DSA-4713-1 firefox-esr - security update

Bulletin has no description...

OPENSUSE-SU-2020:0902-1 Security update for chromium

This update for chromium fixes the following issues: Update to 83.0.4103.116 boo1173251: CVE-2020-6509: Use after free in extensions - Add patch to work with new ffmpeg bsc1173292 - Add multimedia fix for disabled location and also try one additional patch from Debian on the same issue boo1173107...

DLA-2256-1 libtirpc - security update

Bulletin has no description...

DLA-2232-1 python-httplib2 - security update

Bulletin has no description...

DLA-2228-1 json-c - security update

Bulletin has no description...

SUSE-SU-2020:1493-1 Security update for libmspack

This update for libmspack fixes the following issues: Security issue fixed: - CVE-2019-1010305: Fixed a buffer overflow triggered by a crafted chm file which could have led to information disclosure bsc1141680. Other issue addressed: - Enable build-time tests bsc1130489...

DSA-4692-1 netqmail - security update

Bulletin has no description...

DSA-4685-1 apt - security update

Bulletin has no description...

JVN#28806943: Multiple vulnerabilities in Movable Type

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. HTML attribute value injection vulnerability CWE-74 - CVE-2020-5574 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N| Base Score: 4.7 CVSS v2| AV:N/AC:M/Au:N/C:N/I:P/A:N...

DSA-4678-1 firefox-esr - security update

Bulletin has no description...

OPENSUSE-SU-2020:0555-1 Security update for cups

This update for cups fixes the following issues: - CVE-2020-3898: Fixed a heap buffer overflow in ppdFindOption bsc1168422. This update was imported from the SUSE:SLE-15:Update update project...

DSA-4663-1 python-reportlab - security update

Bulletin has no description...

DSA-4661-1 openssl - security update

Bulletin has no description...

Insecure Entropy Source - Math.random() in node-uuid

Affected versions of node-uuid consistently fall back to using Math.random as an entropy source instead of crypto, which may result in guessable UUID's. Recommendation Update to version 1.4.4 or later...

Cross-Site Scripting in sanitize-html

Affected versions of sanitize-html do not sanitize input recursively, which may allow an attacker to execute arbitrary Javascript. Recommendation Update to version 1.4.3 or later...

PT-2020-10127 · Siemens +2 · Simatic S7-300 Cpu 319F-3 Pn/Dp +42

Name of the Vulnerable Software and Affected Versions: SIMATIC ET 200AL IM 157-1 PN version 6ES7157-1AB00-0AB0 SIMATIC ET 200MP IM 155-5 PN HF version 6ES7155-5AA00-0AC0 SIMATIC ET 200pro IM 154-8 PN/DP CPU version 6ES7154-8AB01-0AB0 SIMATIC ET 200pro IM 154-8F PN/DP CPU version 6ES7154-8FB01-0AB...

DLA-2168-1 libplist - security update

Bulletin has no description...

DLA-2167-1 python-bleach - security update

Bulletin has no description...

DLA-2155-1 tomcat8 - security update

Bulletin has no description...

DSA-4645-1 chromium - security update

Bulletin has no description...