openSUSE Security Update : opera (openSUSE-2021-712)

This update for opera fixes the following issues : Update to version 76.0.4017.94 - released on the stable branch Update to version 76.0.4017.88 - CHR-8404 Update chromium on desktop-stable-90-4017 to 90.0.4430.85 - DNA-92219 Add bookmark API supports to the front-end - DNA-92409 MAC Present now...

SUSE-SU-2021:1652-1 Security update for redis

This update for redis fixes the following issues: redis was updated to 6.0.13: CVE-2021-29477: Integer overflow in STRALGO LCS command bsc1185729 CVE-2021-29478: Integer overflow in COPY command for large intsets bsc1185730 Cluster: Skip unnecessary check which may prevent failure detection Fix...

perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS

Perl before 5.30.3 has an integer overflow related to mishandling of a "PLregkindOPn == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection...

openSUSE Security Update : irssi (openSUSE-2021-587)

This update for irssi fixes the following issues : irssi was updated to 1.2.3 boo1184848 - Fix the compilation of utf8proc 1021 - Fix wrong call to free. By Zero King 1076 - Fix a colour reset in true colour themes when encountering mIRC colours 1059 - Fix memory leak on malformed CAP requests 11...

Security update for redis (important)

openSUSE Security Update: Security update for redis Announcement ID: openSUSE-SU-2021:0682-1 Rating: important References: 1178205 1182657 1185729 1185730 ECO-2417 ECO-2867 PM-1547 PM-1615 PM-1622 PM-1681 SLE-11578 SLE-12821 Cross-References: CVE-2021-21309 CVE-2021-29477 CVE-2021-29478 CVSS...

GHSA-F2JV-R9RF-7988 Remote code execution in handlebars when compiling templates

The package handlebars before 4.7.7 are vulnerable to Remote Code Execution RCE when selecting certain compiling options to compile templates coming from an untrusted source...

CVE-2021-23383

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source...

CVE-2021-23383 Prototype Pollution

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source...

CVE-2021-23383

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source...

Security update for irssi (moderate)

openSUSE Security Update: Security update for irssi Announcement ID: openSUSE-SU-2021:0595-1 Rating: moderate References: 1184848 Affected Products: openSUSE Backports SLE-15-SP2 An update that contains security fixes can now be installed. Description: This update for irssi fixes the following...

OPENSUSE-SU-2021:0595-1 Security update for irssi

This update for irssi fixes the following issues: irssi was updated to 1.2.3 boo1184848 - Fix the compilation of utf8proc 1021 - Fix wrong call to free. By Zero King 1076 - Fix a colour reset in true colour themes when encountering mIRC colours 1059 - Fix memory leak on malformed CAP requests 112...

The vulnerability of component BPF JIT (arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c) in the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of component BPF JIT arch/x86/net/bpfjitcomp.c and arch/x86/net/bpfjitcomp32.c in the Linux operating system is related to the failure to address the special elements used in the OS command. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

OPENSUSE-SU-2021:0587-1 Security update for irssi

This update for irssi fixes the following issues: irssi was updated to 1.2.3 boo1184848 - Fix the compilation of utf8proc 1021 - Fix wrong call to free. By Zero King 1076 - Fix a colour reset in true colour themes when encountering mIRC colours 1059 - Fix memory leak on malformed CAP requests 112...

Security update for irssi (moderate)

openSUSE Security Update: Security update for irssi Announcement ID: openSUSE-SU-2021:0587-1 Rating: moderate References: 1184848 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for irssi fixes the following issues: irssi...

Handlebars Remote Code Execution Vulnerability

Handlebars is a semantic Web template system. A remote code execution vulnerability exists in Handlebars versions prior to 4.7.7, which stems from Handlebars being susceptible to Remote Code Execution RCE attacks when certain compilation options are selected to compile templates from untrusted...

handlebars 安全漏洞

Handlebars is a semantic Web template system. A remote code execution vulnerability exists in Handlebars versions prior to 4.7.7, which stems from Handlebars being susceptible to Remote Code Execution RCE attacks when certain compilation options are selected to compile templates from untrusted...

OPENSUSE-SU-2021:0542-1 Security update for tpm2-tss-engine

This update for tpm2-tss-engine fixes the following issues: - Added support to disable fixed compilation flags - Added --disable-defaultflags during compilation to avoid breakage of our gcc-PIE profile resulted in non-position-independent executable tpm2-tss-genkey, bsc1183895 This update was...

SUSE SLED15 / SLES15 Security Update : tpm2-tss-engine (SUSE-SU-2021:1113-1)

This update for tpm2-tss-engine fixes the following issues : Added support to disable fixed compilation flags Added --disable-defaultflags during compilation to avoid breakage of our gcc-PIE profile resulted in non-position-independent executable tpm2-tss-genkey, bsc1183895 Note that Tenable...

SUSE-SU-2021:1113-1 Security update for tpm2-tss-engine

This update for tpm2-tss-engine fixes the following issues: - Added support to disable fixed compilation flags - Added --disable-defaultflags during compilation to avoid breakage of our gcc-PIE profile resulted in non-position-independent executable tpm2-tss-genkey, bsc1183895...

perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS

regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls...