7849 matches found
opensuse-security@xxxxxxxxxxxx</li> <li><span class="identifier"> Date</span>: Mon, 28 May 2018 12:08:34 +0200 (CEST)</li> <li><span class="identifier"> Message-id</span>: <<a href="msg00108.html">[email protected]</a>></li> </ul> <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin--> </div> <div class="body"> <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message--> openSUSE Security Update: Security update for jasper<br> ______________________________________________________________________________<br> <br> Announcement ID: openSUSE-SU-2018:1440-1<br> Rating: low<br> References: #1087020 <br> Cross-References: CVE-2018-9055<br> Affected Products:<br> openSUSE Leap 42.3<br> ______________________________________________________________________________<br> <br> An update that fixes one vulnerability is now available.<br> <br> Description:<br> <br> This update for jasper fixes the following issues:<br> <br> - CVE-2018-9055: denial of service via a reachable assertion in the<br> function jpc_firstone in libjasper/jpc/jpc_math.c could lead to<br> denial of service. (bsc#1087020)<br> <br> This update was imported from the SUSE:SLE-12:Update update project.<br> <br> <br> Patch Instructions:<br> <br> To install this openSUSE Security Update use the SUSE recommended <br> installation methods<br> like YaST online_update or "zypper patch".<br> <br> Alternatively you can run the command listed for your product:<br> <br> - openSUSE Leap 42.3:<br> <br> zypper in -t patch openSUSE-2018-531=1<br> <br> <br> <br> Package List:<br> <br> - openSUSE Leap 42.3 (i586 x86_64):<br> <br> jasper-1.900.14-182.1<br> jasper-debuginfo-1.900.14-182.1<br> jasper-debugsource-1.900.14-182.1<br> libjasper-devel-1.900.14-182.1<br> libjasper1-1.900.14-182.1<br> libjasper1-debuginfo-1.900.14-182.1<br> <br> - openSUSE Leap 42.3 (x86_64):<br> <br> libjasper1-32bit-1.900.14-182.1<br> libjasper1-debuginfo-32bit-1.900.14-182.1<br> <br> <br> References:<br> <br> <a rel="nofollow" href="https://www.suse.com/security/cve/CVE-2018-9055.html">https://www.suse.com/security/cve/CVE-2018-9055.html</a><br> <a rel="nofollow" href="https://bugzilla.suse.com/1087020">https://bugzilla.suse.com/1087020</a><br> <br> -- <br> To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx<br> For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx<br> <br> <!--X-Body-of-Message-End--> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <!-- SwishCommand noindex --> </div> <table class="bodynav"> <tr> <td align="left"> < Previous </td> <td align="right"> Next > </td> </tr> </table> </div> <div class="visualClear"></div> </div> </div> </div> <div id="column-one"> <a name="indexes"></a> <div class="portlet" id="p-topnav"> <div class="pBody"> <ul> <li><a href="threads.html">Thread Index</a></li> <li><a href="author.html">Author Index</a></li> <li><a href="date.html">Date Index</a></li> <li><a href="all.html">All Messages</a></li> </ul> </div> </div> <div class="portlet" id="p-logo"> <a style="background-image: url(/skins/opensuse/opensuse.gif);" href="../" title="Back"></a> </div> <script type="text/javascript"> if (window.isMSIE55) fixalpha(); </script> <a name="search"></a> <div id="p-search" class="portlet" style="white-space: nowrap;"> <h5><label for="searchInput">Search this list</label> (Security update for jasper</h5> <!--X-Subject-Header-End--> <!--X-Head-of-Message--> <ul> <li><span class="identifier"> From</span>)
This update for jasper fixes the following issues: - CVE-2018-9055: denial of service via a reachable assertion in the function jpcfirstone in libjasper/jpc/jpcmath.c could lead to denial of service. bsc1087020 This update was imported from the SUSE:SLE-12:Update update project...
Security update for qemu (important)
This update for qemu fixes several issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests bsc1092885. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prio...
Security update for Mozilla Thunderbird (important)
This update for Mozilla Thunderbird to version 52.5.2 fixes the following vulnerabilities: - CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin bsc1074043 - CVE-2017-7847: Local path string can be leaked from RSS feed bsc1074044 - CVE-2017-7848: RSS Feed vulnerable to new line...
Security update for MozillaFirefox (important)
This update for MozillaFirefox to version 51.0.1 fixes security issues and bugs. These security issues were fixed: CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP bmo1325200, boo1021814 CVE-2017-5376: Use-after-free in XSL bmo1311687, boo1021817 CVE-2017-5377: Memory...
kernel: security and bugfix update. (important)
The openSUSE 11.4 kernel was updated to fix bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used. CVE-2011-269...
Security update for trivy (moderate)
openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2022:10094-1 Rating: moderate References: 1199760 Cross-References: CVE-2022-1996 CVE-2022-23648 CVE-2022-28946 CVSS scores: CVE-2022-1996 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2022-1996 SUSE: 7....
Security update for apache2 (important)
openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2021:1438-1 Rating: important References: 1190666 1190669 1190702 1190703 Cross-References: CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 CVSS scores: CVE-2021-34798 SUSE: 7.5...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:3387-1 Rating: important References: 1065729 1148868 1152489 1154353 1159886 1167773 1170774 1171688 1173746 1174003 1176447 1176940 1177028 1178134 1184439 1184804 1185302 1185550 1185677 1185726...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1300-1 Rating: important References: 1190096 1190476 Cross-References: CVE-2021-30606 CVE-2021-30607 CVE-2021-30608 CVE-2021-30609 CVE-2021-30610 CVE-2021-30611 CVE-2021-30612 CVE-2021-30613 CVE-2021-30614...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:2112-1 Rating: important References: 1055014 1055186 1061843 1065600 1065729 1066382 1077428 1129923 1134760 1149032 1152489 1155798 1163592 1164648 1165692 1166146 1166166 1167030 1168468 1170415...
Security update for MozillaFirefox (important)
openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:2020-1 Rating: important References: 1178824 Cross-References: CVE-2020-15999 CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961...
Security update for apache2 (important)
openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2020:1792-1 Rating: important References: 1175070 1175071 1178074 Cross-References: CVE-2020-11993 CVE-2020-9490 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata is...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:1698-1 Rating: important References: 1065600 1065729 1155798 1165692 1168468 1171675 1171688 1174003 1174098 1175599 1175621 1175718 1175807 1176019 1176381 1176400 1176588 1176907 1176979 1177090...
Security update for tomcat (important)
openSUSE Security Update: Security update for tomcat Announcement ID: openSUSE-SU-2020:1102-1 Rating: important References: 1174117 1174121 Cross-References: CVE-2020-13934 CVE-2020-13935 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...
Security update for xen (important)
openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:0985-1 Rating: important References: 1027519 1172205 1173376 1173377 1173378 1173380 Cross-References: CVE-2020-0543 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 Affected Products: openSUSE Leap 15....
Security update for python-bleach (important)
openSUSE Security Update: Security update for python-bleach Announcement ID: openSUSE-SU-2020:0325-1 Rating: important References: 1165303 Cross-References: CVE-2020-6802 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description:This...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0009-1 Rating: important References: 1160337 Cross-References: CVE-2019-5844 CVE-2019-5845 CVE-2019-5846 CVE-2020-6377 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes four vulnerabilitie...
Security update for openconnect (moderate)
openSUSE Security Update: Security update for openconnect Announcement ID: openSUSE-SU-2019:2385-1 Rating: moderate References: 1151178 Cross-References: CVE-2019-16239 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for vlc (important)
openSUSE Security Update: Security update for vlc Announcement ID: openSUSE-SU-2019:1897-1 Rating: important References: 1118586 1138354 1138933 1141522 1142161 1143547 1143549 Cross-References: CVE-2018-19857 CVE-2019-12874 CVE-2019-13602 CVE-2019-13962 CVE-2019-5439 CVE-2019-5459 CVE-2019-5460...
Security update for libheimdal (moderate)
openSUSE Security Update: Security update for libheimdal Announcement ID: openSUSE-SU-2019:1688-1 Rating: moderate References: 1047218 1084909 Cross-References: CVE-2018-16860 CVE-2019-12098 Affected Products: openSUSE Backports SLE-15 An update that fixes two vulnerabilities is now available...
Security update for pdns-recursor (moderate)
This update for pdns-recursor fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer bsc1114157. - CVE-2018-14644: Fixed denial of service via crafted query for meta-types bsc1114170. - CVE-2018-14626: Fixed packet...
Security update for libssh (important)
This update for libssh fixes the following issues: - CVE-2018-10933: Fixed a server mode authentication bypass bsc1108020. This update was imported from the SUSE:SLE-15:Update update project...
Security update for rubygem-sprockets (important)
This update for rubygem-sprockets fixes the following issues: The following security vulnerability was addressed: - CVE-2018-3760: Fixed a directory traversal issue in sprockets/server.rb:forbiddenrequest?, which allowed remote attackers to read arbitrary files via specially crafted requests...
Security update for python-python-gnupg (moderate)
This update for python-python-gnupg to version 0.4.3 fixes the following issues: The following security vulnerabilities were addressed: - Sanitize diagnostic output of the original file name in verbose mode CVE-2018-12020 boo1096745 The following other changes were made: - Add --no-verbose to the...
Security update for memcached (important)
This update for memcached fixes the following issues: - CVE-2017-9951: Fixed heap-based buffer over-read in tryreadcommand function which allowed remote attackers to cause a denial of service attack bsc1056865. This update was imported from the SUSE:SLE-12:Update update project...
Security update for chromium (important)
This update for chromium to 64.0.3282.119 fixes several issues. These security issues were fixed: - CVE-2018-6031: Use after free in PDFium boo1077571 - CVE-2018-6032: Same origin bypass in Shared Worker boo1077571 - CVE-2018-6033: Race when opening downloaded files boo1077571 - CVE-2018-6034:...
Security update for chromium (important)
This update for chromium to 64.0.3282.119 fixes several issues. These security issues were fixed: - CVE-2018-6031: Use after free in PDFium boo1077571 - CVE-2018-6032: Same origin bypass in Shared Worker boo1077571 - CVE-2018-6033: Race when opening downloaded files boo1077571 - CVE-2018-6034:...
Security update for wget (important)
This update for wget fixes the following security issues: - CVE-2017-13089,CVE-2017-13090: Missing checks for negative remainingchunksize in skipshortbody and fdreadbody could cause stack buffer overflows, which could have been exploited by malicious servers. bsc1064715,bsc1064716 This update was...
Security update for ssh-audit (moderate)
openSUSE Security Update: Security update for ssh-audit Announcement ID: openSUSE-SU-2021:1390-1 Rating: moderate References: Cross-References: CVE-2018-15473 CVSS scores: CVE-2018-15473 NVD : 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2018-15473 SUSE: 5.8...
Security update for qemu (important)
openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2021:2442-1 Rating: important References: 1187499 1187529 1187538 1187539 Cross-References: CVE-2021-3582 CVE-2021-3607 CVE-2021-3608 CVE-2021-3611 CVSS scores: CVE-2021-3582 SUSE: 3.2...
Security update for fossil (important)
openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2021:1070-1 Rating: important References: 1047218 1175760 Cross-References: CVE-2020-24614 CVSS scores: CVE-2020-24614 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:0947-1 Rating: important References: 1087082 1133021 1152457 1152489 1155518 1156395 1162702 1164648 1176564 1177666 1178418 1178612 1179827 1179851 1182378 1182999 1183346 1183868 1183873 1183932...
Security update for exim (critical)
openSUSE Security Update: Security update for exim Announcement ID: openSUSE-SU-2021:0753-1 Rating: critical References: 1079832 1136587 1142207 1154183 1160726 1171490 1171877 1173693 1185631 Cross-References: CVE-2017-1000369 CVE-2017-16943 CVE-2017-16944 CVE-2018-6789 CVE-2019-10149...
Security update for nodejs14 (moderate)
openSUSE Security Update: Security update for nodejs14 Announcement ID: openSUSE-SU-2021:0066-1 Rating: moderate References: 1178882 1180553 1180554 Cross-References: CVE-2020-8265 CVE-2020-8277 CVE-2020-8287 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is now...
Security update for python (moderate)
openSUSE Security Update: Security update for python Announcement ID: openSUSE-SU-2020:1859-1 Rating: moderate References: 1177211 Cross-References: CVE-2020-26116 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for python...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:1062-1 Rating: important References: 1152472 1152489 1153274 1154353 1155518 1155798 1156395 1158983 1162702 1167773 1169094 1170284 1170617 1171150 1171529 1171530 1171732 1172344 1172543 1172687...
Security update for ucode-intel (moderate)
openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2020:0791-1 Rating: moderate References: 1154824 1156353 1172466 Cross-References: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is n...
Security update for libmspack (low)
openSUSE Security Update: Security update for libmspack Announcement ID: openSUSE-SU-2020:0746-1 Rating: low References: 1130489 1141680 Cross-References: CVE-2019-1010305 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available. Descriptio...
Security update for gnuhealth (moderate)
openSUSE Security Update: Security update for gnuhealth Announcement ID: openSUSE-SU-2020:0490-1 Rating: moderate References: 1167126 1167128 Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for gnuhealth fixes the followi...
Security update for python-azure-agent (moderate)
openSUSE Security Update: Security update for python-azure-agent Announcement ID: openSUSE-SU-2020:0261-1 Rating: moderate References: 1127838 Cross-References: CVE-2019-0804 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update fo...
Security update for libjpeg-turbo (important)
openSUSE Security Update: Security update for libjpeg-turbo Announcement ID: openSUSE-SU-2019:2529-1 Rating: important References: 1156402 Cross-References: CVE-2019-2201 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for apache2-mod_auth_openidc (important)
openSUSE Security Update: Security update for apache2-modauthopenidc Announcement ID: openSUSE-SU-2019:2499-1 Rating: important References: 1153666 Cross-References: CVE-2019-14857 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This...
Security update for pdns-recursor (moderate)
This update for pdns-recursor fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer bsc1114157. - CVE-2018-14644: Fixed denial of service via crafted query for meta-types bsc1114170. - CVE-2018-14626: Fixed packet...
Security update for php5 (moderate)
This update for php5 fixes the following issues: The following security issues were fixed: - CVE-2018-10360: Fixed an out-of-bounds read in the docorenote function in readelf.c in libmagic.a, which allowed remote attackers to cause a denial of service via a crafted ELF file bsc1096984 -...
Security update for wireshark (moderate)
This update for wireshark to version 2.4.9 fixes the following issues: Security issues fixed bsc1106514: - CVE-2018-16058: Bluetooth AVDTP dissector crash wnpa-sec-2018-44 - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash wnpa-sec-2018-45 - CVE-2018-16057: Radiotap dissector crash...
Security update for spice-gtk (important)
This update for spice-gtk fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling bsc1104448 - CVE-2018-10893: Avoid buffer overflow on image lz checks bsc1101295 This update was imported from the SUSE:SLE-12-SP3:Update update project...
Security update for ImageMagick (moderate)
This update for ImageMagick fixes the following issues: Security issues fixed: CVE-2018-14434: A memory leak for a colormap in WriteMPCImage incoders/mpc.c was fixed. bsc1102003 CVE-2018-14435: A memory leak in DecodeImage in coders/pcd.c was fixed. bsc1102007 CVE-2018-14436: A memory leak in...
Security update for ceph (important)
This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-7262: rgw: malformed http headers can crash rgw bsc1081379. - CVE-2017-16818: User reachable asserts allow for DoS bsc1063014. Bug fixes: - bsc1061461: OSDs keep generating coredumps after adding new OSD node to...
Security update for kernel-firmware (moderate)
This update for kernel-firmware to version 20180525 fixes the following issues: This security issue was fixed: - CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker with local user access caused by speculative execution and indirect branch prediction bsc1095735 This updat...
Security update for wireshark (moderate)
This update for wireshark fixes the following issues: Security issues fixed: - CVE-2018-7325: RPKI-Router infinite loop boo1082692 - CVE-2018-14342: BGP dissector large loop wnpa-sec-2018-34, boo1101777 - CVE-2018-14344: ISMP dissector crash wnpa-sec-2018-35, boo1101788 - CVE-2018-14340: Multiple...