176 matches found
SUSE-SU-2023:0002-1 Security update for sbd
This update for sbd fixes the following issues: Update to version 1.5.1+20221128.8ec8e01: - sbd-inquisitor: fail startup if pacemaker integration is disabled while SBDSYNCRESOURCESTARTUP is conflicting bsc1204319 - sbd-inquisitor: do not warn about startup syncing if pacemaker integration is even...
PT-2023-36103 · Sbd · Sbd
Name of the Vulnerable Software and Affected Versions: sbd versions prior to 1.5.1+20221128.8ec8e01 Description: The issue is related to the sbd-inquisitor component of the sbd software. It involves the handling of pacemaker integration and the SBD SYNC RESOURCE STARTUP setting. Specifically, the...
SUSE-SU-2022:4073-1 Security update for sccache
This update for sccache fixes the following issues: Updated to version 0.3.0: - CVE-2022-24713: Fixed Regex denial of service bsc1196972. - CVE-2021-45710: Fixed tokio data race with memory corruption bsc1194119. - Added hardening to systemd services bsc1181400...
CVE-2022-31256
A Improper Link Resolution Before File Access 'Link Following' vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1...
CVE-2022-21950
A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack the UNIX domain socket This issue affects: openSUSE Backports SLE-15-SP3 canna versions prior to canna-3.7p3-bp153.2.3.1. openSUSE...
Improper access control
A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack the UNIX domain socket This issue affects: openSUSE Backports SLE-15-SP3 canna versions prior to canna-3.7p3-bp153.2.3.1. openSUSE...
CVE-2022-21950
CVE-2022-21950 is an improper access-control vulnerability in the canna package’s systemd service on openSUSE Backports SLE-15-SP3/SP4 (and affected Factory). The issue allows local users to hijack the UNIX domain socket due to unsafe handling of the /tmp-based socket directory. Affected canna ve...
CVE-2022-21950 canna: unsafe handling of /tmp/.iroha_unix directory
A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack the UNIX domain socket This issue affects: openSUSE Backports SLE-15-SP3 canna versions prior to canna-3.7p3-bp153.2.3.1. openSUSE...
openSUSE 15 Security Update : canna (openSUSE-SU-2022:10091-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10091-1 advisory. - A Improper Access Control vulnerability in the systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows loc...
openSUSE: Security Advisory for Recommended (SUSE-SU-2022:2831-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2022:2831-1 Recommended update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures, python-coverage, python-oniconfig, python-unittest-mixins
This update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures fixes the following issues: - Update in SLE-15 bsc1196696, bsc1195916, jscSLE-23972 - Remove redundant python3 dependency from Requires - Update regular expression t...
PT-2022-15199 · Canna +2 · Canna +2
Name of the Vulnerable Software and Affected Versions: canna versions prior to canna-3.7p3-bp153.2.3.1 canna versions prior to 3.7p3-bp154.3.3.1 Description: An Improper Access Control issue in the systemd service of canna in openSUSE Backports SLE-15-SP3 and openSUSE Backports SLE-15-SP4 allows...
The vulnerability of the chown_one() function in the initialization subsystem and systemd service management allows a attacker to increase their privileges.
The vulnerability of the chownone function in the system initialization and systemd service management subsystem is related to the simultaneous execution using a shared resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2022-1736
Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default...
Exploit for Incorrect Authorization in Polkit_Project Polkit
PolicyKit CVE-2021-3560 Exploit Authentication Agent ====...
Security update for stunnel (important)
openSUSE Security Update: Security update for stunnel Announcement ID: openSUSE-SU-2022:0872-1 Rating: important References: 1181400 1182529 SLE-20679 Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 An update that contains security fixes and contains one feature can now be installed...
OPENSUSE-SU-2022:0036-1 Security update for zabbix
This update for zabbix fixes the following issues: - Updated to latest realease 4.0.37. Security issues fixed: - CVE-2022-23134: Fixed possible view of the setup pages by unauthenticated users if config file already exists boo1194681. - CVE-2021-27927: Fixed CSRF protection mechanism inside...
openSUSE: Security Advisory for fetchmail (openSUSE-SU-2021:1591-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-21944
A UNIX Symbolic Link Symlink Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman version...
CVE-2022-21944
A UNIX Symbolic Link Symlink Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman version...