7850 matches found
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2020:2193-1 Rating: important References: 1050242 1050536 1050545 1056653 1056657 1056787 1064802 1066129 1103990 1103992 1104389 1104393 1109837 1110096 1111666 1112178 1112374 1118657 1122971 1136460...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:2187-1 Rating: important References: 1178894 Cross-References: CVE-2020-15999 CVE-2020-16012 CVE-2020-26951 CVE-2020-26953 CVE-2020-26956 CVE-2020-26958 CVE-2020-26959 CVE-2020-26960 CVE-2020-26961...
Security update for kdeconnect-kde (important)
openSUSE Security Update: Security update for kdeconnect-kde Announcement ID: openSUSE-SU-2020:1650-1 Rating: important References: 1176268 Cross-References: CVE-2020-26164 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This...
Security update of chromium (low)
openSUSE Security Update: Security update of chromium Announcement ID: openSUSE-SU-2020:1181-1 Rating: low References: 1174582 Cross-References: CVE-2020-6532 CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 CVE-2020-6541 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixe...
Security update for xorg-x11-server (important)
openSUSE Security Update: Security update for xorg-x11-server Announcement ID: openSUSE-SU-2020:1279-1 Rating: important References: 1174633 1174635 1174638 Cross-References: CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 Affected Products: openSUSE Leap 15.1 An update that fixes three...
Security update for python (moderate)
openSUSE Security Update: Security update for python Announcement ID: openSUSE-SU-2020:1254-1 Rating: moderate References: 1174091 Cross-References: CVE-2019-20907 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for python...
Security update for libreoffice (moderate)
openSUSE Security Update: Security update for libreoffice Announcement ID: openSUSE-SU-2020:1222-1 Rating: moderate References: 1062631 1146025 1157627 1165849 1172053 1172189 1172795 1172796 Cross-References: CVE-2020-12802 CVE-2020-12803 Affected Products: openSUSE Leap 15.1 An update that solv...
Security update for openexr (moderate)
openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2020:1015-1 Rating: moderate References: 1173466 1173467 1173469 Cross-References: CVE-2020-15304 CVE-2020-15305 CVE-2020-15306 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is no...
Security update for curl (important)
openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2020:0908-1 Rating: important References: 1173027 Cross-References: CVE-2020-8177 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for curl fixes...
Security update for mariadb (moderate)
openSUSE Security Update: Security update for mariadb Announcement ID: openSUSE-SU-2020:0870-1 Rating: moderate References: 1171550 Cross-References: CVE-2020-13249 CVE-2020-2752 CVE-2020-2760 CVE-2020-2812 CVE-2020-2814 Affected Products: openSUSE Leap 15.1 An update that fixes 5 vulnerabilities...
Security update for nghttp2 (moderate)
openSUSE Security Update: Security update for nghttp2 Announcement ID: openSUSE-SU-2020:0379-1 Rating: moderate References: 1159003 1166481 Cross-References: CVE-2019-18802 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...
Security update for yast2-rmt (moderate)
openSUSE Security Update: Security update for yast2-rmt Announcement ID: openSUSE-SU-2020:0253-1 Rating: moderate References: 1119835 Cross-References: CVE-2018-20105 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for permissions (moderate)
openSUSE Security Update: Security update for permissions Announcement ID: openSUSE-SU-2019:2672-1 Rating: moderate References: 1093414 1150734 1157198 Cross-References: CVE-2019-3688 CVE-2019-3690 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata ...
Security update for gpg2 (important)
openSUSE Security Update: Security update for gpg2 Announcement ID: openSUSE-SU-2019:1917-1 Rating: important References: 1124847 1141093 Cross-References: CVE-2019-13050 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now...
Security update for moinmoin-wiki (moderate)
This update for moinmoin-wiki to version 1.9.10 fixes the following security issue: - CVE-2017-5934: Cross-site scripting vulnerability in the GUI editor boo1111104...
Security update for php7 (moderate)
This update for php7 fixes the following issues: - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade was mishandled in the phphandler function bsc1108753. This update was imported from the SUSE:SLE-12:Update...
Security update for php5-smarty3 (moderate)
This update for php5-smarty3 fixes the following issues: - CVE-2018-16381: Prevent traversal vulnerability due to insufficient template code sanitization that allowed attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files...
Security update for php7 (moderate)
This update for php7 fixes the following issues: Security issue fixed: - CVE-2018-1000222: Fixed a double free vulnerability in gdImageBmpPtr that could result in remote code execution. This could have been exploited via a specially crafted JPEG image files. bsc1105434 This update was imported fr...
Security update for rsyslog (moderate)
This update for rsyslog fixes the following security issue: - CVE-2015-3243: Prevent weak permissions for generated log files, which allowed local users to obtain sensitive information bsc935393. This update was imported from the SUSE:SLE-15:Update update project...
Security update for enigmail (moderate)
This update for enigmail fixes vulnerabilities that allowed spoofing of e-mail signatures: - CVE-2018-12019: signature spoofing via specially crafted OpenPGP user IDs boo1097525 - CVE-2018-12020: signature spoofing via diagnostic output of the original file name in GnuPG verbose mode boo1096745...
Security update for enigmail (moderate)
This update for enigmail to version 2.0.5 fixes the following issues: Improvements on previous fixes on CVE-2017-17688, boo1093151 and CVE-2017-17689, boo1093152 EFAIL: - do not decrypt MIME parts unnecessarily - improve Error Message for Missing Message Modification Code...
Security update for lame (important)
This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain decibel, range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the...
Security update for ImageMagick (important)
This update for ImageMagick fixes the following issues: - security update xcf.c: CVE-2017-14343: Memory leak vulnerability in ReadXCFImage could lead to denial of service via a crafted file. CVE-2017-12691: The ReadOneLayer function in coders/xcf.c allows remote attackers to cause a denial of...
Security update for chromium (important)
This update for chromium to version 61.0.3163.79 fixes several issues. These security issues were fixed: - CVE-2017-5111: Use after free in PDFium boo1057364. - CVE-2017-5112: Heap buffer overflow in WebGL boo1057364. - CVE-2017-5113: Heap buffer overflow in Skia boo1057364. - CVE-2017-5114: Memo...
Security update for sudo (important)
This update for sudo fixes the following security issue: - CVE-2017-1000368: A follow-up fix to CVE-2017-1000367, the Linux process name could also contain a newline, which could be used to trick sudo to read/write to an arbitrary open terminal. bsc1042146 Also the following non security bug was...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.72 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.70 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-9076: The dccpv6requestrecvsock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of...
Security update for icoutils (important)
This update for icoutils to version 0.31.1 fixes the following issues: - CVE-2017-5208: An integer overflow allows maliciously crafted files to cause DoS or code execution boo1018756. - CVE-2017-5331: Incorrect out of bounds checks in checkoffset allow for DoS or code execution boo1018756. -...
Security update for icinga (important)
This update for icinga includes various upstream fixes and the following security security fixes: - icinga was updated to version 1.14.0 - the classic-UI was vulnerable to a cross site scripting attack CVE-2015-8010, boo952777 - A user with nagios privileges could have gained root privileges by...
Security update for openssl (important)
This update for openssl fixes the following issues: OpenSSL Security Advisory 22 Sep 2016 boo999665 Severity: High OCSP Status Request extension unbounded memory growth CVE-2016-6304 boo999666 Severity: Low Pointer arithmetic undefined behaviour CVE-2016-2177 boo982575 Constant time flag not...
Security update for Mozilla Thunderbird (important)
This update contains Mozilla Thunderbird 45.2. boo983549 It fixes security issues mostly affecting the e-mail program when used in a browser context, such as viewing a web page or HTMl formatted e-mail. The following vulnerabilities were fixed: - CVE-2016-2818, CVE-2016-2815: Memory safety bugs...
Security update for libxml2 (important)
This update brings libxml2 to version 2.9.4. These security issues were fixed: - CVE-2016-3627: The xmlStringGetNodeList function in tree.c, when used in recovery mode, allowed context-dependent attackers to cause a denial of service infinite recursion, stack consumption, and application crash vi...
Security update for ntp (important)
ntp was updated to version 4.2.8p6 to fix 12 security issues. Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 These security issues were fixed: - CVE-2015-8158: Fixed potential infinite loop in ntpq bsc962966. - CVE-2015-8138: Zero Origin Timestamp Bypass bsc963002....
Security update for ImageMagick (important)
This update for ImageMagick fixes the following issues: Security issues fixed: - Several coders were vulnerable to remote code execution attacks, these coders have now been disabled by default but can be re-enabled by editing "/etc/ImageMagick-/policy.xml" bsc978061 - CVE-2016-3714: Insufficient...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.1 kernel was updated to 4.1.20 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-1339: A memory leak in cuse could be used to exhaust kernel memory. bsc969356. - CVE-2015-7799: The slhcinit function in drivers/net/slip/slhc.c in the...
Security update for rubygem-rails-html-sanitizer (important)
This update for rubygem-rails-html-sanitizer fixes the following issues: - CVE-2015-7579: XSS vulnerability in rails-html-sanitizer bsc963327 - CVE-2015-7578: XSS vulnerability via attributes bsc963326 - CVE-2015-7580: XSS via whitelist sanitizer bsc963328...
Security update for the Linux Kernel (important)
The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2015-3290: A flaw was found in the way the Linux kernels nested NMI handler and espfix64 functionalities interacted during NMI processing. A local, unprivileged user could use...
bash (important)
The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances CVE-2014-7169. Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 a...
Mozilla Firefox and others: Update to Firefox 20.0 release (important)
The Mozilla suite received security and bugfix updates: Mozilla Firefox was updated to version 20.0. Mozilla Thunderbird was updated to version 17.0.5. Mozilla Seamonkey was updated to version 17.0.5. Mozilla XULRunner was updated to version 17.0.5. mozilla-nss was updated to version 3.14.3...
kernel: fixed local privilege escalation (important)
The Linux kernel was updated to 3.4.33 and to fix a local root privilege escalation and various other security and non-security bugs. CVE-2013-1763: A out of bounds access in sockdiag could be used by local attackers to execute code in kernel context and so become root. CVE-2013-0160: The atime o...
ruby on rails to 2.3.16 (important)
This update updates the RubyOnRails 2.3 stack to 2.3.16, also this update updates the RubyOnRails 3.2 stack to 3.2.11. Security and bugfixes were done, foremost: CVE-2013-0333: A JSON sql/code injection problem was fixed. CVE-2012-5664: A SQL Injection Vulnerability in Active Record was fixed...
java-1_6_0-openjdk: update to 1.11.5 icedtea (important)
This version upgrade to 1.11.5 fixed various security and non-security issues...
update for php5 (important)
php5 security update...
Security update for trivy (moderate)
openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2022:10022-1 Rating: moderate References: 1199760 Cross-References: CVE-2022-23648 CVE-2022-28946 CVSS scores: CVE-2022-23648 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-23648 SUSE: 5.5...
Security update for 389-ds (important)
openSUSE Security Update: Security update for 389-ds Announcement ID: openSUSE-SU-2022:1100-1 Rating: important References: 1194068 1194084 1197275 1197345 Cross-References: CVE-2022-0918 CVE-2022-0996 CVSS scores: CVE-2022-0918 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-0918...
Security update for java-1_8_0-ibm (important)
openSUSE Security Update: Security update for java-180-ibm Announcement ID: openSUSE-SU-2022:1027-1 Rating: important References: 1194925 1194926 1194927 1194928 1194929 1194930 1194931 1194932 1194933 1194934 1194935 1194937 1194939 1194940 1194941 1195146 1196500 1197126 Cross-References:...
Security update for minidlna (moderate)
openSUSE Security Update: Security update for minidlna Announcement ID: openSUSE-SU-2022:0079-1 Rating: moderate References: 1181400 1196814 Cross-References: CVE-2022-26505 CVSS scores: CVE-2022-26505 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Backports...
Security update for wireshark (important)
openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2022:0722-1 Rating: important References: 1195866 1195867 1195868 1195869 1195870 Cross-References: CVE-2022-0581 CVE-2022-0582 CVE-2022-0583 CVE-2022-0585 CVE-2022-0586 CVSS scores: CVE-2022-0581 NVD : 7.5...
Security update for kafka (important)
openSUSE Security Update: Security update for kafka Announcement ID: openSUSE-SU-2022:0040-1 Rating: important References: 1190587 1190839 1193662 1193930 1194842 1194843 1194844 Cross-References: CVE-2021-4104 CVE-2021-43565 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 CVSS scores: CVE-2021-4104...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1632-1 Rating: important References: 1192310 1192734 1193519 1193713 Cross-References: CVE-2021-38005 CVE-2021-38006 CVE-2021-38007 CVE-2021-38008 CVE-2021-38009 CVE-2021-38010 CVE-2021-38011 CVE-2021-38012...