7581 matches found
Security update for mercurial (important)
This update for mercurial fixes the following issues: - CVE-2017-9462: Fix the arbitrary code exec by remote users via "hg serve --stdio" boo1043063...
Security update for tiff (important)
This update for tiff fixes the following issues: Security issues fixed: - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and...
Security update for tigervnc (important)
This update for tigervnc fixes the following issues: This security issue was fixed: - CVE-2016-10207: Prevent crash caused by failed TLS connection bnc1023012 This non-security issue was fixed: Fix random client disconnections boo1022432...
Security update for gstreamer-0_10-plugins-good (important)
This update for gstreamer-010-plugins-good fixes the following issues: - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write bsc1012102 - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write bsc1012103 - CVE-2016-9636: Prevent maliciously craft...
Security update for icoutils (important)
This update for icoutils to version 0.31.1 fixes the following issues: - CVE-2017-5208: An integer overflow allows maliciously crafted files to cause DoS or code execution boo1018756. - CVE-2017-5331: Incorrect out of bounds checks in checkoffset allow for DoS or code execution boo1018756. -...
Security update for libarchive (important)
libarchive was updated to fix 20 security issues. These security issues were fixed: - CVE-2015-8918: Overlapping memcpy in CAB parser bsc985698. - CVE-2015-8919: Heap out of bounds read in LHA/LZH parser bsc985697. - CVE-2015-8920: Stack out of bounds read in ar parser bsc985675. - CVE-2015-8921:...
Security update for Chromium (important)
Chromium was updated to 51.0.2704.103 to fix three vulnerabilities: - CVE-2016-1704: Various fixes from internal audits, fuzzing and other initiatives shared identifier boo985397 Includes vulnerability fixes from 50.0.2661.102 boo979859: - CVE-2016-1667: Same origin bypass in DOM - CVE-2016-1668:...
Security update for Chromium (important)
Chromium was updated to 51.0.2704.79 to fix a number of security issues. boo982719 - CVE-2016-1696: Cross-origin bypass in Extension bindings - CVE-2016-1697: Cross-origin bypass in Blink - CVE-2016-1698: Information leak in Extension bindings - CVE-2016-1699: Parameter sanitization failure in...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities: - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding - CVE-2016-1652: Universal XSS in extension bindings - CVE-2016-1653: Out-of-bounds write in V8 - CVE-2016-1654: Uninitialized memory read in media -...
Security update for graphite2 (important)
This update for graphite2 fixes the following issues: - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...
Security update for qemu (important)
This update fixes the following security issues: - Enforce receive packet size, thus eliminating buffer overflow and potential security issue. bsc957162 CVE-2015-7512 - Infinite loop in processing command block list. CVE-2015-8345 bsc956829: This update also fixes a non-security bug: - Due to spa...
Security update for MySQL (important)
This update to MySQL 5.6.28 fixes the following issues bsc962779: - CVE-2015-7744: Lack of verification against faults associated with the Chinese Remainder Theorem CRT process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote...
Security update for Chromium (important)
Chromium was updated to 48.0.2564.82 to fix security issues and bugs. The following vulnerabilities were fixed: - CVE-2016-1612: Bad cast in V8 boo963184 - CVE-2016-1613: Use-after-free in PDFium boo963185 - CVE-2016-1614: Information leak in Blink boo963186 - CVE-2016-1615: Origin confusion in...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.535 to fix a number of security issues. boo950169, APSB15-25 The following vulnerabilities were fixed: CVE-2015-7628: Vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure CVE-2015-5569: Defense-in-dept...
Security update for seamonkey (important)
seamonkey was updated to fix 25 security issues. These security issues were fixed: - CVE-2015-4520: Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed remote attackers to bypass CORS preflight protection mechanisms by leveraging 1 duplicate cache-key generation or 2 retrieval of...
Security update for MozillaThunderbird (important)
MozillaThunderbird was updated to version 31.5.0 to fix four security issues. These security issues were fixed: - CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0831: Use-after-free in IndexedDB - CVE-2015-0827: Out-of-bounds read and write while rendering SVG content -...
Security update for libpng16 (important)
libpng was updated to fix some security issues: CVE-2014-9495 bnc912076: Heap-buffer overflow pngcombinerow with very wide interlaced images CVE-2015-0973 bnc912929: overflow in pngreadIDATdata libpng is now also build with -DPNGSAFELIMITSSUPPORTED...
update for openssl (important)
The following issues were fixed in this release: CVE-2014-3566: SSLv3 POODLE attack bnc901223 CVE-2014-3513, CVE-2014-3567: DTLS memory leak and session ticket memory leak...
NRPE metacharacter filtering omission (important)
NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...
Mozilla Januarys (important)
The Mozilla January 8th 2013 security release contains updates: Mozilla Firefox was updated to version 18.0. Mozilla Seamonkey was updated to version 2.15. Mozilla Thunderbird was updated to version 17.0.2. Mozilla XULRunner was updated to version 17.0.2. MFSA...
mysql-community-server: updated to 5.5.28 (important)
mysql community server was updated to 5.5.28, fixing bugs and security issues. See http://dev.mysql.com/doc/refman/5.5/en/news-5-5-27.html http://dev.mysql.com/doc/refman/5.5/en/news-5-5-28.html...
xen to fix various denial of service issues (important)
This update of XEN fixes various denial of service bugs. - bnc789945 - CVE-2012-5510: xen: Grant table version switch list corruption vulnerability XSA-26 - bnc789944 - CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs XSA-27 - bnc789940 - CVE-2012-5512: xen:...
Chromium to 25.0.1343 (important)
Chromium was updated to 25.0.1343 Security Fixes bnc791234 and bnc792154: - CVE-2012-5131: Corrupt rendering in the Apple OSX driver for Intel GPUs - CVE-2012-5133: Use-after-free in SVG filters. - CVE-2012-5130: Out-of-bounds read in Skia - CVE-2012-5132: Browser crash with chunked encoding -...
java-1_6_0-openjdk: icedtea-web update to 1.11.4 (bnc#) (critical)
The icedtea-web Java plugin was updated to 1.11.4 to fix critical security issues: Security fixes - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder - S7163201, CVE-2012-0547: Simplify toolkit internals references OpenJDK - S7182135: Impossible to use some editors directly -...
update for chromium, v8 (important)
Update to 19.0.1079 Security Fixes bnc754456: High CVE-2011-3050: Use-after-free with first-letter handling High CVE-2011-3045: libpng integer issue from upstream High CVE-2011-3051: Use-after-free in CSS cross-fade handling High CVE-2011-3052: Memory corruption in WebGL canvas handling High...
Security update for gpg2 (important)
openSUSE Security Update: Security update for gpg2 Announcement ID: openSUSE-SU-2022:2546-1 Rating: important References: 1196125 1201225 Cross-References: CVE-2022-34903 CVSS scores: CVE-2022-34903 NVD : 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N CVE-2022-34903 SUSE: 6.8...
Security update for python-M2Crypto (important)
openSUSE Security Update: Security update for python-M2Crypto Announcement ID: openSUSE-SU-2022:2562-1 Rating: important References: 1178829 Cross-References: CVE-2020-25657 CVSS scores: CVE-2020-25657 NVD : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-25657 SUSE: 7.5...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10099-1 Rating: important References: 1202509 Cross-References: CVE-2022-2852 CVE-2022-2853 CVE-2022-2854 CVE-2022-2855 CVE-2022-2856 CVE-2022-2857 CVE-2022-2858 CVE-2022-2859 CVE-2022-2860 CVE-2022-2861...
Security update for librecad (important)
openSUSE Security Update: Security update for librecad Announcement ID: openSUSE-SU-2022:10002-1 Rating: important References: 1195105 1195122 1197664 Cross-References: CVE-2021-45341 CVE-2021-45342 CVSS scores: CVE-2021-45341 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-45342...
Security update for nextcloud (moderate)
openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2022:0098-1 Rating: moderate References: 1196905 1196908 1196952 Cross-References: CVE-2021-41239 CVE-2021-41241 CVE-2021-41741 CVSS scores: CVE-2021-41239 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N...
Security update for mariadb (important)
openSUSE Security Update: Security update for mariadb Announcement ID: openSUSE-SU-2022:0726-1 Rating: important References: 1195325 1195334 1195339 1196016 Cross-References: CVE-2021-46657 CVE-2021-46658 CVE-2021-46659 CVE-2021-46661 CVE-2021-46663 CVE-2021-46664 CVE-2021-46665 CVE-2021-46668...
Security update for qemu (low)
openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2022:0210-1 Rating: low References: 1172033 1181361 Cross-References: CVE-2020-13253 CVE-2021-20196 CVSS scores: CVE-2020-13253 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-13253 SUSE: 3.3...
Security update for zxing-cpp (important)
openSUSE Security Update: Security update for zxing-cpp Announcement ID: openSUSE-SU-2022:0157-1 Rating: important References: 1191743 1191942 1191944 Cross-References: CVE-2021-28021 CVE-2021-42715 CVE-2021-42716 CVSS scores: CVE-2021-28021 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:0020-1 Rating: important References: 1194065 1194126 1194128 1194924 Cross-References: CVE-2022-21394 CVSS scores: CVE-2022-21394 NVD : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products:...
Security update for python39-pip (moderate)
openSUSE Security Update: Security update for python39-pip Announcement ID: openSUSE-SU-2022:0064-1 Rating: moderate References: 1186819 Cross-References: CVE-2021-3572 CVSS scores: CVE-2021-3572 SUSE: 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N Affected Products: openSUSE Leap 15.3 An updat...
Security update for runc (moderate)
openSUSE Security Update: Security update for runc Announcement ID: openSUSE-SU-2021:1625-1 Rating: moderate References: 1193436 Cross-References: CVE-2021-43784 CVSS scores: CVE-2021-43784 NVD : 6 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L Affected Products: openSUSE Leap 15.2 An update that...
Security update for p11-kit (important)
openSUSE Security Update: Security update for p11-kit Announcement ID: openSUSE-SU-2021:1611-1 Rating: important References: 1180064 1187993 Cross-References: CVE-2020-29361 CVSS scores: CVE-2020-29361 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-29361 SUSE: 7.5...
Security update for xorg-x11-server (important)
openSUSE Security Update: Security update for xorg-x11-server Announcement ID: openSUSE-SU-2021:1606-1 Rating: important References: 1190487 1190488 1190489 Cross-References: CVE-2021-4009 CVE-2021-4010 CVE-2021-4011 CVSS scores: CVE-2021-4009 SUSE: 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:...
Security update for ruby2.5 (important)
openSUSE Security Update: Security update for ruby2.5 Announcement ID: openSUSE-SU-2021:1535-1 Rating: important References: 1188160 1188161 1190375 Cross-References: CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 CVSS scores: CVE-2021-31799 SUSE: 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...
Security update for postgresql14 (important)
openSUSE Security Update: Security update for postgresql14 Announcement ID: openSUSE-SU-2021:3759-1 Rating: important References: 1191782 1192516 Cross-References: CVE-2021-23214 CVE-2021-23222 CVSS scores: CVE-2021-23214 SUSE: 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-23222 SUSE:...
Security update for rubygem-activerecord-5_1 (moderate)
openSUSE Security Update: Security update for rubygem-activerecord-51 Announcement ID: openSUSE-SU-2021:1468-1 Rating: moderate References: 1182169 Cross-References: CVE-2021-22880 CVSS scores: CVE-2021-22880 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-22880 SUSE: 5.3...
Security update for dnsmasq (moderate)
openSUSE Security Update: Security update for dnsmasq Announcement ID: openSUSE-SU-2021:1426-1 Rating: moderate References: 1173646 1180914 1183709 SLE-17936 Cross-References: CVE-2020-14312 CVE-2021-3448 CVSS scores: CVE-2020-14312 NVD : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H...
Security update for hivex (moderate)
openSUSE Security Update: Security update for hivex Announcement ID: openSUSE-SU-2021:3201-1 Rating: moderate References: 1189060 Cross-References: CVE-2021-3622 CVSS scores: CVE-2021-3622 SUSE: 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap 15.3 An update that...
Security update for libaom (important)
openSUSE Security Update: Security update for libaom Announcement ID: openSUSE-SU-2021:1254-1 Rating: important References: 1189497 Cross-References: CVE-2021-30475 CVSS scores: CVE-2021-30475 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-30475 SUSE: 7.8...
Security update for cacti, cacti-spine (moderate)
openSUSE Security Update: Security update for cacti, cacti-spine Announcement ID: openSUSE-SU-2021:1208-1 Rating: moderate References: 1188188 Cross-References: CVE-2020-14424 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: Th...
Security update for krb5 (important)
openSUSE Security Update: Security update for krb5 Announcement ID: openSUSE-SU-2021:1182-1 Rating: important References: 1188571 Cross-References: CVE-2021-36222 CVSS scores: CVE-2021-36222 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 An update tha...
Security update for systemd (moderate)
openSUSE Security Update: Security update for systemd Announcement ID: openSUSE-SU-2021:2809-1 Rating: moderate References: 1166028 1171962 1184994 1185972 1188063 Cross-References: CVE-2020-13529 CVE-2021-33910 CVSS scores: CVE-2020-13529 NVD : 6.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H...
Security update for nodejs14 (important)
openSUSE Security Update: Security update for nodejs14 Announcement ID: openSUSE-SU-2021:2354-1 Rating: important References: 1184450 1187973 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362 CVE-2021-27290 CVSS scores: CVE-2020-7774 NVD : 7.3...
Security update for polkit (important)
openSUSE Security Update: Security update for polkit Announcement ID: openSUSE-SU-2021:1843-1 Rating: important References: 1186497 Cross-References: CVE-2021-3560 CVSS scores: CVE-2021-3560 SUSE: 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update tha...
Security update for postgresql10 (moderate)
openSUSE Security Update: Security update for postgresql10 Announcement ID: openSUSE-SU-2021:1970-1 Rating: moderate References: 1183168 1185924 1185925 Cross-References: CVE-2021-32027 CVE-2021-32028 CVSS scores: CVE-2021-32027 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-3202...