openSUSE Security Update : nginx (openSUSE-2019-195)

This update for nginx fixes the following issues : nginx was updated to 1.14.2 : - Bugfix: nginx could not be built on Fedora 28 Linux. - Bugfix: in handling of client addresses when using unix domain listen sockets to work with datagrams on Linux. - Change: the logging level of the 'http request...

openSUSE: Security Advisory for nginx (openSUSE-SU-2019:0195-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for nginx (moderate)

openSUSE Security Update: Security update for nginx Announcement ID: openSUSE-SU-2019:0195-1 Rating: moderate References: 1115015 1115022 1115025 Cross-References: CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 SUSE Package Hub for SUSE Linux...

Security update for python-urllib3 (moderate)

openSUSE Security Update: Security update for python-urllib3 Announcement ID: openSUSE-SU-2019:0159-1 Rating: moderate References: 1024540 1074247 1110422 Cross-References: CVE-2016-9015 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has two fixes is now...

openSUSE: Security Advisory for kernel (openSUSE-SU-2019:0140-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:0140-1 Rating: important References: 1012382 1015336 1015337 1015340 1019683 1019695 1020645 1023175 1027260 1031492 1043083 1047487 1065600 1068032 1070805 1079935 1086423 1087082 1091405 1094244...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:0224-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. This update brings following features : Support for Enhanced-IBRS on new Intel CPUs fate326564 The following security bugs were fixed: CVE-2018-9568: In skclonelock of sock.c, there is a possible memory...

SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0222-1) (Spectre)

The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-19407: The vcpuscanioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service NULL pointer dereference and BUG via...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:0196-1)

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-9568: In skclonelock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no...

SUSE SLES11 Security Update : kernel (SUSE-SU-2019:13937-1)

The SUSE Linux Enterprise 12 SP3 kernel was updated to 3.0.101 to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-9516: In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-65)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-19407: The vcpuscanioapic function in arch/x86/kvm/x86.c allowed local users to cause a denial of service NULL pointer dereference and BUG via crafted system cal...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:0065-1 Rating: important References: 1024718 1046299 1050242 1050244 1051510 1055121 1055186 1058115 1060463 1065729 1078248 1079935 1082387 1083647 1086282 1086283 1086423 1087978 1088386 1090888...

Fedora 28 : knot-resolver (2018-b7d774a7c1)

Knot Resolver 2.4.1 2018-08-02 ================================ Security -------- - fix CVE-2018-10920: Improper input validation bug in DNS resolver component security!7, security!9 Bugfixes -------- - cache: fix TTL overflow in packet due to minttl 388, security!8 - TLS session resumption: avoi...

Fedora 28 : spamassassin (2018-46d7a7f63e)

Fixed some small bugs in the previous package: Initial rules now have the correct version, sought channel config is dropped since it doesn't exist anymore and build / runtime deps adjusted. ---- Update to 3.4.2. Fixes CVE-2017-15705, CVE-2018-11780 and CVE-2018-11781 along with many other bugfixe...

Fedora 28 : wesnoth (2018-dc339c6534)

Fix for CVE-2018-1999023, other bugfixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 28 : qutebrowser (2018-61dbd4a787)

This update fix CVE-2018-10895 0 and a few minor bugs. 0 : Due to a CSRF vulnerability affecting the qute://settings page, it was possible for websites to modify qutebrowser settings. Via settings like editor.command, this possibly allowed websites to execute arbitrary code. ---- This version fix...

Fedora 28 : rsyslog (2018-749f2bae28)

rebase to 8.37.0 ---------------------- - few fixes and enhancements handling journal input - now requires librelp at least 1.2.16, adding support for setting address to bind - various other rsyslog core bugfixes and stability fixes Note that Tenable Network Security has extracted the preceding...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:3589-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier...

SUSE SLED15 / SLES15 Security Update : libepubgen, liblangtag, libmwaw, libnumbertext, libreoffice, libstaroffice, libwps, myspell-dictionaries, xmlsec1 (SUSE-SU-2018:3683-1)

This update for LibreOffice, libepubgen, liblangtag, libmwaw, libnumbertext, libstaroffice, libwps, myspell-dictionaries, xmlsec1 fixes the following issues : LibreOffice was updated to 6.1.3.2 fate326624 and contains new features and lots of bugfixes : The full changelog can be found on :...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:2980-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-14617: Prevent NULL pointer dereference and panic in hfspluslookup when opening a file that is purportedly a hard link in an hfs+ filesystem that has malform...