openSUSE Security Update : go1.14 (openSUSE-2020-2067)

This update for go1.14 fixes the following issues : - go1.14.12 released 2020-11-12 includes security fixes to the cmd/go and math/big packages. - go42553 math/big: panic during recursive division of very large numbers bsc1178750 CVE-2020-28362 - go42560 cmd/go: arbitrary code can be injected int...

OPENSUSE-SU-2020:2067-1 Security update for go1.14

This update for go1.14 fixes the following issues: - go1.14.12 released 2020-11-12 includes security fixes to the cmd/go and math/big packages. go42553 math/big: panic during recursive division of very large numbers bsc1178750 CVE-2020-28362 go42560 cmd/go: arbitrary code can be injected into cgo...

Security update for podman (moderate)

openSUSE Security Update: Security update for podman Announcement ID: openSUSE-SU-2020:2063-1 Rating: moderate References: 1176804 1178122 1178392 Cross-References: CVE-2020-14370 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has two fixes is now available...

Security update for go1.14 (moderate)

openSUSE Security Update: Security update for go1.14 Announcement ID: openSUSE-SU-2020:2067-1 Rating: moderate References: 1164903 1178750 1178752 1178753 Cross-References: CVE-2020-28362 CVE-2020-28366 CVE-2020-28367 Affected Products: openSUSE Leap 15.2 An update that solves three vulnerabiliti...

Security update for go1.14 (moderate)

openSUSE Security Update: Security update for go1.14 Announcement ID: openSUSE-SU-2020:2047-1 Rating: moderate References: 1164903 1178750 1178752 1178753 Cross-References: CVE-2020-28362 CVE-2020-28366 CVE-2020-28367 Affected Products: openSUSE Leap 15.1 An update that solves three vulnerabiliti...

SUSE-SU-2020:3369-1 Security update for go1.14

This update for go1.14 fixes the following issues: - go1.14.12 released 2020-11-12 includes security fixes to the cmd/go and math/big packages. go42553 math/big: panic during recursive division of very large numbers bsc1178750 CVE-2020-28362 go42560 cmd/go: arbitrary code can be injected into cgo...

Security fix for the ALT Linux 10 package thunderbird version 78.5.0-alt1

Nov. 19, 2020 Andrey Cherepanov 78.5.0-alt1 - New version 78.5.0. - Fixes: + CVE-2020-26951 Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code + CVE-2020-16012 Variable time processing of cross-origin images during drawImage calls + CVE-2020-26953 Fullscreen...

Debian DLA-2452-2 : libdatetime-timezone-perl regression update

2.09-1+2020d accidentally did omit changes to some files, resulting in warnings. For Debian 9 stretch, this problem has been fixed in version 2.09-1+2020d+1. We recommend that you upgrade your libdatetime-time zone-perl packages. NOTE: Tenable Network Security has extracted the preceding...

[SECURITY] [DLA 2452-2] libdatetime-timezone-perl regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2452-2 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 17, 2020 https://wiki.debian.org/LTS -...

Updated java-1.8.0-openjdk packages fix security vulnerabilities

High memory usage during deserialization of Proxy class with many interfaces. CVE-2020-14779 Credentials sent over unencrypted LDAP connection. CVE-2020-14781 Certificate blacklist bypass via alternate certificate encodings. CVE-2020-14782 Integer overflow leading to out-of-bounds access...

MGASA-2020-0418 Updated java-1.8.0-openjdk packages fix security vulnerabilities

High memory usage during deserialization of Proxy class with many interfaces. CVE-2020-14779 Credentials sent over unencrypted LDAP connection. CVE-2020-14781 Certificate blacklist bypass via alternate certificate encodings. CVE-2020-14782 Integer overflow leading to out-of-bounds access...

libexif security, bug fix, and enhancement update

0.6.22-4 - Add patch for CVE-2020-0181/CVE-2020-0198 - Resolves: 1847753 - Resolves: 1847761 0.6.22-3 - Also remove timezone from the .mo files - Related: 1841320 0.6.22-2 - Remove timestamps from the .mo files to avoid multilib conflicts - Related: 1841320...

Fedora 32 : 1:java-11-openjdk (2020-fdc79d8e5b)

New in release OpenJDK 11.0.9 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk1109 - https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt Security fixes - JDK-8233624: Enhance JNI linkage -...

Security update for grafana (moderate)

openSUSE Security Update: Security update for grafana Announcement ID: openSUSE-SU-2020:1611-1 Rating: moderate References: 1044444 1044933 1115960 1170557 Cross-References: CVE-2018-19039 CVE-2019-15043 CVE-2020-12245 CVE-2020-13379 Affected Products: openSUSE Backports SLE-15-SP1 An update that...

SUSE-SU-2020:2482-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 4 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - UPDATE TIMEZONE INFORMATION TO TZDATA2020A...

SUSE-SU-2020:14484-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 4 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - UPDATE TIMEZONE INFORMATION TO TZDATA2020A...

SUSE-SU-2020:14482-1 Security update for java-1_7_0-ibm

This update for java-170-ibm fixes the following issues: - Update to Java 7.0 Service Refresh 10 Fix Pack 70 bsc1175259, bsc1174157 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14621 CVE-2020-14593 CVE-2020-14583 CVE-2019-17639 Class Libraries: - TRANSLATION MESSAGES UPDATE FOR JCL -...

CVE-2020-24032

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone...

CVE-2020-24032

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone...

Command injection

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command injection via shell metacharacters in a timezone...