7581 matches found
Security update for libxml2 (moderate)
This update for libxml2 fixes the following security issues: - CVE-2018-9251: The xzdecomp function allowed remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint bsc1088279 - CVE-2018-14567: Prevent denial of...
Security update for wireshark (moderate)
This update for wireshark to version 2.4.9 fixes the following issues: Security issues fixed bsc1106514: - CVE-2018-16058: Bluetooth AVDTP dissector crash wnpa-sec-2018-44 - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash wnpa-sec-2018-45 - CVE-2018-16057: Radiotap dissector crash...
Security update for lxc (moderate)
This update for lxc fixes the following issues: The following security vulnerability was fixed: - CVE-2018-6556: Fixed an information leak and possible open side effects to regular users via lxc-user-nic boo988348...
Security update for rubygem-sprockets (important)
This update for rubygem-sprockets fixes the following issues: The following security vulnerability was addressed: - CVE-2018-3760: Fixed a directory traversal issue in sprockets/server.rb:forbiddenrequest?, which allowed remote attackers to read arbitrary files via specially crafted requests...
Security update for libvirt (important)
This update for libvirt and virt-manager fixes the following issues: Security issues fixed: - CVE-2017-5715: Fixes for speculative side channel attacks aka "SpectreAttack" var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init...
Security update for openvpn (important)
This update for openvpn fixes the following issues: - CVE-2017-12166: Lack of bound check in readkey in old legacy key handling before using values could be used for a remote buffer overflow bsc1060877. This update was imported from the SUSE:SLE-12:Update update project...
Security update for Mozilla Firefox and NSS (important)
This update to Mozilla Firefox 52.4esr, along with Mozilla NSS 3.28.6, fixes security issues and bugs. The following vulnerabilities advised upstream under MFSA 2017-22 boo1060445 were fixed: - CVE-2017-7793: Use-after-free with Fetch API - CVE-2017-7818: Use-after-free during ARIA array...
Security update for util-linux (moderate)
openSUSE Security Update: Security update for util-linux Announcement ID: openSUSE-SU-2021:3474-1 Rating: moderate References: 1178236 1188921 Cross-References: CVE-2021-37600 CVSS scores: CVE-2021-37600 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-37600 SUSE: 5.5...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:0947-1 Rating: important References: 1087082 1133021 1152457 1152489 1155518 1156395 1162702 1164648 1176564 1177666 1178418 1178612 1179827 1179851 1182378 1182999 1183346 1183868 1183873 1183932...
Security update for nodejs14 (moderate)
openSUSE Security Update: Security update for nodejs14 Announcement ID: openSUSE-SU-2021:0066-1 Rating: moderate References: 1178882 1180553 1180554 Cross-References: CVE-2020-8265 CVE-2020-8277 CVE-2020-8287 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is now...
Security update for phpMyAdmin (moderate)
openSUSE Security Update: Security update for phpMyAdmin Announcement ID: openSUSE-SU-2020:0427-1 Rating: moderate References: 1167335 1167336 1167337 Cross-References: CVE-2020-10802 CVE-2020-10803 CVE-2020-10804 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes three...
Security update for openfortivpn (important)
openSUSE Security Update: Security update for openfortivpn Announcement ID: openSUSE-SU-2020:0301-1 Rating: important References: 1165299 1165300 1165301 Cross-References: CVE-2020-7041 CVE-2020-7042 CVE-2020-7043 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is...
Security update for jasper (moderate)
openSUSE Security Update: Security update for jasper Announcement ID: openSUSE-SU-2019:2282-1 Rating: moderate References: 1117507 1117508 Cross-References: CVE-2018-19540 CVE-2018-19541 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...
Security update for ffmpeg-4 (low)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues: These security issues were fixed: - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...
Security update for php7 (moderate)
This update for php7 fixes the following issues: - CVE-2017-9118: Fixed an out of bounds access in phppcrereplaceimpl via a crafted pregreplace call bsc1105466 This update was imported from the SUSE:SLE-12:Update update project...
Security update for ImageMagick (moderate)
This update for ImageMagick fixes the following issues: Security issues fixed: CVE-2018-14434: A memory leak for a colormap in WriteMPCImage incoders/mpc.c was fixed. bsc1102003 CVE-2018-14435: A memory leak in DecodeImage in coders/pcd.c was fixed. bsc1102007 CVE-2018-14436: A memory leak in...
Security update for curl (moderate)
This update for curl fixes the following issues: Security issue fixed: - CVE-2018-0500: Fix a SMTP send heap buffer overflow bsc1099793. This update was imported from the SUSE:SLE-15:Update update project...
Security update for samba (important)
This update for samba fixes the following issues: The following security vulnerability was fixed: - CVE-2018-10858: Fixed insufficient input validation on client directory listing in libsmbclient; bsc1103411; The following other change was made: - s3: winbind: Fix 'winbind normalize names' in...
Security update for wireshark (moderate)
This update for wireshark fixes the following issues: Security issues fixed: - CVE-2018-7325: RPKI-Router infinite loop boo1082692 - CVE-2018-14342: BGP dissector large loop wnpa-sec-2018-34, boo1101777 - CVE-2018-14344: ISMP dissector crash wnpa-sec-2018-35, boo1101788 - CVE-2018-14340: Multiple...
Recommended update for postgresql95 (moderate)
This update for postgresql95 fixes the following issues: - Update to PostgreSQL 9.5.13: https://www.postgresql.org/docs/9.5/static/release-9-5-13.html A dump/restore is not required for those running 9.5.X. However, if the function marking mistakes mentioned belowpglogfilerotate affect you, you...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk to version 7u181 fixes the following issues: + S8162488: JDK should be updated to use LittleCMS 2.8 + S8180881: Better packaging of deserialization + S8182362: Update CipherOutputStream Usage + S8183032: Upgrade to LittleCMS 2.9 + S8189123: More consistent...
Security update for qemu (important)
This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in Leap 15.0. These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read...
Security update for MozillaThunderbird (important)
Mozilla Thunderbird was updated to 52.4.0 boo1060445 new behavior was introduced for replies to mailing list posts: "When replying to a mailing list, reply will be sent to address in From header ignoring Reply-to header". A new preference mail.overridelistreplyto allows to restore the previous...
Security update for samba and resource-agents (important)
This update provides Samba 4.6.7, which fixes the following issues: - CVE-2017-11103: Metadata were being taken from the unauthenticated plaintext the Ticket rather than the authenticated and encrypted KDC response. bsc1048278 - Fix cephwrapchdir. bsc1048790 - Fix ctdb logs to /var/log/log.ctdb...
Security update for apache2 (important)
openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2022:1031-1 Rating: important References: 1197091 1197095 1197096 1197098 Cross-References: CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVSS scores: CVE-2022-22719 NVD : 7.5...
Security update for nodejs8 (important)
openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2022:0704-1 Rating: important References: 1191962 1191963 1192153 1192154 1192696 Cross-References: CVE-2021-23343 CVE-2021-32803 CVE-2021-32804 CVE-2021-3807 CVE-2021-3918 CVSS scores: CVE-2021-23343 NVD : 7.5...
Security update for apache2 (important)
openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2021:3522-1 Rating: important References: 1190666 1190669 1190702 1190703 Cross-References: CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 CVSS scores: CVE-2021-34798 SUSE: 7.5...
Security update for curl (moderate)
openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2021:2439-1 Rating: moderate References: 1188217 1188218 1188219 1188220 Cross-References: CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 CVE-2021-22925 CVSS scores: CVE-2021-22922 SUSE: 6.5...
Security update for containerd (moderate)
openSUSE Security Update: Security update for containerd Announcement ID: openSUSE-SU-2021:2412-1 Rating: moderate References: 1188282 Cross-References: CVE-2021-32760 CVSS scores: CVE-2021-32760 SUSE: 3 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:L Affected Products: openSUSE Leap 15.3 An update...
Security update for minidlna (moderate)
openSUSE Security Update: Security update for minidlna Announcement ID: openSUSE-SU-2020:2160-1 Rating: moderate References: 1179447 Cross-References: CVE-2020-12695 CVE-2020-28926 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description: This...
Security update for rubygem-activesupport-5_1 (critical)
openSUSE Security Update: Security update for rubygem-activesupport-51 Announcement ID: openSUSE-SU-2020:1677-1 Rating: critical References: 1172186 Cross-References: CVE-2020-8165 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description:This upda...
Security update for conmon, fuse-overlayfs, libcontainers-common, podman (moderate)
openSUSE Security Update: Security update for conmon, fuse-overlayfs, libcontainers-common, podman Announcement ID: openSUSE-SU-2020:1552-1 Rating: moderate References: 1162432 1164090 1165738 1171578 1174075 1175821 1175957 Cross-References: CVE-2020-1726 Affected Products: openSUSE Leap 15.1 An...
Security update for libxml2 (moderate)
openSUSE Security Update: Security update for libxml2 Announcement ID: openSUSE-SU-2020:1430-1 Rating: moderate References: 1176179 Cross-References: CVE-2020-24977 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for libxml2...
Security update for hylafax+ (moderate)
openSUSE Security Update: Security update for hylafax+ Announcement ID: openSUSE-SU-2020:1210-1 Rating: moderate References: 1173519 1173521 Cross-References: CVE-2020-15396 CVE-2020-15397 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description...
Security update for slirp4netns (important)
openSUSE Security Update: Security update for slirp4netns Announcement ID: openSUSE-SU-2020:0987-1 Rating: important References: 1172380 Cross-References: CVE-2020-10756 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for libcroco (low)
openSUSE Security Update: Security update for libcroco Announcement ID: openSUSE-SU-2020:0780-1 Rating: low References: 1043898 1043899 Cross-References: CVE-2017-8834 CVE-2017-8871 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description: This...
Security update for MozillaFirefox (important)
openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:0230-1 Rating: important References: 1163368 Cross-References: CVE-2020-6796 CVE-2020-6797 CVE-2020-6798 CVE-2020-6799 CVE-2020-6800 Affected Products: openSUSE Leap 15.1 An update that fixes 5...
Security update for samba (moderate)
openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2020:0122-1 Rating: moderate References: 1141320 1160850 1160852 1160888 Cross-References: CVE-2019-14902 CVE-2019-14907 CVE-2019-19344 Affected Products: openSUSE Leap 15.1 An update that solves three vulnerabilitie...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1848-1 Rating: important References: 1143492 1144625 Cross-References: CVE-2019-5850 CVE-2019-5851 CVE-2019-5852 CVE-2019-5853 CVE-2019-5854 CVE-2019-5855 CVE-2019-5856 CVE-2019-5857 CVE-2019-5858 CVE-2019-58...
Security update for aubio (moderate)
openSUSE Security Update: Security update for aubio Announcement ID: openSUSE-SU-2019:1049-1 Rating: moderate References: 1102359 1102364 Cross-References: CVE-2018-14522 CVE-2018-14523 Affected Products: openSUSE Backports SLE-15 An update that fixes two vulnerabilities is now available...
Security update for kauth (moderate)
openSUSE Security Update: Security update for kauth Announcement ID: openSUSE-SU-2019:1051-1 Rating: moderate References: 1124863 Cross-References: CVE-2019-7443 Affected Products: openSUSE Backports SLE-15 An update that fixes one vulnerability is now available. Description: This update for kaut...
Security update for unzip (moderate)
This update for unzip fixes the following security issues: - CVE-2014-9913: Specially crafted zip files could trigger invalid memory writes possibly resulting in DoS or corruption bsc1013993 - CVE-2015-7696: Specially crafted zip files with password protection could trigger a crash and lead to...
Security update for gd (moderate)
This update for gd fixes the following issues: Security issue fixed: - CVE-2018-1000222: Fixed a double free vulnerability in gdImageBmpPtr that could result in remote code execution. This could have been exploited via a specially crafted JPEG image files. bsc1105434 This update was imported from...
Security update for cups (moderate)
This update for cups fixes the following issues: The following security vulnerabilities were fixed: - CVE-2017-18248: Handle invalid characters properly in printing jobs. This fixes a problem that was causing the DBUS library to abort the calling process. bsc1061066 bsc1087018 - Fixed a local...
Security update for GraphicsMagick (moderate)
This update for GraphicsMagick fixes the following issues: - CVE-2017-18271: An infinite loop in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service was fixed. boo1094204...
Security update for freeimage (important)
This update for freeimage fixes one issues. This security issue was fixed: - CVE-2016-5684: Prevent out-of-bounds write vulnerability in the XMP image handling functionality. A specially crafted XMP file could have caused an arbitrary memory overwrite resulting in code execution boo1002621...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:3387-1 Rating: important References: 1065729 1148868 1152489 1154353 1159886 1167773 1170774 1171688 1173746 1174003 1176447 1176940 1177028 1178134 1184439 1184804 1185302 1185550 1185677 1185726...
Security update for openssl-1_1 (important)
openSUSE Security Update: Security update for openssl-11 Announcement ID: openSUSE-SU-2021:2830-1 Rating: important References: 1189520 1189521 Cross-References: CVE-2021-3711 CVE-2021-3712 CVSS scores: CVE-2021-3711 SUSE: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-3712 SUSE: 5.3...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:1114-1 Rating: important References: 1188045 1188105 1188535 1188536 1188537 1188538 Cross-References: CVE-2021-2409 CVE-2021-2442 CVE-2021-2443 CVE-2021-2454 CVSS scores: CVE-2021-2409 NVD : 8.2...
Security update for apache-commons-compress (important)
openSUSE Security Update: Security update for apache-commons-compress Announcement ID: openSUSE-SU-2021:2612-1 Rating: important References: 1188463 1188464 1188465 1188466 Cross-References: CVE-2021-35515 CVE-2021-35516 CVE-2021-35517 CVE-2021-36090 CVSS scores: CVE-2021-35515 NVD : 7.5...