LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Important: slf4j security update
Advisory ID:       SLSA-2018:0592-1
Issue Date:        2018-03-26
CVE Numbers:       CVE-2018-8088
--

Security Fix(es):

* slf4j: Deserialisation vulnerability in EventData constructor can allow
for arbitrary code execution (CVE-2018-8088)
--

SL7
  noarch
    slf4j-1.7.4-4.el7_4.noarch.rpm
    slf4j-javadoc-1.7.4-4.el7_4.noarch.rpm
    slf4j-manual-1.7.4-4.el7_4.noarch.rpm

- Scientific Linux Development Team