7585 matches found
Security update for MozillaFirefox, mozilla-nss (important)
MozillaFirefox was updated to version 39.0 to fix 21 security issues. These security issues were fixed: - CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards bsc935979. - CVE-2015-2727: Local files or privileged URLs in pages can be opened into new tabs bsc935979. -...
bash (important)
The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances CVE-2014-7169. Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 a...
ruby on rails to 2.3.16 (important)
This update updates the RubyOnRails 2.3 stack to 2.3.16. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed. CVE-2012-2695: A SQL injection via nested hashes in conditions w...
apache2: Fixed a remote denial of service via byte-ranges (important)
This update fixes a remote denial of service bug memory exhaustion in the Apache 2 HTTP server, that could be triggered by remote attackers using multiple overlapping Request Ranges . CVE-2011-3192...
Security update for gdcm, orthanc, orthanc-gdcm, orthanc-webviewer (important)
openSUSE Security Update: Security update for gdcm, orthanc, orthanc-gdcm, orthanc-webviewer Announcement ID: openSUSE-SU-2022:10145-1 Rating: important References: Cross-References: CVE-2022-2119 CVE-2022-2120 CVSS scores: CVE-2022-2119 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H...
Security update for nim (important)
openSUSE Security Update: Security update for nim Announcement ID: openSUSE-SU-2022:10095-1 Rating: important References: 1175332 1175333 1175334 1181705 1185083 1185084 1185085 1185948 1192712 Cross-References: CVE-2020-15690 CVE-2020-15692 CVE-2020-15693 CVE-2020-15694 CVE-2021-21372...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2022:10057-1 Rating: important References: Cross-References: CVE-2022-2007 CVE-2022-2008 CVE-2022-2010 CVE-2022-2011 CVE-2022-2294 Affected Products: openSUSE Leap 15.3:NonFree openSUSE Leap 15.4:NonFree An update th...
Security update for python (moderate)
openSUSE Security Update: Security update for python Announcement ID: openSUSE-SU-2022:1091-1 Rating: moderate References: 1175619 1186819 1194146 1195396 Cross-References: CVE-2021-3572 CVE-2021-4189 CVE-2022-0391 CVSS scores: CVE-2021-3572 SUSE: 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N...
Security update for flatpak (important)
openSUSE Security Update: Security update for flatpak Announcement ID: openSUSE-SU-2021:3472-1 Rating: important References: 1191507 Cross-References: CVE-2021-41133 CVSS scores: CVE-2021-41133 SUSE: 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update...
Security update for rpm (important)
openSUSE Security Update: Security update for rpm Announcement ID: openSUSE-SU-2021:1366-1 Rating: important References: 1179416 1183543 1183545 1183632 1183659 1185299 1187670 1188548 Cross-References: CVE-2021-20266 CVE-2021-20271 CVE-2021-3421 CVSS scores: CVE-2021-20266 NVD : 4.9...
Security update for ntfs-3g_ntfsprogs (important)
openSUSE Security Update: Security update for ntfs-3gntfsprogs Announcement ID: openSUSE-SU-2021:2971-1 Rating: important References: 1189720 Cross-References: CVE-2019-9755 CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289 CVE-2021-35266 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269...
Security update for qemu (moderate)
openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2021:2858-1 Rating: moderate References: 1180432 1180433 1180434 1180435 1182651 1186012 1188299 1189145 Cross-References: CVE-2020-35503 CVE-2020-35504 CVE-2020-35505 CVE-2020-35506 CVE-2021-20255 CVE-2021-3527...
Security update for go1.15 (moderate)
openSUSE Security Update: Security update for go1.15 Announcement ID: openSUSE-SU-2021:2398-1 Rating: moderate References: 1175132 1188229 Cross-References: CVE-2021-34558 CVSS scores: CVE-2021-34558 SUSE: 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 An...
Security update for icinga2 (moderate)
openSUSE Security Update: Security update for icinga2 Announcement ID: openSUSE-SU-2021:1053-1 Rating: moderate References: 1180147 Cross-References: CVE-2020-29663 CVSS scores: CVE-2020-29663 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2020-29663 SUSE: 5.3...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0881-1 Rating: important References: 1187141 Cross-References: CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547 CVE-2021-30548 CVE-2021-30549 CVE-2021-30550 CVE-2021-30551 CVE-2021-30552...
Security update for containerd, docker, runc (important)
openSUSE Security Update: Security update for containerd, docker, runc Announcement ID: openSUSE-SU-2021:0878-1 Rating: important References: 1168481 1175081 1175821 1181594 1181641 1181677 1181730 1181732 1181749 1182451 1182476 1182947 1183024 1183855 1184768 1184962 1185405 Cross-References:...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:0843-1 Rating: important References: 1087082 1133021 1152457 1152489 1155518 1156395 1164648 1177666 1178418 1179519 1179827 1179851 1182378 1182999 1183346 1183976 1184259 1185428 1185495 1185589...
Security update for binutils (moderate)
openSUSE Security Update: Security update for binutils Announcement ID: openSUSE-SU-2020:1804-1 Rating: moderate References: 1126826 1126829 1126831 1140126 1142649 1143609 1153768 1153770 1157755 1160254 1160590 1163333 1163744 Cross-References: CVE-2019-12972 CVE-2019-14250 CVE-2019-14444...
Security update for binutils (moderate)
openSUSE Security Update: Security update for binutils Announcement ID: openSUSE-SU-2020:1790-1 Rating: moderate References: 1126826 1126829 1126831 1140126 1142649 1143609 1153768 1153770 1157755 1160254 1160590 1163333 1163744 Cross-References: CVE-2019-12972 CVE-2019-14250 CVE-2019-14444...
Security update for libproxy (important)
openSUSE Security Update: Security update for libproxy Announcement ID: openSUSE-SU-2020:1676-1 Rating: important References: 1176410 1177143 Cross-References: CVE-2020-25219 CVE-2020-26154 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Descriptio...
Security update for ovmf (moderate)
openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2020:1535-1 Rating: moderate References: 1175476 1175674 Cross-References: CVE-2019-14562 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available. Description:...
Security update for python-rpyc (moderate)
openSUSE Security Update: Security update for python-rpyc Announcement ID: openSUSE-SU-2020:0763-1 Rating: moderate References: 1152987 Cross-References: CVE-2019-16328 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This upda...
Security update for webkit2gtk3 (important)
openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2020:0646-1 Rating: important References: 1170643 Cross-References: CVE-2020-3899 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for apt-cacher-ng (important)
openSUSE Security Update: Security update for apt-cacher-ng Announcement ID: openSUSE-SU-2020:0146-1 Rating: important References: 1157703 1157706 Cross-References: CVE-2019-18899 CVE-2020-5202 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes two vulnerabilities is now...
Security update for icingaweb2 (moderate)
openSUSE Security Update: Security update for icingaweb2 Announcement ID: openSUSE-SU-2020:0067-1 Rating: moderate References: 1101357 1119784 1119785 1119799 1119800 1119801 Cross-References: CVE-2018-18246 CVE-2018-18247 CVE-2018-18248 CVE-2018-18249 CVE-2018-18250 Affected Products: openSUSE...
Security update for libgcrypt (moderate)
openSUSE Security Update: Security update for libgcrypt Announcement ID: openSUSE-SU-2020:0022-1 Rating: moderate References: 1148987 1155338 1155339 Cross-References: CVE-2019-13627 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has two fixes is now available...
Security update for go1.12 (moderate)
openSUSE Security Update: Security update for go1.12 Announcement ID: openSUSE-SU-2019:2522-1 Rating: moderate References: 1141689 1152082 1154402 Cross-References: CVE-2019-16276 CVE-2019-17596 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata is...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1666-1 Rating: important References: 1129059 1133313 1134218 1137332 1138287 Cross-References: CVE-2019-5787 CVE-2019-5788 CVE-2019-5789 CVE-2019-5790 CVE-2019-5791 CVE-2019-5792 CVE-2019-5793 CVE-2019-5794...
Security update for GraphicsMagick (low)
This update for GraphicsMagick fixes the following security issue: - CVE-2018-16750: Prevent memory leak in the formatIPTCfromBuffer function bsc1108283. An earlier update added a change that also fixed this issues that was unknown at the time of release: - CVE-2018-16749: Added missing NULL chec...
Security update for postgresql10 (moderate)
This update for postgresql10 fixes the following issues: PostgreSQL 10 was updated to 10.5: - https://www.postgresql.org/about/news/1851/ - https://www.postgresql.org/docs/current/static/release-10-5.html A dump/restore is not required for those running 10.X. However, if you use the adminpack...
Security update for phpMyAdmin (moderate)
This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed: - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially-crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...
Security update for cups (moderate)
This update for cups fixes the following issues: The following security vulnerabilities were fixed: - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend bsc1096405 - CVE-2018-4181: Limited...
Security update for sssd (moderate)
This update for sssd fixes the following security issue: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377. This update was imported from the SUSE:SLE-15:Update update project...
Security update for ceph (important)
This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-10861: Ensure that ceph-mon does perform authorization on all OSD pool ops bsc1099162 - CVE-2018-1129: cephx signature check bypass bsc1096748 - CVE-2018-1128: cephx protocol was vulnerable to replay attack...
Recommended update for enigmail (moderate)
This update for enigmail to 2.0.8 fixes the following issues: The enigmail 2.0.8 release addresses a security issue and solves a few regression bugs. A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed...
Security update for polkit (moderate)
This update for polkit fixes the following issues: - CVE-2018-1116: Fixed trusting the client-supplied UID which could lead to a denial of service too many dialogs caused by local attackers boo1099031...
Security update for libvorbis (moderate)
This update for libvorbis fixes the following issues: The following security issue was fixed: - Fixed the validation of channels in mapping0forward, which previously allowed remote attackers to cause a denial of service via specially crafted files CVE-2018-10392, bsc1091070 This update was import...
Security update for unzip (moderate)
This update for unzip fixes the following issues: - CVE-2014-9636: Prevent denial of service out-of-bounds read or write and crash via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression bsc914442 -...
Security update for MozillaFirefox (important)
MozillaFirefox was updated to 52.5.0esr boo1068101 MFSA 2017-25 CVE-2017-7828: Fixed a use-after-free of PressShell while restyling layout CVE-2017-7830: Cross-origin URL information leak through Resource Timing API CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5 Also...
Security update for mysql-community-server (important)
This update for mysql-community-server to 5.6.38 fixes the following issues: Full list of changes: http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-38.html CVEs fixed: - boo1064116 CVE-2017-10379 - boo1064117 CVE-2017-10384 - boo1064115 CVE-2017-10378 - boo1064101 CVE-2017-10268 - boo10640...
Security update for graphite2 (important)
This update for graphite2 fixes one issue. This security issues was fixed: - CVE-2017-5436: An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution bsc1035204. This update was imported from the SUSE:SLE-12:Update update project...
Security update for xen (important)
This update for xen fixes several issues. These security issues were fixed: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch XSA-21...
Security update for mariadb (important)
This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...
Security update for virtualbox (important)
This update for virtualbox to version 5.0.32 fixes the following issues: These security issues were fixed: - CVE-2016-5545: Vulnerability in the GUI subcomponent of virtualbox allows unauthenticated attacker unauthorized update, insert or delete access to some data as well as unauthorized read...
Security update for the Linux Kernel (important)
The openSUSE 13.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-8962: Double free vulnerability in the sgcommonwrite function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of...
Security update for openssl (important)
This update for openssl fixes the following issues: - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check bsc977616 - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 -...
Security update for java-1_7_0-openjdk (important)
java-170-openjdk was updated to fix 17 security issues. These security issues were fixed: - CVE-2015-4843: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown...
Firefox update to latest 31ESR release (important)
This update lifts Firefox to the latest 31 ESR release to fix known security issues...
Mozilla updates 07/2014 (important)
update to Firefox 24.7.0 and Thunderbird 24.7.0 including fixes for MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards MFSA 2014-61/CVE-2014-1555 bmo1023121 Use-after-free with FireOnStateChange event MFSA 2014-62/CVE-2014-1556 bmo1028891 Exploitable WebGL crash with...
update for php5 (critical)
when used in CGI mode remote attackers could inject command line arguments to php...