71 matches found
[SECURITY] Fedora 38 Update: indi-3rdparty-drivers-2.0.0-2.fc38
This is a metapackage for installing all INDI 3rdparty drivers at once. You probably don't want to install everything, but just pick the drivers you need from the appropriate subpackage. We currently ship the following drivers: - indi-3rdparty-aagcloudwatcher-ng - indi-3rdparty-aok -...
SUSE-SU-2023:0516-2 Security update for python-pip
This update for python-pip fixes the following issues: - Add wheel subpackage with the generated wheel for this package bsc1176262, CVE-2019-20916. - Make wheel a separate build run to avoid the setuptools/wheel build cycle. - Switch this package to use update-alternatives for all files in %bindi...
firefox security update
102.7.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 102.7.0-1 - Update to 102.7.0 build1 102.6.0-2 - Add firefox-x11 subpackage to allow explicit run of...
Path Traversal
The fileutil subpackage in github.com/duke-git/lancet is vulnerable to path traversal. The vulnerability exists in the UnZip function in file.go due to a ZipSlip vulnerability which allows an attacker to create files outside the designated target directory using malicious zip file names...
gnome-kiosk bug fix and enhancement update
An update is available for gnome-kiosk. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNOME Kiosk provides a desktop environment suitable for fixed purpose or...
SUSE-SU-2022:1454-1 Security update for python-pip
This update for python-pip fixes the following issues: - Add wheel subpackage with the generated wheel for this package bsc1176262, CVE-2019-20916. - Make wheel a separate build run to avoid the setuptools/wheel build cycle. - Switch this package to use update-alternatives for all files in %bindi...
SUSE-SU-2022:1397-1 Security update for SUSE Manager Server 4.2
This update fixes the following issues: c3p0: - Update to version c3p0 0.9.5.5 and mchange-commons-java 0.2.19 Address CVE-2018-20433 Address CVE-2019-5427 - XML-config parsing related attacks bsc1133198 Properly implement the JDBC 4.1 abort method grafana-formula: - Version 0.7.0 Add SLES 15 SP4...
NetworkManager security, bug fix, and enhancement update
1.32.10-4.0.1 - add connectivity check via Oracle servers Orabug: 32051972 - Disable the build of NetworkManager-config-connectivity- subpackage for 8.3 1:1.32.10-4 - revert unapproved patches part of 'cloud-setup' change rh 1977984 1:1.32.10-3 - preserve the IPv6 multicast route added by kernel ...
OPENSUSE-SU-2021:1785-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: - Upgrade to version 13.3: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. -...
Security update for salt (important)
openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2021:1951-1 Rating: important References: 1185281 1186674 ECO-3212 SLE-18028 SLE-18033 Cross-References: CVE-2021-31607 CVSS scores: CVE-2021-31607 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-31607...
SUSE-SU-2021:1951-1 Security update for salt
This update for salt fixes the following issues: - Check if dpkgnotify is executable bsc1186674 - Update to Salt release version 3002.2 jscECO-3212, jscSLE-18033, jscSLE-18028 - Drop support for Python2. Obsoletes python2-salt package jscSLE-18028 - Fix issue parsing errors in ansiblegate state...
SUSE-SU-2021:1784-1 Security update for postgresql13
This update for postgresql13 fixes the following issues: - Upgrade to version 13.3: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. -...
SUSE-SU-2021:1782-1 Security update for postgresql10
This update for postgresql10 fixes the following issues: - Upgrade to version 10.17: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. - Don't u...
Security fix for the ALT Linux 10 package gnutls30 version 3.6.15-alt2
March 22, 2021 Mikhail Efremov 3.6.15-alt2 - Fixed gnulib tests. - Fixed CVE-2021-20231, CVE-2021-20232 fixes: CVE-2021-20231, CVE-2021-20232. - Fixed testpkcs11. - Dropped self-provide from devel subpackage...
container-tools:2.0 security update
buildah 1.11.6-8.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - exclude i686 arch - Related: 1821193 1.11.6-7 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file...
Security fix for the ALT Linux 8 package mailutils version 3.10-alt0.20200913.1
3.10-alt0.20200913.1 built March 2, 2021 Sergey Y. Afonin in task 267166 Sept. 27, 2020 Sergey Y. Afonin - New version CVE-2019-18862 fixed in 3.8 - Updated %description - Updated License tags to SPDX syntax - Require emacs-X11 for build only when mh subpackage is enabled ALT 38371 - Disabled...
Moderate: Red Hat Security Advisory: mariadb-connector-c security, bug fix, and enhancement update
An update for mariadb-connector-c is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
SUSE-SU-2020:3599-1 Security update for python-pip
This update for python-pip fixes the following issues: - Add wheel subpackage with the generated wheel for this package bsc1176262, CVE-2019-20916. - Make wheel a separate build run to avoid the setuptools/wheel build cycle...
Updated mysql-connector-python packages fix security vulnerability
Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion o...
Updated mariadb packages fix security vulnerability
Updated MariaDB packages fix security vulnerabilities: Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequentl...