscription-manager-plugin-ostree-1.17.15-1.el7.x86_64.rpm noarch subscription-manager-migration-data-2.0.31-1.el7.noarch.rpm - Scientific Linux Development Team