7849 matches found
Security update for libreoffice (moderate)
openSUSE Security Update: Security update for libreoffice Announcement ID: openSUSE-SU-2020:1261-1 Rating: moderate References: 1062631 1146025 1157627 1165849 1172053 1172189 1172795 1172796 Cross-References: CVE-2020-12802 CVE-2020-12803 Affected Products: openSUSE Leap 15.2 An update that solv...
Security update for dovecot23 (important)
openSUSE Security Update: Security update for dovecot23 Announcement ID: openSUSE-SU-2020:1241-1 Rating: important References: 1174922 1174923 Cross-References: CVE-2020-12673 CVE-2020-12674 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available...
Security update for openldap2 (important)
openSUSE Security Update: Security update for openldap2 Announcement ID: openSUSE-SU-2020:0976-1 Rating: important References: 1172698 1172704 Cross-References: CVE-2020-8023 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available...
Security update for openexr (moderate)
openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2020:0970-1 Rating: moderate References: 1173466 1173467 1173469 Cross-References: CVE-2020-15304 CVE-2020-15305 CVE-2020-15306 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is no...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2020:0799-1 Rating: important References: 1172402 Cross-References: CVE-2020-12398 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Affected Products: openSUSE Leap 15.1 An update that fixes four...
Security update for libreoffice (moderate)
openSUSE Security Update: Security update for libreoffice Announcement ID: openSUSE-SU-2020:0786-1 Rating: moderate References: 1160687 1165870 1167463 1171997 Cross-References: CVE-2020-12801 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has three fixes is now...
Security update for sqliteodbc (important)
openSUSE Security Update: Security update for sqliteodbc Announcement ID: openSUSE-SU-2020:0628-1 Rating: important References: 1171041 Cross-References: CVE-2020-12050 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for libopenmpt (important)
openSUSE Security Update: Security update for libopenmpt Announcement ID: openSUSE-SU-2019:2319-1 Rating: important References: 1153102 Cross-References: CVE-2019-17113 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for...
Security update for dom4j (moderate)
This update for dom4j fixes the following issues: - CVE-2018-1000632: Prevent XML injection that could have resulted in an attacker tampering with XML documents bsc1105443. This update was imported from the SUSE:SLE-15:Update update project...
Security update for openslp (important)
This update for openslp fixes the following issues: - CVE-2017-17833: Prevent heap-related memory corruption issue which may have manifested itself as a denial-of-service or a remote code-execution vulnerability bsc1090638 - Prevent out of bounds reads in message parsing This update was imported...
Security update for chromium (moderate)
This update for Chromium to version 69.0.3497.100 fixes the following issues: - Security relevant fixes from internal audits, fuzzing and other initiatives booboo1108774...
Security update for qemu (moderate)
This update for qemu fixes the following issues: This security issue was fixed: - CVE-2018-12617: qmpguestfileread had an integer overflow that could have been exploited by sending a crafted QMP command including guest-file-read with a large count value to the agent via the listening socket causi...
Security update for ImageMagick (important)
This update for ImageMagick fixes the following issues: Security issue fixed: - Disable PS, PS2, PS3, XPS and PDF coders in default policy.xml bsc1105592 This update was imported from the SUSE:SLE-15:Update update project...
Security update for libgcrypt (moderate)
This update for libgcrypt fixes the following issue: The following security issue was fixed: - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding for ECDSA signatures bsc1097410 This update was imported from the SUSE:SLE-15:Update update project...
Security update for exiv2 (moderate)
This update for exiv2 to 0.26 fixes the following security issues: - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service bsc1060995. - CVE-2017-14862: Prevent invalid memo...
Security update for freexl (important)
This update for freexl fixes the following issues: freexl was updated to version 1.0.5: No changelog provided by upstream Various heapoverflows in 1.0.4 have been fixed: CVE-2018-7439: heap-buffer-overflow in freexl.c:3912 readminibiffnextrecord boo1082774 CVE-2018-7438: heap-buffer-overflow in...
Security update for tiff (important)
This update for tiff to version 4.0.9 fixes the following issues: Security issues fixed: - CVE-2014-8128: Fix out-of-bounds read with malformed TIFF image in multiple tools bsc969783. - CVE-2015-7554: Fix invalid write in tiffsplit / TIFFVGetField bsc960341. - CVE-2016-10095: Fix stack-based buff...
Security update for kauth, kdelibs4 (important)
This update for kauth and kdelibs4 fixes the following issues: - CVE-2017-8422: logic flaw in the KAuth framework allowed privilege escalation boo1036244...
Security update for samba (important)
This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory bsc1027147. Bugfixes: - Don't package man pages for VFS modules that aren't built bsc993707. - syncreq: make asyncconnectsend "reentrant"; bso12105;...
Security update for rabbitmq-server (important)
This update for rabbitmq-server fixes the following issue: - CVE-2016-9877: An issue in Pivotal RabbitMQ caused connection authentication with a username/password pair to succeed if an existing username was provided but the password is omitted from the connection request. Connections that use TLS...
Security update for openjpeg2 (important)
This update for openjpeg2 fixes the following issues: CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm could lead to heap buffer overflow bsc1014543 CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer overflow and infite loop bsc1014975 CVE-2016-7445: Null pointer...
Security update for icoutils (important)
This update for icoutils to version 0.31.1 fixes the following issues: - CVE-2017-5208: An integer overflow allows maliciously crafted files to cause DoS or code execution boo1018756. - CVE-2017-5331: Incorrect out of bounds checks in checkoffset allow for DoS or code execution boo1018756. -...
Security update for php5 (important)
This update for php5 fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...
Security update for Chromium (important)
Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901: - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...
Security update for Mozilla Thunderbird (important)
This update contains Mozilla Thunderbird 45.2. boo983549 It fixes security issues mostly affecting the e-mail program when used in a browser context, such as viewing a web page or HTMl formatted e-mail. The following vulnerabilities were fixed: - CVE-2016-2818, CVE-2016-2815: Memory safety bugs...
Security update for flash-player (important)
This security update for flash-player to 11.2.202.621 fixes the following issues boo979422: A critical vulnerability CVE-2016-4117 exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially...
Security update for openssl (important)
This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder boo977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check boo977616 - CVE-2016-2105: EVPEncodeUpdate overflow boo977614 - CVE-2016-2106: EVPEncryptUpdate overflow boo977615 -...
Security update for libressl (important)
libressl was updated to version 2.2.1 to fix 16 security issues. LibreSSL is a fork of OpenSSL. Because of that CVEs affecting OpenSSL often also affect LibreSSL. These security issues were fixed: - CVE-2014-3570: The BNsqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1...
Security update for java-1_8_0-openjdk (important)
OpenJDK was updated to jdk8u45-b14 to fix security issues and bugs. The following vulnerabilities were fixed: CVE-2015-0458: Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols. CVE-2015-0459: 2D: unauthenticated remote attackers could execute arbitrar...
kernel: security and bugfix update (important)
The Linux Kernel was updated to fix various bugs and security issues. CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users to leverage a...
lighttpd to 1.4.35 (important)
lighttpd was updated to version 1.4.35, fixing bugs and security issues: CVE-2014-2323: SQL injection vulnerability in modmysqlvhost.c in lighttpd allowed remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname. CVE-2014-2323: Multiple directory...
kernel: security and bugfix update (important)
The Linux kernel was updated to fix various bugs and security issues: - mm/page-writeback.c: do not count anon pages as dirtyable memory reclaim stalls. - mm/page-writeback.c: fix dirtybalancereserve subtraction from dirtyable memory reclaim stalls. - compatsysrecvmmsg X32 fix bnc860993...
java-1_7_0-openjdk: update to icedtea-2.3.4 (critical)
java-170-openjdk was updated to icedtea-2.3.4 fixing bugs and also severe security issues: Security fixes - S8004933, CVE-2012-3174: Improve MethodHandle interaction with libraries - S8006017, CVE-2013-0422: Improve lookup resolutions - S8006125: Update MethodHandles library interactions Bug fixe...
XEN: security and bugfix update (important)
This security update of XEN fixes various bugs and security issues. - Upstream patch 26088-xend-xml-filesize-check.patch - bnc787163 - CVE-2012-4544: xen: Domain builder Out-of- memory due to malicious kernel/ramdisk XSA 25 CVE-2012-4544-xsa25.patch - bnc779212 - CVE-2012-4411: XEN / qemu: guest...
MozillaFirefox: Update to version 15 (critical)
Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1 975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE- 2012-3959...
mysql (CVE-2012-2122) (important)
Fixing CVE-2012-2122: authentication bypass due to incorrect type casting...
MozillaThunderbird: 3.1.13 (important)
This update brings Mozilla Thunderbird to 3.1.13. The purpose of this update is to blacklist the compromised DigiNotar Certificate Authority. For more information read: MFSA 2011-34 http://www.mozilla.org/security/announce/2011/mfsa2011-34.ht ml...
Security update for exim (important)
openSUSE Security Update: Security update for exim Announcement ID: openSUSE-SU-2022:10191-1 Rating: important References: 1204427 Cross-References: CVE-2022-3559 CVSS scores: CVE-2022-3559 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP3 An...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2022:10118-1 Rating: important References: Cross-References: CVE-2022-3075 Affected Products: openSUSE Leap 15.4:NonFree An update that fixes one vulnerability is now available. Description: This update for opera fix...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2022:10117-1 Rating: important References: Cross-References: CVE-2022-3075 Affected Products: openSUSE Leap 15.3:NonFree An update that fixes one vulnerability is now available. Description: This update for opera fix...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10092-1 Rating: important References: 1202075 Cross-References: CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10073-1 Rating: important References: 1201679 Cross-References: CVE-2022-2163 CVE-2022-2477 CVE-2022-2478 CVE-2022-2479 CVE-2022-2480 CVE-2022-2481 Affected Products: openSUSE Backports SLE-15-SP3 openSUSE...
Security update for python2-numpy (moderate)
openSUSE Security Update: Security update for python2-numpy Announcement ID: openSUSE-SU-2022:1064-1 Rating: moderate References: 1193907 1193911 1193913 Cross-References: CVE-2021-33430 CVE-2021-41495 CVE-2021-41496 CVSS scores: CVE-2021-33430 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A...
Security update for zlib (important)
openSUSE Security Update: Security update for zlib Announcement ID: openSUSE-SU-2022:1061-1 Rating: important References: 1197459 Cross-References: CVE-2018-25032 CVSS scores: CVE-2018-25032 SUSE: 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 openSUSE Leap...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:0014-1 Rating: important References: 1194055 1194182 1194331 Cross-References: CVE-2022-0096 CVE-2022-0097 CVE-2022-0098 CVE-2022-0099 CVE-2022-0100 CVE-2022-0101 CVE-2022-0102 CVE-2022-0103 CVE-2022-0104...
Security update for python-pip (moderate)
openSUSE Security Update: Security update for python-pip Announcement ID: openSUSE-SU-2021:1598-1 Rating: moderate References: 1186819 Cross-References: CVE-2021-3572 CVSS scores: CVE-2021-3572 SUSE: 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N Affected Products: openSUSE Leap 15.2 An update...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:1403-1 Rating: important References: 1191104 1191526 1191869 Cross-References: CVE-2021-2475 CVE-2021-35538 CVE-2021-35540 CVE-2021-35542 CVE-2021-35545 CVSS scores: CVE-2021-2475 NVD : 4.4...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1392-1 Rating: important References: 1191844 Cross-References: CVE-2021-37981 CVE-2021-37982 CVE-2021-37983 CVE-2021-37984 CVE-2021-37985 CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1339-1 Rating: important References: 1190765 1191166 1191204 Cross-References: CVE-2021-37956 CVE-2021-37957 CVE-2021-37958 CVE-2021-37959 CVE-2021-37960 CVE-2021-37961 CVE-2021-37962 CVE-2021-37963...
Security update for ffmpeg (moderate)
openSUSE Security Update: Security update for ffmpeg Announcement ID: openSUSE-SU-2021:3293-1 Rating: moderate References: 1186761 Cross-References: CVE-2020-22042 CVSS scores: CVE-2020-22042 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2020-22042 SUSE: 6.5...