75 matches found
SUSE-SU-2022:2058-1 Security update for u-boot
This update for u-boot fixes the following issues: - A large buffer overflow could have lead to a denial of service in the IP Packet deframentation code. CVE-2022-30552, bsc1200363 - A Hole Descriptor Overwrite could have lead to an arbitrary out of bounds write primitive. CVE-2022-30790, bsc1200...
SUSE-SU-2022:1565-1 Security update for giflib
This update for giflib fixes the following issues: - CVE-2019-15133: Fixed a divide-by-zero exception in the decoder function DGifSlurp in dgiflib.c if the height field of the ImageSize data structure is equal to zero bsc1146299. - CVE-2018-11490: Fixed a heap-based buffer overflow in...
SUSE SLES11 Security Update : opensc (SUSE-SU-2021:14835-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14835-1 advisory. - CVE-2021-42780: Fixed use after return in insertpin bsc1192005. - CVE-2021-42782: Stack buffer overflow issues in various places bsc1191957...
SUSE-SU-2021:3582-1 Security update for opensc
This update for opensc fixes the following issues: - CVE-2021-42780: Fixed use after return in insertpin bsc1192005. - CVE-2021-42779: Fixed use after free in scfilevalid bsc1191992. - CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c bsc1192000. - CVE-2021-42782: Stack...
OPENSUSE-SU-2021:1641-1 Security update for djvulibre
This update for djvulibre fixes the following issues: - CVE-2021-32490 bsc1185895: Out of bounds write in function DJVU:filterbv via crafted djvu file - CVE-2021-32491 bsc1185900: Integer overflow in function render in tools/ddjvu via crafted djvu file - CVE-2021-32492 bsc1185904: Out of bounds...
SUSE-SU-2021:2158-1 Security update for openexr
This update for openexr fixes the following issues: - Fixed CVE-2021-3605 bsc1187395: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 bsc1187310: Heap buffer overflow in Imf31:CharPtrIO:readChars...
OPENSUSE-SU-2021:0677-1 Security update for exim
This update for exim fixes the following issues: Exim was updated to exim-4.94.2 security update boo1185631 CVE-2020-28007: Link attack in Exim's log directory CVE-2020-28008: Assorted attacks in Exim's spool directory CVE-2020-28014: Arbitrary PID file creation CVE-2020-28011: Heap buffer overfl...
SUSE-SU-2021:1168-1 Security update for opensc
This update for opensc fixes the following issues: - CVE-2019-15945: Fixed an out-of-bounds access of an ASN.1 Bitstring in decodebitstring bsc1149746. - CVE-2019-15946: Fixed an out-of-bounds access of an ASN.1 Octet string in asn1decodeentry bsc1149747 - CVE-2019-19479: Fixed an incorrect read...
CentOS 8 : nodejs:12 (CESA-2020:4272)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4272 advisory. - npm: sensitive information exposure through logs CVE-2020-15095 - nodejs-dot-prop: prototype pollution CVE-2020-8116 - nodejs: HTTP request smuggling...
OPENSUSE-SU-2020:1831-1 Security update for chromium
This update for chromium fixes the following issues: - Update to 86.0.4240.183 boo1178375 - CVE-2020-16004: Use after free in user interface. - CVE-2020-16005: Insufficient policy enforcement in ANGLE. - CVE-2020-16006: Inappropriate implementation in V8 - CVE-2020-16007: Insufficient data...
SUSE-SU-2019:2106-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2019-13301: Fixed a memory leak in AcquireMagickMemory bsc1140554. - CVE-2019-13309: Fixed a memory leak at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages bsc1140520. - CVE-2019-13310: Fixed a...
SUSE-SU-2019:1388-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694:...
SUSE SLES15 Security Update : gnuplot (SUSE-SU-2019:0904-1)
This update for gnuplot fixes the following issues : Security issues fixed : CVE-2018-19492: Fixed a buffer overflow in cairotrmoptions function bsc1117463 CVE-2018-19491: Fixed a buffer overlow in the PSoptions function bsc1117464 CVE-2018-19490: Fixed a heap-based buffer overflow in the...
SUSE-SU-2019:0766-1 Security update for ovmf
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe bsc1130267. - CVE-2018-12181: Fixed a stack buffer overflow in the...
MGASA-2019-0099 Updated spice-gtk packages fix security vulnerability
A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are...
SUSE-SU-2018:2322-2 Security update for MozillaFirefox
This update for MozillaFirefox to version ESR 52.9 fixes the following issues: - CVE-2018-5188: Various memory safety bugs bsc1098998 - CVE-2018-12368: No warning when opening executable SettingContent-ms files - CVE-2018-12366: Invalid data handling during QCMS transformations - CVE-2018-12365:...
SUSE-SU-2018:1889-1 Security update for tiff
This update for tiff fixes the following security issues: These security issues were fixed: - CVE-2017-18013: Fixed a NULL pointer dereference in the tifprint.cTIFFPrintDirectory function that could have lead to denial of service bsc1074317. - CVE-2018-10963: Fixed an assertion failure in the...
SUSE-SU-2018:0907-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: Security issues fixed in Firefox ESR 52.7.3 bsc1085130: - CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 - CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList - CVE-2018-5129: Out-of-bounds writ...
SUSE-SU-2018:0462-1 Security update for freetype2
This update for freetype2 fixes the following issues: Security issue fixed: - CVE-2016-10244: The parsecharstrings function in type1/t1load.c did not ensure that a font contains a glyph name, which allowed remote attackers to cause a denial of service heap-based buffer over-read or possibly have...
SUSE-SU-2017:1110-1 Security update for tcpdump, libpcap
This update for tcpdump to version 4.9.0 and libpcap to version 1.8.1 fixes the several issues. These security issues were fixed in tcpdump: - CVE-2016-7922: The AH parser in tcpdump had a buffer overflow in print-ah.c:ahprint bsc1020940. - CVE-2016-7923: The ARP parser in tcpdump had a buffer...