7585 matches found
Security update for log4j12 (important)
openSUSE Security Update: Security update for log4j12 Announcement ID: openSUSE-SU-2021:4112-1 Rating: important References: 1193662 Cross-References: CVE-2021-4104 CVSS scores: CVE-2021-4104 SUSE: 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update th...
Security update for python-Pygments (important)
openSUSE Security Update: Security update for python-Pygments Announcement ID: openSUSE-SU-2021:1521-1 Rating: important References: 1184812 Cross-References: CVE-2021-27291 CVSS scores: CVE-2021-27291 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-27291 SUSE: 7.5...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:1460-1 Rating: important References: 1065729 1085030 1100416 1129735 1152489 1154353 1156395 1157177 1167773 1172073 1173604 1176940 1184673 1185762 1186109 1187167 1188563 1188876 1188983 1188985...
Security update for curl (moderate)
openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2021:1384-1 Rating: moderate References: 1190373 1190374 Cross-References: CVE-2021-22946 CVE-2021-22947 CVSS scores: CVE-2021-22946 SUSE: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-22947 SUSE: 5.9...
Security update for nodejs8 (important)
openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2021:3294-1 Rating: important References: 1188917 Cross-References: CVE-2021-22930 CVSS scores: CVE-2021-22930 SUSE: 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: openSUSE Leap 15.3 An update...
Security update for transfig (moderate)
openSUSE Security Update: Security update for transfig Announcement ID: openSUSE-SU-2021:1311-1 Rating: moderate References: 1143650 1159130 1159293 1161698 1186329 Cross-References: CVE-2019-14275 CVE-2019-19555 CVE-2019-19746 CVE-2019-19797 CVE-2021-3561 CVSS scores: CVE-2019-14275 NVD : 5.5...
Security update for mariadb (moderate)
openSUSE Security Update: Security update for mariadb Announcement ID: openSUSE-SU-2021:2835-1 Rating: moderate References: 1189320 Cross-References: CVE-2021-2372 CVE-2021-2389 CVSS scores: CVE-2021-2372 NVD : 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2021-2372 SUSE: 4.4...
Security update for djvulibre (important)
openSUSE Security Update: Security update for djvulibre Announcement ID: openSUSE-SU-2021:1112-1 Rating: important References: 1187869 Cross-References: CVE-2021-3630 CVSS scores: CVE-2021-3630 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-3630 SUSE: 7.3...
Security update for jdom2 (important)
openSUSE Security Update: Security update for jdom2 Announcement ID: openSUSE-SU-2021:1031-1 Rating: important References: 1187446 Cross-References: CVE-2021-33813 CVSS scores: CVE-2021-33813 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-33813 SUSE: 7.5...
Security update for bluez (moderate)
openSUSE Security Update: Security update for bluez Announcement ID: openSUSE-SU-2021:2291-1 Rating: moderate References: 1186463 Cross-References: CVE-2020-26558 CVE-2021-0129 CVSS scores: CVE-2020-26558 NVD : 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2020-26558 SUSE: 4.2...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:0723-1 Rating: important References: 1182918 Cross-References: CVE-2021-2145 CVE-2021-2250 CVE-2021-2264 CVE-2021-2266 CVE-2021-2279 CVE-2021-2280 CVE-2021-2281 CVE-2021-2282 CVE-2021-2283 CVE-2021-2284...
Security update for samba (important)
openSUSE Security Update: Security update for samba Announcement ID: openSUSE-SU-2021:0636-1 Rating: important References: 1178469 1179156 1183572 1183574 1184310 1184677 Cross-References: CVE-2020-27840 CVE-2021-20254 CVE-2021-20277 CVSS scores: CVE-2020-27840 SUSE: 7.5...
Security update for sudo (important)
openSUSE Security Update: Security update for sudo Announcement ID: openSUSE-SU-2021:0602-1 Rating: important References: 1183936 Cross-References: CVE-2021-3156 CVSS scores: CVE-2021-3156 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-3156 SUSE: 7.8...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2021:0075-1 Rating: important References: 1040855 1044120 1044767 1055117 1065729 1094840 1109695 1112178 1115431 1129770 1138374 1139944 1144912 1152457 1163727 1164780 1168952 1171078 1172145 1172538...
Security update for mariadb (moderate)
openSUSE Security Update: Security update for mariadb Announcement ID: openSUSE-SU-2020:2090-1 Rating: moderate References: 1175596 1177472 1178428 Cross-References: CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-15180 Affected Products: openSUSE Leap 15.2 An update that fix...
Security update for atftp (important)
openSUSE Security Update: Security update for atftp Announcement ID: openSUSE-SU-2020:1736-1 Rating: important References: 1176437 Cross-References: CVE-2020-6097 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for atftp fixe...
Security update for libqt5-qtbase (important)
openSUSE Security Update: Security update for libqt5-qtbase Announcement ID: openSUSE-SU-2020:1564-1 Rating: important References: 1172515 1176315 Cross-References: CVE-2020-17507 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available...
Security update for rubygem-actionpack-5_1 (important)
openSUSE Security Update: Security update for rubygem-actionpack-51 Announcement ID: openSUSE-SU-2020:1536-1 Rating: important References: 1172177 Cross-References: CVE-2020-8164 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This updat...
Security update for jasper (moderate)
openSUSE Security Update: Security update for jasper Announcement ID: openSUSE-SU-2020:1517-1 Rating: moderate References: 1010979 1010980 1020451 1020456 1020458 1020460 1045450 1057152 1088278 1114498 1115637 1117328 1120805 1120807 Cross-References: CVE-2016-9398 CVE-2016-9399 CVE-2017-14132...
Security update for curl (moderate)
openSUSE Security Update: Security update for curl Announcement ID: openSUSE-SU-2020:1494-1 Rating: moderate References: 1175109 Cross-References: CVE-2020-8231 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for curl fixes t...
Security update for claws-mail (moderate)
openSUSE Security Update: Security update for claws-mail Announcement ID: openSUSE-SU-2020:1116-1 Rating: moderate References: 1174457 Cross-References: CVE-2020-15917 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for ntp (moderate)
openSUSE Security Update: Security update for ntp Announcement ID: openSUSE-SU-2020:1007-1 Rating: moderate References: 1125401 1169740 1171355 1172651 1173334 992038 Cross-References: CVE-2018-8956 CVE-2020-11868 CVE-2020-13817 CVE-2020-15025 Affected Products: openSUSE Leap 15.2 An update that...
Security update for python3 (important)
openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2020:0940-1 Rating: important References: 1173274 Cross-References: CVE-2020-14422 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for python3...
Security update for chocolate-doom (important)
openSUSE Security Update: Security update for chocolate-doom Announcement ID: openSUSE-SU-2020:0928-1 Rating: important References: 1173595 Cross-References: CVE-2020-14983 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0856-1 Rating: important References: 1173029 1173063 Cross-References: CVE-2020-6505 CVE-2020-6506 CVE-2020-6507 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes three vulnerabilities is...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0832-1 Rating: important References: 1170107 1171910 1171975 1172496 Cross-References: CVE-2020-6463 CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469 CVE-2020-6470 CVE-2020-6471...
Security update for yast2-rmt (moderate)
openSUSE Security Update: Security update for yast2-rmt Announcement ID: openSUSE-SU-2020:0253-1 Rating: moderate References: 1119835 Cross-References: CVE-2018-20105 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for upx (moderate)
openSUSE Security Update: Security update for upx Announcement ID: openSUSE-SU-2020:0163-1 Rating: moderate References: 1094138 1141777 1143839 1159833 1159920 Cross-References: CVE-2018-11243 CVE-2019-1010048 CVE-2019-14296 CVE-2019-20021 CVE-2019-20053 Affected Products: openSUSE Leap 15.1 An...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1903-1 Rating: important References: 1145242 Cross-References: CVE-2019-5867 CVE-2019-5868 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description: This...
Security update for gnutls (moderate)
This update for gnutls fixes the following security issues: - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirteen...
Security update for dom4j (moderate)
This update for dom4j fixes the following issues: - CVE-2018-1000632: Prevent XML injection vulnerability that allowed an attacker to tamper with XML documents bsc1105443 This update was imported from the SUSE:SLE-12:Update update project...
Security update for GraphicsMagick (low)
This update for GraphicsMagick fixes the following issues: - CVE-2018-16644: Added missing check for length in the functions ReadDCMImage and ReadPICTImage, which allowed remote attackers to cause a denial of service via a crafted image bsc1107609 - CVE-2018-16645: Prevent excessive memory...
Security update for docker, docker-runc, containerd, golang-github-docker-libnetwork (important)
This update for docker, docker-runc, containerd, golang-github-docker-libnetwork fixes several issues. These security issues were fixed: - CVE-2017-16539: The DefaultLinuxSpec function in oci/defaults.go docker did not block /proc/scsi pathnames, which allowed attackers to trigger data loss when...
Security update for bind (important)
This update for bind fixes the following issues: CVE-2017-3137 bsc1033467: Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could have been exploited to cause a denial of service of a bind server performing recursion...
Security update for bind (important)
This update for bind fixes the following issues: - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
Security update for xen (important)
This updates xen to version 4.4.406 to fix the following issues: - An unprivileged user in a guest could gain guest could escalate privilege to that of the guest kernel, if it had could invoke the instruction emulator. Only 64-bit x86 HVM guest were affected. Linux guest have not been vulnerable...
Security update for xen (important)
xen was updated to version 4.7.1 to fix 17 security issues. These security issues were fixed: - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652. - CVE-2016-9386: x86 null segments were not always treated as...
Security update for php5 (important)
This update for php5 fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...
Security update for qemu (important)
qemu was updated to fix 19 security issues. These security issues were fixed: - CVE-2016-2392: The isrndis function in the USB Net device emulator hw/usb/dev-network.c in QEMU did not properly validate USB configuration descriptor objects, which allowed local guest OS administrators to cause a...
Security update for samba (important)
samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...
Security update for openssh (critical)
This update for openssh fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature bsc961642 - CVE-2016-0778: A malicious or compromised server could could trigger a...
security issues addressed, most notably the mod_security heap overflow known as CVE-2014-0226 (important)
apache2: - ECC support was added to modssl - fix for a race condition in modstatus known as CVE-2014-0226 can lead to information disclosure; modstatus is not active by default, and is normally only open for connects from localhost. - fix for bug known as CVE-2014-0098 that can crash the apache...
lighttpd to 1.4.35 (important)
lighttpd was updated to version 1.4.35, fixing bugs and security issues: CVE-2014-2323: SQL injection vulnerability in modmysqlvhost.c in lighttpd allowed remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname. CVE-2014-2323: Multiple directory...
Mozilla updates 2014/03 (important)
This patch contains a collection of security relevant updates for Mozilla applications. Update Firefox to 24.4.0 bnc868603 Update Thunderbird to 24.4.0 Update NSPR to 4.10.4 Update NSS to 3.15.5 MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards MFSA 2014-17/CVE-2014-149...
java-1_6_0-openjdk to 1.12.2 (important)
OpenJDK java-160-openjdk was updated to 1.12.2 to fix bugs and security issues bnc801972 Security fixes on top of 1.12.0 - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at...
kernel: security and bugfix update (important)
This kernel update to 3.4.11 fixes various bugs and security issues. The changes up to 3.4.11 contain both security and bugfixes and are not explicitly listed here. Following security issues were fixed: CVE-2012-3520: Force passing credentials, otherwise local services could be fooled to assume...
freetype: Fixed several off-by-one / length checks missing (important)
This freetype2 update fixes sign extension problems and missing length checks. This issue was used in one of the last jailbreakme exploits for Apple iPhone/iPad products. CVE-2011-0226...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10036-1 Rating: important References: 1200783 Cross-References: CVE-2022-2156 CVE-2022-2157 CVE-2022-2158 CVE-2022-2160 CVE-2022-2161 CVE-2022-2162 CVE-2022-2163 CVE-2022-2164 CVE-2022-2165 Affected Products:...
Security update for trivy (moderate)
openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2022:10022-1 Rating: moderate References: 1199760 Cross-References: CVE-2022-23648 CVE-2022-28946 CVSS scores: CVE-2022-23648 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-23648 SUSE: 5.5...
Security update for bind (moderate)
SUSE Security Update: Security update for bind Announcement ID: openSUSE-SU-2022:0151-1 Rating: moderate References: 1192146 1199370 Cross-References: CVE-2021-25219 CVE-2022-27114 CVSS scores: CVE-2021-25219 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-25219 SUSE: 5.3...