SUSE-SU-2023:2358-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2022-0216: Fixed a use-after-free in lsidomsgout in hw/scsi/lsi53c895a.c bsc1198038. - CVE-2021-3929: Fixed use-after-free in nvme, caused by DMA reentrancy issue bsc1193880. - CVE-2021-4207: Fixed heap buffer overflow caused by double fetch ...

SUSE-SU-2023:1791-1 Security update for go1.20

This update for go1.20 fixes the following issues: Update to version 1.20.3: CVE-2023-24534: security: net/http, net/textproto: denial of service from excessive memory allocation bsc1210127 CVE-2023-24536: security: net/http, net/textproto, mime/multipart: denial of service from excessive resourc...

OPENSUSE-SU-2023:0030-1 Security update for python-mechanize

This update for python-mechanize fixes the following issues: Update to version 0.4.8: - CVE-2021-32837: Fixed a denial of service via regular expression boo1207242. - Fixed mechanize not found during build boo1202003...

SUSE-SU-2022:2145-1 Security update for SUSE Manager Server 4.1

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Adapted to build on Enterprise Linux. - Fix build for RedHat 7 - Require Go = 1.14 also for CentOS - Add support for CentOS - Replace %?systemdrequires with %?systemdordering...

SUSE-SU-2021:3481-1 Security update for postgresql10

This update for postgresql10 fixes the following issues: - Fix for build with llvm12 on s390x. bsc1185952 - Re-enable 'icu' for PostgreSQL 10. bsc1179945 - Add postgresqlXX-server-devel as a dependency for postgresql13-server-devel. bsc1187751 - Upgrade to version 10.18. bsc1190177 Upgrade to...

SUSE: Security Advisory (SUSE-SU-2021:3256-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:3255-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:3255-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries bsc1189748. - Fixed build with llvm12 on s390x bsc1185952. - Re-enabled icu for PostgreSQL 10 bsc1179945. - Made the dependency of postgresqlXX-server-devel on llvm and clang...

SUSE-SU-2021:3120-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries bsc1189748. - Fixed build with llvm12 on s390x bsc1185952. - Re-enabled icu for PostgreSQL 10 bsc1179945. - Made the dependency of postgresqlXX-server-devel on llvm and clang...

SUSE-SU-2021:3119-1 Security update for postgresql12

This update for postgresql12 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries bsc1189748. - Fixed build with llvm12 on s390x bsc1185952. - Re-enabled icu for PostgreSQL 10 bsc1179945. - Made the dependency of postgresqlXX-server-devel on llvm and clang...

OPENSUSE-SU-2020:2204-1 Security update for minidlna

This update for minidlna fixes the following issues: minidlna was updated to version 1.3.0 boo1179447 - Fixed some build warnings when building with musl. - Use $USER instead of $LOGNAME for the default friendly name. - Fixed build with GCC 10 - Fixed some warnings from newer compilers - Disallow...

SUSE-SU-2019:3192-2 Security update for opencv

This update for opencv fixes the following issues: Security issues fixed: - CVE-2019-14491: Fixed an out of bounds read in the function cv:predictOrdered, leading to DOS bsc1144352. - CVE-2019-14492: Fixed an out of bounds read/write in the function HaarEvaluator:OptFeature:calc, which leads to...

java-11-openjdk security update

1:11.0.7.10-1 - Add JDK-8228407 backport to resolve crashes during verification. - Resolves: rhbz1810557 1:11.0.7.10-1 - Amend release notes, removing issue actually fixed in 11.0.6. - Resolves: rhbz1810557 1:11.0.7.10-1 - Re-apply --with-extra-asflags as crash was not due to this. - Resolves:...

OPENSUSE-SU-2019:2671-1 Security update for opencv

This update for opencv fixes the following issues: Security issues fixed: - CVE-2019-14491: Fixed an out of bounds read in the function cv:predictOrdered, leading to DOS bsc1144352. - CVE-2019-14492: Fixed an out of bounds read/write in the function HaarEvaluator:OptFeature:calc, which leads to...

SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2019:2780-1)

This update for binutils fixes the following issues : binutils was updated to current 2.32 branch jscECO-368. Includes following security fixes : CVE-2018-17358: Fixed invalid memory access in bfdstabsectionfindnearestline in syms.c bsc1109412 CVE-2018-17359: Fixed invalid memory access exists in...

openSUSE Security Update : nghttp2 (openSUSE-2019-2234) (Data Dribble) (Resource Loop)

This update for nghttp2 fixes the following issues : Security issues fixed : - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service bsc1146184. - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size...

SUSE SLED15 / SLES15 Security Update : nghttp2 (SUSE-SU-2019:2473-1) (Data Dribble) (Resource Loop)

This update for nghttp2 fixes the following issues : Security issues fixed : CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service bsc1146184. CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size...

Fedora 29 : systemd (2018-c402eea18b)

Fix a local vulnerability from a race condition in chown-recursive CVE-2018-15687, 1639076 - Fix a local vulnerability from invalid handling of long lines in state deserialization CVE-2018-15686, 1639071 - Fix a remote vulnerability in DHCPv6 in systemd-networkd CVE-2018-15688, 1639067 - The DHCP...

SUSE-SU-2018:2317-1 Security update for grafana, kafka, logstash, openstack-monasca-installer

This update for grafana, kafka, logstash, openstack-monasca-installer fixes the following issues: Security issues fixed: - CVE-2018-12099: grafana: Fix XSS vulnerabilities in dashboard links bsc1096985. - CVE-2018-3817: logstash: Fix inadvertently logging of sensitive information bsc1090849. Bug...

Oracle Linux 5 / 6 / 7 : java-1.7.0-openjdk (ELSA-2016-2658)

The remote Oracle Linux 5 / 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-2658 advisory. 1:1.7.0.121-2.6.8.0.0.1 - Update DISTRONAME in specfile 1:1.7.0.121-2.6.8.0 - Turn off HotSpot bootstrap to see if it resolves build issues. -...