102 matches found
SUSE-SU-2022:3598-1 Security update for exiv2
This update for exiv2 fixes the following issues: - CVE-2021-37621: Fixed denial of service due to infinite loop in Image:printIFDStructure bsc1189333. - CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read bsc1189332. - CVE-2021-37619: Fixed out-of-bounds read in...
CVE-2021-27411 Micrium OS Integer Overflow or Wraparound
Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...
SUSE-SU-2022:14888-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2015-8683: Fixed out-of-bounds when reading CIE Lab image format files bsc1156754. - CVE-2015-8665: Fixed out-of-bounds read in tifgetimage.c bsc1156749. - CVE-2020-35521: Fixed memory allocation failure in tifread.c bsc1182808. -...
SUSE-SU-2022:0480-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb bsc1071031. - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image bsc1154365. - CVE-2020-19131: Fixed buffer overflow in...
SUSE-SU-2022:14875-1 Security update for java-1_7_1-ibm
This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 5 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. bsc1194198, bsc1192052 - CVE-2021-3558...
SUSE-SU-2022:0108-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. bsc1194198, bsc1192052 - CVE-2021-3558...
SUSE-SU-2021:3771-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version OpenJDK 8u312 October 2021 CPU: - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS bsc1191901. - CVE-2021-35556: Fixed excessive memory allocation in RTFParser bsc1191910. - CVE-2021-35559: Fixed...
OPENSUSE-SU-2021:3770-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version OpenJDK 8u312 October 2021 CPU: - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS bsc1191901. - CVE-2021-35556: Fixed excessive memory allocation in RTFParser bsc1191910. - CVE-2021-35559: Fixed...
OPENSUSE-SU-2021:1455-1 Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u312 build 07 with OpenJ9 0.29.0 virtual machine including Oracle July 2021 and October 2021 CPU changes - CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder on Windows bsc1185056. ...
OPENSUSE-SU-2021:3615-1 Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u312 build 07 with OpenJ9 0.29.0 virtual machine including Oracle July 2021 and October 2021 CPU changes - CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder on Windows bsc1185056. ...
MGASA-2021-0469 Updated firefox packages fix security vulnerability
Due to a data race in the crossbeam-deque in the crossbeam crate, one or more tasks in the worker queue could have been be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this could have caused a double free and a memory leak...
OPENSUSE-SU-2021:1115-1 Security update for apache-commons-compress
This update for apache-commons-compress fixes the following issues: - Updated to 1.21 - CVE-2021-35515: Fixed an infinite loop when reading a specially crafted 7Z archive. bsc1188463 - CVE-2021-35516: Fixed an excessive memory allocation when reading a specially crafted 7Z archive. bsc1188464 -...
SUSE-SU-2021:2295-1 Security update for slurm_20_11
This update for slurm2011 fixes the following issues: Updated to 20.11.7 Summary of new features: CVE-2021-31215: Fixed a remote code execution as SlurmUser bsc1186024. slurmd - handle configless failures gracefully instead of hanging indefinitely. select/constres - fix Dragonfly topology not...
OPENSUSE-SU-2021:0670-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2021-23215: Fixed an integer-overflow in Imf25:DwaCompressor:initializeBuffers bsc1185216. - CVE-2021-26260: Fixed an Integer-overflow in Imf25:DwaCompressor:initializeBuffers bsc1185217. - CVE-2021-20296: Fixed a Null Pointer dereference ...
SUSE: Security Advisory (SUSE-SU-2016:3107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...
SUSE-SU-2020:3054-1 Security update for pacemaker
This update for pacemaker fixes the following issues: Update to 2.0.4: - based: use crmexit to free qb-logging - cibsecret: don't use pssh -q option unless supported - crmerror: use gfree for a proper match - crmmon: NULL output-pointer when buffer is freed - crmresource: avoid unnecessary issus...
MGASA-2019-0302 Updated java-1.8.0-openjdk packages fix security vulnerabilities
The updated packages fix several bugs and some security issues: Missing restrictions on use of custom SocketImpl Networking, 8218573. CVE-2019-2945 Improper handling of Kerberos proxy credentials Kerberos, 8220302. CVE-2019-2949 NULL pointer dereference in DrawGlyphList 2D, 8222690. CVE-2019-2962...
SUSE-SU-2019:13975-1 Security update for java-1_7_0-ibm
This update for java-170-ibm to version 7.0.10.40 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl bsc1122293. - CVE-2018-11212: Fixed an issue in allocsarray function in jmemmgr.c bsc1122299. More information:...
SUSE-SU-2018:1562-2 Security update for glibc
This update for glibc fixes the following issues: - CVE-2017-18269: Fix SSE2 memmove issue when crossing 2GB boundary bsc1094150 - CVE-2018-11236: Fix overflow in path length computation bsc1094161 - CVE-2018-11237: Don't write beyond buffer destination in mempcpyavx512novzeroupper bsc1094154 Non...