3656 matches found
CVE-2020-24240
GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...
CVE-2020-24240
GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...
The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example within a single execution of a program the output of every __builtin_darn() call may be the same.
...
CentOS 7 : java-11-openjdk (RHSA-2020:2969)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2969 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u25...
SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2078-1)
This update for grub2 fixes the following issues : Fix for CVE-2020-10713 bsc1168994 Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 bsc1173812 Fix for CVE-2020-15706 bsc1174463 Fix for CVE-2020-15707 bsc1174570 Use overflow checking primitives where the arithmetic expressio...
SUSE SLES12 Security Update : grub2 (SUSE-SU-2020:2076-1)
This update for grub2 fixes the following issues : Fix for CVE-2020-10713 bsc1168994 Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 bsc1173812 Fix for CVE-2020-15706 bsc1174463 Fix for CVE-2020-15707 bsc1174570 Use overflow checking primitives where the arithmetic expressio...
SUSE-SU-2020:2079-1 Security update for grub2
This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 bsc1168994 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 bsc1173812 - Fix for CVE-2020-15706 bsc1174463 - Fix for CVE-2020-15707 bsc1174570 - Use overflow checking primitives where the arithmetic...
SUSE-SU-2020:2078-1 Security update for grub2
This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 bsc1168994 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 bsc1173812 - Fix for CVE-2020-15706 bsc1174463 - Fix for CVE-2020-15707 bsc1174570 - Use overflow checking primitives where the arithmetic...
SUSE-SU-2020:2073-1 Security update for grub2
This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 bsc1168994 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 bsc1173812 - Fix for CVE-2020-15706 bsc1174463 - Fix for CVE-2020-15707 bsc1174570 - Use overflow checking primitives where the arithmetic...
OSV-2020-1531 Segv on unknown address in clang::Sema::PerformImplicitConversion
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19621 Crash type: Segv on unknown address Crash state: clang::Sema::PerformImplicitConversion clang::Sema::PerformImplicitConversion clang::Sema::PerformContextuallyConvertToBool...
Debian: Security Advisory (DLA-2296-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OSV-2020-1426 Segv on unknown address in clang::CXXRecordDecl::data
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19132 Crash type: Segv on unknown address Crash state: clang::CXXRecordDecl::data clang::Sema::FinalizeVarWithDestructor clang::Sema::ActOnBlockStmtExpr...
openSUSE Security Update : go1.13 (openSUSE-2020-1095)
This update for go1.13 fixes the following issues : - go1.13.14 released 2020/07/16 includes fixes to the compiler, vet, and the database/sql, net/http, and reflect packages Refs bsc1149259 go1.13 release tracking - go39925 net/http: panic on misformed If-None-Match Header with http.ServeContent ...
openSUSE Security Update : go1.13 (openSUSE-2020-1087)
This update for go1.13 fixes the following issues : - go1.13.14 released 2020/07/16 includes fixes to the compiler, vet, and the database/sql, net/http, and reflect packages Refs bsc1149259 go1.13 release tracking - go39925 net/http: panic on misformed If-None-Match Header with http.ServeContent ...
OPENSUSE-SU-2020:1095-1 Security update for go1.13
This update for go1.13 fixes the following issues: - go1.13.14 released 2020/07/16 includes fixes to the compiler, vet, and the database/sql, net/http, and reflect packages Refs bsc1149259 go1.13 release tracking go39925 net/http: panic on misformed If-None-Match Header with http.ServeContent...
SUSE SLED15 / SLES15 Security Update : rust, rust-cbindgen (SUSE-SU-2020:2041-1)
"This update for rust, rust-cbindgen fixes the following issues : rust was updated for use by Firefox 76ESR. Fixed miscompilations with rustc 1.43 that lead to LTO failures bsc1173202 Update to version 1.43.1 Updated openssl-src to 1.1.1g for CVE-2020-1967. Fixed the stabilization of AVX-512...
Security update for go1.13 (important)
openSUSE Security Update: Security update for go1.13 Announcement ID: openSUSE-SU-2020:1095-1 Rating: important References: 1149259 1169832 1172868 1174153 1174191 Cross-References: CVE-2020-14039 CVE-2020-15586 Affected Products: openSUSE Leap 15.2 An update that solves two vulnerabilities and h...
OPENSUSE-SU-2020:1087-1 Security update for go1.13
This update for go1.13 fixes the following issues: - go1.13.14 released 2020/07/16 includes fixes to the compiler, vet, and the database/sql, net/http, and reflect packages Refs bsc1149259 go1.13 release tracking go39925 net/http: panic on misformed If-None-Match Header with http.ServeContent...
Security update for go1.13 (important)
openSUSE Security Update: Security update for go1.13 Announcement ID: openSUSE-SU-2020:1087-1 Rating: important References: 1149259 1169832 1172868 1174153 1174191 Cross-References: CVE-2020-14039 CVE-2020-15586 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and h...
SUSE-SU-2020:2041-1 Security update for rust, rust-cbindgen
This update for rust, rust-cbindgen fixes the following issues: rust was updated for use by Firefox 76ESR. - Fixed miscompilations with rustc 1.43 that lead to LTO failures bsc1173202 Update to version 1.43.1 - Updated openssl-src to 1.1.1g for CVE-2020-1967. - Fixed the stabilization of AVX-512...