Oracle Solaris Third Party Bulletin - July 2018
Description
The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions. Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Updates are released. These bulletins will also be updated on the Tuesday closest to the 17th of the following two months after their release (i.e. the two months between the normal quarterly Critical Patch Update publication dates). In addition, Third Party Bulletins may also be updated for vulnerability fixes deemed too critical to wait for the next monthly update.
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Third Party Bulletin fixes as soon as possible.
Patch Availability
Please see My Oracle Support Note 1448883.1
Third Party Bulletin Schedule
Third Party Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:
- 16 October 2018
- 15 January 2019
- 16 April 2019
- 16 July 2019
References
- Oracle Critical Patch Updates and Security Alerts main page [ Oracle Technology Network ]
- Oracle Critical Patch Updates and Security Alerts - Frequently Asked Questions [ CPU FAQ ]
- Risk Matrix definitions [ Risk Matrix Definitions ]
- Use of Common Vulnerability Scoring System (CVSS) by Oracle [ Oracle CVSS Scoring ]
Modification History
| 2018-September-24 | Rev 3. Added all CVEs fixed in Solaris 11.4 and Solaris 11.4 SRU 1 |
| 2018-August-23 | Rev 2. Added all CVEs fixed in Solaris 11.3 SRU 35 |
| 2018-July-17 | Rev 1. Initial Release with all CVEs fixed in Solaris 11.3 SRU 34 |
Oracle Solaris Executive Summary
This Oracle Solaris Bulletin contains 103 new security fixes for the Oracle Solaris Operating System. 62 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.
Oracle Solaris Third Party Bulletin Risk Matrix
Revision 3: Published on 2018-09-24
| CVE# | Product | Third Party component | Protocol | Remote Exploit without Auth.? | CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) | Supported Versions Affected | Notes | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Base Score | Attack Vector | Attack Complexity | Privs Req'd | User Interact | Scope | Confid-entiality | Inte-grity | Avail-ability | |||||||
| CVE-2016-2337 | Solaris | Ruby | Multiple | Yes | 9.8 | Network | Low | None | None | Un changed |
High | High | High | 11.3 | |
| CVE-2017-2292 | Solaris | MCollective | Multiple | No | 9 | Network | Low | High | None | Changed | High | High | Low | 11.3 | |
| CVE-2016-3616 | Solaris | LibJPEG | None | No | 7.8 | Local | Low | None | Required | Un changed |
High | High | High | 11.4, 10 | |
| CVE-2017-7555 | Solaris | Augeas | None | No | 7.8 | Local | Low | Low | None | Un changed |
High | High | High | 11.3 | |
| CVE-2017-8291 | Solaris | Ghostscript | None | No | 7.8 | Local | Low | None | Required | Un changed |
High | High | High | 11.3 | |
| CVE-2018-1166 | Solaris | SMB FS | None | No | 7.8 | Local | Low | Low | None | Un changed |
High | High | High | 11.3 | |
| CVE-2016-3958 | Solaris | Go Programming Language | None | No | 7.7 | Local | Low | None | None | Un changed |
High | High | None | 11.3 | |
| CVE-2016-1246 | Solaris | Mysql module for perl | Multiple | Yes | 7.5 | Network | Low | None | None | Un changed |
None | None | High | 11.3 | |
| CVE-2016-3959 | Solaris | Go Programming Language | Multiple | Yes | 7.5 | Network | Low | None | None | Un changed |
None | None | High | 11.3 | |
| CVE-2016-8864 | Solaris | Bind | DNS | Yes | 7.5 | Network | Low | None | None | Un changed |
None | None | High | 11.3 | See Note 32 |
| CVE-2017-3135 | Solaris | Bind | DNS | Yes | 7.5 | Network | Low | None | None | Un changed |
None | None | High | 11.3 | |
| CVE-2017-8786 | Solaris | PCRE | Multiple | Yes | 7.5 | Network | Low | None | None | Un changed |
None | None | High | 11.3 | |
| CVE-2018-0500 | Solaris | LibcURL | Multiple | Yes | 7.5 | Network | High | None | Required | Un changed |
High | High | High | 11.4 | |
| CVE-2018-0732 | Solaris | OpenSSL | SSL/TLS | Yes | 7.5 | Network | Low | None | None | Un changed |
None | None | High | 11.4, 10 | |
| CVE-2016-9013 | Solaris | Django Python web framework | Multiple | Yes | 7.4 | Network | High | None | None | Un changed |
High | High | None | 11.3 | |
| CVE-2016-9014 | Solaris | Django Python web framework | Multiple | Yes | 7.4 | Network | High | None | None | Un changed |
High | High | None | 11.3 | |
| CVE-2016-10196 | Solaris | Firefox | Multiple | Yes | 7.3 | Network | Low | None | None | Un changed |
Low | Low | Low | 11.3 | See Note 23 |
| CVE-2016-10196 | Solaris | Thunderbird | Multiple | Yes | 7.3 | Network | Low | None | None | Un changed |
Low | Low | Low | 11.3 | See Note 28 |
| CVE-2018-14424 | Solaris | GDM display manager | None | No | 7.3 | Local | Low | Low | Required | Un changed |
High | High | High | 11.4 | |
| CVE-2017-1000083 | Solaris | Evince | Multiple | Yes | 7.1 | Network | Low | None | Required | Changed | Low | Low | Low | 11.3 | |
| CVE-2016-1251 | Solaris | Mysql module for perl | Multiple | Yes | 6.5 | Network | Low | None | Required | Un changed |
None | High | None | 11.3 | |
| CVE-2017-3138 | Solaris | Bind | DNS | No | 6.5 | Network | Low | Low | None | Un changed |
None | None | High | 11.3 | |
| CVE-2017-5753 | Solaris | WebKitGTK+ | None | No | 6.5 | Local | Low | High | Required | Un changed |
High | High | High | 11.4 | See Note 36 |
| CVE-2017-9110 | Solaris | Openexr | Multiple | Yes | 6.5 | Network | Low | None | Required | Un changed |
None | None | High | 11.3 | See Note 33 |
| CVE-2016-10504 | Solaris | OpenJPEG | Multiple | Yes | 6.3 | Network | Low | None | Required | Un changed |
Low | Low | Low | 11.3 | See Note 24 |
| CVE-2016-6352 | Solaris | GDK-Pixbuf | Multiple | Yes | 6.3 | Network | Low | None | Required | Un changed |
Low | Low | Low | 11.3, 10 | |
| CVE-2016-7977 | Solaris | Ghostscript | None | No | 6.2 | Local | Low | None | None | Un changed |
High | None | None | 11.3 | |
| CVE-2015-9251 | Solaris | Automated Install Engine | Multiple | Yes | 6.1 | Network | Low | None | Required | Changed | Low | Low | None | 11.4 | See Note 37 |
| CVE-2018-5950 | Solaris | Mailman | Multiple | Yes | 6.1 | Network | Low | None | Required | Changed | Low | Low | None | 11.4 | |
| CVE-2016-6153 | Solaris | SQLite3 | None | No | 5.9 | Local | Low | None | None | Un changed |
Low | Low | Low | 11.3 | |
| CVE-2016-7957 | Solaris | Wireshark | Multiple | Yes | 5.9 | Network | High | None | None | Un changed |
None | None | High | 11.3 | See Note 26 |
| CVE-2016-9185 | Solaris | OpenStack Orchestration API (Heat) | Multiple | Yes | 5.9 | Network | High | None | None | Un changed |
High | None | None | 11.3 | |
| CVE-2017-10788 | Solaris | Mysql module for perl | Multiple | Yes | 5.9 | Network | High | None | None | Un changed |
None | None | High | 11.3 | |
| CVE-2017-2592 | Solaris | Openstack Middleware Library | None | No | 5.9 | Local | Low | Low | Required | Changed | High | None | None | 11.3 | |
| CVE-2017-3136 | Solaris | Bind | DNS | Yes | 5.9 | Network | High | None | None | Un changed |
None | None | High | 11.3 | See Note 31 |
| CVE-2018-0737 | Solaris | OpenSSL | SSL/TLS | Yes | 5.9 | Network | High | None | None | Un changed |
High | None | None | 11.4, 10 | |
| CVE-2018-1000024 | Solaris | Squid | Multiple | Yes | 5.9 | Network | High | None | None | Un changed |
None | None | High | 11.3 | See Note 34 |
| CVE-2016-7977 | Solaris | Ghostscript | Multiple | Yes | 5.8 | Network | High | None | Required | Changed | Low | Low | Low | 11.3 | See Note 19 |
| CVE-2016-7979 | Solaris | Ghostscript | Multiple | Yes | 5.8 | Network | High | None | Required | Changed | Low | Low | Low | 11.3 | |
| CVE-2016-10165 | Solaris | LittleCMS | None | No | 5.7 | Local | High | None | None | Un changed |
Low | None | High | 11.3 | |
| CVE-2016-7162 | Solaris | File Roller | None | No | 5.5 | Local | Low | None | Required | Un changed |
None | High | None | 11.3 | |
| CVE-2017-17087 | Solaris | VIM | None | No | 5.5 | Local | Low | Low | None | Un changed |
High | None | None | 11.4 | See Note 35 |
| CVE-2018-10919 | Solaris | Samba | Multiple | No | 5.4 | Adjacent Network |
Low | None | None | Un changed |
Low | Low | None | 11.4, 10 | |
| CVE-2017-11112 | Solaris | Ncurses | None | No | 5.3 | Local | Low | Low | None | Un changed |
Low | Low | Low | 11.3 | |
| CVE-2017-11113 | Solaris | Ncurses | None | No | 5.3 | Local | Low | Low | None | Un changed |
Low | Low | Low | 11.3 | |
| CVE-2017-5334 | Solaris | GnuTLS | SSL/TLS | Yes | 5.3 | Network | Low | None | None | Un changed |
None | Low | None | 11.3 | |
| CVE-2017-5335 | Solaris | GnuTLS | SSL/TLS | Yes | 5.3 | Network | Low | None | None | Un changed |
None | None | Low | 11.3 | See Note 21 |
| CVE-2018-8011 | Solaris | Apache HTTP server | HTTP | Yes | 5.3 | Network | Low | None | None | Un changed |
None | None | Low | 11.4 | See Note 38 |
| CVE-2016-1952 | Solaris | MozJS | Multiple | Yes | 5 | Network | High | None | Required | Un changed |
Low | Low | Low | 11.3 | See Note 27 |
| CVE-2016-1249 | Solaris | Mysql module for perl | Multiple | Yes | 4.8 | Network | High | None | None | Un changed |
Low | None | Low | 11.3 | |
| CVE-2017-8932 | Solaris | Go Programming Language | Multiple | Yes | 4.8 | Network | High | None | None | Un changed |
Low | Low | None | 11.3 | |
| CVE-2016-7044 | Solaris | Irssi | None | No | 4.4 | Local | Low | None | Required | Un changed |
None | Low | Low | 11.3 | See Note 22 |
| CVE-2016-7163 | Solaris | OpenJPEG | None | No | 4.4 | Local | Low | None | Required | Un changed |
None | Low | Low | 11.3 | |
| CVE-2016-1924 | Solaris | OpenJPEG | Multiple | Yes | 4.3 | Network | Low | None | Required | Un changed |
None | None | Low | 11.3 | See Note 30 |
| CVE-2016-3190 | Solaris | Cairo Graphics Library | Multiple | Yes | 4.3 | Network | Low | None | Required | Un changed |
None | None | Low | 11.3 | |
| CVE-2016-7445 | Solaris | OpenJPEG | Multiple | Yes | 4.3 | Network | Low | None | Required | Un changed |
None | None | Low | 11.3 | |
| CVE-2016-9179 | Solaris | Lynx | Multiple | Yes | 4.2 | Network | High | None | Required | Un changed |
Low | Low | None | 11.3 | |
| CVE-2017-11109 | Solaris | VIM | None | No | 4.2 | Local | High | Low | Required | Un changed |
Low | Low | Low | 11.3 | |
| CVE-2018-12085 | Solaris | Liblouis | Multiple | Yes | 4.2 | Network | High | None | Required | Un changed |
None | Low | Low | 11.4 | |
| CVE-2016-2167 | Solaris | Apache Subversion | Multiple | No | 3.9 | Network | High | High | Required | Un changed |
Low | Low | Low | 11.3 | |
| CVE-2016-2168 | Solaris | Apache Subversion | Multiple | No | 3.9 | Network | High | High | Required | Un changed |
Low | Low | Low | 11.3 | |
| CVE-2016-7166 | Solaris | Libarchive | Multiple | Yes | 3.7 | Network | High | None | None | Un changed |
Low | None | None | 11.3 | See Note 20 |
| CVE-2017-3140 | Solaris | Bind | DNS | Yes | 3.7 | Network | High | None | None | Un changed |
None | None | Low | 11.3 | |
| CVE-2017-7407 | Solaris | LibcURL | None | No | 3.5 | Physical | Low | None | None | Un changed |
Low | Low | None | 11.3 | |
| CVE-2016-7553 | Solaris | Irssi | None | No | 3.3 | Local | Low | None | Required | Un changed |
Low | None | None | 11.3 | |
| CVE-2017-12982 | Solaris | OpenJPEG | None | No | 3.3 | Local | Low | None | Required | Un changed |
None | None | Low | 11.3 | |
| CVE-2017-14039 | Solaris | OpenJPEG | None | No | 3.3 | Local | Low | None | Required | Un changed |
None | None | Low | 11.3 | See Note 18 |
| CVE-2017-7511 | Solaris | Poppler | None | No | 3.3 | Local | Low | None | Required | Un changed |
None | None | Low | 11.3 | See Note 25 |
| CVE-2017-7511 | Solaris | Poppler | None | No | 3.3 | Local | Low | None | Required | Un changed |
None | None | Low | 11.3 | |
| CVE-2018-8740 | Solaris | SQLite3 | None | No | 3.3 | Local | Low | Low | None | Un changed |
None | None | Low | 11.4 | |
| CVE-2015-8107 | Solaris | A2ps Print Filter | Multiple | Yes | 3.1 | Network | High | None | Required | Un changed |
Low | None | None | 11.3 | See Note 17 |
| CVE-2016-7976 | Solaris | Ghostscript | None | No | 2.8 | Local | Low | Low | Required | Un changed |
None | None | Low | 11.3 | See Note 29 |
Revision 2: Published on 2018-08-23
| CVE# | Product | Third Party component | Protocol | Remote Exploit without Auth.? | CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) | Supported Versions Affected | Notes | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Base Score | Attack Vector | Attack Complexity | Privs Req'd | User Interact | Scope | Confid-entiality | Inte-grity | Avail-ability | |||||||
| CVE-2017-11368 | Solaris | Kerberos | Multiple | Yes | 9.8 | Network | Low | None | None | Un changed |
High | High | High | 11.3 | See Note 16 |
| CVE-2017-7544 | Solaris | LibEXIF | Multiple | Yes | 9.1 | Network | Low | None | None | Un changed |
High | None | High | 11.3 | |
| CVE-2017-11735 | Solaris | Libvorbis | Multiple | Yes | 8.8 | Network | Low | None | Required | Un changed |
High | High | High | 11.3 | See Note 9 |
| CVE-2017-14160 | Solaris | Libvorbis | Multiple | Yes | 8.8 | Network | Low | None | Required | Un changed |
High | High | High | 11.3 | See Note 10 |
| CVE-2018-10392 | Solaris | Libvorbis | Multiple | Yes | 8.8 | Network | Low | None | Required | Un changed |
High | High | High | 11.3 | |
| CVE-2018-12364 | Solaris | Thunderbird | Multiple | Yes | 8.8 | Network | Low | None | Required | Un changed |
High | High | High | 11.3 | See Note 15 |
| CVE-2018-8905 | Solaris | LibTIFF | Multiple | Yes | 8.8 | Network | Low | None | Required | Un changed |
High | High | High | 11.3 | |
| CVE-2017-1000158 | Solaris | Python | Multiple | Yes | 8.1 | Network | High | None | None | Un changed |
High | High | High | 11.3 | |
| CVE-2017-13738 | Solaris | Liblouis | None | No | 7.8 | Local | Low | Low | None | Un changed |
High | High | High | 11.3 | See Note 7 |
| CVE-2017-2862 | Solaris | Gdk-Pixbuf | None | No | 7.8 | Local | Low | None | Required | Un changed |
High | High | High | 11.3 | |
| CVE-2016-2179 | Solaris | MySQL | Multiple | No | 7.7 | Network | Low | Low | None | Changed | None | None | High | 11.3 | See Note 6 |
| CVE-2016-4425 | Solaris | Jansson | Multiple | Yes | 7.5 | Network | Low | None | None | Un changed |
None | None | High | 11.3 | |
| CVE-2016-9811 | Solaris | GStreamer | Multiple | Yes | 7.5 | Network | High | None | Required | Un changed |
High | High | High | 11.3 | See Note 4 |
| CVE-2017-16844 | Solaris | Procmail | Multiple | Yes | 7.5 | Network | High | None | Required | Un changed |
High | High | High | 11.3 | |
| CVE-2017-17095 | Solaris | LibTIFF | Multiple | Yes | 7.5 | Network | Low | None | None | Un changed |
None | None | High | 11.3 | |
| CVE-2017-3145 | Solaris | Bind | DNS | Yes | 7.5 | Network | Low | None | None | Un changed |
None | None | High | 11.3 | See Note 8 |
| CVE-2017-3600 | Solaris | MySQL | Multiple | No | 7.1 | Network | Low | Low | None | Un changed |
None | Low | High | 11.3 | See Note 12 |
| CVE-2018-14341 | Solaris | Wireshark | Multiple | Yes | 5.9 | Network | High | None | None | Un changed |
None | None | High | 11.3 | See Note 14 |
| CVE-2018-0495 | Solaris | Libgcrypt | None | No | 5.1 | Local | High | None | None | Un changed |
High | None | None | 11.3 | |
| CVE-2016-10198 | Solaris | GStreamer | Multiple | Yes | 5 | Network | High | None | Required | Un changed |
Low | Low | Low | 11.3 | See Note 5 |
| CVE-2018-8014 | Solaris | Apache Tomcat | Multiple | No | 4.3 | Network | Low | Low | None | Un changed |
Low | None | None | 11.3 | See Note 11 |
| CVE-2017-13726 | Solaris | LibTIFF | None | No | 3.3 | Local | Low | None | Required | Un changed |
None | None | Low | 11.3 | See Note 13 |
Revision 1: Published on 2018-07-17
| CVE# | Product | Third Party component | Protocol | Remote Exploit without Auth.? | CVSS VERSION 3.0 RISK (see Risk Matrix Definitions) | Supported Versions Affected | Notes | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Base Score | Attack Vector | Attack Complexity | Privs Req'd | User Interact | Scope | Confid-entiality | Inte-grity | Avail-ability | |||||||
| CVE-2018-1000021 | Solaris | Git | Multiple | Yes | 8.8 | Network | Low | None | Required | Un changed |
High | High | High | 11.3 | See Note 2 |
| CVE-2018-6126 | Solaris | Firefox | Multiple | Yes | 8.8 | Network | Low | None | Required | Un changed |
High | High | High | 11.3 | |
| CVE-2017-17969 | Solaris | P7ZIP | None | No | 7.8 | Local | Low | None | Required | Un changed |
High | High | High | 11.3, 10 | See Note 1 |
| CVE-2018-10115 | Solaris | P7ZIP | None | No | 7.8 | Local | Low | None | Required | Un changed |
High | High | High | 11.3 | |
| CVE-2017-17969 | Solaris | P7ZIP | None | No | 7.8 | Local | Low | None | Required | Un changed |
High | High | High | 11.3 | |
| CVE-2018-12020 | Solaris | GnuPG | Multiple | Yes | 7.5 | Network | Low | None | None | Un changed |
None | High | None | 11.3 | |
| CVE-2018-12364 | Solaris | Firefox | Multiple | Yes | 7.5 | Network | High | None | Required | Un changed |
High | High | High | 11.3 | See Note 3 |
| CVE-2017-12613 | Solaris | Apache HTTP server | Multiple | Yes | 7.4 | Network | High | None | None | Un changed |
High | None | High | 11.3, 10 | |
| CVE-2017-7418 | Solaris | ProFTPD | None | No | 5.5 | Local | Low | Low | None | Un changed |
None | High | None | 11.3 | |
Notes:
- This fix also addresses CVE-2018-5996.
- This fix also addresses CVE-2018-11233 CVE-2018-11235.
- This fix also addresses CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-5156 CVE-2018-5188.
- This fix also addresses CVE-2016-9445 CVE-2016-9446 CVE-2016-9447 CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9807 CVE-2016-9808 CVE-2016-9809 CVE-2016-9810 CVE-2016-9812 CVE-2016-9813.
- This fix also addresses CVE-2016-10199 CVE-2017-5838 CVE-2017-5839 CVE-2017-5840 CVE-2017-5841 CVE-2017-5842 CVE-2017-5844 CVE-2017-5845.
- This fix also addresses CVE-2016-2105 CVE-2016-2106 CVE-2016-2177 CVE-2016-2178 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-3424 CVE-2016-3440 CVE-2016-3452 CVE-2016-3459 CVE-2016-3486 CVE-2016-3492 CVE-2016-3495 CVE-2016-3501 CVE-2016-3518 CVE-2016-3588 CVE-2016-3614 CVE-2016-3615 CVE-2016-5436 CVE-2016-5437 CVE-2016-5439 CVE-2016-5440 CVE-2016-5441 CVE-2016-5442 CVE-2016-5443 CVE-2016-5444 CVE-2016-5507 CVE-2016-5584 CVE-2016-5609 CVE-2016-5612 CVE-2016-5624 CVE-2016-5625 CVE-2016-5626 CVE-2016-5627 CVE-2016-5628 CVE-2016-5629 CVE-2016-5630 CVE-2016-5631 CVE-2016-5632 CVE-2016-5633 CVE-2016-5634 CVE-2016-5635 CVE-2016-6302 CVE-2016-6303 CVE-2016-6306 CVE-2016-7440 CVE-2016-8283 CVE-2016-8284 CVE-2016-8286 CVE-2016-8287 CVE-2016-8288 CVE-2016-8289 CVE-2016-8290 CVE-2017-10155 CVE-2017-10165 CVE-2017-10167 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-10284 CVE-2017-10286 CVE-2017-10294 CVE-2017-10296 CVE-2017-10311 CVE-2017-10313 CVE-2017-10314 CVE-2017-10320 CVE-2017-10365 CVE-2017-10379 CVE-2017-10384 CVE-2017-3308 CVE-2017-3309 CVE-2017-3329 CVE-2017-3331 CVE-2017-3450 CVE-2017-3453 CVE-2017-3454 CVE-2017-3455 CVE-2017-3456 CVE-2017-3457 CVE-2017-3458 CVE-2017-3459 CVE-2017-3460 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3465 CVE-2017-3467 CVE-2017-3468 CVE-2017-3529 CVE-2017-3599 CVE-2017-3600 CVE-2017-3633 CVE-2017-3634 CVE-2017-3635 CVE-2017-3637 CVE-2017-3638 CVE-2017-3639 CVE-2017-3640 CVE-2017-3641 CVE-2017-3642 CVE-2017-3643 CVE-2017-3644 CVE-2017-3645 CVE-2017-3647 CVE-2017-3648 CVE-2017-3649 CVE-2017-3650 CVE-2017-3651 CVE-2017-3652 CVE-2017-3653 CVE-2017-3731 CVE-2017-3732 CVE-2017-3737 CVE-2018-2562 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2591 CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2646 CVE-2018-2647 CVE-2018-2665 CVE-2018-2667 CVE-2018-2668 CVE-2018-2696 CVE-2018-2703 CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762 CVE-2018-2766 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775 CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779 CVE-2018-2780 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2786 CVE-2018-2787 CVE-2018-2810 CVE-2018-2812 CVE-2018-2813 CVE-2018-2816 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 CVE-2018-2839 CVE-2018-2846.
- This fix also addresses CVE-2017-13739 CVE-2017-13740 CVE-2017-13741 CVE-2017-13742 CVE-2017-13743 CVE-2017-13744.
- This fix also addresses CVE-2017-3137.
- This fix also addresses CVE-2017-11333 CVE-2018-5146.
- This fix also addresses CVE-2018-10393.
- This fix also addresses CVE-2018-1336 CVE-2018-8034 CVE-2018-8037.
- This fix also addresses CVE-2017-10155 CVE-2017-10165 CVE-2017-10167 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-10284 CVE-2017-10286 CVE-2017-10294 CVE-2017-10296 CVE-2017-10311 CVE-2017-10313 CVE-2017-10314 CVE-2017-10320 CVE-2017-10365 CVE-2017-10379 CVE-2017-10384 CVE-2017-3329 CVE-2017-3331 CVE-2017-3453 CVE-2017-3454 CVE-2017-3455 CVE-2017-3456 CVE-2017-3457 CVE-2017-3458 CVE-2017-3459 CVE-2017-3460 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3465 CVE-2017-3467 CVE-2017-3468 CVE-2017-3529 CVE-2017-3633 CVE-2017-3634 CVE-2017-3635 CVE-2017-3637 CVE-2017-3638 CVE-2017-3639 CVE-2017-3640 CVE-2017-3641 CVE-2017-3642 CVE-2017-3643 CVE-2017-3644 CVE-2017-3645 CVE-2017-3647 CVE-2017-3648 CVE-2017-3649 CVE-2017-3650 CVE-2017-3651 CVE-2017-3652 CVE-2017-3653 CVE-2017-3731 CVE-2017-3732 CVE-2017-3737 CVE-2017-3738 CVE-2018-0739 CVE-2018-2562 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2591 CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2646 CVE-2018-2647 CVE-2018-2665 CVE-2018-2667 CVE-2018-2668 CVE-2018-2696 CVE-2018-2703 CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762 CVE-2018-2766 CVE-2018-2767 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775 CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779 CVE-2018-2780 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2786 CVE-2018-2787 CVE-2018-2810 CVE-2018-2812 CVE-2018-2813 CVE-2018-2816 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 CVE-2018-2839 CVE-2018-2846 CVE-2018-3054 CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061 CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070 CVE-2018-3071 CVE-2018-3077 CVE-2018-3081.
- This fix also addresses CVE-2018-10963.
- This fix also addresses CVE-2018-14339 CVE-2018-14340 CVE-2018-14342 CVE-2018-14343 CVE-2018-14344 CVE-2018-14367 CVE-2018-14368 CVE-2018-14369.
- This fix also addresses CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12365 CVE-2018-12366 CVE-2018-12368 CVE-2018-12372 CVE-2018-12373 CVE-2018-12374 CVE-2018-5188.
- This fix also addresses CVE-2017-11462 CVE-2017-15088 CVE-2018-5710 CVE-2018-5729 CVE-2018-5730.
- This fix also addresses CVE-2001-1593 CVE-2014-0466.
- This fix also addresses CVE-2017-14040 CVE-2017-14041 CVE-2017-14151 CVE-2017-14152 CVE-2017-14164.
- This fix also addresses CVE-2016-7978.
- This fix also addresses CVE-2015-8915 CVE-2015-8916 CVE-2015-8917 CVE-2015-8918 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8927 CVE-2015-8928 CVE-2015-8929 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934.
- This fix also addresses CVE-2017-5336 CVE-2017-5337.
- This fix also addresses CVE-2016-7045.
- This fix also addresses CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5455 CVE-2017-5456 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5468 CVE-2017-5469.
- This fix also addresses CVE-2016-10505 CVE-2016-10506 CVE-2016-10507.
- This fix also addresses CVE-2017-9083 CVE-2017-9406 CVE-2017-9408.
- This fix also addresses CVE-2016-7958.
- This fix also addresses CVE-2015-4513 CVE-2016-1930 CVE-2016-2805 CVE-2016-2807 CVE-2016-2808.
- This fix also addresses CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5469.
- This fix also addresses CVE-2016-7977.
- This fix also addresses CVE-2016-1923.
- This fix also addresses CVE-2017-3137 CVE-2017-3138.
- This fix also addresses CVE-2017-3136 CVE-2017-3137.
- This fix also addresses CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116.
- This fix also addresses CVE-2018-1000027.
- This fix also addresses CVE-2017-1000382 CVE-2017-11109.
- This fix also addresses CVE-2017-13884 CVE-2017-13885 CVE-2017-5715 CVE-2017-7153 CVE-2017-7160 CVE-2017-7161 CVE-2017-7165 CVE-2018-4088 CVE-2018-4089 CVE-2018-4096.
- This fix also addresses CVE-2012-6708 CVE-2015-9251.
- This fix also addresses CVE-2018-1333.