113 matches found
SUSE-SU-2020:2167-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 bsc1173876, unaligned accesses in...
SUSE-SU-2020:1913-1 Security update for samba
This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU bsc1173160. - CVE-2020-14303: Fixed an endless loop when receiving at AD DC empty UDP packets bsc117335...
CVE-2020-15466
In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gvcp.c by ensuring that an offset increases in all situations...
OPENSUSE-SU-2020:0681-1 Security update for libxml2
This update for libxml2 fixes the following issues: - CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun bsc1161521. - CVE-2019-19956: Fixed a memory leak bsc1159928. - CVE-2020-7595: Fixed an infinite loop in an EOF situation bsc1161517. This update was imported from the SUSE:SLE-15:Update...
Updated dia packages fix security vulnerability
Updated dia package fixes security vulnerability: An endless loop on filenames with invalid encoding CVE-2019-19451...
SUSE-SU-2019:2930-1 Security update for SUSE Manager Server 4.0
This update fixes the following issues: cobbler: - Fix for install loop caused autoinstallation profiles bsc1151875 - Update module config description to match new parameters - Add config migration script and runs it in post-install script - Fix for config backups in post install script bsc114907...
SUSE-SU-2018:3866-1 Security update for openssl
This update for openssl fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation bsc1113652. - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses bsc1113534. - Add missing timing side channel patch for...
openSUSE Security Update : GraphicsMagick (openSUSE-2018-533)
This update for GraphicsMagick fixes the following issues : - CVE-2017-18271: An infinite loop in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service was fixed. boo1094204 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
SUSE-SU-2018:1176-1 Security update for php7
This update for php7 fixes the following issues: Security issues fixed: - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...
CVE-2018-9257
In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...
DEBIAN-CVE-2018-7323
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing...
CVE-2018-7322
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound...
Design/Logic Flaw
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field...
CVE-2018-7329
Wireshark vulnerability CVE-2018-7329 affects Wireshark 2.4.0–2.4.4 and 2.2.0–2.2.12 due to an infinite loop in epan/dissectors/packet-s7comm.c caused by off-by-one errors. This can lead to high CPU usage and unresponsiveness; remote attackers could exploit malformed packets. Connected advisories...
CVE-2018-7322
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound...
CVE-2018-7331
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length...
SUSE-SU-2017:3183-1 Security update for ncurses
This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-13728: Fix infinite loop in the nextchar function in compscan.c bsc1056136. - CVE-2017-13729: Fix illegal address access in the ncsavestr bsc1056132. - CVE-2017-13730: Fix illegal address access in the function...
CVE-2017-15189
In Wireshark 2.4.0 to 2.4.1, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by adding decrements...
SUSE-SU-2017:2555-1 Security update for wireshark
This update for wireshark to version 2.2.9 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation bsc1056248. - CVE-2017-13766: The Profinet I/O dissector could have crash...
Out-of-bounds
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit...