7585 matches found
Security update for java-11-openjdk (moderate)
openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2020:1984-1 Rating: moderate References: 1177943 Cross-References: CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 Affected Products:...
Security update for salt (critical)
openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2020:1833-1 Rating: critical References: 1159670 1175987 1176024 1176294 1176397 1177867 1178319 1178361 1178362 Cross-References: CVE-2020-16846 CVE-2020-17490 CVE-2020-25592 Affected Products: openSUSE Leap 15.2 An...
Security update for gcc10, nvptx-tools (moderate)
openSUSE Security Update: Security update for gcc10, nvptx-tools Announcement ID: openSUSE-SU-2020:1693-1 Rating: moderate References: 1172798 1172846 1173972 1174753 1174817 1175168 Cross-References: CVE-2020-13844 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and...
Security update for crmsh (moderate)
openSUSE Security Update: Security update for crmsh Announcement ID: openSUSE-SU-2020:1688-1 Rating: moderate References: 1163581 1176569 Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for crmsh fixes the following issue...
Security update for ovmf (moderate)
openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2020:1525-1 Rating: moderate References: 1119454 1175476 Cross-References: CVE-2019-14562 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available. Description:...
Security update for slurm_18_08 (moderate)
openSUSE Security Update: Security update for slurm1808 Announcement ID: openSUSE-SU-2020:1468-1 Rating: moderate References: 1172004 Cross-References: CVE-2020-12693 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...
Security update for ark (moderate)
openSUSE Security Update: Security update for ark Announcement ID: openSUSE-SU-2020:1310-2 Rating: moderate References: 1175857 Cross-References: CVE-2020-24654 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update for a...
Security update for libqt5-qtbase (moderate)
openSUSE Security Update: Security update for libqt5-qtbase Announcement ID: openSUSE-SU-2020:1319-1 Rating: moderate References: 1172726 1173758 Cross-References: CVE-2020-13962 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1309-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...
Security update for dovecot23 (important)
openSUSE Security Update: Security update for dovecot23 Announcement ID: openSUSE-SU-2020:1262-1 Rating: important References: 1174922 1174923 Cross-References: CVE-2020-12673 CVE-2020-12674 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available...
Security update for libX11 (important)
openSUSE Security Update: Security update for libX11 Announcement ID: openSUSE-SU-2020:1198-1 Rating: important References: 1174628 Cross-References: CVE-2020-14344 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for libX11...
Security update for tomcat (important)
openSUSE Security Update: Security update for tomcat Announcement ID: openSUSE-SU-2020:1063-1 Rating: important References: 1173389 Cross-References: CVE-2020-11996 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for tomcat...
Security update for xrdp (important)
openSUSE Security Update: Security update for xrdp Announcement ID: openSUSE-SU-2020:0999-1 Rating: important References: 1173580 Cross-References: CVE-2020-4044 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for xrdp fixes...
Security update for mercurial (low)
openSUSE Security Update: Security update for mercurial Announcement ID: openSUSE-SU-2020:0880-1 Rating: low References: 1133035 Cross-References: CVE-2019-3902 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for mercurial...
Security update for osc (moderate)
openSUSE Security Update: Security update for osc Announcement ID: openSUSE-SU-2020:0852-1 Rating: moderate References: 1122675 Cross-References: CVE-2019-3681 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for osc to 0.169....
Security update for wireshark (moderate)
This update for wireshark fixes the following issues: Update to Wireshark 2.4.11 bsc1117740. Security issues fixed: - CVE-2018-19625: The Wireshark dissection engine could crash wnpa-sec-2018-51 - CVE-2018-19626: The DCOM dissector could crash wnpa-sec-2018-52 - CVE-2018-19623: The LBMPDM dissect...
Security update for postgresql94 (important)
This update for postgresql94 to 9.4.19 fixes the following security issue: - CVE-2018-10915: libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could have...
Security update for MozillaFirefox (moderate)
This update for Mozilla Firefox to version 60.2.1esr fixes the following issues: Security issues fixed MFSA 2018-23: - CVE-2018-12385: Crash in TransportSecurityInfo due to cached data boo1109363 - CVE-2018-12383: Setting a master password did not delete unencrypted previously stored passwords...
Security update for openslp (important)
This update for openslp fixes the following issues: - CVE-2017-17833: Prevent heap-related memory corruption issue which may have manifested itself as a denial-of-service or a remote code-execution vulnerability bsc1090638 - Prevent out of bounds reads in message parsing This update was imported...
Security update for samba (important)
This update for samba fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn't allow it; bsc1095048 - CVE-2018-1140: ldbsearch 'distinguishedName=abc' and DNS query with escapes crashes; bsc1095056 - CVE-2018-10919:...
Security update for apache2 (moderate)
This update for apache2 fixes the following issues: The following security vulnerability were fixed: - CVE-2018-1333: Fixed a worker exhaustion that could have lead to a denial of service via specially crafted HTTP/2 requests bsc1101689. This update was imported from the SUSE:SLE-12-SP2:Update...
Security update for libgcrypt (moderate)
This update for libgcrypt fixes the following issue: The following security issue was fixed: - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding for ECDSA signatures bsc1097410 This update was imported from the SUSE:SLE-15:Update update project...
Security update for exiv2 (moderate)
This update for exiv2 to 0.26 fixes the following security issues: - CVE-2017-14864: Prevent invalid memory address dereference in Exiv2::getULong that could have caused a segmentation fault and application crash, which leads to denial of service bsc1060995. - CVE-2017-14862: Prevent invalid memo...
Security update for postgresql94 (important)
This update for postgresql94 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
Security update for spice (important)
This security update for spice fixes the following issues: - CVE-2016-9577: A buffer overflow in the spice server could have potentially been used by unauthenticated attackers to execute arbitrary code. bsc1023078 - CVE-2016-9578: Unauthenticated attackers could have caused a denial of service vi...
Security update for bind (important)
This update for bind fixes the following issues: - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
Security update for gstreamer-plugins-good (important)
This update for gstreamer-plugins-good fixes the following issues: - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write bsc1012102 - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write bsc1012103 - CVE-2016-9636: Prevent maliciously crafted...
Security update for gstreamer-plugins-bad (important)
This update for gstreamer-plugins-bad fixes the following issues: - Maliciously crafted VMnc VMware video streams typically contained in .avi files could cause code execution during decoding or information leaks due to an unitialized buffer CVE-2016-9445, CVE-2016-9446, boo1010829...
Security update for Chromium (important)
Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901: - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...
Security update for ImageMagick (important)
ImageMagick was updated to fix 66 security issues. These security issues were fixed: - CVE-2014-9810: SEGV in dpx file handler. bsc983803. - CVE-2014-9811: Crash in xwd file handler bsc984032. - CVE-2014-9812: NULL pointer dereference in ps file handling bsc984137. - CVE-2014-9813: Crash on...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.102 to fix four vulnerabilities boo979859: - CVE-2016-1667: Same origin bypass in DOM - CVE-2016-1668: Same origin bypass in Blink V8 bindings - CVE-2016-1669: Buffer overflow in V8 - CVE-2016-1670: Race condition in loader...
Security update for compat-openssl098 (important)
This update for compat-openssl098 fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2109: ASN.1 BIO excessive memory allocation bsc976942...
Security update for openssl (important)
This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check bsc977616 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 -...
Security update for openssl (important)
This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder boo977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check boo977616 - CVE-2016-2105: EVPEncodeUpdate overflow boo977614 - CVE-2016-2106: EVPEncryptUpdate overflow boo977615 -...
Security update for Chromium (important)
Chromium was updated to 47.0.2526.80 to fix security issues and bugs. The following vulnerabilities were fixed: CVE-2015-6788: Type confusion in extensions CVE-2015-6789: Use-after-free in Blink CVE-2015-6790: Escaping issue in saved pages CVE-2015-6791: Various fixes from internal audits, fuzzin...
Security update for java-1_7_0-openjdk (important)
java-170-openjdk was updated to fix 17 security issues. These security issues were fixed: - CVE-2015-4843: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown...
Security update for openssl (important)
openssl was updated to fix six security issues. The following vulnerabilities were fixed: CVE-2015-4000: The Logjam Attack / weakdh.org. Rject connections with DH parameters shorter than 768 bits, generates 2048-bit DH parameters by default. boo931698 CVE-2015-1788: Malformed ECParameters causes...
Security update for php5 (important)
PHP was updated to fix three security issues. The following vulnerabilities were fixed: CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 apache2handler, allow arbitrary code execution bnc928506 CVE-2015-3329: Specially crafted PHAR data could lead to...
Security update for flash-player (critical)
Adobe Flash Player was updated to 11.2.202.451 bsc922033. These security issues were fixed: - Memory corruption vulnerabilities that could lead to code execution CVE-2016-0332, CVE-2015-0333, CVE-2015-0335, CVE-2015-0339. - Type confusion vulnerabilities that could lead to code execution...
kernel: security and bugfix update (important)
The Linux Kernel was updated to fix various bugs and security issues. CVE-2014-4699: The Linux kernel on Intel processors did not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allowed local users to leverage a...
lighttpd to 1.4.35 (important)
lighttpd was updated to version 1.4.35, fixing bugs and security issues: CVE-2014-2323: SQL injection vulnerability in modmysqlvhost.c in lighttpd allowed remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname. CVE-2014-2323: Multiple directory...
kernel: security and bugfix update (important)
The Linux kernel was updated to fix various bugs and security issues: - mm/page-writeback.c: do not count anon pages as dirtyable memory reclaim stalls. - mm/page-writeback.c: fix dirtybalancereserve subtraction from dirtyable memory reclaim stalls. - compatsysrecvmmsg X32 fix bnc860993...
MozillaFirefox: Update to Firefox 22.0 release (important)
MozillaFirefox was updated to Firefox 22.0 bnc825935 Following security issues were fixed: MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer MFSA 2013-51/CVE-2013-1687...
kernel: security and bugfix update (critical)
The openSUSE 12.3 kernel was updated to fix a critical security issue, other security issues and several bugs. Security issues fixed: CVE-2013-2094: The perfsweventinit function in kernel/events/core.c in the Linux kernel used an incorrect integer data type, which allowed local users to gain...
Mozilla Januarys (important)
The Mozilla January 8th 2013 security release contains updates: Mozilla Firefox was updated to version 18.0. Mozilla Seamonkey was updated to version 2.15. Mozilla Thunderbird was updated to version 17.0.2. MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 Miscellaneous memory safety hazards...
Security update for the Linux Kernel (important)
openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2022:2173-1 Rating: important References: 1177282 1199365 1200015 1200143 1200144 1200206 1200207 1200249 1200259 1200263 1200268 1200529 Cross-References: CVE-2020-26541 CVE-2022-1966 CVE-2022-1974...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10086-1 Rating: important References: 1202075 Cross-References: CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612...
Security update for caddy (moderate)
openSUSE Security Update: Security update for caddy Announcement ID: openSUSE-SU-2022:10007-1 Rating: moderate References: 1200279 Cross-References: CVE-2022-297182 Affected Products: openSUSE Backports SLE-15-SP4 An update that fixes one vulnerability is now available. Description: This update f...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:0114-1 Rating: important References: 1198509 Cross-References: CVE-2022-1364 Affected Products: openSUSE Backports SLE-15-SP3 An update that fixes one vulnerability is now available. Description: This update...
Security update for icingaweb2 (important)
openSUSE Security Update: Security update for icingaweb2 Announcement ID: openSUSE-SU-2022:0097-1 Rating: important References: 1196911 1196913 Cross-References: CVE-2022-24714 CVE-2022-24715 CVSS scores: CVE-2022-24714 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-24715 NVD : 8...