openSUSE Security Update : slurm (openSUSE-2019-2536)

This update for slurm fixes the following issues : Security issue fixed : - CVE-2019-12838: Fixed a SQL injection bsc1140709. Non-security issue fixed : - Added X11-forwarding bsc1153245. - Moved srun from 'slurm' to 'slurm-node': srun is required on the nodes as well so sbatch will work...

Medium: glibc

Issue Overview: In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string,...

Scientific Linux Security Update : patch on SL7.x x86_64 (20191003)

Security Fixes : - patch: doedscript in pch.c does not block strings beginning with a ! character CVE-2018-20969 - patch: OS shell command injection when processing crafted patch files CVE-2019-13638 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impac...

Scientific Linux Security Update : patch on SL7.x x86_64 (20190806)

Security Fixes : - patch: Out-of-bounds access in pchwriteline function in pch.c CVE-2016-10713 - patch: Double free of memory in pch.c:anotherhunk causes a crash CVE-2018-6952 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description...

Amazon Linux AMI : vim (ALAS-2019-1239)

It was found that the :source! command was not restricted by the sandbox mode. If modeline was explicitly enabled, opening a specially crafted text file in vim could result in arbitrary command execution. CVE-2019-12735 C Tenable Network Security, Inc. The descriptive text and package checks in...

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2019:1352-2)

This update for python3 to version 3.6.8 fixes the following issues : Security issue fixed : CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter bsc1130840. Non-security issue fixed: Fixed broken debuginfo packages by switching off LTO an...

openSUSE Security Update : wireshark (openSUSE-2019-1669)

This update for wireshark to version 2.4.15 fixes the following issues : Security issue fixed : - Fixed a denial of service in the dissection engine bsc1136021. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package...

SUSE SLED15 / SLES15 Security Update : python3 (SUSE-SU-2019:1352-1)

This update for python3 to version 3.6.8 fixes the following issues : Security issue fixed : CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter bsc1130840. Non-security issue fixed: Fixed broken debuginfo packages by switching off LTO an...

SUSE-SU-2019:1352-1 Security update for python3

This update for python3 to version 3.6.8 fixes the following issues: Security issue fixed: - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter bsc1130840. Non-security issue fixed: - Fixed broken debuginfo packages by switching off LTO...

openSUSE: Security Advisory for openexr (openSUSE-SU-2019:1265-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : gd (openSUSE-2019-1148)

This update for gd fixes the following issues : Security issues fixed : - CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function bsc1123361. - CVE-2019-6978: Fixed a double free in the gdImagePtr functions bsc1123522. This update was importe...

openSUSE Security Update : php7 (openSUSE-2019-720)

This update for php7 fixes the following issues : Security issue fixed : - CVE-2018-1000222: Fixed a double free vulnerability in gdImageBmpPtr that could result in remote code execution. This could have been exploited via a specially crafted JPEG image files. bsc1105434 This update was imported...

openSUSE Security Update : spice (openSUSE-2019-176)

This update for spice fixes the following issues : Security issue fixed : - CVE-2019-3813: Fixed a out-of-bounds read in the memslotgetvirt function that could lead to denial-of-service or code-execution bsc1122706. This update was imported from the SUSE:SLE-12-SP3:Update update project...

Photon OS 2.0: Linux PHSA-2018-2.0-0037-(a)

An update of the linux package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0037-a. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

openSUSE: Security Advisory for polkit (openSUSE-SU-2018:4282-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED12 / SLES12 Security Update : util-linux (SUSE-SU-2018:3926-1)

This update for util-linux fixes the following issues : The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

Scientific Linux Security Update : krb5 on SL7.x x86_64 (20181030)

Security Fixes : - krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data CVE-2018-5729 - krb5: DN container check bypass by supplying special crafted data CVE-2018-5730 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...

openSUSE: Security Advisory for openvpn (openSUSE-SU-2018:1912-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for rpm (openSUSE-SU-2018:2215-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...