72 matches found
openSUSE Security Update : libssh2_org (openSUSE-2020-2126)
This update for libssh2org fixes the following issues : - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes : - adds ECDSA keys and host key support when using OpenSSL - adds ED25519 key and host key support when using OpenSSL 1.1.1 - adds OpenSSH style key file reading ...
Security update for neomutt (moderate)
openSUSE Security Update: Security update for neomutt Announcement ID: openSUSE-SU-2020:2157-1 Rating: moderate References: 1172906 1172935 1173197 1179035 1179113 Cross-References: CVE-2020-14093 CVE-2020-14154 CVE-2020-14954 CVE-2020-28896 Affected Products: openSUSE Backports SLE-15-SP1 An...
openSUSE Security Update : libssh2_org (openSUSE-2020-2129)
This update for libssh2org fixes the following issues : - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes : - adds ECDSA keys and host key support when using OpenSSL - adds ED25519 key and host key support when using OpenSSL 1.1.1 - adds OpenSSH style key file reading ...
OPENSUSE-SU-2020:1868-1 Security update for salt
This update for salt fixes the following issues: - Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string bsc1178485 - Properly validate eauth credentials and tokens on SSH calls made by Salt API bsc1178319, bsc1178362, bsc1178361, CVE-2020-25592, CVE-2020-17490,...
False-positive validity for NFT1 genesis transactions
Impact In the npm package named "slp-validate", versions prior to 1.2.2 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any o...
GHSA-CC2P-4JHR-XHHX False-positive validity for NFT1 genesis transactions in SLPJS
Impact In the npm package named "slpjs", versions prior to 0.27.4 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the...
False-positive validity for NFT1 genesis transactions in SLPJS
Impact In the npm package named "slpjs", versions prior to 0.27.4 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the...
openSUSE Security Update : ruby2.5 (openSUSE-2020-395)
This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. - CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. - CVE-2019-16254: Fixed...
openSUSE: Security Advisory for Recommended (openSUSE-SU-2020:0395-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0395-1 Recommended update for ruby2.5
This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. - CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. - CVE-2019-16254: Fixed...
Recommended update for ruby2.5 (important)
openSUSE Security Update: Recommended update for ruby2.5 Announcement ID: openSUSE-SU-2020:0395-1 Rating: important References: 1140844 1152990 1152992 1152994 1152995 1162396 1164804 Cross-References: CVE-2012-6708 CVE-2015-9251 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255...
SUSE-SU-2020:0762-1 Security Beta update for Salt
This update fixes the following issues: salt: - Requiring python3-distro only for openSUSE/SLE = 15 - Use full option name instead of undocumented abbreviation for zypper - Python-distro is only needed for Python 3.7. Removing it for Python 2 - Fixed a local privilege escalation to root bsc115746...
SUSE-SU-2020:0737-1 Recommended update for ruby2.5
This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake bsc1164804. - CVE-2019-16255: Fixed a code injection vulnerability of Shell and Shelltest bsc1152990. - CVE-2019-16254: Fixed...
openSUSE Security Update : salt (openSUSE-2020-357)
This update for salt fixes the following issues : - Avoid possible user escalation upgrading salt-master bsc1157465 CVE-2019-18897 - Fix unit tests failures in testbatchasync tests - Batch Async: Handle exceptions, properly unregister and close instances after running async batching to avoid CPU...
SUSE-SU-2020:0684-1 Security update for salt
This update for salt fixes the following issues: - Avoid possible user escalation upgrading salt-master bsc1157465 CVE-2019-18897 - Fix unit tests failures in testbatchasync tests - Batch Async: Handle exceptions, properly unregister and close instances after running async batching to avoid CPU...
qt5-qtbase security and bug fix update
qt5-qtbase 5.11-1-7 - Move libQt5EglFSDeviceIntegration lib out of the -devel subpkg Resolves: bz1692970 - Fix QImage allocaion failure Resolve: bz1667860 - Fix double free in QXmlStreamReader Resolve: bz1667858 - Fix segmentation fault on malformed BMP file Resolve: bz1667859 5.11.1-6 - Create a...
XXE Vulnerability
This is: - a bugfix - a new feature - X security Checklist: - X Changes are covered by unit tests - X Code style is respected - X Commit message explains why the change is made see https://github.com/erlang/otp/wiki/Writing-good-commit-messages - X CHANGELOG.md contains a short summary of the...
[SECURITY] Fedora 29 Update: meson-0.50.0-4.fc29
Meson is a build system designed to optimize programmer productivity. It aims to do this by providing simple, out-of-the-box support for modern software development tools and practices, such as unit tests, coverage reports, Valgrind, CCache and the like...
CVE-2018-12713
GIMP through 2.10.2 makes ggettmpdir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimpwriteandreadfile function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was...
[SECURITY] Fedora 28 Update: nodejs-JSV-4.0.2-12.fc28
JSV is a JavaScript implementation of a extendable, fully compliant JSON Schema validator with the following features: The fastest extendable JSON validator available! Complete implementation of all current JSON Schema draft revisions. Supports creating individual environments sandboxes that...