71 matches found
MGASA-2020-0072 Updated mariadb packages fix security vulnerability
Updated MariaDB packages fix security vulnerabilities: Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequentl...
python-reportlab security update
3.4.0-6.el810.2 - Fix Requires for doc subpackage - Resolves: 1788556 3.4.0-6.el810.1 - Do not eval strings passed to toColor - Resolves: 1788555...
openSUSE Security Update : netpbm (openSUSE-2019-1605)
This update for netpbm fixes the following issues : Security issues fixed : - CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack bsc1024288. - CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster function bsc1024291. - create netpbm-vulnerable subpackage and move...
SUSE SLED12 / SLES12 Security Update : netpbm (SUSE-SU-2019:1645-1)
This update for netpbm fixes the following issues : Security issues fixed : CVE-2018-8975: The pmmallocarray2 function allowed remote attackers to cause a denial of service heap-based buffer over-read via a crafted image file bsc1086777. CVE-2017-2579: Fixed out-of-bounds read in...
SUSE-SU-2019:1645-1 Security update for netpbm
This update for netpbm fixes the following issues: Security issues fixed: - CVE-2018-8975: The pmmallocarray2 function allowed remote attackers to cause a denial of service heap-based buffer over-read via a crafted image file bsc1086777. - CVE-2017-2579: Fixed out-of-bounds read in...
SUSE-SU-2019:14101-1 Security update for netpbm
This update for netpbm fixes the following issues: Security issues fixed: - CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack bsc1024288. - CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster function bsc1024291. - created a netpbm-vulnerable subpackage and move...
runc security update
1.0.0-19.rc5.git4bb1fe4.0.3.el7 - Apply patch for CVE-2019-5736 Wiekus Beukes 1.0.0-19.rc5.git4bb1fe4.0.2.el7 - update Go version to 1.10.8, fix version string Laszlo Laca Peter 1.0.0-19.rc5.git4bb1fe4.0.1.el7 - Tuning .spec file 2:1.0.0-19.rc5.git4bb1fe4 - release v1.0.0rc5...
Fedora 28 : gettext (2018-a5d1fa335e)
fix CVE-2018-18751 rhbz1647044, move gettextize man to correct subpackage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 28 : firefox (2018-bb6bedbe7f)
Updated to new version 61.0 - Created new subpackage with Wayland launcher firefox-wayland Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...
Security fix for the ALT Linux 10 package samba version 4.8.4-alt1.S1
Aug. 14, 2018 Evgeny Sinelnikov 4.8.4-alt1.S1 - Update to summer security release - Security fixes: + CVE-2018-1139 Weak authentication protocol allowed + CVE-2018-1140 Denial of Service Attack on DNS and LDAP server + CVE-2018-10858 Insufficient input validation on client directory listing in...
Fedora 25 : chromium (2017-c708c044e3)
Update to 60.0.3112.113. Added support for aarch64 except on EPEL7. ---- Update to 60.0.3112.101. Apply upstream fix for cameras reporting 0x0 resolution formats. ---- Chromium 60. Security fix for CVE-2017-5091, CVE-2017-5092, CVE-2017-5093, CVE-2017-5094, CVE-2017-5095, CVE-2017-5096,...
Fedora 26 : chromium (2017-f79ae2b96f)
Chromium 60. Security fix for CVE-2017-5091, CVE-2017-5092, CVE-2017-5093, CVE-2017-5094, CVE-2017-5095, CVE-2017-5096, CVE-2017-5097, CVE-2017-5098, CVE-2017-5099, CVE-2017-5100, CVE-2017-5101, CVE-2017-5102, CVE-2017-5103, CVE-2017-5104, CVE-2017-7000, CVE-2017-5105, CVE-2017-5106, CVE-2017-510...
openSUSE Security Update : backintime (openSUSE-2017-525)
This update for backintime to version 1.1.20 fixes several issues. These security issues were fixed : - CVE-2017-7572: The checkPolkitPrivilege function in serviceHelper.py in backintime used a deprecated polkit authorization method unix-process that is subject to a race condition time of check,...
Fedora 24 : ansible (2017-c2129c77ca)
Backport fix for https://github.com/ansible/ansible/issues/22572 ---- Many bugfixes and improvements. See https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of changes. rst and html docs have been split out into a ansible-docs subpackage. Includes fix for CVE-2017-7466...
CVE-2016-7435
The 1 SCTCREFRESHEXPORTTABCOMP, 2 SCTCREFRESHCHECKENV, and 3 SCTCTMSMAINTAINALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL 'SYSTEM' statement, aka SAP Security...
Design/Logic Flaw
The 1 SCTCREFRESHEXPORTTABCOMP, 2 SCTCREFRESHCHECKENV, and 3 SCTCTMSMAINTAINALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL 'SYSTEM' statement, aka SAP Security...
Fedora 24 : subversion-1.9.4-1.fc24 (2016-20cc04ac50)
Update to 1.9.4 1331222 CVE-2016-2167 CVE-2016-2168 - Move tools in docs to tools subpackage rhbz 1171757 1199761 - Disable make check to work around FTBFS Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
MGASA-2015-0326 Updated subversion packages fix security vulnerabilities
Subversion's modauthzsvn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that anonymous access may be possible to files for which only authenticated access should be possible CVE-2015-3184. Subversion server...
Fedora 19 : nginx-1.4.7-3.fc19 (2014-11370)
Security fix for CVE-2014-3616 - Create nginx-filesystem subpackage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
openSUSE Security Update : acroread (openSUSE-SU-2013:0363-1)
Update to 9.5.3 bnc797529 to fix: CVE-2012-1530, CVE-2013-0601, CVE-2013-0602, CVE-2013-0603, CVE-2013-0604, CVE-2013-0605, CVE-2013-0606, CVE-2013-0607, CVE-2013-0608, CVE-2013-0609, CVE-2013-0610, CVE-2013-0611, CVE-2013-0612, CVE-2013-0613, CVE-2013-0614, CVE-2013-0615, CVE-2013-0616,...