SUSE-SU-2020:3914-1 Security update for xen

This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

The vulnerability of the Dovecot mail server, caused by uncontrolled recursion, allows attackers to trigger a service failure.

The vulnerability of the Dovecot mail server arises due to an uncontrolled recursion. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures through a specially crafted email message...

Security update for xen (moderate)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:2313-1 Rating: moderate References: 1027519 1176782 1179496 1179498 1179501 1179502 1179506 1179514 1179516 Cross-References: CVE-2020-29480 CVE-2020-29481 CVE-2020-29483 CVE-2020-29484 CVE-2020-29566 CVE-2020-295...

SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2020:3881-1)

This update for xen fixes the following issues : CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests bsc117949 XSA-115. CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions bsc1179498...

undue recursion in x86 HVM context switch code

ISSUE DESCRIPTION When they require assistance from the device model, x86 HVM guests must be temporarily de-scheduled. The device model will signal Xen when it has completed its operation, via an event channel, so that the relevant vCPU is rescheduled. If the device model were to signal Xen witho...

Security Bulletin: Open Source Security issues for NPS console.

Summary Fixed Open Source issues for listed CVEs for NPS console. Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...

EulerOS 2.0 SP5 : libproxy (EulerOS-SA-2020-2550)

According to the version of the libproxy packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed o...

CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

ALPINE-CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

Stack overflow

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

CVE-2020-8285

CVE-2020-8285 is a curl/libcurl vulnerability in the FTP wildcard match parsing. The issue triggers uncontrolled recursion leading to a stack overflow when the internal callback returns CURL_CHUNK_BGN_FUNC_SKIP repeatedly, potentially causing a crash. Affected software includes curl/libcurl from ...

CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

CVE-2020-8285

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing...

Smart DNS: Delivering the Best Subscriber Experience

This is the second in a series of blog posts that discuss how smart DNS resolvers can enhance ongoing network transformation efforts such as the transition to 5G, better integration of Wi-Fi, and new network designs that optimize the edge to improve the subscriber experience, service delivery, an...

SUSE SLED15 / SLES15 Security Update : krb5 (SUSE-SU-2020:3377-1)

This update for krb5 fixes the following security issue : CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted...

Security Bulletin: OSS security Scan issues for Concerto installer.

Summary Fixed in IBM Netezza for Cloud Pak for Data 11.1.1.0 Vulnerability Details CVEID: CVE-2018-19838 DESCRIPTION: LibSass is vulnerable to a denial of service, caused by a stack-based buffer overflow in the IMPLEMENTASTOPERATORS expansion in ast.cpp. By persuading a victim to open a...

openSUSE Security Update : krb5 (openSUSE-2020-2037)

This update for krb5 fixes the following security issue : - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package...

OPENSUSE-SU-2020:2062-1 Security update for krb5

This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. This update was imported from the SUSE:SLE-15-SP1:Update update project...