Security update for soundtouch (important)

This update for soundtouch fixes the following issues: - CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service heap corruption from size inconsistency or possibly have unspecified other impact, as demonstrated by SoundStretch. bsc1108632 - CVE-2018-17097: The...

Security update for soundtouch (moderate)

This update for soundtouch fixes the following issues: - CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service heap corruption from size inconsistency or possibly have unspecified other impact, as demonstrated by SoundStretch. bsc1108632 - CVE-2018-17097: The...

Security update for mysql-community-server (important)

MySQL Community Server was updated to 5.6.42, fixing bugs and security issues: Changes: http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-42.html Fixed CVEs: - CVE-2016-9843 boo1013882, CVE-2018-3143 boo1112421, - CVE-2018-3156 boo1112417, CVE-2018-3251 boo1112397, - CVE-2018-3133 boo111236...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.155 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13093: Prevent NULL pointer dereference and panic in lookupslow on a NULL inode-iops pointer when doing pathwalks on a corrupted xfs image. This occure...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.2 kernel was updated to 4.4.87 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel BlueZ was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.120 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-8087: Memory leak in the hwsimnewradionl function in drivers/net/wireless/mac80211hwsim.c allowed local users to cause a denial of service memory...

Security update for java-11-openjdk (moderate)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:1327-1 Rating: moderate References: 1132728 1132732 Cross-References: CVE-2019-2602 CVE-2019-2684 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 was updated to 4.4.138 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes a...

Security update for xen (important)

This update for xen fixes several issues. These security issues were fixed: - CVE-2017-10912: Page transfer might have allowed PV guest to elevate privilege XSA-217, bsc1042882 - CVE-2017-10913 CVE-2017-10914: Races in the grant table unmap code allowed for informations leaks and potentially...

Security update for podman, slirp4netns and libcontainers-common (moderate)

openSUSE Security Update: Security update for podman, slirp4netns and libcontainers-common Announcement ID: openSUSE-SU-2019:2044-1 Rating: moderate References: 1096726 1123156 1123387 1135460 1136974 1137860 1143386 Cross-References: CVE-2018-15664 CVE-2019-10152 CVE-2019-6778 Affected Products:...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1924-1 Rating: important References: 1051510 1055117 1071995 1083647 1083710 1085030 1086103 1102247 1106061 1111666 1114279 1119222 1123959 1127034 1127315 1129770 1130972 1131281 1133021 1134097...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.2 Kernel was updated to 4.4.90 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000252: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service assertion failure, and hypervisor hang or crash via a...

Security update for ntp (moderate)

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.143 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-18344: The timercreate syscall implementation in kernel/time/posix-timers.c didn't properly validate the sigevent-sigevnotify field, which leads to...

Security update for Chromium (important)

This update for Chromium to version 66.0.3359.181 fixes the following issues: - CVE-2018-6118: Use after free in Media Cache bsc1091288 - CVE-2018-6085: Use after free in Disk Cache - CVE-2018-6086: Use after free in Disk Cache - CVE-2018-6087: Use after free in WebAssembly - CVE-2018-6088: Use...

Security update for icecast (important)

This update for icecast fixes the following security issues: - CVE-2018-18820: A buffer overflow in url-auth could have potentially allowed remote code execution boo1114434...

Security update for ntp (moderate)

This update for NTP to version 4.2.8p12 fixes the following vulnerabilities bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing...

Security update for chromium (important)

This update to Chromium 62.0.3202.75 fixes the following security issues: - CVE-2017-5124: UXSS with MHTML - CVE-2017-5125: Heap overflow in Skia - CVE-2017-5126: Use after free in PDFium - CVE-2017-5127: Use after free in PDFium - CVE-2017-5128: Heap overflow in WebGL - CVE-2017-5129: Use after...

Security update for chromium (important)

This update for Chromium to version 69.0.3497.81 fixes multiple issues. Security issues fixed boo1107235: - CVE-2018-16065: Out of bounds write in V8 - CVE-2018-16066:Out of bounds read in Blink - CVE-2018-16067: Out of bounds read in WebAudio - CVE-2018-16068: Out of bounds write in Mojo -...

Security update for openssh (moderate)

This update for openssh fixes the following issues: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration ...

Security update for Chromium (important)

This update for Chromium to version 70.0.3538.67 fixes multiple issues. Security issues fixed bsc1112111: - CVE-2018-17462: Sandbox escape in AppCache - CVE-2018-17463: Remote code execution in V8 - Heap buffer overflow in Little CMS in PDFium - CVE-2018-17464: URL spoof in Omnibox -...

Security update for the Linux Kernel (important)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in a way an authentication request from an ISCSI initiator is...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.126 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-1091: In the flushtmregstothread function in arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from unprivileged userspace during a...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1923-1 Rating: important References: 1051510 1055117 1071995 1083647 1083710 1085030 1086103 1102247 1103991 1103992 1104745 1106061 1109837 1111666 1112374 1114279 1119222 1123959 1127034 1127315...

Security update for tomcat (moderate)

This update for tomcat fixes the following issues: - CVE-2018-11784: When the default servlet in Apache Tomcat returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of th...

Security update for chromium (important)

This update for Chromium to version 69.0.3497.81 fixes multiple issues. Security issues fixed boo1107235: - CVE-2018-16065: Out of bounds write in V8 - CVE-2018-16066:Out of bounds read in Blink - CVE-2018-16067: Out of bounds read in WebAudio - CVE-2018-16068: Out of bounds write in Mojo -...

Security update for systemd (important)

This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in unitdeserializ...

Security update for ImageMagick (moderate)

This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. bsc1111069 - CVE-2018-18016: Fixed a memory...

Security update for postgresql96 (important)

This update for postgresql96 to 9.6.10 fixes the following issues: These security issues were fixed: - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted...

Security update for xorg-x11-server (moderate)

This update for xorg-x11-server fixes the following issues: - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges bsc1112020, Note that SUSE by default does not run with elevated privileges, so the default installation is not affected by this problem. This updat...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.132 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3639: Information leaks using "Memory Disambiguation" feature in modern CPUs were mitigated, aka "Spectre Variant 4" bnc1087082. A new boot commandline...

Security update for apache-pdfbox (moderate)

This update for apache-pdfbox fixes the following security issue: - CVE-2018-11797: A carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree. bsc1111009: This update was imported from the SUSE:SLE-15:Update update project...

Security update for Mozilla Firefox (important)

This update for Mozilla Firefox to version 60.3.0esr fixes security issues and stability bugs. The following security issues were fixed MFSA 2018-27, boo1112852: - CVE-2018-12392: Crash with nested event loops - CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript -...

Security update for LibreOffice and dependency libraries (moderate)

This update for LibreOffice, libepubgen, liblangtag, libmwaw, libnumbertext, libstaroffice, libwps, myspell-dictionaries, xmlsec1 fixes the following issues: LibreOffice was updated to 6.1.3.2 fate326624 and contains new features and lots of bugfixes: The full changelog can be found on:...

Security update for rust (moderate)

This update for rust fixes the following issues: - CVE-2018-1000622: rustdoc loads plugins from world writable directory allowing for arbitrary code execution This patch consists of requiring --plugin-path to be passed whenever --plugin is passed Note that rustdoc plugins will be removed entirely...

Security update for zziplib (moderate)

This update for zziplib fixes the following issues: - CVE-2018-17828: Remove any "../" components from pathnames of extracted files to avoid path traversal during unpacking. bsc1110687 This update was imported from the SUSE:SLE-12:Update update project...

Security update for python-cryptography (moderate)

This update for python-cryptography fixes the following issues: - CVE-2018-10903: The finalizewithtag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalizewithtag an attacker could craft an invalid payload with a shortened tag e.g. 1...

Security update for openjpeg2 (important)

This update for openjpeg2 fixes the following issues: CVE-2016-9114: NULL Pointer Access in function imagetopnm of convert.c:1943jp2 could lead to crash bsc1007740 CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.cjp2 bsc1007741 CVE-2016-9580, CVE-2016-9581: Possible Heap...

Security update for amanda (moderate)

This update for amanda fixes the following security issue: - CVE-2016-10729: Local privilege escalation from amanda user to root via unsafe tar command options bsc1112916...

Security update for ffmpeg, ffmpeg2 (important)

This update introduces lame and twolame. For ffmpeg2 it updates to version 2.8.13 and fixes several issues. These security issues were fixed: - CVE-2017-14058: The readdata function in libavformat/hls.c did not restrict reload attempts for an insufficient list, which allowed remote attackers to...

Security update for lxc, lxcfs (important)

openSUSE Security Update: Security update for lxc, lxcfs Announcement ID: openSUSE-SU-2019:1481-1 Rating: important References: 1036360 1099239 1122185 1131762 988348 998326 Cross-References: CVE-2015-1331 CVE-2015-1334 CVE-2015-1335 CVE-2017-5985 CVE-2018-6556 CVE-2019-5736 Affected Products:...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1407-1 Rating: important References: 1012382 1020645 1020989 1031492 1047487 1051510 1053043 1062056 1063638 1064388 1066223 1070872 1085539 1087092 1094244 1096480 1096728 1097104 1100132 1103186...

Security update for Chromium (important)

This update for Chromium to version 65.0.3325.162 fixes the following issues: - CVE-2017-11215: Use after free in Flash - CVE-2017-11225: Use after free in Flash - CVE-2018-6060: Use after free in Blink - CVE-2018-6061: Race condition in V8 - CVE-2018-6062: Heap buffer overflow in Skia -...

Security update for libxkbcommon (low)

This update for libxkbcommon to version 0.8.2 fixes the following issues: - Fix a few NULL-dereferences, out-of-bounds access and undefined behavior in the XKB text format parser. - CVE-2018-15853: Endless recursion could have been used by local attackers to crash xkbcommon users by supplying a...

Security update for curl (important)

openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2020:0883-1 Rating: important References: 1173026 1173027 Cross-References: CVE-2020-8169 CVE-2020-8177 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description: Thi...

Security update for the Linux Kernel (important)

The openSUSE Leap 42.2 kernel was updated to 4.4.92 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13080: Wi-Fi Protected Access WPA and WPA2 allowed reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker...

Security update for wireshark (moderate)

This update for wireshark to version 2.2.17 fixes the following issues: Security issues fixed boo1106514: - CVE-2018-16058: Bluetooth AVDTP dissector crash wnpa-sec-2018-44 - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash wnpa-sec-2018-45 - CVE-2018-16057: Radiotap dissector crash...

Security update for xen (important)

This update for xen to version 4.7.3 fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137:...

Security update for wireshark (important)

This update for wireshark fixes the following issues: Wireshark was updated to 2.4.10 bsc1111647. Following security issues were fixed: - CVE-2018-18227: MS-WSP dissector crash wnpa-sec-2018-47 - CVE-2018-12086: OpcUA dissector crash wnpa-sec-2018-50 Further bug fixes and updated protocol support...

Security update for chromium (moderate)

This update contains Chromium 70.0.3538.102 and fixes security issues and bugs. Vulnerabilities fixed: - CVE-2018-17478: Out of bounds memory access in V8 boo1115537 - Various fixes from internal audits, fuzzing and other initiatives Packaging changes: - noto-emoji-fonts is no longer a recommende...