lib32-gnutls: arbitrary file overwrite

Setuid programs using GnuTLS could potentially allow an attacker to overwrite and corrupt arbitrary files in the filesystem. This issue was introduced in GnuTLS 3.4.12 with the GNUTLSKEYLOGFILE environment variable handling via getenv and fixed in GnuTLS 3.4.13 by switching to securegetenv where...

openSUSE Security Update : curl (openSUSE-2016-152)

This update for curl fixes the following issues : - CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer bsc962983 The following non-security bugs were fixed : ...

SUSE SLED11 Security Update : libvdpau (SUSE-SU-2015:1925-1)

libvdpau was updated to use securegetenv instead of getenv for several variables so it can be more safely used in setuid applications. - CVE-2015-5198: libvdpau: incorrect check for security transition bnc943967 - CVE-2015-5199: libvdpau: directory traversal in dlopen bnc943968 - CVE-2015-5200:...

SUSE SLED12 / SLES12 Security Update : libvdpau (SUSE-SU-2015:1892-1)

libvdpau was updated to use securegetenv instead of getenv for several variables so it can be more safely used in setuid applications. - CVE-2015-5198: libvdpau: incorrect check for security transition bnc943967 - CVE-2015-5199: libvdpau: directory traversal in dlopen bnc943968 - CVE-2015-5200:...

SUSE-SU-2015:1925-1 Security update for libvdpau

libvdpau was updated to use securegetenv instead of getenv for several variables so it can be more safely used in setuid applications. CVE-2015-5198: libvdpau: incorrect check for security transition bnc943967 CVE-2015-5199: libvdpau: directory traversal in dlopen bnc943968 CVE-2015-5200: libvdpa...