7585 matches found
Security update for libtirpc (important)
This update for libtirpc fixes the following issues: Security issue fixed: - bsc968175: Fix remote crash of RPC services. Bug fixes: - bsc1072183: Send RPC getport call as specified via parameter. This update was imported from the SUSE:SLE-12-SP2:Update update project...
Security update for Chromium (important)
This update for Chromium to version 68.0.3440.75 fixes multiple issues. Security issues fixed boo1102530: - CVE-2018-6153: Stack buffer overflow in Skia - CVE-2018-6154: Heap buffer overflow in WebGL - CVE-2018-6155: Use after free in WebRTC - CVE-2018-6156: Heap buffer overflow in WebRTC -...
Security update for qemu (important)
This update for qemu fixes the following issues: This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests bsc1092885. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of al...
Security update for ocaml (important)
This update for ocaml fixes the following issues: - CVE-2018-9838: The camlbadeserialize function in byterun/bigarray.c in the standard library had an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of...
Security update for ceph (important)
This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-7262: rgw: malformed http headers can crash rgw bsc1081379. - CVE-2017-16818: User reachable asserts allow for DoS bsc1063014. Bug fixes: - bsc1061461: OSDs keep generating coredumps after adding new OSD node to...
Security update for phpMyAdmin (important)
This update for phpMyAdmin to version 4.7.7 fixes a security issue and bugs. The following vulnerability was fixed: - By deceiving a user to click on a crafted URL, it was possible to perform harmful database operations bsc1074066, PMASA-2017-09 This update also contains all upstream improvements...
Security update for rabbitmq-server (important)
This update for rabbitmq-server fixes the following issue: - CVE-2016-9877: An issue in Pivotal RabbitMQ caused connection authentication with a username/password pair to succeed if an existing username was provided but the password is omitted from the connection request. Connections that use TLS...
Security update for icoutils (important)
This update for icoutils to version 0.31.1 fixes the following issues: - CVE-2017-5208: An integer overflow allows maliciously crafted files to cause DoS or code execution boo1018756. - CVE-2017-5331: Incorrect out of bounds checks in checkoffset allow for DoS or code execution boo1018756. -...
Security update for Chromium (important)
This update to Chromium 55.0.2883.75 fixes the following vulnerabilities: - CVE-2016-9651: Private property access in V8 - CVE-2016-5208: Universal XSS in Blink - CVE-2016-5207: Universal XSS in Blink - CVE-2016-5206: Same-origin bypass in PDFium - CVE-2016-5205: Universal XSS in Blink -...
Security update for Chromium (important)
Chromium was updated to 53.0.2785.89 to fix a number of security issues. The following vulnerabilities were fixed: boo996648 - CVE-2016-5147: Universal XSS in Blink. - CVE-2016-5148: Universal XSS in Blink. - CVE-2016-5149: Script injection in extensions. - CVE-2016-5150: Use after free in Blink....
Security update for Chromium (important)
Chromium was updated to 52.0.2743.82 to fix the following security issues boo989901: - CVE-2016-1706: Sandbox escape in PPAPI - CVE-2016-1707: URL spoofing on iOS - CVE-2016-1708: Use-after-free in Extensions - CVE-2016-1709: Heap-buffer-overflow in sfntly - CVE-2016-1710: Same-origin bypass in...
Security update for vlc (important)
This update for vlc to 2.2.4 to fix the following security issue: - CVE-2016-5108: Fix out-of-bound write in adpcm QT IMA codec boo984382. This also include an update of codecs and libraries to fix these 3rd party security issues: - CVE-2016-1514: Matroska libebml EbmlUnicodeString Heap Informati...
Security update for MozillaThunderbird (important)
MozillaThunderbird was updated to 38.7.0 to fix the following issues: Update to Thunderbird 38.7.0 boo969894 MFSA 2015-81/CVE-2015-4477 bmo1179484 Use-after-free in MediaStream playback MFSA 2015-136/CVE-2015-7207 bmo1185256 Same-origin policy violation using performance.getEntries and history...
Security update for tomcat (important)
This update for tomcat fixes the following issues: Tomcat 8 was updated from 8.0.23 to 8.0.32, to fix bugs and security issues. Fixed security issues: CVE-2015-5174: Directory traversal vulnerability in RequestUtil.java in Apache Tomcat allowed remote authenticated users to bypass intended...
Security update for bind (important)
This update for bind fixes the following issues: Fix two assertion failures that can lead to a remote denial of service attack: CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. bsc970072 CVE-2016-1286: An error when parsing...
Security update for openssl (important)
This update for openssl fixes various security issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...
Security update for xulrunner (important)
Xulrunner was updated to 38.5.0 to fix several security issues. The following vulnerabilities were fixed boo959277: CVE-2015-7201: Miscellaneous memory safety hazards CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed CVE-2015-7212: Integer overflow allocating...
flashplayer to version 11.2.202.451 (important)
Adobe Flash Player was updated to 11.2.202.451 bsc922033. These security issues were fixed: - Memory corruption vulnerabilities that could lead to code executionCVE-2016-0332,CVE-2015-0333, CVE-2015-0335, CVE-2015-0339. - Type confusion vulnerabilities that could lead to code...
libpng12: Fixed a heap based buffer overflow (important)
A heap-based buffer overflow in libpng was fixed that could potentially be exploited by attackers to execute arbitrary code or cause an application to crash CVE-2011-3026. libpng 1.2 was updated to 1.2.47 to fix this issue...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2022:10118-1 Rating: important References: Cross-References: CVE-2022-3075 Affected Products: openSUSE Leap 15.4:NonFree An update that fixes one vulnerability is now available. Description: This update for opera fix...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10092-1 Rating: important References: 1202075 Cross-References: CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612...
Security update for libredwg (moderate)
SUSE Security Update: Security update for libredwg Announcement ID: openSUSE-SU-2022:0149-1 Rating: moderate References: 1193372 1194767 Cross-References: CVE-2021-28237 CVE-2022-21658 CVSS scores: CVE-2022-21658 NVD : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2022-21658 SUSE: 6.2...
Security update for MozillaFirefox (important)
openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2022:1127-1 Rating: important References: 1197698 1197903 Cross-References: CVE-2022-1097 CVE-2022-1196 CVE-2022-24713 CVE-2022-28281 CVE-2022-28282 CVE-2022-28285 CVE-2022-28286 CVE-2022-28289 CVSS scores:...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2022:0906-1 Rating: important References: 1196900 Cross-References: CVE-2022-26381 CVE-2022-26383 CVE-2022-26384 CVE-2022-26386 CVE-2022-26387 Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 An...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2022:0050-1 Rating: important References: 1027353 1081164 1102775 1108471 1111122 1116807 1140341 1145864 1152968 1174961 1178021 1178351 1179009 1179699 1181591 SLE-6120 Cross-References: CVE-2018-18065 CVE-2020-158...
Security update for xen (important)
openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2022:0333-1 Rating: important References: 1194576 1194581 1194588 Cross-References: CVE-2022-23033 CVE-2022-23034 CVE-2022-23035 CVSS scores: CVE-2022-23034 SUSE: 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L...
Security update for json-c (important)
openSUSE Security Update: Security update for json-c Announcement ID: openSUSE-SU-2022:0184-1 Rating: important References: 1171479 Cross-References: CVE-2020-12762 CVSS scores: CVE-2020-12762 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2020-12762 SUSE: 7.8...
Security update for log4j (important)
openSUSE Security Update: Security update for log4j Announcement ID: openSUSE-SU-2021:1605-1 Rating: important References: 1193887 1193888 Cross-References: CVE-2021-45105 CVSS scores: CVE-2021-45105 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 An...
Security update for nodejs14 (important)
openSUSE Security Update: Security update for nodejs14 Announcement ID: openSUSE-SU-2021:1552-1 Rating: important References: 1190053 1190054 1190055 1190056 1190057 1191601 1191602 Cross-References: CVE-2021-22959 CVE-2021-22960 CVE-2021-37701 CVE-2021-37712 CVE-2021-37713 CVE-2021-39134...
Security update for redis (important)
openSUSE Security Update: Security update for redis Announcement ID: openSUSE-SU-2021:3772-1 Rating: important References: 1191299 1191300 1191302 1191303 1191304 1191305 1191306 Cross-References: CVE-2021-32626 CVE-2021-32627 CVE-2021-32628 CVE-2021-32672 CVE-2021-32675 CVE-2021-32687...
Security update for go1.16 (important)
openSUSE Security Update: Security update for go1.16 Announcement ID: openSUSE-SU-2021:3292-1 Rating: important References: 1182345 1190589 Cross-References: CVE-2021-39293 CVSS scores: CVE-2021-39293 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 An...
Security update for xen (moderate)
openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2021:1301-1 Rating: moderate References: 1027519 1189632 Cross-References: CVE-2021-28701 CVSS scores: CVE-2021-28701 SUSE: 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 An upda...
Security update for php7-pear (important)
openSUSE Security Update: Security update for php7-pear Announcement ID: openSUSE-SU-2021:3018-1 Rating: important References: 1189591 Cross-References: CVE-2020-36193 CVSS scores: CVE-2020-36193 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2020-36193 SUSE: 7.5...
Security update for sssd (important)
openSUSE Security Update: Security update for sssd Announcement ID: openSUSE-SU-2021:2941-1 Rating: important References: 1183735 1187120 1189492 Cross-References: CVE-2021-3621 CVSS scores: CVE-2021-3621 SUSE: 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3...
Security update for isync (moderate)
openSUSE Security Update: Security update for isync Announcement ID: openSUSE-SU-2021:1170-1 Rating: moderate References: 1186939 Cross-References: CVE-2021-3578 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for isync fixes...
Security update for php7 (important)
openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2021:2795-1 Rating: important References: 1188035 Cross-References: CVE-2021-21704 CVSS scores: CVE-2021-21704 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 An update tha...
Security update for nagios (important)
openSUSE Security Update: Security update for nagios Announcement ID: openSUSE-SU-2021:0715-1 Rating: important References: 1003362 1014637 1172794 1182398 989759 Cross-References: CVE-2016-6209 CVE-2020-13977 CVSS scores: CVE-2016-6209 NVD : 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...
Security update for python3 (moderate)
openSUSE Security Update: Security update for python3 Announcement ID: openSUSE-SU-2021:0331-1 Rating: moderate References: 1176262 1179756 1180686 1181126 Cross-References: CVE-2019-20916 CVE-2021-3177 CVSS scores: CVE-2019-20916 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0173-1 Rating: important References: 1181137 Cross-References: CVE-2020-16044 CVE-2021-21117 CVE-2021-21118 CVE-2021-21119 CVE-2021-21120 CVE-2021-21121 CVE-2021-21122 CVE-2021-21123 CVE-2021-21124...
Security update for ImageMagick (moderate)
openSUSE Security Update: Security update for ImageMagick Announcement ID: openSUSE-SU-2021:0136-1 Rating: moderate References: 1179103 1179202 1179208 1179212 1179221 1179223 1179240 1179244 1179260 1179268 1179269 1179276 1179278 1179281 1179285 1179311 1179312 1179313 1179315 1179317 1179321...
Security update for nodejs12 (moderate)
openSUSE Security Update: Security update for nodejs12 Announcement ID: openSUSE-SU-2021:0064-1 Rating: moderate References: 1178882 1179491 1180553 1180554 Cross-References: CVE-2020-1971 CVE-2020-8265 CVE-2020-8277 CVE-2020-8287 Affected Products: openSUSE Leap 15.2 An update that fixes four...
Security update for nodejs10 (moderate)
openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2021:0065-1 Rating: moderate References: 1179491 1180553 1180554 Cross-References: CVE-2020-1971 CVE-2020-8265 CVE-2020-8287 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is now...
Security update for tigervnc (critical)
openSUSE Security Update: Security update for tigervnc Announcement ID: openSUSE-SU-2020:1666-1 Rating: critical References: 1176733 Cross-References: CVE-2020-26117 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for tigervn...
Security update for nodejs12 (important)
openSUSE Security Update: Security update for nodejs12 Announcement ID: openSUSE-SU-2020:1616-1 Rating: important References: 1172686 1173937 1176589 1176605 Cross-References: CVE-2020-15095 CVE-2020-8201 CVE-2020-8252 Affected Products: openSUSE Leap 15.2 An update that solves three...
Security update for libqt4 (moderate)
openSUSE Security Update: Security update for libqt4 Announcement ID: openSUSE-SU-2020:1500-1 Rating: moderate References: 1118595 1118596 1118599 1121214 1176315 Cross-References: CVE-2018-15518 CVE-2018-19869 CVE-2018-19873 CVE-2020-17507 Affected Products: openSUSE Backports SLE-15-SP1 An upda...
Security update for gimp (low)
openSUSE Security Update: Security update for gimp Announcement ID: openSUSE-SU-2020:1420-1 Rating: low References: 1073627 Cross-References: CVE-2017-17789 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for gimp fixes the...
Security update for go1.14 (important)
openSUSE Security Update: Security update for go1.14 Announcement ID: openSUSE-SU-2020:1407-1 Rating: important References: 1164903 1169832 1170826 1172868 1174153 1174191 1174977 Cross-References: CVE-2020-14039 CVE-2020-15586 CVE-2020-16845 Affected Products: openSUSE Leap 15.2 An update that...
Security update for python-Flask-Cors (moderate)
openSUSE Security Update: Security update for python-Flask-Cors Announcement ID: openSUSE-SU-2020:1393-1 Rating: moderate References: 1175986 Cross-References: CVE-2020-25032 Affected Products: openSUSE Leap 15.2 openSUSE Leap 15.1 An update that fixes one vulnerability is now available...
Security update for postgresql10 (important)
openSUSE Security Update: Security update for postgresql10 Announcement ID: openSUSE-SU-2020:1326-1 Rating: important References: 1175193 1175194 Cross-References: CVE-2020-14349 CVE-2020-14350 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available...
Security update for rubygem-bundler (moderate)
openSUSE Security Update: Security update for rubygem-bundler Announcement ID: openSUSE-SU-2020:0861-1 Rating: moderate References: 1143436 Cross-References: CVE-2019-3881 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...