7574 matches found
Security update for apache-pdfbox (moderate)
This update for apache-pdfbox fixes the following security issue: - CVE-2018-8036: A crafted file could have triggered an infinite loop which lead to DoS bsc1099721. - CVE-2018-11797: A carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree...
Security update for chromium (important)
This update to Chromium 63.0.3239.84 fixes the following security issues: - CVE-2017-5124: UXSS with MHTML - CVE-2017-5125: Heap overflow in Skia - CVE-2017-5126: Use after free in PDFium - CVE-2017-5127: Use after free in PDFium - CVE-2017-5128: Heap overflow in WebGL - CVE-2017-5129: Use after...
Security update for nodejs8 (important)
openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2021:1113-1 Rating: important References: 1184450 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-23362 CVE-2021-27290 CVSS scores: CVE-2020-7774 NVD : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L...
Security update for grafana (important)
openSUSE Security Update: Security update for grafana Announcement ID: openSUSE-SU-2021:1148-1 Rating: important References: 1183803 1183809 1183811 1183813 1184371 Cross-References: CVE-2021-27358 CVE-2021-27962 CVE-2021-28146 CVE-2021-28147 CVE-2021-28148 CVSS scores: CVE-2021-27358 NVD : 7.5...
Security update for nextcloud (important)
openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2021:1068-1 Rating: important References: 1181445 1181803 1181804 1188247 1188248 1188249 1188250 1188251 1188252 1188253 1188254 1188255 1188256 Cross-References: CVE-2020-8293 CVE-2020-8294 CVE-2020-8295...
Security update for MozillaThunderbird (important)
This update for MozillaThunderbird to version 52.3 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2017-7798: XUL injection in the style editor in devtools - CVE-2017-7800: Use-after-free in WebSockets during disconnection - CVE-2017-7801: Use-after-free with marqu...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1757-1 Rating: important References: 1051510 1071995 1088047 1094555 1098633 1103990 1103991 1103992 1106383 1109837 1111666 1112374 1114279 1114685 1119113 1119532 1120423 1125703 1128902 1130836...
Security update for MozillaThunderbird (important)
This update for MozillaThunderbird to version 60.0 fixes the following issues: These security issues were fixed: - CVE-2018-12359: Prevent buffer overflow using computed size of canvas element bsc1098998. - CVE-2018-12360: Prevent use-after-free when using focus bsc1098998. - CVE-2018-12361:...
Security update for java-1_8_0-openjdk (important)
This update for java-180-openjdk fixes the following issues: - Update to version jdk8u151 icedtea 3.6.0 Security issues fixed: - CVE-2017-10274: Handle smartcard clean up better bsc1064071 - CVE-2017-10281: Better queuing priorities bsc1064072 - CVE-2017-10285: Unreferenced references bsc1064073 ...
Security update for wireshark (moderate)
This update for wireshark fixes the following issues: Security issues fixed: - CVE-2018-14342: BGP dissector large loop wnpa-sec-2018-34, boo1101777 - CVE-2018-14344: ISMP dissector crash wnpa-sec-2018-35, boo1101788 - CVE-2018-14340: Multiple dissectors could crash wnpa-sec-2018-36, boo1101804 -...
Security update for xen (important)
This update for xen to version 4.9.1 bsc1027519 fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc1068187: Failure to recognize errors in the Populate on Demand PoD code allowed for DoS XSA-246 - bsc1068191...
Security update for mariadb (important)
This update for mariadb fixes the following issues: MariaDB was updated to 10.0.34 bsc1078431 The following security vulnerabilities are fixed: - CVE-2018-2562: Vulnerability in the MySQL Server subcomponent: Server : Partition. Easily exploitable vulnerability allowed low privileged attacker wit...
Security update for python3 (important)
openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2020:0086-1 Rating: important References: 1027282 1029377 1029902 1040164 1042670 1070853 1079761 1081750 1083507 1086001 1088004 1088009 1088573 1094814 1107030 1109663 1109847 1120644 1122191 1129346 1130840...
Security update for python3 (important)
openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2019:1371-1 Rating: important References: 1129346 Cross-References: CVE-2019-9636 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for python3...
Security update for openssl-1_1 (moderate)
This update for openssl-11 fixes the following issues: Security issues fixed: - CVE-2018-0734: timing vulnerability in DSA signature generation bsc1113652. - CVE-2018-0735: timing vulnerability in ECDSA signature generation bsc1113651. This update was imported from the SUSE:SLE-15:Update update...
Security update for openssl (moderate)
This update for openssl fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation bsc1113652. - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses bsc1113534. - Add missing timing side channel patch for...
Security update for zsh (important)
This update for zsh fixes the following issues: - CVE-2014-10070: environment variable injection could lead to local privilege escalation bnc1082885 - CVE-2014-10071: buffer overflow in exec.c could lead to denial of service. bnc1082977 - CVE-2014-10072: buffer overflow In utils.c when scanning...
Security update for rpm (moderate)
This update for rpm fixes the following issues: These security issues were fixed: - CVE-2017-7500: rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being...
Security update for webkit2gtk3 (important)
openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2019:1374-1 Rating: important References: 1132256 Cross-References: CVE-2019-11070 CVE-2019-6201 CVE-2019-6251 CVE-2019-7285 CVE-2019-7292 CVE-2019-8503 CVE-2019-8506 CVE-2019-8515 CVE-2019-8518 CVE-2019-8523...
Security update for axis (moderate)
openSUSE Security Update: Security update for axis Announcement ID: openSUSE-SU-2019:1526-1 Rating: moderate References: 1134598 Cross-References: CVE-2012-5784 CVE-2014-3596 Affected Products: openSUSE Leap 42.3 An update that fixes two vulnerabilities is now available. Description: This update...
Security update for icu (moderate)
icu was updated to fix two security issues. These security issues were fixed: - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode ICU used an integer data type that is...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:2687-1 Rating: important References: 1065729 1085224 1094840 1113295 1152472 1152489 1153274 1154353 1155518 1156395 1170511 1176447 1176940 1179243 1180092 1180814 1183871 1184114 1184350 1184631...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2021:1091-1 Rating: important References: 1188275 Cross-References: CVE-2021-29969 CVE-2021-29970 CVE-2021-29976 CVE-2021-30547 CVSS scores: CVE-2021-29969 SUSE: 7.5...
Security update for flatpak (moderate)
openSUSE Security Update: Security update for flatpak Announcement ID: openSUSE-SU-2019:2038-1 Rating: moderate References: 1125431 1133041 1133043 Cross-References: CVE-2019-11460 CVE-2019-11461 CVE-2019-8308 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilities is now...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:1193-1 Rating: important References: 1046305 1046306 1050549 1051510 1056787 1060463 1063638 1065600 1070995 1071995 1078355 1082943 1083548 1083647 1086095 1086282 1088133 1094244 1094555 1098995...
Security update for ansible (moderate)
openSUSE Security Update: Security update for ansible Announcement ID: openSUSE-SU-2019:0238-1 Rating: moderate References: 1056094 1097775 Cross-References: CVE-2017-7466 CVE-2017-7481 CVE-2018-10855 CVE-2018-10875 CVE-2018-16859 CVE-2018-16876 Affected Products: openSUSE Backports SLE-15 An...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1557-1 Rating: important References: 1137332 Cross-References: CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.3 kernel was updated to 4.4.162 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18281: The mremap syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate removes entries from the pagetables of a...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk fixes the following issues: Security issues fixed: - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...
Security update for rsyslog (important)
openSUSE Security Update: Security update for rsyslog Announcement ID: openSUSE-SU-2019:0154-1 Rating: important References: 1123164 Cross-References: CVE-2018-16881 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for rsyslog...
Security update for tiff (moderate)
This update for tiff fixes the following issues: Security issue fixed: - CVE-2018-10779: TIFFWriteScanline in tifwrite.c had a heap-based buffer over-read, as demonstrated by bmp2tiff.bsc1092480 - CVE-2018-17100: There is a int32 overflow in multiplyms in tools/ppm2tiff.c, which can cause a denia...
Security update for python-SQLAlchemy (important)
openSUSE Security Update: Security update for python-SQLAlchemy Announcement ID: openSUSE-SU-2019:2039-1 Rating: important References: 1124593 Cross-References: CVE-2019-7164 CVE-2019-7548 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description...
Recommended update for ruby2.5 (important)
openSUSE Security Update: Recommended update for ruby2.5 Announcement ID: openSUSE-SU-2020:0395-1 Rating: important References: 1140844 1152990 1152992 1152994 1152995 1162396 1164804 Cross-References: CVE-2012-6708 CVE-2015-9251 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255...
Security update for sqlite3 (moderate)
openSUSE Security Update: Security update for sqlite3 Announcement ID: openSUSE-SU-2019:1372-1 Rating: moderate References: 1130325 1130326 Cross-References: CVE-2019-9936 CVE-2019-9937 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description:...
Security update for tiff (moderate)
This update for tiff fixes the following issues: - CVE-2018-17100: There is a int32 overflow in multiplyms in tools/ppm2tiff.c, which can cause a denial of service crash or possibly have unspecified other impact via a crafted image file. bsc1108637 - CVE-2018-17101: There are two out-of-bounds...
Security update for glibc (important)
This update for glibc fixes the following issues: - A privilege escalation bug in the realpath function has been fixed. CVE-2018-1000001, bsc1074293 - A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. CVE-2017-1000408, CVE-2017-1000409, bsc1071319 - An issue in the cod...
Security update for libmatroska, mkvtoolnix (low)
This update for libmatroska, mkvtoolnix fixes the following issues: Security issue fixed: - CVE-2018-4022: Fixed use-after-free vulnerability that existed in the way MKV matroska file format was handled bsc1113709...
Security update for net-snmp (important)
This update for net-snmp fixes the following issues: Security issues fixed: - CVE-2018-18065: setkey in agent/helpers/tablecontainer.c had a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Deni...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1558-1 Rating: important References: 1137332 Cross-References: CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1559-1 Rating: important References: 1137332 Cross-References: CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837...
Security update for python3 (important)
openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2019:0155-1 Rating: important References: 1120644 1122191 Cross-References: CVE-2018-20406 CVE-2019-5010 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description:...
Security update for postgresql10 (moderate)
This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2018-16850: Fixed improper quoting of transition table names when pgdump emits CREATE TRIGGER could have caused privilege escalation bsc1114837. Non-security issues fixed: - Update to release 10.6:...
Security update for SDL2_image (moderate)
This update for SDL2image fixes the following issues: Security issues fixed: - CVE-2018-3839: Fixed an exploitable code execution vulnerability that existed in the XCF image rendering functionality of the Simple DirectMedia Layer bsc1089087. - CVE-2018-3977: Fixed a possible code execution via...
Security update for Chromium (important)
This update for Chromium to version 66.0.3359.139 fixes the following issues: - CVE-2018-6118: Use after free in Media Cache bsc1091288 - CVE-2018-6085: Use after free in Disk Cache - CVE-2018-6086: Use after free in Disk Cache - CVE-2018-6087: Use after free in WebAssembly - CVE-2018-6088: Use...
Security update for ImageMagick (important)
This update for ImageMagick fixes the following issues: CVE-2017-14989: use-after-free in RenderFreetype in MagickCore/annotate.c could lead to denial of service bsc1061254 CVE-2017-14682: GetNextToken in MagickCore/token.c heap buffer overflow could lead to denial of service bsc1060176 Memory le...
Security update for SDL2_image (moderate)
This update for SDL2image fixes the following issues: Security issues fixed: - CVE-2018-3839: Fixed an exploitable code execution vulnerability that existed in the XCF image rendering functionality of the Simple DirectMedia Layer bsc1089087. - CVE-2018-3977: Fixed a possible code execution via...
Security update for udisks2 (moderate)
This update for udisks2 fixes the following issues: Following security issues was fixed: - CVE-2018-17336: A format string vulnerability in udiskslog bsc1109406 Following non-security issues were fixed: - strip trailing newline from sysfs raid level information bsc1091274 - Fix watcher error for...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:2156-1 Rating: important References: 1150425 Cross-References: CVE-2019-13659 CVE-2019-13660 CVE-2019-13661 CVE-2019-13662 CVE-2019-13663 CVE-2019-13664 CVE-2019-13665 CVE-2019-13666 CVE-2019-13667...
Security update for squid (important)
This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling bsc1113668. - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets bsc1113669. Non-security issues fixed: - Create runtime...
Security update for squid (important)
This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling bsc1113668. - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets bsc1113669. Non-security issues fixed: - Create runtime...