7 matches found
SUSE: Security Advisory (SUSE-SU-2018:2898-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2898-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2018:3467-2 Security update for smt
SMT was updated to version 3.0.38. Following security issue was fixed: - CVE-2018-12472: Harden hostname check during sibling check by forcing double reverse lookup bsc1104076 Following non security issues were fixed: - Add migration path check when registration sharing is enabled - Fix sibling...
SUSE SLES12 Security Update : smt (SUSE-SU-2018:3467-1)
SMT was updated to version 3.0.38. Following security issue was fixed : CVE-2018-12472: Harden hostname check during sibling check by forcing double reverse lookup bsc1104076 Following non security issues were fixed: Add migration path check when registration sharing is enabled Fix sibling sync...
SUSE SLES12 Security Update : smt, yast2-smt (SUSE-SU-2018:2898-2)
This update for yast2-smt to 3.0.14 and smt to 3.0.37 fixes the following issues : These security issues were fixed in SMT : CVE-2018-12471: Xml External Entity processing in the RegistrationSharing modules allowed to read arbitrary file read bsc1103809. CVE-2018-12470: SQL injection in...
CVE-2018-12472
CVE-2018-12472 affects SUSE SMT (Secure MT) — an improper authentication using the HOST header allowed remote attackers to spoof a sibling server. Affected: SMT before 3.0.37. Description from SUSE confirms the issue was fixed by hardening the hostname check during sibling verification via double...
SUSE SLES12 Security Update : smt, yast2-smt (SUSE-SU-2018:2898-1)
This update for yast2-smt to 3.0.14 and smt to 3.0.37 fixes the following issues : These security issues were fixed in SMT : CVE-2018-12471: Xml External Entity processing in the RegistrationSharing modules allowed to read arbitrary file read bsc1103809. CVE-2018-12470: SQL injection in...