Security update for go1.11 (important)

This new package for go1.11 fixes the following issues: Security issues fixed: - CVE-2018-16873: Fixed a remote code execution in go get, when executed with the -u flag bsc1118897 - CVE-2018-16874: Fixed an arbitrary filesystem write in go get, which could lead to code execution bsc1118898 -...

Security update for xen (important)

This update for xen fixes the following security issues: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS...

Security update for xen (moderate)

This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3665: Fix Lazy FP Save/Restore issue XSA-267 bsc1095242. - CVE-2018-12891: Fix possible Denial of Service DoS via certain PV MMU operations that affect the entire host XSA-264 bsc1097521. - CVE-2018-12892: Fix libxl...

Security update for prosody (moderate)

This update for prosody to version 0.10.2 fixes the following issues: This security issue was fixed: - CVE-2018-10847: Prevent insufficient validation of client-provided parameters during XMPP stream restarts. Authenticated users may have overriden the realm associated with their session,...

Security update for flash-player (critical)

flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2015-5119: Unspecified vulnerability allowing remote attackers to take over the system bsc937339...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0389-1 Rating: important References: 1167090 Cross-References: CVE-2019-20503 CVE-2020-6422 CVE-2020-6424 CVE-2020-6425 CVE-2020-6426 CVE-2020-6427 CVE-2020-6428 CVE-2020-6429 CVE-2020-6449 Affected Products:...

Security update for librsvg (moderate)

openSUSE Security Update: Security update for librsvg Announcement ID: openSUSE-SU-2020:0343-1 Rating: moderate References: 1162501 Cross-References: CVE-2019-20446 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for librsvg ...

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2020:0113-1 Rating: important References: 1160968 Cross-References: CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2655 Affected Products: openSUSE Leap 15.1 An...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0007-1 Rating: important References: 1159498 Cross-References: CVE-2019-13767 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update...

Security update for ucode-intel (important)

openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2019:2631-1 Rating: important References: 1157004 Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for ucode-intel fixes the following...

Security update for libgcrypt (moderate)

openSUSE Security Update: Security update for libgcrypt Announcement ID: openSUSE-SU-2019:2161-1 Rating: moderate References: 1148987 Cross-References: CVE-2019-13627 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...

Security update for ceph (moderate)

openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2019:1284-1 Rating: moderate References: 1084645 1086613 1096748 1099162 1101262 1111177 1114567 1114710 Cross-References: CVE-2018-10861 CVE-2018-1128 CVE-2018-1129 CVE-2018-14662 CVE-2018-16846 Affected Products:...

Security update for keepalived (moderate)

This update for keepalived to version 2.0.10 fixes the following issues: Security issues fixed bsc1015141: - CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new...

Security update for libssh (important)

This update for libssh fixes the following security issue: - CVE-2018-10933: Fixed a server mode authentication bypass boo1108020. This update was imported from the SUSE:SLE-12:Update update project...

Security update for openssl-1_0_0 (important)

openSUSE Security Update: Security update for openssl-100 Announcement ID: openSUSE-SU-2022:0856-1 Rating: important References: 1196877 Cross-References: CVE-2022-0778 CVSS scores: CVE-2022-0778 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 openSUSE...

Security update for logback (important)

openSUSE Security Update: Security update for logback Announcement ID: openSUSE-SU-2021:1613-1 Rating: important References: 1193795 Cross-References: CVE-2021-44228 CVSS scores: CVE-2021-44228 NVD : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2021-44228 SUSE: 9.8...

Security update for nodejs12 (important)

openSUSE Security Update: Security update for nodejs12 Announcement ID: openSUSE-SU-2021:1059-1 Rating: important References: 1183851 1183852 1184450 1187973 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362 CVE-2021-27290 CVE-2021-3449 CVE-2021-3450 CVSS scores:...

Security update for gcc9 (moderate)

openSUSE Security Update: Security update for gcc9 Announcement ID: openSUSE-SU-2020:0716-1 Rating: moderate References: 1114592 1135254 1141897 1142649 1142654 1148517 1149145 1149995 1152590 1167898 Cross-References: CVE-2019-14250 CVE-2019-15847 Affected Products: openSUSE Leap 15.1 An update...

Security update for haproxy (important)

openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2020:0444-1 Rating: important References: 1168023 Cross-References: CVE-2020-11100 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for haproxy...

Security update for qemu (important)

openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2019:2510-1 Rating: important References: 1079730 1098403 1111025 1117665 1119991 1143794 1144087 1145379 1145427 1145436 1145774 1146873 1149811 1152506 Cross-References: CVE-2018-12207 CVE-2018-20126 CVE-2019-11135...

Security update for python (moderate)

openSUSE Security Update: Security update for python Announcement ID: openSUSE-SU-2019:2389-1 Rating: moderate References: 1130840 1149955 1153238 Cross-References: CVE-2019-16056 CVE-2019-16935 CVE-2019-9947 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilities is now...

Security update for libpcap (important)

openSUSE Security Update: Security update for libpcap Announcement ID: openSUSE-SU-2019:2345-1 Rating: important References: 1153332 Cross-References: CVE-2018-16301 CVE-2019-15165 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description: This...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:2228-1 Rating: important References: 1151229 Cross-References: CVE-2019-13685 CVE-2019-13686 CVE-2019-13687 CVE-2019-13688 Affected Products: openSUSE Backports SLE-15 An update that fixes four vulnerabilitie...

Security update for ibus (important)

openSUSE Security Update: Security update for ibus Announcement ID: openSUSE-SU-2019:2174-1 Rating: important References: 1150011 Cross-References: CVE-2019-14822 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for ibus fixes...

Security update for libjpeg-turbo (moderate)

openSUSE Security Update: Security update for libjpeg-turbo Announcement ID: openSUSE-SU-2019:1343-1 Rating: moderate References: 1096209 1098155 1128712 Cross-References: CVE-2018-1152 CVE-2018-11813 CVE-2018-14498 Affected Products: openSUSE Leap 42.3 An update that fixes three vulnerabilities ...

Security update for libqt5-qtvirtualkeyboard (moderate)

openSUSE Security Update: Security update for libqt5-qtvirtualkeyboard Announcement ID: openSUSE-SU-2019:1263-1 Rating: moderate References: 1118593 Cross-References: CVE-2018-19865 Affected Products: openSUSE Backports SLE-15 An update that fixes one vulnerability is now available. Description:...

Security update for libqt5-qtvirtualkeyboard (moderate)

openSUSE Security Update: Security update for libqt5-qtvirtualkeyboard Announcement ID: openSUSE-SU-2019:1259-1 Rating: moderate References: 1118593 Cross-References: CVE-2018-19865 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This...

Security update for samba (important)

openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2019:1180-1 Rating: important References: 1114407 1124223 1125410 1126377 1131060 1131686 Cross-References: CVE-2019-3880 Affected Products: openSUSE Leap 15.0 An update that solves one vulnerability and has 5 fixes ...

Security update for libu2f-host (low)

openSUSE Security Update: Security update for libu2f-host Announcement ID: openSUSE-SU-2019:0199-1 Rating: low References: 1124781 Cross-References: CVE-2018-20340 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for libu2f-ho...

Security update for polkit (moderate)

openSUSE Security Update: Security update for polkit Announcement ID: openSUSE-SU-2019:0010-1 Rating: moderate References: 1118277 Cross-References: CVE-2018-19788 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for polkit...

Security update for okular (moderate)

This update for okular fixes the following security issue: - CVE-2018-1000801: Prevent directory traversal vulnerability in function unpackDocumentArchive could have resulted in arbitrary file creation via a specially crafted Okular archive bsc1107591...

Security update for java-11-openjdk (moderate)

This java-11-openjdk update to version jdk-11+24 fixes the following issues: Security issues fixed: - CVE-2018-2940: Fix unspecified vulnerability in subcomponent Libraries bsc1101645. - CVE-2018-2952: Fix unspecified vulnerability in subcomponent Concurrency bsc1101651. - CVE-2018-2972: Fix...

Security update for postgresql95 (important)

This update for postgresql95 fixes the following issues: Upate to PostgreSQL 9.5.11: Security issues fixed: https://www.postgresql.org/docs/9.5/static/release-9-5-11.html CVE-2018-1053, boo1077983: Ensure that all temporary files made by pgupgrade are non-world-readable. boo1079757: Rename...

Security update for openssl (important)

This update for openssl fixes the following issues: - OpenSSL Security Advisory 07 Dec 2017 CVE-2017-3737: OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error...

Security update for mariadb (important)

openSUSE Security Update: Security update for mariadb Announcement ID: openSUSE-SU-2021:2605-1 Rating: important References: 1182739 1183770 1185870 1185872 Cross-References: CVE-2021-2154 CVE-2021-2166 CVE-2021-27928 CVSS scores: CVE-2021-2154 NVD : 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A...

Security update for nodejs14 (important)

openSUSE Security Update: Security update for nodejs14 Announcement ID: openSUSE-SU-2021:1060-1 Rating: important References: 1184450 1187973 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362 CVE-2021-27290 CVSS scores: CVE-2020-7774 NVD : 7.3...

Security update for jetty-minimal (important)

openSUSE Security Update: Security update for jetty-minimal Announcement ID: openSUSE-SU-2021:2005-1 Rating: important References: 1184366 1184367 1184368 1187117 Cross-References: CVE-2021-28163 CVE-2021-28164 CVE-2021-28165 CVE-2021-28169 CVSS scores: CVE-2021-28163 NVD : 2.7...

Security update for git (moderate)

openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2020:0598-1 Rating: moderate References: 1063412 1095218 1095219 1110949 1112230 1114225 1132350 1149792 1156651 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1167890 1168930 1169605 1169786...

Security update for cloud-init (moderate)

openSUSE Security Update: Security update for cloud-init Announcement ID: openSUSE-SU-2020:0400-1 Rating: moderate References: 1162936 1162937 1163178 Cross-References: CVE-2020-8631 CVE-2020-8632 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata i...

Security update for sysstat (moderate)

openSUSE Security Update: Security update for sysstat Announcement ID: openSUSE-SU-2019:2397-1 Rating: moderate References: 1150114 Cross-References: CVE-2019-16167 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for sysstat...

Security update for bzip2 (low)

openSUSE Security Update: Security update for bzip2 Announcement ID: openSUSE-SU-2019:1398-1 Rating: low References: 985657 Cross-References: CVE-2016-3189 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for bzip2 fixes the...

Security update for audiofile (low)

openSUSE Security Update: Security update for audiofile Announcement ID: openSUSE-SU-2019:1260-1 Rating: low References: 1100523 Cross-References: CVE-2018-13440 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for audiofile...

Security update for pspp, spread-sheet-widget (moderate)

openSUSE Security Update: Security update for pspp, spread-sheet-widget Announcement ID: openSUSE-SU-2019:0198-1 Rating: moderate References: 1120061 Cross-References: CVE-2018-20230 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:0204-1 Rating: important References: 1123641 1124936 Cross-References: CVE-2019-5754 CVE-2019-5755 CVE-2019-5756 CVE-2019-5757 CVE-2019-5758 CVE-2019-5759 CVE-2019-5760 CVE-2019-5761 CVE-2019-5762 CVE-2019-57...

Security update for salt (moderate)

This update for salt fixes the following issues: - Crontab module fix: file attributes option missing boo1114824 - Fix gitpillar merging across multiple env repositories boo1112874 - Bugfix: unable to detect os arch when RPM is not installed boo1114197 - Fix LDAP authentication issue when a valid...

Security update for tomcat (moderate)

This update for tomcat to 9.0.12 fixes the following issues: See the full changelog at: http://tomcat.apache.org/tomcat-9.0-doc/changelog.htmlTomcat9.0.12markt Security issues fixed: - CVE-2018-11784: When the default servlet in Apache Tomcat returned a redirect to a directory e.g. redirecting to...

Security update for the Linux Kernel (important)

====================================================================== Still left to do: - Check CVE descriptions. They need to be written in the past tense. They are processed automatically, THERE CAN BE ERRORS IN THERE! - Remove version numbers from the CVE descriptions - Check the capitalizati...

Security update for log4j (important)

openSUSE Security Update: Security update for log4j Announcement ID: openSUSE-SU-2021:1586-1 Rating: important References: 1193611 Cross-References: CVE-2021-44228 CVSS scores: CVE-2021-44228 NVD : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2021-44228 SUSE: 9.8...

Security update for nodejs8 (important)

openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2021:2618-1 Rating: important References: 1184450 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-23362 CVE-2021-27290 CVSS scores: CVE-2020-7774 NVD : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:1975-1 Rating: important References: 1043990 1047233 1055117 1065729 1087082 1113295 1133021 1152457 1152472 1152489 1153274 1154353 1155518 1156256 1156395 1159280 1160634 1164648 1167260 1167574...