30 matches found
openSUSE Security Update : umoci (openSUSE-2021-846)
This update for umoci fixes the following issues : Update to v0.4.7 bsc1184147. - CVE-2021-29136: Fixed overwriting of host files via malicious layer bsc1184147. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descripti...
openSUSE Security Update : opera (openSUSE-2021-592)
This update for opera fixes the following issues : - Opera was updated to version 75.0.3969.171 boo1184256 CVE-2021-21194, CVE-2021-21195, CVE-2021-21196, CVE-2021-21197, CVE-2021-21198, CVE-2021-21199, CVE-2021-21191, CVE-2021-21192, CVE-2021-21193 %NASLMINLEVEL 70300 C Tenable Network Security,...
openSUSE Security Update : ruby2.5 (openSUSE-2021-607)
This update for ruby2.5 fixes the following issues : - Update to 2.5.9 - CVE-2021-28965: XML round-trip vulnerability in REXML bsc1184644 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...
openSUSE Security Update : python-django-registration (openSUSE-2021-588)
This update for python-django-registration fixes the following issues : Update to 3.1.2 boo1184427, CVE-2021-21416 - Filter sensitive POST parameters in error reports - Fix RemovedInDjango40Warning from Signal arguments %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
openSUSE Security Update : hawk2 (openSUSE-2021-473)
This update for hawk2 fixes the following issues : - Update to version 2.6.3 : - Remove hawkinvoke and use capture3 instead of runas bsc1179999CVE-2020-35459 - Remove unnecessary chmod bsc1182166CVE-2021-25314 - Sanitize filename to contains whitelist of alphanumeric bsc1182165 This update was...
openSUSE Security Update : rubygem-nokogiri (openSUSE-2021-237)
This update for rubygem-nokogiri fixes the following issues: rubygem-nokogiri was updated to 1.8.5 bsc1156722. Security issues fixed : - CVE-2019-5477: Fixed a command injection vulnerability bsc1146578. - CVE-2020-26247: Fixed an XXE vulnerability in Nokogiri::XML::Schema bsc1180507. This update...
openSUSE Security Update : segv_handler (openSUSE-2021-198)
This update for segvhandler fixes the following issues : - Replace by empty package with README explaining the removal for security reasons boo1180665. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : freerdp (openSUSE-2020-1332)
This update for freerdp fixes the following issues : - CVE-2020-15103: Fix integer overflow due to missing input sanitation in rdpegfx channel bsc1174321. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package...
openSUSE Security Update : apache2-mod_auth_openidc (openSUSE-2020-376)
This update for apache2-modauthopenidc fixes the following issues : - CVE-2019-20479: Fixed an open redirect issue in URLs with slash and backslash bsc1164459. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and packag...
openSUSE Security Update : nfs-utils (openSUSE-2019-2435)
This update for nfs-utils fixes the following issues : - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs. bsc1150733 This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
openSUSE Security Update : SDL2 (openSUSE-2019-2226)
This update for SDL2 fixes the following issues : Security issues fixed : - CVE-2019-13616: Fixed heap-based buffer over-read in BlitNtoN in video/SDLblitN.c bsc1141844. - CVE-2019-13626: Fixed integer overflow in IMAADPCMdecode in audio/SDLwave.c bsc1142031. This update was imported from the...
openSUSE Security Update : python-SQLAlchemy (openSUSE-2019-2039)
This update for python-SQLAlchemy fixes the following issues : Security issues fixed : - CVE-2019-7164: Fixed SQL Injection via the orderby parameter bsc1124593. - CVE-2019-7548: Fixed SQL Injection via the groupby parameter bsc1124593. This update was imported from the SUSE:SLE-15:Update update...
openSUSE Security Update : polkit (openSUSE-2019-1914)
This update for polkit fixes the following issues : Security issue fixed : - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend bsc1121826. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network...
openSUSE Security Update : evince (openSUSE-2019-1667)
This update for evince provides the following fixes: Security issue fixed: - CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory bsc1133037. Other issue addressed : - Removed Supplements from psdocument package, so that it isn't pulled in...
openSUSE Security Update : gpg2 (openSUSE-2019-480)
This update for gpg2 fixes the following security issue : - CVE-2018-12020: GnuPG mishandled the original filename during decryption and verification actions, which allowed remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2'...
openSUSE Security Update : apache2-mod_jk (openSUSE-2018-1510)
This update for apache2-modjk fixes the following issue : Security issue fixed : - CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd bsc1114612. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Securit...
openSUSE Security Update : pango (openSUSE-2018-1026)
This update for pango fixes the following issue : Security issue fixed : - CVE-2018-15120: Fixed a denial of service when parsing emoji bsc1103877 This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
openSUSE Security Update : bouncycastle (openSUSE-2018-794)
This update for bouncycastle fixes the following issues : Security issue fixed : - CVE-2018-1000613: Fix use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' boo1100694. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...
openSUSE Security Update : augeas (openSUSE-2018-247)
This update for augeas fixes the following issues : Security issue fixed : - CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution by passing crafted strings that would be mis-handled by parsename bsc1054171. This update was imported from the SUSE:SLE-12-SP3:Updat...
openSUSE Security Update : chromium (openSUSE-2017-1380)
This update to Chromium 63.0.3239.108 fixes the following issues : - CVE-2017-15429: UXSS in V8 bsc1072976 - Various fuzzing fixes %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...