7849 matches found
Security update for libraw (moderate)
openSUSE Security Update: Security update for libraw Announcement ID: openSUSE-SU-2019:0094-1 Rating: moderate References: 1120498 1120499 1120500 1120515 1120516 1120517 1120519 Cross-References: CVE-2018-20337 CVE-2018-20363 CVE-2018-20364 CVE-2018-20365 CVE-2018-5817 CVE-2018-5818 CVE-2018-581...
Security update for GraphicsMagick (moderate)
openSUSE Security Update: Security update for GraphicsMagick Announcement ID: openSUSE-SU-2019:0003-1 Rating: moderate References: 1119790 1119822 Cross-References: CVE-2018-20184 CVE-2018-20189 Affected Products: openSUSE Backports SLE-15 An update that fixes two vulnerabilities is now available...
Security update for ncurses (important)
This update for ncurses fixes the following issue: Security issue fixed: - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function ncparseentry bsc1115929. This update was imported from the SUSE:SLE-12:Update update project...
Security update for ghostscript (important)
This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code bsc1109105 - CVE-2018-15909: Prevent type...
Security update for mailman (moderate)
This update for mailman to version 2.1.27 fixes the following issues: This security issue was fixed: - CVE-2018-0618: Additional protections against injecting scripts into listinfo and error messages pages bsc1099510. These non-security issues were fixed: - The hash generated when...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.3 kernel was updated to 4.4.79 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7542: The ip6find1stfragopt function in net/ipv6/outputcore.c in the Linux kernel allowed local users to cause a denial of service integer overflow and...
Security update for chromium (important)
This update Chromium to version 60.0.3112.78 fixes security issue and bugs. The following security issues were fixed: CVE-2017-5091: Use after free in IndexedDB CVE-2017-5092: Use after free in PPAPI CVE-2017-5093: UI spoofing in Blink CVE-2017-5094: Type confusion in extensions CVE-2017-5095:...
glibc (critical)
CVE-2015-0235: A vulnerability was found and fixed in the GNU C Library, specifically in the function gethostbyname, that could lead to a local or remote buffer overflow. bsc913646...
Security update for php7 (moderate)
openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2021:2575-1 Rating: moderate References: 1188037 Cross-References: CVE-2021-21705 CVSS scores: CVE-2021-21705 SUSE: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: openSUSE Leap 15.3 An update that...
Security update for grafana (moderate)
openSUSE Security Update: Security update for grafana Announcement ID: openSUSE-SU-2020:1611-1 Rating: moderate References: 1044444 1044933 1115960 1170557 Cross-References: CVE-2018-19039 CVE-2019-15043 CVE-2020-12245 CVE-2020-13379 Affected Products: openSUSE Backports SLE-15-SP1 An update that...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:1392-1 Rating: important References: 1175686 Cross-References: CVE-2020-15663 CVE-2020-15664 CVE-2020-15669 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is now...
Security update for ldns (moderate)
openSUSE Security Update: Security update for ldns Announcement ID: openSUSE-SU-2020:0438-1 Rating: moderate References: 1068709 1068711 Cross-References: CVE-2017-1000231 CVE-2017-1000232 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description...
Security update for docker-runc (moderate)
openSUSE Security Update: Security update for docker-runc Announcement ID: openSUSE-SU-2020:0219-1 Rating: moderate References: 1160452 Cross-References: CVE-2019-19921 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for nodejs8 (important)
openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2020:0059-1 Rating: important References: 1149792 1159352 Cross-References: CVE-2019-16775 CVE-2019-16776 CVE-2019-16777 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is now...
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (important)
openSUSE Security Update: Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork Announcement ID: openSUSE-SU-2019:2021-1 Rating: important References: 1100331 1121967 1138920 1139649 1142160 1142413 1143409 Cross-References: CVE-2018-10892 CVE-2019-13509...
Security update for mumble (moderate)
openSUSE Security Update: Security update for mumble Announcement ID: openSUSE-SU-2019:1794-1 Rating: moderate References: 1123334 Cross-References: CVE-2018-20743 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15 SUSE Package Hub for SUSE Linux Enterprise 12 An...
Security update for python3 (moderate)
This update for python3 provides the following fixes: These security issues were fixed: - CVE-2018-1061: Prevent catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could have used this flaw to cause denial of service bsc1088004. - CVE-2018-1060: Prevent catastrophic...
Security update for GraphicsMagick (low)
This update for GraphicsMagick fixes the following security issue: - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has a negative pixel value. If the affected code was used as a library loaded into a process that includes sensitive information, that...
Security update for virtualbox (important)
This update for virtualbox to version 5.2.16 fixes the following issues: The following security vulnerabilities were fixed boo1101667: - CVE-2018-3005: Fixed an easily exploitable vulnerability that allowed unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox...
Security update for java-10-openjdk (important)
This update for OpenJDK 10.0.2 fixes the following security issues: - CVE-2018-2940: the libraries sub-component contained an easily exploitable vulnerability that allowed attackers to compromise Java SE or Java SE Embedded over the network, potentially gaining unauthorized read access to data...
Security update for xen (important)
This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3639: Spectre V4 – Speculative Store Bypass aka "Memory Disambiguation" bsc1092631 This feature can be controlled by the "ssbd=on/off" commandline flag for the XEN hypervisor. - CVE-2018-10982: x86 vHPET interrupt...
Security update for shibboleth-sp (important)
This update for shibboleth-sp fixes the following issues: Security issue fixed: - CVE-2017-16852: Fix critical security checks in the Dynamic MetadataProvider plugin in Shibboleth Service bsc1068689. This update was imported from the SUSE:SLE-12-SP1:Update update project...
Firefox update to 31.1esr (important)
This patch contains security updates for mozilla-nss 3.16.4 - The following 1024-bit root CA certificate was restored to allow more time to develop a better transition strategy for affected sites. It was removed in NSS 3.16.3, but discussion in the mozilla.dev.security.policy forum led to the...
Security update for nodejs-electron (important)
openSUSE Security Update: Security update for nodejs-electron Announcement ID: openSUSE-SU-2022:0070-1 Rating: important References: Cross-References: CVE-2021-30625 CVE-2021-30626 CVE-2021-30627 CVE-2021-30628 CVE-2021-30630 CVE-2021-30631 CVE-2021-30632 CVE-2021-30633 CVE-2021-37981...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:3179-1 Rating: important References: 1040364 1127650 1135481 1152489 1160010 1168202 1171420 1174969 1175052 1175543 1177399 1180100 1180141 1180347 1181006 1181148 1181972 1184180 1185902 1186264...
Security update for MozillaFirefox (important)
openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2021:2393-1 Rating: important References: 1188275 Cross-References: CVE-2021-29970 CVE-2021-29976 CVE-2021-30547 CVSS scores: CVE-2021-30547 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected...
Security update for git (important)
openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2020:0123-1 Rating: important References: 1082023 1149792 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 Cross-References: CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352...
Security update for php7-imagick (moderate)
openSUSE Security Update: Security update for php7-imagick Announcement ID: openSUSE-SU-2020:0014-1 Rating: moderate References: 1135418 Cross-References: CVE-2019-11037 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 SUSE Package Hub for SUSE Linux Enterprise 12 An update tha...
Recommended update for openafs (moderate)
openSUSE Security Update: Recommended update for openafs Announcement ID: openSUSE-SU-2019:2607-1 Rating: moderate References: Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for openafs fixes the following issues: Update...
Security update for nfs-utils (moderate)
openSUSE Security Update: Security update for nfs-utils Announcement ID: openSUSE-SU-2019:2435-1 Rating: moderate References: 1150733 Cross-References: CVE-2019-3689 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for nfs-uti...
Security update for rust (moderate)
openSUSE Security Update: Security update for rust Announcement ID: openSUSE-SU-2019:2244-1 Rating: moderate References: 1096945 1100691 1133283 1134978 Cross-References: CVE-2018-1000622 CVE-2019-12083 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has two...
Security update for openexr (moderate)
openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2019:1826-1 Rating: moderate References: 1040109 1040113 1040115 Cross-References: CVE-2017-9111 CVE-2017-9113 CVE-2017-9115 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is now...
Security update for webkit2gtk3 (moderate)
openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2019:0308-1 Rating: moderate References: 1119553 1119554 1119555 1119556 1119557 1119558 1124937 Cross-References: CVE-2018-4437 CVE-2018-4438 CVE-2018-4441 CVE-2018-4442 CVE-2018-4443 CVE-2018-4464 CVE-2019-62...
Security update for rubygem-loofah (moderate)
This update for rubygem-loofah fixes the following issues: Security issue fixed: - CVE-2018-16468: Fixed XXS by removing the svg animate attribute from from the allowlist bsc1113969. This update was imported from the SUSE:SLE-15:Update update project...
Security update for tiff (moderate)
This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf bsc1099257. - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tiflzw.c bsc1113672. - CVE-2018-18557: Fixe...
Security update for chromium (moderate)
This update for Chromium to version 69.0.3497.92 fixes the following issues: Security issues fixed boo1108114: - Function signature mismatch in WebAssembly - URL Spoofing in Omnibox The following tracked packaging issues were fixed: - the chromium package incorrectly provied swiftshader resolvabl...
Security update for clamav (moderate)
This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability bsc1101410 - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small fil...
Security update for Chromium (important)
This update for Chromium to version 67.0.3396.99 fixes multiple issues. Security issues fixed bsc1095163: - CVE-2018-6123: Use after free in Blink - CVE-2018-6124: Type confusion in Blink - CVE-2018-6125: Overly permissive policy in WebUSB - CVE-2018-6126: Heap buffer overflow in Skia -...
Security update for GraphicsMagick (low)
This update for GraphicsMagick fixes the following issues: The following security fixes were fixed: - CVE-2018-10805: Fixed a memory leak in ReadYCBCRImage in coders/ycbcr.c and rgb.c, cmyk.c and gray.c boo1095812 - Fixed invalid memory reads in dcm.c boo1075821c14...
Security update for enigmail (moderate)
This update for enigmail to version 2.0.6 fixes the following issues: Security issues fixed: - Replies to a partially encrypted message may have revealed protected information: no longer display PGP/MIME message part followed by unencrypted data boo1094781 - Signature could be spoofed via...
Security update for glibc (important)
This update for glibc fixes the following issues: Security issues fixed: - CVE-2017-8804: Fix memory leak after deserialization failure in xdrbytes, xdrstring bsc1037930 - CVE-2017-12132: Reduce EDNS payload size to 1200 bytes bsc1051791 - CVE-2018-6485,CVE-2018-6551: Fix integer overflows in...
Security update for apache2 (important)
openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2022:1031-1 Rating: important References: 1197091 1197095 1197096 1197098 Cross-References: CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVSS scores: CVE-2022-22719 NVD : 7.5...
Security update for kafka (important)
openSUSE Security Update: Security update for kafka Announcement ID: openSUSE-SU-2022:0038-1 Rating: important References: 1193662 1194842 1194843 1194844 Cross-References: CVE-2021-4104 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 CVSS scores: CVE-2021-4104 NVD : 7.5...
Security update for log4j (important)
openSUSE Security Update: Security update for log4j Announcement ID: openSUSE-SU-2021:3999-1 Rating: important References: 1193611 Cross-References: CVE-2021-44228 CVSS scores: CVE-2021-44228 SUSE: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update th...
Security update for lua53 (moderate)
openSUSE Security Update: Security update for lua53 Announcement ID: openSUSE-SU-2021:0962-1 Rating: moderate References: 1175448 1175449 Cross-References: CVE-2020-24370 CVE-2020-24371 CVSS scores: CVE-2020-24370 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2020-24370 SUSE: 4...
Security update for nextcloud (moderate)
openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2020:0229-1 Rating: moderate References: 1162766 1162775 1162776 1162781 1162782 1162784 Cross-References: CVE-2019-15613 CVE-2019-15621 CVE-2019-15623 CVE-2019-15624 CVE-2020-8118 CVE-2020-8119 Affected Products...
Security update for ucl (moderate)
openSUSE Security Update: Security update for ucl Announcement ID: openSUSE-SU-2020:0179-1 Rating: moderate References: 1094138 Cross-References: CVE-2018-11243 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update for u...
Security update for openexr (moderate)
openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2019:1954-1 Rating: moderate References: 1061305 Cross-References: CVE-2017-14988 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This...
Security update for git (important)
This update for git fixes the following issues: - CVE-2018-17456: Git allowed remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. boo1110949...
Security update for Opera (moderate)
This update for Opera 54.0.2952.41 fixes multiple issues. - CVE-2018-6148: Incorrect handling of CSP header boo1096508 This update to version 54.0.2952.41 also contains all security and bug fixes in this upstream version, including all fixes in the chromium engine...