156 matches found
SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0956-1)
The OpenJDK Java java-170-openjdk was updated to 2.6.5 to fix the following issues : Update to 2.6.5 - OpenJDK 7u99 bsc972468 - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency, which could be used by attackers to inject code. - Import of OpenJDK 7 u99 build 0 - S6425769...
SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2016:0955-1)
xen was updated to fix 47 security issues. These security issues were fixed : - CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers bnc864673. - CVE-2013-4529: Buffer overflow in hw/pci/pcieaer...
SUSE SLED11 / SLES11 Security Update : libvirt (SUSE-SU-2016:0931-1)
This update for libvirt fixes the following issues : Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
SUSE SLED11 / SLES11 Security Update : gcc5 (SUSE-SU-2016:0908-2)
The GNU Compiler Collection was updated to version 5.3.1, which brings several fixes and enhancements. The following security issue has been fixed : - Fix C++11 std::randomdevice short read issue that could lead to predictable randomness. CVE-2015-5276, bsc945842 The update package also includes...
SUSE SLED11 / SLES11 Security Update : fetchmail (SUSE-SU-2016:0872-1)
This update for fetchmail fixes the following issues : - CVE-2012-3482: A denial of service vulnerability in the base64 decoder during processing server NTLM protocol exchange was fixed bsc775988. Note that Tenable Network Security has extracted the preceding description block directly from the...
SUSE SLED11 / SLES11 Security Update : bind (SUSE-SU-2016:0825-1)
This update for bind fixes the following issues : Fix two assertion failures that can lead to a remote denial of service attack : - CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. bsc970072 - CVE-2016-1286: An error when...
SUSE SLED11 / SLES11 Security Update : libotr (SUSE-SU-2016:0706-1)
This update for libotr fixes the following issues : - Apply 'libotr-CVE-2016-2851.patch' to fix integer overflows that used to occur on 64-bit architectures when receiving 4GB messages. This flaw could potentially have been exploited by an attacker to remotely execute arbitrary code on the user's...
SUSE SLED11 / SLES11 Security Update : libssh2_org (SUSE-SU-2016:0723-1)
This update for libssh2org fixes the following issues : - Add SHA256 support for DH group exchange fate320343, bsc961964 - fix CVE-2016-0787 bsc967026 - Weakness in diffie-hellman secret key generation lead to much shorter DH groups then needed, which could be used to retrieve server keys. Note...
SUSE SLED11 Security Update : flash-player (SUSE-SU-2016:0716-1)
Adobe flash-player was updated to 11.2.202.577 to fix the following list of security issues bsc970547 : These updates resolve integer overflow vulnerabilities that could lead to code execution CVE-2016-0963, CVE-2016-0993, CVE-2016-1010. These updates resolve use-after-free vulnerabilities that...
SUSE SLED11 Security Update : compat-openssl097g (SUSE-SU-2016:0631-1) (DROWN)
This update for compat-openssl097g fixes the following issues : - CVE-2016-0800 aka the 'DROWN' attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA...
SUSE SLED11 Security Update : libssh (SUSE-SU-2016:0622-1)
This update for libssh fixes the following issues : - CVE-2016-0739: Fix Weakness in diffie-hellman secret key generation. bsc965875 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...
SUSE SLED11 / SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:0564-1)
This update for MozillaFirefox fixes the following issues : - update to Firefox 38.6.1 ESR bsc967087 - MFSA 2016-14/CVE-2016-1523 bmo1246093 Vulnerabilities in Graphite 2 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...
SUSE SLED11 / SLES11 Security Update : dhcp (SUSE-SU-2016:0481-1)
This update for dhcp fixes the following issues : - CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally bsc961305 The following bugs were fixed : - bsc936923: Improper...
SUSE SLED11 / SLES11 Security Update : postgresql94 (SUSE-SU-2016:0482-1)
This update of postgresql94 to 9.4.5 fixes the following issues : - CVE-2015-5289: json or jsonb input values constructed from arbitrary user input could have crashed the PostgreSQL server and caused a denial of service bsc949670 - CVE-2015-5288: crypt pgCrypto extension couldi potentially be...
SUSE SLED11 / SLES11 Security Update : krb5 (SUSE-SU-2016:0430-1)
This update for krb5 fixes the following issues : - CVE-2015-8629: Information leak authenticated attackers with permissions to modify the database bsc963968 - CVE-2015-8631: An authenticated attacker could have caused a memory leak in auditd by supplying a null principal name in request bsc96397...
SUSE SLED11 / SLES11 Security Update : postgresql91 (SUSE-SU-2016:0389-1)
This update of postgresql91 to 9.1.19 fixes the following issues : - CVE-2015-5288: crypt pgCrypto extension couldi potentially be exploited to read a few additional bytes of memory bsc949669 Also contains all changes and bugfixes in the upstream 9.1.19 release:...
SUSE SLED11 / SLES11 Security Update : tiff (SUSE-SU-2016:0353-1)
This update for tiff fixes the following issues : - CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images bsc964225 - CVE-2015-7554: Out-of-bounds Write in the thumbnail and tiffcmp tools bsc960341 Note that Tenable Network Security has extracted the preceding...
SUSE SLED11 / SLES11 Security Update : curl (SUSE-SU-2016:0347-1)
This update for curl fixes the following issues : - CVE-2016-0755: libcurl would reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer bsc962983 The update package also includes non-security...
SUSE SLED11 / SLES11 Security Update : MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss (SUSE-SU-2016:0334-1)
This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: bsc963520 Mozilla Firefox was updated to 38.6.0 ESR. Mozilla NSS was updated to 3.20.2. The following vulnerabilities were fixed : - CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6...
SUSE SLED11 / SLES11 Security Update : mysql (SUSE-SU-2016:0348-1)
This update to MySQL 5.5.47 fixes the following issues bsc962779 : - CVE-2015-7744: Lack of verification against faults associated with the Chinese Remainder Theorem CRT process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote...