7581 matches found
Security update for ceph (important)
This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-7262: rgw: malformed http headers can crash rgw bsc1081379. - CVE-2017-16818: User reachable asserts allow for DoS bsc1063014. Bug fixes: - bsc1061461: OSDs keep generating coredumps after adding new OSD node to...
Security update for python-python-gnupg (moderate)
This update for python-python-gnupg to version 0.4.3 fixes the following issues: The following security vulnerabilities were addressed: - Sanitize diagnostic output of the original file name in verbose mode CVE-2018-12020 boo1096745 The following other changes were made: - Add --no-verbose to the...
Security update for qemu (important)
This update for qemu fixes several issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests bsc1092885. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prio...
Security update for MozillaFirefox (important)
This update for Mozilla Firefox to version 52.7.2esr fixes security issues and bugs. Security issues fixed: - CVE-2018-5146: Specially crafted vorbis files could have been used to execute arbitrary code via an Out of bounds memory write bsc1085671, MFSA 2018-08 - CVE-2018-5147: Specially crafted...
Security update for samba (important)
This update for samba fixes the following issues: Security issues fixed: - CVE-2017-14746: Use-after-free vulnerability bsc1060427. - CVE-2017-15275: Server heap memory information leak bsc1063008. Bug fixes: - Update 'winbind expand groups' doc in smb.conf man page bsc1027593. This update was...
Security update for wget (important)
This update for wget fixes the following security issues: - CVE-2017-13089,CVE-2017-13090: Missing checks for negative remainingchunksize in skipshortbody and fdreadbody could cause stack buffer overflows, which could have been exploited by malicious servers. bsc1064715,bsc1064716 This update was...
Security update for mariadb (important)
This MariaDB update to version 10.0.31 GA fixes the following issues: Security issues fixed: - CVE-2017-3308: Subcomponent: Server: DML: Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of...
Security update for go1.15 (moderate)
openSUSE Security Update: Security update for go1.15 Announcement ID: openSUSE-SU-2021:1079-1 Rating: moderate References: 1175132 1188229 Cross-References: CVE-2021-34558 CVSS scores: CVE-2021-34558 SUSE: 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 An...
Security update for qemu (important)
openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2021:2442-1 Rating: important References: 1187499 1187529 1187538 1187539 Cross-References: CVE-2021-3582 CVE-2021-3607 CVE-2021-3608 CVE-2021-3611 CVSS scores: CVE-2021-3582 SUSE: 3.2...
Security update for ucode-intel (moderate)
openSUSE Security Update: Security update for ucode-intel Announcement ID: openSUSE-SU-2020:0791-1 Rating: moderate References: 1154824 1156353 1172466 Cross-References: CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is n...
Security update for qemu (moderate)
openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2020:0756-1 Rating: moderate References: 1158880 1167816 1170940 Cross-References: CVE-2020-1983 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has two fixes is now available...
Security update for libmspack (low)
openSUSE Security Update: Security update for libmspack Announcement ID: openSUSE-SU-2020:0746-1 Rating: low References: 1130489 1141680 Cross-References: CVE-2019-1010305 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available. Descriptio...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0615-1 Rating: important References: 1170107 Cross-References: CVE-2020-0561 CVE-2020-6458 CVE-2020-6459 CVE-2020-6460 CVE-2020-6462 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes 5...
Security update for cacti, cacti-spine (important)
openSUSE Security Update: Security update for cacti, cacti-spine Announcement ID: openSUSE-SU-2020:0272-1 Rating: important References: 1082318 1101024 1101139 1122242 1122243 1122244 1122245 1122535 1158990 1158992 1161297 1163749 Cross-References: CVE-2009-4112 CVE-2018-20723 CVE-2018-20724...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:0094-1 Rating: important References: 1160305 1160498 Cross-References: CVE-2019-17015 CVE-2019-17016 CVE-2019-17017 CVE-2019-17021 CVE-2019-17022 CVE-2019-17024 CVE-2019-17026 Affected Products:...
Security update for java-11-openjdk (important)
openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:2565-1 Rating: important References: 1152856 1154212 Cross-References: CVE-2019-2894 CVE-2019-2933 CVE-2019-2945 CVE-2019-2949 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975...
Security update for singularity (moderate)
openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2019:2288-1 Rating: moderate References: 1125369 1128598 Cross-References: CVE-2019-11328 Affected Products: openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that solves one vulnerability and h...
Security update for clementine (moderate)
openSUSE Security Update: Security update for clementine Announcement ID: openSUSE-SU-2019:1959-1 Rating: moderate References: 1103041 Cross-References: CVE-2018-14332 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This updat...
Security update for php7 (moderate)
openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2019:1293-1 Rating: moderate References: 1126711 1126713 1126821 1126823 1127122 1128722 1128883 1128886 1128887 1128889 1128892 1129032 Cross-References: CVE-2018-20783 CVE-2019-9020 CVE-2019-9021 CVE-2019-9023...
Security update for pdns-recursor (moderate)
This update for pdns-recursor fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer bsc1114157. - CVE-2018-14644: Fixed denial of service via crafted query for meta-types bsc1114170. - CVE-2018-14626: Fixed packet...
Security update for bouncycastle (moderate)
This update for bouncycastle fixes the following security issue: - CVE-2018-1000180: Fixed flaw in the Low-level interface to RSA key pair generator. RSA Key Pairs generated in low-level API with added certainty may had less M-R tests than expected bsc1096291...
Security update for php5 (moderate)
This update for php5 fixes the following issues: The following security issues were fixed: - CVE-2018-10360: Fixed an out-of-bounds read in the docorenote function in readelf.c in libmagic.a, which allowed remote attackers to cause a denial of service via a crafted ELF file bsc1096984 -...
Security update for spice-gtk (important)
This update for spice-gtk fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling bsc1104448 - CVE-2018-10893: Avoid buffer overflow on image lz checks bsc1101295 This update was imported from the SUSE:SLE-12-SP3:Update update project...
Security update for cgit (moderate)
This update for cgit to version 1.2.1 fixes the following issues: The following security vulnerability was addressed: - CVE-2018-14912: Fixed a directory traversal vulnerability, when enable-http-clone=1 is not turned off boo1103799 The following other changes were made: - Update to upstream...
Security update for kernel-firmware (moderate)
This update for kernel-firmware to version 20180525 fixes the following issues: This security issue was fixed: - CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker with local user access caused by speculative execution and indirect branch prediction bsc1095735 This updat...
Security update for chromium (important)
This update for chromium to 64.0.3282.119 fixes several issues. These security issues were fixed: - CVE-2018-6031: Use after free in PDFium boo1077571 - CVE-2018-6032: Same origin bypass in Shared Worker boo1077571 - CVE-2018-6033: Race when opening downloaded files boo1077571 - CVE-2018-6034:...
Security update for chromium (important)
This update for chromium to 64.0.3282.119 fixes several issues. These security issues were fixed: - CVE-2018-6031: Use after free in PDFium boo1077571 - CVE-2018-6032: Same origin bypass in Shared Worker boo1077571 - CVE-2018-6033: Race when opening downloaded files boo1077571 - CVE-2018-6034:...
Security update for Mozilla Thunderbird (important)
This update for Mozilla Thunderbird to version 52.5.2 fixes the following vulnerabilities: - CVE-2017-7846: JavaScript Execution via RSS in mailbox:// origin bsc1074043 - CVE-2017-7847: Local path string can be leaked from RSS feed bsc1074044 - CVE-2017-7848: RSS Feed vulnerable to new line...
Security update for MozillaFirefox (important)
This update for MozillaFirefox to version 51.0.1 fixes security issues and bugs. These security issues were fixed: CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP bmo1325200, boo1021814 CVE-2017-5376: Use-after-free in XSL bmo1311687, boo1021817 CVE-2017-5377: Memory...
update to version 1.0.0m (critical)
The openssl library was updated to version 1.0.0m fixing various security issues and bugs: Security issues fixed: - CVE-2014-0224: Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. -...
Security update for openssh (important)
openSUSE Security Update: Security update for openssh Announcement ID: openSUSE-SU-2021:4153-1 Rating: important References: 1183137 Cross-References: CVE-2021-28041 CVSS scores: CVE-2021-28041 NVD : 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H CVE-2021-28041 SUSE: 7.1...
Security update for ssh-audit (moderate)
openSUSE Security Update: Security update for ssh-audit Announcement ID: openSUSE-SU-2021:1390-1 Rating: moderate References: Cross-References: CVE-2018-15473 CVSS scores: CVE-2018-15473 NVD : 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2018-15473 SUSE: 5.8...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1300-1 Rating: important References: 1190096 1190476 Cross-References: CVE-2021-30606 CVE-2021-30607 CVE-2021-30608 CVE-2021-30609 CVE-2021-30610 CVE-2021-30611 CVE-2021-30612 CVE-2021-30613 CVE-2021-30614...
Security update for java-1_8_0-openjdk (important)
openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2021:1176-1 Rating: important References: 1185056 1188564 1188565 1188566 Cross-References: CVE-2021-2161 CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 CVSS scores: CVE-2021-2161 NVD : 5.9...
Security update for grub2 (important)
openSUSE Security Update: Security update for grub2 Announcement ID: openSUSE-SU-2020:1169-1 Rating: important References: 1168994 1173812 1174463 1174570 Cross-References: CVE-2020-10713 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-15706 CVE-2020-15707 Affected Products:...
Security update of chromium (low)
openSUSE Security Update: Security update of chromium Announcement ID: openSUSE-SU-2020:1161-1 Rating: low References: 1174582 Cross-References: CVE-2020-6532 CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 CVE-2020-6541 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixe...
Security update for tomcat (important)
openSUSE Security Update: Security update for tomcat Announcement ID: openSUSE-SU-2020:1102-1 Rating: important References: 1174117 1174121 Cross-References: CVE-2020-13934 CVE-2020-13935 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:1062-1 Rating: important References: 1152472 1152489 1153274 1154353 1155518 1155798 1156395 1158983 1162702 1167773 1169094 1170284 1170617 1171150 1171529 1171530 1171732 1172344 1172543 1172687...
Security update for xen (important)
openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:0985-1 Rating: important References: 1027519 1172205 1173376 1173377 1173378 1173380 Cross-References: CVE-2020-0543 CVE-2020-15563 CVE-2020-15565 CVE-2020-15566 CVE-2020-15567 Affected Products: openSUSE Leap 15....
Security update for ovmf (moderate)
openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2020:0314-1 Rating: moderate References: 1153072 1163927 1163959 1163969 Cross-References: CVE-2019-14553 CVE-2019-14559 CVE-2019-14563 CVE-2019-14575 Affected Products: openSUSE Leap 15.1 An update that fixes four...
Security update for libredwg (moderate)
openSUSE Security Update: Security update for libredwg Announcement ID: openSUSE-SU-2020:0095-1 Rating: moderate References: 1129868 1129869 1129870 1129873 1129874 1129875 1129876 1129878 1129879 1129881 1154080 1159824 1159825 1159826 1159827 1159828 1159831 1159832 Cross-References:...
Security update for php7 (moderate)
openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2020:0080-1 Rating: moderate References: 1159922 1159923 1159924 1159927 Cross-References: CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 Affected Products: openSUSE Leap 15.1 An update that fixes four...
Security update for ffmpeg-4 (moderate)
openSUSE Security Update: Security update for ffmpeg-4 Announcement ID: openSUSE-SU-2020:0024-1 Rating: moderate References: 1100345 1133123 1133153 1133155 1149839 Cross-References: CVE-2017-17555 CVE-2018-13305 CVE-2019-11338 CVE-2019-11339 CVE-2019-15942 Affected Products: openSUSE Leap 15.1...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:2694-1 Rating: important References: 1158982 Cross-References: CVE-2019-13725 CVE-2019-13726 CVE-2019-13727 CVE-2019-13728 CVE-2019-13729 CVE-2019-13730 CVE-2019-13732 CVE-2019-13734 CVE-2019-13735...
Security update for apache2-mod_auth_openidc (important)
openSUSE Security Update: Security update for apache2-modauthopenidc Announcement ID: openSUSE-SU-2019:2499-1 Rating: important References: 1153666 Cross-References: CVE-2019-14857 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This...
Recommended update for dkgpg, libTMCG (moderate)
openSUSE Security Update: Recommended update for dkgpg, libTMCG Announcement ID: openSUSE-SU-2019:1951-1 Rating: moderate References: Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that contains security fixes can now be installed. Description: This update for dkgpg, libTMCG...
Security update for ledger (moderate)
openSUSE Security Update: Security update for ledger Announcement ID: openSUSE-SU-2019:1895-1 Rating: moderate References: 1052478 1052484 1105084 Cross-References: CVE-2017-12481 CVE-2017-12482 CVE-2017-2807 CVE-2017-2808 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes four...
Recommended update for adcli, sssd (moderate)
openSUSE Security Update: Recommended update for adcli, sssd Announcement ID: openSUSE-SU-2019:1174-1 Rating: moderate References: 1109849 1110121 1121759 1125617 1127670 Cross-References: CVE-2019-3811 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has four fix...
Security update for libssh (important)
This update for libssh fixes the following issues: - CVE-2018-10933: Fixed a server mode authentication bypass bsc1108020. This update was imported from the SUSE:SLE-15:Update update project...
Security update for git (important)
This update for git fixes the following issues: - CVE-2018-17456: Git allowed remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. boo1110949. This update was imported from the SUSE:SLE-15:Update...