Security update for the Linux Kernel (important)

The openSUSE Leap 42.2 kernel was updated to 4.4.102 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000405: A bug in the THP CoW support could be used by local attackers to corrupt memory of other processes and cause them to crash bnc1069496. -...

Security update for qemu (important)

This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...

Security update for wpa_supplicant (moderate)

This update for wpasupplicant provides the following fixes: This security issues was fixe: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the...

Security update for the Linux Kernel (important)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5390 aka "SegmentSmack": A remote attacker even with relatively low bandwidth could have caused lots of CPU usage by triggering the worst case scenario during IP...

Security update for audiofile (moderate)

This update for audiofile fixes the following issues: - CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles bsc1111586. This update was imported from the...

Security update for ImageMagick (moderate)

This update for ImageMagick fixes the following issues: - CVE-2017-14997: GraphicsMagick allowed remote attackers to cause a denial of service excessive memory allocation because of an integer underflow in ReadPICTImage in coders/pict.c. bsc1112399 - CVE-2018-16644: An regression in the security...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1479-1 Rating: important References: 1050549 1055117 1055186 1061840 1063638 1070872 1082555 1083647 1085535 1085536 1086657 1097584 1106011 1106284 1108193 1108937 1111331 1112063 1112128 1112178...

Security update for systemd (important)

This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in unitdeserializ...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.159 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13096: A denial of service out-of-bounds memory access and BUG can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image...

Security update for the Linux Kernel (important)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18710: An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned lo...

Security update for hostapd (low)

hostapd was updated to fix following security issue: - CVE-2018-14526: Ignore unauthenticated encrypted EAPOL-Key data bsc1104205...

Security update for libgit2 (moderate)

This update for libgit2 fixes the following issues: - CVE-2018-8099: Fixed possible denial of service attack via different vectors by not being able to differentiate between these status codes bsc1085256. - CVE-2018-11235: With a crafted .gitmodules file, a malicious project can execute an...

Security update for ansible (moderate)

openSUSE Security Update: Security update for ansible Announcement ID: openSUSE-SU-2019:1635-1 Rating: moderate References: 1109957 1112959 1118896 1126503 Cross-References: CVE-2018-16837 CVE-2018-16859 CVE-2018-16876 CVE-2019-3828 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.1 openSUS...

Security update for GraphicsMagick (moderate)

This update for GraphicsMagick fixes the following issues: Security issues fixed: - CVE-2017-10794: When GraphicsMagick processed an RGB TIFF picture with metadata indicating a single sample per pixel in coders/tiff.c, a buffer overflow occured, related to QuantumTransferMode. boo1112392 -...

Security update for mercurial (moderate)

This update for mercurial fixes the following issues: - CVE-2018-17983: Fix an out-of-bounds read during parsing of a malformed manifest entry bsc1110899. This update was imported from the SUSE:SLE-15:Update update project...

Security update for compat-openssl098 (moderate)

openSUSE Security Update: Security update for compat-openssl098 Announcement ID: openSUSE-SU-2019:1637-1 Rating: moderate References: 1117951 1127080 1131291 Cross-References: CVE-2019-1559 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has two fixes is now...

Security update for net-snmp (important)

This update for net-snmp fixes the following issues: Security issues fixed: - CVE-2018-18065: setkey in agent/helpers/tablecontainer.c had a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Deni...

Security update for jhead (moderate)

This update for jhead fixes the following issues: Security issues fixed: - CVE-2018-17088: The ProcessGpsInfo function may have allowed a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check...

Security update for chromium (important)

This update Chromium to version 60.0.3112.78 fixes security issue and bugs. The following security issues were fixed: CVE-2017-5091: Use after free in IndexedDB CVE-2017-5092: Use after free in PPAPI CVE-2017-5093: UI spoofing in Blink CVE-2017-5094: Type confusion in extensions CVE-2017-5095:...

Security update for qemu (moderate)

This update for qemu fixes the following issues: These security issues were fixed: - CVE-2018-12617: qmpguestfileread had an integer overflow that could have been exploited by sending a crafted QMP command including guest-file-read with a large count value to the agent via the listening socket...

Security update for gstreamer-plugins-base (important)

openSUSE Security Update: Security update for gstreamer-plugins-base Announcement ID: openSUSE-SU-2019:1639-1 Rating: important References: 1133375 Cross-References: CVE-2019-9928 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This upda...

Security update for glib2 (important)

openSUSE Security Update: Security update for glib2 Announcement ID: openSUSE-SU-2019:1650-1 Rating: important References: 1103678 1137001 Cross-References: CVE-2019-12450 Affected Products: openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now available.Description...

Security update for ntfs-3g_ntfsprogs (low)

This update for ntfs-3gntfsprogs fixes the following issues: - CVE-2017-0358: Missing sanitization of the environment during a call to modprobe allowed local users to escalate fo root privilege bsc1022500 This update was imported from the SUSE:SLE-12:Update update project...

Security update for sqlite3 (important)

openSUSE Security Update: Security update for sqlite3 Announcement ID: openSUSE-SU-2019:1645-1 Rating: important References: 1136976 Cross-References: CVE-2019-8457 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for sqlite3...

Security update for lcms2 (moderate)

This update for lcms2 fixes the following issues: - CVE-2018-16435: Heap-based buffer overflow via a crafted file in the second argument to cmsIT8LoadFromFile bsc1108813 This update was imported from the SUSE:SLE-15:Update update project...

Security update for exempi (moderate)

openSUSE Security Update: Security update for exempi Announcement ID: openSUSE-SU-2019:1649-1 Rating: moderate References: 1098946 Cross-References: CVE-2018-12648 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for exempi...

Security update for clamav (moderate)

This update for clamav fixes the following issues: clamav was updated to version 0.100.2: - CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. bsc1110723 -...

Security update for gstreamer-0_10-plugins-base (important)

openSUSE Security Update: Security update for gstreamer-010-plugins-base Announcement ID: openSUSE-SU-2019:1638-1 Rating: important References: 1133375 Cross-References: CVE-2019-9928 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This...

Security update for MozillaThunderbird (important)

This update for MozillaThunderbird fixes the following issues: Thunderbird 63 ESR was updated to version 60.3.0 to fix the following issues bsc1112852: Security issues fixed MFSA 2018-28: - CVE-2018-12389: Fixed memory safety bugs. - CVE-2018-12390: Fixed memory safety bugs. - CVE-2018-12391: Fix...

Security update for SDL2 (moderate)

openSUSE Security Update: Security update for SDL2 Announcement ID: openSUSE-SU-2019:1632-1 Rating: moderate References: 1124825 1134135 Cross-References: CVE-2019-7637 Affected Products: openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now available. Description:...

Security update for opensc (moderate)

This update for opensc fixes the following security issues: - CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card bsc1106998 - CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card bsc1106999 - CVE-2018-16393: Fixed buffer overflows wh...

Security update for libssh2_org (moderate)

openSUSE Security Update: Security update for libssh2org Announcement ID: openSUSE-SU-2019:1640-1 Rating: moderate References: 1128481 1136570 Cross-References: CVE-2019-3860 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has one errata is now available...

Security update for wireshark (moderate)

openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2019:1646-1 Rating: moderate References: 1136021 Affected Products: openSUSE Leap 42.3 An update that contains security fixes can now be installed. Description: This update for wireshark to version 2.4.15 fixes t...

Security update for SDL2 (moderate)

openSUSE Security Update: Security update for SDL2 Announcement ID: openSUSE-SU-2019:1633-1 Rating: moderate References: 1124825 1134135 Cross-References: CVE-2019-7637 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available. Description:...

Security update for libmediainfo (moderate)

openSUSE Security Update: Security update for libmediainfo Announcement ID: openSUSE-SU-2019:1658-1 Rating: moderate References: 1133156 1133157 Cross-References: CVE-2019-11372 CVE-2019-11373 Affected Products: openSUSE Backports SLE-15 An update that fixes two vulnerabilities is now available...

Security update for libarchive (moderate)

This update for libarchive fixes the following issues: - CVE-2016-10209: The archivewstringappendfrommbs function in archivestring.c allowed remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted archive file. bsc1032089 - CVE-2016-10349: The...

Security update for curl (moderate)

This update for curl fixes the following issues: - CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes bsc1112758 - CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes bsc1112758 - CVE-2018-16842: A...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.92 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13080: Wi-Fi Protected Access WPA and WPA2 allowed reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...

Security update for ucode-intel (important)

openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2019:1805-1 Rating: important References: 1111331 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Affected Products: openSUSE Leap 15.0 An update that fixes four vulnerabilities is...

Security update for MozillaFirefox (important)

This update to Mozilla Firefox 52.3esr fixes a number of security issues. The following vulnerabilities were advised upstream under MFSA 2017-19 boo1052829: - CVE-2017-7798: XUL injection in the style editor in devtools - CVE-2017-7800: Use-after-free in WebSockets during disconnection -...

Security update for clamav (important)

This update for clamav fixes the following issues: - Update to security release 0.99.3 bsc1077732 CVE-2017-12376 ClamAV Buffer Overflow in handlepdfname Vulnerability CVE-2017-12377 ClamAV Mew Packet Heap Overflow Vulnerability CVE-2017-12379 ClamAV Buffer Overflow in messageAddArgument...

Security update for accountsservice (moderate)

This update for accountsservice fixes the following issues: This security issue was fixed: - CVE-2018-14036: Prevent directory traversal caused by an insufficient path check in userchangeiconfileauthorizedcb bsc1099699 Thsese non-security issues were fixed: - Don't abort loading users when an...

Security update for apache2 (important)

This update for apache2 fixes the following issues: Security issues fixed: - CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2...

Security update for webkit2gtk3 (moderate)

This update for webkit2gtk3 to version 2.20.3 fixes the issues: The following security vulnerabilities were addressed: - CVE-2018-12911: Fixed an off-by-one error in xdgmimegetsimpleglobs boo1101999 - CVE-2017-13884: An unspecified issue allowed remote attackers to execute arbitrary code or cause...

Security update for curl (moderate)

This update for curl fixes the following issues: - CVE-2018-16840: A use after free in closing SASL handles was fixed bsc1112758 - CVE-2018-16842: A Out-of-bounds Read in toolmsgs.c was fixed which could lead to crashes bsc1113660 This update was imported from the SUSE:SLE-12:Update update projec...

Security update for MozillaThunderbird (important)

This update for Mozilla Thunderbird to version 60.2.1 fixes multiple issues. Multiple security issues were fixed in the Mozilla platform as advised in MFSA 2018-25 and MFSA 2018-28. In general, these flaws cannot be exploited through email in Thunderbird because scripting is disabled when reading...

Security update for python, python-base (moderate)

This update for python, python-base fixes the following issues: Security issues fixed: - CVE-2018-1000802: Prevent command injection in shutil module makearchive function via passage of unfiltered user input bsc1109663. - CVE-2018-1061: Fixed DoS via regular expression backtracking in...

Security update for opensc (moderate)

This update for opensc fixes the following issues: - CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card bsc1106998 - CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card bsc1106999 - CVE-2018-16393: Fixed buffer overflows when handli...

Security update for libarchive (moderate)

This update for libarchive fixes the following issues: - CVE-2017-14501: An out-of-bounds read flaw existed in parsefileinfo in archivereadsupportformatiso9660.c when extracting a specially crafted iso9660 iso file, related to archivereadformatiso9660readheader. bsc1059139 - CVE-2017-14502:...

Security update for audiofile (moderate)

This update for audiofile fixes the following issues: - CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles bsc1111586. This update was imported from the...