47 matches found
php: Fix of 4 CVEs
CVE-2018-14883: fix integer overflow leading to heap buffer overflow in exifthumbnailextract - CVE-2019-19246: fix heap buffer overflow in oniguruma strlowercasematch - CVE-2018-19518: disable imap rsh/ssh by default to prevent argument injection imap.enableinsecurersh INI added - CVE-2018-20783:...
SUSE SLES15 / openSUSE 15 Security Update : iperf (SUSE-SU-2025:02749-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02749-1 advisory. - update to 3.19.1: CVE-2025-54351: Fixed buffer overflow in net.c bsc1247522 CVE-2025-54350: Fixed Base64Decode assertion failu...
libX11 security update
An update is available for libX11. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libX11 packages contain the core X11 protocol client library. Security...
Important: Red Hat Security Advisory: tigervnc security update
An update for tigervnc is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
Moderate: 389-ds:1.4 security update
389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and command-line utilities for server administration. Security Fixes: 389-ds-base: a heap overflow leading to denail-of-servce while writing a value...
ALPINE-CVE-2023-50246
jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue...
SUSE-SU-2023:3407-1 Security update for redis
This update for redis fixes the following issues: - CVE-2023-28856: Fixed possible DoS when using HINCRBYFLOAT to create an hash field. bsc1210548 - CVE-2022-24834: Fixed a heap overflow in the cjson and cmsgpack libraries. bsc1213193...
SUSE-SU-2023:0110-1 Security update for git
This update for git fixes the following issues: - CVE-2022-41903: Fixed a heap overflow in the 'git archive' and 'git log --format' commands bsc1207033. - CVE-2022-23521: Fixed an integer overflow that could be triggered when parsing a gitattributes file bsc1207032...
SUSE-SU-2023:0108-1 Security update for git
This update for git fixes the following issues: - CVE-2022-41903: Fixed a heap overflow in the 'git archive' and 'git log --format' commands bsc1207033. - CVE-2022-23521: Fixed an integer overflow that could be triggered when parsing a gitattributes file bsc1207032...
[slackware-security] sdl
New sdl packages are available for Slackware 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/sdl-1.2.15-i586-13slack15.0.txz: Rebuilt. This update fixes a heap overflow problem in video/SDLpixels.c in SDL. By crafting a...
SUSE-SU-2022:1156-1 Security update for opensc
This update for opensc fixes the following issues: Security issues fixed: - CVE-2021-42782: Stack buffer overflow issues in various places bsc1191957. - CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c bsc1192000. - CVE-2021-42780: Fixed use after return in insertpin...
OPENSUSE-SU-2022:0067-1 Security update for libdxfrw, librecad
This update for libdxfrw, librecad fixes the following issues: - Update to version 1.0.1+git.20220109: fixed ambiguous error for DRWDimension::parseDwg fixed enless while-loop for pre 2004 versions dwgReader::readDwgObjects stop reading after 1st error dwgReader::readDwgEntities stop reading afte...
SUSE-SU-2022:0135-1 Security update for busybox
This update for busybox fixes the following issues: - CVE-2011-5325: Fixed tar directory traversal bsc951562. - CVE-2015-9261: Fixed segfalts and application crashes in huftbuild bsc1102912. - CVE-2016-2147: Fixed out of bounds write heap due to integer underflow in udhcpc bsc970663. -...
SUSE-SU-2021:14858-1 Security update for mozilla-nss
This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures bsc1193170...
SUSE-SU-2021:0679-1 Security update for grub2
This update for grub2 fixes the following issues: grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 Following security issues are fixed that can violate secure boot constraints: - CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711 -...
SUSE-SU-2021:0489-1 Security update for jasper
This update for jasper fixes the following issues: - bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls - bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode...
SUSE-SU-2021:0488-1 Security update for jasper
This update for jasper fixes the following issues: - bsc1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls - bsc1181483 CVE-2021-3272: Fix buffer over-read in jp2decode...
SUSE-SU-2020:2689-1 Security update for jasper
This update for jasper fixes the following issues: - CVE-2016-9398: Improved patch for already fixed issue bsc1010979. - CVE-2016-9399: Fix assert in calcstepsizes bsc1010980. - CVE-2017-5499: Validate component depth bit bsc1020451. - CVE-2017-5503: Check bounds in jasseq2dbindsub bsc1020456. -...
SUSE-SU-2020:2359-1 Security update for openvpn
This update for openvpn fixes the following issues: - openvpn-2.3.9-Fix-heap-overflow-on-getaddrinfo-result.patch was malformed in a way that caused patch1 to ignore it. bsc959714...
SUSE-SU-2020:2197-1 Security update for libX11
This update for libX11 fixes the following issues: - Fixed XIM client heap overflows CVE-2020-14344, bsc1174628...