7585 matches found
Security update for php7 (moderate)
openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2020:0847-1 Rating: moderate References: 1171999 Cross-References: CVE-2019-11048 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for php7 fixes...
Security update for munge (moderate)
openSUSE Security Update: Security update for munge Announcement ID: openSUSE-SU-2019:2670-1 Rating: moderate References: 1155075 Cross-References: CVE-2019-3691 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for munge fixes...
Security update for gpg2 (important)
openSUSE Security Update: Security update for gpg2 Announcement ID: openSUSE-SU-2019:1917-1 Rating: important References: 1124847 1141093 Cross-References: CVE-2019-13050 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now...
Security update for nodejs8 (important)
openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2019:1907-1 Rating: important References: 1134209 1140290 Cross-References: CVE-2019-13173 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now...
Security update for moinmoin-wiki (moderate)
This update for moinmoin-wiki to version 1.9.10 fixes the following security issue: - CVE-2017-5934: Cross-site scripting vulnerability in the GUI editor boo1111104...
Security update for php7 (moderate)
This update for php7 fixes the following issues: - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade was mishandled in the phphandler function bsc1108753. This update was imported from the SUSE:SLE-12:Update...
Security update for php5-smarty3 (moderate)
This update for php5-smarty3 fixes the following issues: - CVE-2018-16381: Prevent traversal vulnerability due to insufficient template code sanitization that allowed attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files...
Security update for python-Django (moderate)
This update for python-Django to version 2.08 fixes the following issues: The following security vulnerability was fixed: - CVE-2018-14574: Fixed an redirection vulnerability in CommonMiddleware boo1102680 The following other bugs were fixed: - Fixed a regression in Django 2.0.7 that broke the...
Security update for hylafax+ (critical)
This update for hylafax+ fixes the following issues: Security issues fixed in 5.6.1: - CVE-2018-17141: multiple vulnerabilities affecting fax page reception in JPEG format Specially crafted input may have allowed remote execution of arbitrary code boo1109084 Additionally, this update also contain...
Security update for libopenmpt (moderate)
This update for libopenmpt to version 0.3.9 fixes the following issues: These security issues were fixed: - CVE-2018-11710: Prevent write near address 0 in out-of-memory situations when reading AMS files bsc1095644 - CVE-2018-10017: Preven out-of-bounds memory read with IT/ITP/MO3 files containin...
Security update for enigmail (moderate)
This update for enigmail fixes vulnerabilities that allowed spoofing of e-mail signatures: - CVE-2018-12019: signature spoofing via specially crafted OpenPGP user IDs boo1097525 - CVE-2018-12020: signature spoofing via diagnostic output of the original file name in GnuPG verbose mode boo1096745...
Security update for xdg-utils (important)
This update for xdg-utils fixes this security issues: - CVE-2017-18266: The openenvvar function in xdg-open did not validate strings launching the program specified by the BROWSER environment variable, which might allowed remote attackers to conduct argument-injection attacks via a crafted URL...
Security update for dpdk-thunderxdpdk (moderate)
This update fixes the following issues: - CVE-2018-1059: The DPDK vhost-user interface did not check to verify that all the requested guest physical range was mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may have lead to a malicious...
Security update for enigmail (moderate)
This update for enigmail to version 2.0.5 fixes the following issues: Improvements on previous fixes on CVE-2017-17688, boo1093151 and CVE-2017-17689, boo1093152 EFAIL: - do not decrypt MIME parts unnecessarily - improve Error Message for Missing Message Modification Code...
Security update for libreoffice (important)
This update for libreoffice fixes the following issues: LibreOffice was updated to 5.4.5.1: - CVE-2018-6871: Fixes data exposure when using WEBSERVICE bsc1080249 This update was imported from the SUSE:SLE-12-SP3:Update update project...
Security update for kernel-firmware (important)
This update for kernel-firmware fixes the following issues: - Add microcodeamdfam17h.bin bsc1068032 CVE-2017-5715 This new firmware disables branch prediction on AMD family 17h processor to mitigate an attack on the branch predictor that could lead to information disclosure from e.g. kernel memor...
Security update for sudo (important)
This update for sudo fixes the following security issue: - CVE-2017-1000368: A follow-up fix to CVE-2017-1000367, the Linux process name could also contain a newline, which could be used to trick sudo to read/write to an arbitrary open terminal. bsc1042146 Also the following non security bug was...
Security update for gnutls (important)
This update for gnutls fixes the following security issues: - GnuTLS could have crashed when processing maliciously crafted OpenPGP certificates GNUTLS-SA-2017-2, bsc1018832, CVE-2017-5335, CVE-2017-5337, CVE-2017-5336 - GnuTLS could have falsely accepted certificates when using OCSP...
Security update for icoutils (important)
This update for icoutils to version 0.31.1 fixes the following issues: - CVE-2017-5208: An integer overflow allows maliciously crafted files to cause DoS or code execution boo1018756. - CVE-2017-5331: Incorrect out of bounds checks in checkoffset allow for DoS or code execution boo1018756. -...
Security update for GraphicsMagick (important)
This update for GraphicsMagick fixes the following issues: - a possible shell execution attack was fixed. if the first character of an input filename for 'convert' was a '|' then the remainder of the filename was passed to the shell CVE-2016-5118, boo982178 - Maliciously crafted pnm files could...
Security update for ntp (important)
ntp was updated to version 4.2.8p6 to fix 12 security issues. Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 These security issues were fixed: - CVE-2015-8158: Fixed potential infinite loop in ntpq bsc962966. - CVE-2015-8138: Zero Origin Timestamp Bypass bsc963002....
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues: MozillaFirefox was updated to Firefox 45.0 boo969894 requires NSPR 4.12 / NSS 3.21.1 Instant browser tab sharing through Hello Synced Tabs button in button bar Tabs synced via Firefox Accounts from other devices...
MozillaFirefox: Update to Mozilla Firefox 31 (important)
MozillaFirefox was updated to version 31 to fix various security issues and bugs: MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards MFSA 2014-57/CVE-2014-1549 bmo1020205 Buffer overflow during Web Audio buffering for playback MFSA 2014-58/CVE-2014-1550 bmo1020411...
Mozilla Firefox and others: Update to Firefox 20.0 release (important)
The Mozilla suite received security and bugfix updates: Mozilla Firefox was updated to version 20.0. Mozilla Thunderbird was updated to version 17.0.5. Mozilla Seamonkey was updated to version 17.0.5. Mozilla XULRunner was updated to version 17.0.5. mozilla-nss was updated to version 3.14.3...
kernel: fixed local privilege escalation (important)
The Linux kernel was updated to 3.4.33 and to fix a local root privilege escalation and various other security and non-security bugs. CVE-2013-1763: A out of bounds access in sockdiag could be used by local attackers to execute code in kernel context and so become root. CVE-2013-0160: The atime o...
java-1_6_0-openjdk: update to 1.11.5 icedtea (important)
This version upgrade to 1.11.5 fixed various security and non-security issues...
update for php5 (important)
php5 security update...
Security update for zlib (important)
openSUSE Security Update: Security update for zlib Announcement ID: openSUSE-SU-2022:2947-1 Rating: important References: 1202175 Cross-References: CVE-2022-37434 CVSS scores: CVE-2022-37434 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-37434 SUSE: 8.1...
Security update for seamonkey (important)
openSUSE Security Update: Security update for seamonkey Announcement ID: openSUSE-SU-2022:0150-1 Rating: important References: 1194735 Cross-References: CVE-2021-45417 CVSS scores: CVE-2021-45417 SUSE: 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update...
Security update for nextcloud (moderate)
openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2022:0089-1 Rating: moderate References: 1196905 1196908 1196952 Cross-References: CVE-2021-41239 CVE-2021-41241 CVE-2021-41741 CVSS scores: CVE-2021-41239 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N...
Security update for minidlna (moderate)
openSUSE Security Update: Security update for minidlna Announcement ID: openSUSE-SU-2022:0079-1 Rating: moderate References: 1181400 1196814 Cross-References: CVE-2022-26505 CVSS scores: CVE-2022-26505 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports...
Security update for php7 (moderate)
openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2022:0699-1 Rating: moderate References: 1038980 Cross-References: CVE-2017-8923 CVSS scores: CVE-2017-8923 NVD : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2017-8923 SUSE: 5.3...
Security update for ldns (moderate)
openSUSE Security Update: Security update for ldns Announcement ID: openSUSE-SU-2022:0675-1 Rating: moderate References: 1195057 1195058 Cross-References: CVE-2020-19860 CVE-2020-19861 CVSS scores: CVE-2020-19860 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2020-19860 SUSE: 4.4...
Security update for webkit2gtk3 (important)
openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2022:0182-2 Rating: important References: 1194019 Cross-References: CVE-2019-8766 CVE-2019-8782 CVE-2019-8808 CVE-2019-8815 CVE-2020-13753 CVE-2020-27918 CVE-2020-29623 CVE-2020-3902 CVE-2020-9802 CVE-2020-9803...
Security update for expat (important)
openSUSE Security Update: Security update for expat Announcement ID: openSUSE-SU-2022:0178-1 Rating: important References: 1194251 1194362 1194474 1194476 1194477 1194478 1194479 1194480 Cross-References: CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825...
Security update for unbound (important)
openSUSE Security Update: Security update for unbound Announcement ID: openSUSE-SU-2022:0176-1 Rating: important References: 1076963 1112009 1112033 1179191 1185382 1185383 1185384 1185385 1185386 1185387 1185388 1185389 1185390 1185391 1185392 1185393 Cross-References: CVE-2019-25031...
Security update for samba (important)
openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2021:1471-1 Rating: important References: 1014440 1192214 1192284 Cross-References: CVE-2016-2124 CVE-2020-25717 CVE-2021-23192 CVSS scores: CVE-2020-25717 SUSE: 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1462-1 Rating: important References: 1192184 Cross-References: CVE-2021-37997 CVE-2021-37998 CVE-2021-37999 CVE-2021-38000 CVE-2021-38001 CVE-2021-38002 CVE-2021-38003 Affected Products: openSUSE Leap 15.2...
Security update for binutils (moderate)
openSUSE Security Update: Security update for binutils Announcement ID: openSUSE-SU-2021:3616-1 Rating: moderate References: 1179898 1179899 1179900 1179901 1179902 1179903 1180451 1180454 1180461 1181452 1182252 1183511 1184620 1184794 PM-2767 SLE-18637 SLE-19618 SLE-21561 Cross-References:...
Security update for java-1_8_0-openj9 (important)
openSUSE Security Update: Security update for java-180-openj9 Announcement ID: openSUSE-SU-2021:3615-1 Rating: important References: 1185055 1185056 1188564 1188565 1188566 1191901 1191903 1191904 1191906 1191909 1191910 1191911 1191912 1191913 1191914 Cross-References: CVE-2021-2161 CVE-2021-216...
Security update for fetchmail (moderate)
openSUSE Security Update: Security update for fetchmail Announcement ID: openSUSE-SU-2021:3493-1 Rating: moderate References: 1190069 Cross-References: CVE-2021-39272 CVSS scores: CVE-2021-39272 SUSE: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Leap 15.3 An update...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:1365-1 Rating: important References: 1065729 1148868 1152489 1154353 1159886 1167773 1170774 1173746 1176940 1184439 1184804 1185302 1185677 1185726 1185762 1187167 1188067 1188651 1188986 1189297...
Security update for mupdf (important)
openSUSE Security Update: Security update for mupdf Announcement ID: openSUSE-SU-2021:1341-1 Rating: important References: 1190175 1190176 Cross-References: CVE-2020-16600 CVE-2020-19609 CVSS scores: CVE-2020-16600 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE...
Security update for xen (moderate)
openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2021:3140-1 Rating: moderate References: 1027519 1189632 Cross-References: CVE-2021-28701 CVSS scores: CVE-2021-28701 SUSE: 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An upda...
Security update for libcroco (moderate)
openSUSE Security Update: Security update for libcroco Announcement ID: openSUSE-SU-2021:3123-1 Rating: moderate References: 1171685 Cross-References: CVE-2020-12825 CVSS scores: CVE-2020-12825 NVD : 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H CVE-2020-12825 SUSE: 2.8...
Security update for nodejs10 (moderate)
openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2021:1239-1 Rating: moderate References: 1188881 1188917 1189369 1189370 Cross-References: CVE-2021-22930 CVE-2021-22931 CVE-2021-22939 CVE-2021-3672 CVSS scores: CVE-2021-22930 SUSE: 9.1...
Security update for libmspack (moderate)
openSUSE Security Update: Security update for libmspack Announcement ID: openSUSE-SU-2021:1200-1 Rating: moderate References: 1103032 Cross-References: CVE-2018-14679 CVE-2018-14681 CVE-2018-14682 CVSS scores: CVE-2018-14679 NVD : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2018-14679...
Security update for MozillaFirefox (important)
openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2021:2774-1 Rating: important References: 1188891 SLE-18626 Cross-References: CVE-2021-29980 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29988 CVE-2021-29989 Affected Products: openSUSE Leap 15.3 A...
Security update for icinga2 (moderate)
openSUSE Security Update: Security update for icinga2 Announcement ID: openSUSE-SU-2021:1054-1 Rating: moderate References: 1180147 Cross-References: CVE-2020-29663 CVSS scores: CVE-2020-29663 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2020-29663 SUSE: 5.3...
Security update for nginx (important)
openSUSE Security Update: Security update for nginx Announcement ID: openSUSE-SU-2021:1815-1 Rating: important References: 1186126 Cross-References: CVE-2021-23017 CVSS scores: CVE-2021-23017 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-23017 SUSE: 8.1...