7849 matches found
Security update for aubio (moderate)
This update for aubio fixes the following issues: - CVE-2018-14522: Fixed a crash in aubiopitchsetunit bsc1102359 - CVE-2018-14523: Fixed a buffer overrread resulting in crash or information leakage in newaubiopitchyinfft bsc1102364 This update was imported from the openSUSE:Leap:15.0:Update upda...
Security update for spice (important)
This update for spice fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling bsc1104448 - CVE-2018-10893: Avoid buffer overflow on image lz checks bsc1101295 This update was imported from the SUSE:SLE-12-SP3:Update update project...
Security update for libressl (moderate)
This update for libressl to version 2.8.0 fixes the following issues: Security issues fixed: - CVE-2018-12434: Avoid a timing side-channel leak when generating DSA and ECDSA signatures. boo1097779 - Reject excessively large primes in DH key generation. - CVE-2018-8970: Fixed a bug in...
Security update for python-Django1 (important)
This update for python-Django1 to version 1.11.15 fixes the following issues: The following security vulnerability was fixed: - CVE-2018-14574: Fixed an open redirect possibility in CommonMiddleware boo1102680 The following other bugs were fixed: - Fixed WKBWriter.write and writehex for empty...
Security update for mailman (moderate)
This update for mailman fixes the following issues: Security issue fixed: - CVE-2018-13796: Fix a content spoofing vulnerability with invalid list name messages inside the web UI boo1101288. Bug fixes: - update to 2.1.29: Fixed the listinfo and admin overview pages that were broken - update to...
Security update for cgit (moderate)
This update for cgit fixes the following issues: The following security vulnerability was addressed: - CVE-2018-14912: Fixed a directory traversal vulnerability, when enable-http-clone=1 is not turned off boo1103799 The following other changes were made: - Update to upstream release 1.2.1...
Security update for nodejs8 (moderate)
This update for nodejs8 to version 8.11.3 fixes the following issues: These security issues were fixed: - CVE-2018-7167: Calling Buffer.fill or Buffer.alloc with some parameters could have lead to a hang which could have resulted in a DoS bsc1097375. - CVE-2018-7161: By interacting with the http2...
Security update for nextcloud (moderate)
This update for nextcloud fixes the following issues: Security issues fixed: - CVE-2018-3761: Fix improper authentication on the OAuth2 token endpoint bsc1100344. - CVE-2018-3762: Fix improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it...
Security update for ghostscript (moderate)
This update for ghostscript fixes the following issues: - CVE-2018-10194: The settextdistance function did not prevent overflows in text-positioning calculation, which allowed remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted P...
Security update for cairo (moderate)
This update for cairo fixes the following issues: The following security vulnerability was addressed: - CVE-2017-9814: Fixed and out-of-bounds read in cairo-truetype-subset.c by replacing the malloc implementation with cairomalloc and checking the size before memory allocation bsc1049092 This...
Security update for mysql-community-server (important)
This update for mysql-community-server to 5.6.38 fixes the following issues: Full list of changes: http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-38.html CVEs fixed: - boo1064116 CVE-2017-10379 - boo1064117 CVE-2017-10384 - boo1064115 CVE-2017-10378 - boo1064101 CVE-2017-10268 - boo10640...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to cause a denial of service API operation calling its own callback, and infinite recursion by triggeri...
Security update for mariadb (important)
This mariadb update to version 10.0.28 fixes the following issues bsc1008318: Security fixes: - CVE-2016-8283: Unspecified vulnerability in subcomponent Types bsc1005582 - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption bsc1005581 - CVE-2016-5629: Unspecified vulnerability in...
Security update for php5 (important)
This update for php5 fixes the following security issues: CVE-2016-7411: php5: Memory corruption when destructing deserialized object CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNEDFLAG in BIT field CVE-2016-7413: Use after free in wddxdeserialize CVE-2016-7414: Out of bounds...
Mozilla updates February 2014 (important)
Updates for mozilla-nss 3.15.4 MozillaFirefox 24.3.0esr MozillaThunderbird 24.3.0 including fixes for the following issues: MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 Miscellaneous memory safety hazards rv:27.0 / rv:24.3 MFSA 2014-02/CVE-2014-1479 bmo911864 Clone protected content with XBL scopes...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2022:0103-1 Rating: important References: Cross-References: CVE-2022-0789 CVE-2022-0790 CVE-2022-0791 CVE-2022-0792 CVE-2022-0793 CVE-2022-0794 CVE-2022-0795 CVE-2022-0796 CVE-2022-0797 CVE-2022-0798 CVE-2022-0799...
Security update for envoy-proxy (important)
openSUSE Security Update: Security update for envoy-proxy Announcement ID: openSUSE-SU-2022:0065-1 Rating: important References: 1167073 1173559 1180121 Cross-References: CVE-2020-12603 CVE-2020-12604 CVE-2020-12605 CVE-2020-35471 CVE-2020-8663 CVSS scores: CVE-2020-12603 NVD : 7.5...
Security update for containerd, docker, runc (important)
openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:1404-1 Rating: important References: 1102408 1185405 1187704 1188282 1190826 1191015 1191121 1191334 1191355 1191434 Cross-References: CVE-2021-30465 CVE-2021-32760 CVE-2021-41089 CVE-2021-410...
Security update for containerd, docker, runc (important)
openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:3506-1 Rating: important References: 1102408 1185405 1187704 1188282 1190826 1191015 1191121 1191334 1191355 1191434 Cross-References: CVE-2021-30465 CVE-2021-32760 CVE-2021-41089 CVE-2021-410...
Security update for nodejs12 (important)
openSUSE Security Update: Security update for nodejs12 Announcement ID: openSUSE-SU-2021:1214-1 Rating: important References: 1188881 1188917 1189368 1189369 1189370 Cross-References: CVE-2021-22930 CVE-2021-22931 CVE-2021-22939 CVE-2021-22940 CVE-2021-3672 CVSS scores: CVE-2021-22930 SUSE: 9.1...
Security update for qemu (moderate)
openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2021:2789-1 Rating: moderate References: 1180432 1180433 1180434 1180435 1182651 1186012 1189145 Cross-References: CVE-2020-35503 CVE-2020-35504 CVE-2020-35505 CVE-2020-35506 CVE-2021-20255 CVE-2021-3527 CVE-2021-3682...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:1179-1 Rating: important References: 1174538 Cross-References: CVE-2020-15652 CVE-2020-15659 CVE-2020-6463 CVE-2020-6514 Affected Products: openSUSE Leap 15.1 An update that fixes four vulnerabiliti...
Security update for tor (moderate)
openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2020:0428-1 Rating: moderate References: 1167013 1167014 Cross-References: CVE-2020-10592 CVE-2020-10593 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes two vulnerabilities is now available...
Security update for rmt-server (important)
openSUSE Security Update: Security update for rmt-server Announcement ID: openSUSE-SU-2020:0235-1 Rating: important References: 1141122 1157119 1160673 1160922 Cross-References: CVE-2019-18904 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has three fixes is now...
Security update for tigervnc (important)
openSUSE Security Update: Security update for tigervnc Announcement ID: openSUSE-SU-2020:0087-1 Rating: important References: 1159856 1159858 1159860 1160250 1160251 Cross-References: CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 Affected Products: openSUSE Leap 15.1 ...
Security update for postgresql (moderate)
openSUSE Security Update: Security update for postgresql Announcement ID: openSUSE-SU-2019:2685-1 Rating: moderate References: 1100397 1123886 Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for postgresql fixes the...
Security update for libarchive (moderate)
openSUSE Security Update: Security update for libarchive Announcement ID: openSUSE-SU-2019:2615-1 Rating: moderate References: 1120653 1120654 1124341 1124342 1155079 Cross-References: CVE-2018-1000877 CVE-2018-1000878 CVE-2019-1000019 CVE-2019-1000020 CVE-2019-18408 Affected Products: openSUSE...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:2545-1 Rating: important References: 1157269 Cross-References: CVE-2019-13723 CVE-2019-13724 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description: This...
Security update for ghostscript (important)
openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2019:2534-1 Rating: important References: 1156275 Cross-References: CVE-2019-14869 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...
Security update for nfs-utils (moderate)
openSUSE Security Update: Security update for nfs-utils Announcement ID: openSUSE-SU-2019:2408-1 Rating: moderate References: 1150733 Cross-References: CVE-2019-3689 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for nfs-uti...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1901-1 Rating: important References: 1143492 1144625 Cross-References: CVE-2019-5850 CVE-2019-5851 CVE-2019-5852 CVE-2019-5853 CVE-2019-5854 CVE-2019-5855 CVE-2019-5856 CVE-2019-5857 CVE-2019-5858 CVE-2019-58...
Security update for vlc (important)
openSUSE Security Update: Security update for vlc Announcement ID: openSUSE-SU-2019:1909-1 Rating: important References: 1093732 1094893 1118586 1133290 1138354 1138933 1141522 1142161 1143547 1143549 Cross-References: CVE-2018-19857 CVE-2019-12874 CVE-2019-13602 CVE-2019-13962 CVE-2019-5439...
Security update for messagelib (low)
This update for messagelib fixes the following issues: The following security vulnerability was addressed: - CVE-2018-19516: Fix a potential issue with opening messages in a new browser window when displaying mails as HTML boo1117958...
Security update for GraphicsMagick (low)
This update for GraphicsMagick fixes the following issues: - CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image bsc1107609 - CVE-2018-16645: Prevent excessive memory...
Security update for lilypond (moderate)
This update for lilypond fixes the following issues: - CVE-2018-10992: lilypond: Does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks bsc1093056 - packages do not build reproducibl...
Security update for postgresql93 (important)
Postgresql93 was updated to 9.3.18 to fix the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.62 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to cause a denial of service API operation calling its own callback, and infinite recursion b...
Security update for util-linux (important)
This update for util-linux fixes the following issues: This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041. This non-security issues were fixed: - lscpu: Implement WSL...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-6074: The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel mishandled DCCPPKTREQUEST packet data structures in the LISTEN state, which allowed...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.1 kernel was updated to 4.1.36 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the afpacket packetsetring function could be used by local attackers to crash the kernel or gain privileges bsc1012754. -...
Security update for flash-player (important)
This security update for flash-player to 11.2.202.621 fixes the following issues boo979422: A critical vulnerability CVE-2016-4117 exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially...
Security update for php5 (important)
This update for php5 fixes the following issues: - CVE-2016-4073: A remote attacker could have caused denial of service, or possibly execute arbitrary code, due to incorrect handling of string length calculations in mbstrcut bsc977003 - CVE-2016-3074: Signedness vulnerability in bundled libgd may...
Security update for php5 (important)
This update for php5 fixes the following security issues: - bsc974305: buffer overflow in libmagic - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from type confusion issue bnc973351. - CVE-2016-3141: A use-after-free / double-free...
Security update for openssl (important)
This update for compat-openssl098 fixes various security issues and bugs: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher...
Mozilla (Firefox/Thunderbird) updates to 31.8.0 (important)
Combined Mozilla update: - Update Firefox to 31.8.0 - Update Thunderbird to 31.8.0 - Update mozilla-nspr to 4.10.6 - Update mozilla-nss to 3.19.2 to fix several security issues...
Mozilla Suite: Update to October 2013 release (important)
MozillaFirefox was updated to Firefox 25.0. MozillaThunderbird was updated to Thunderbird 24.1.0. Mozilla XULRunner was updated to 17.0.10esr. Mozilla NSPR was updated to 4.10.1. Changes in MozillaFirefox: requires NSS 3.15.2 or above MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592...
Security update for phpPgAdmin (critical)
openSUSE Security Update: Security update for phpPgAdmin Announcement ID: openSUSE-SU-2022:10065-1 Rating: critical References: 1162794 Cross-References: CVE-2019-10784 CVSS scores: CVE-2019-10784 NVD : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2019-10784 SUSE: 9.6...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:3655-1 Rating: important References: 1065729 1085030 1152472 1152489 1156395 1172073 1173604 1176447 1176774 1176914 1178134 1180100 1181147 1184673 1185762 1186063 1186109 1187167 1188563 1189841...
Security update for go1.16 (moderate)
openSUSE Security Update: Security update for go1.16 Announcement ID: openSUSE-SU-2021:3487-1 Rating: moderate References: 1182345 1191468 Cross-References: CVE-2021-38297 CVSS scores: CVE-2021-38297 SUSE: 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: openSUSE Leap 15.3 An...
Security update for libcryptopp (moderate)
openSUSE Security Update: Security update for libcryptopp Announcement ID: openSUSE-SU-2021:3301-1 Rating: moderate References: 1015243 Cross-References: CVE-2016-9939 CVSS scores: CVE-2016-9939 NVD : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 An update...