7849 matches found
Security update for go1.15 (moderate)
openSUSE Security Update: Security update for go1.15 Announcement ID: openSUSE-SU-2021:0192-1 Rating: moderate References: 1175132 1181145 1181146 Cross-References: CVE-2021-3114 CVE-2021-3115 Affected Products: openSUSE Leap 15.2 An update that solves two vulnerabilities and has one errata is no...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0177-1 Rating: important References: 1181137 Cross-References: CVE-2020-16044 CVE-2021-21117 CVE-2021-21118 CVE-2021-21119 CVE-2021-21120 CVE-2021-21121 CVE-2021-21122 CVE-2021-21123 CVE-2021-21124...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:0166-1 Rating: important References: 1181137 Cross-References: CVE-2020-16044 CVE-2021-21117 CVE-2021-21118 CVE-2021-21119 CVE-2021-21120 CVE-2021-21121 CVE-2021-21122 CVE-2021-21123 CVE-2021-21124...
Security update for xstream (important)
openSUSE Security Update: Security update for xstream Announcement ID: openSUSE-SU-2021:0140-1 Rating: important References: 1180145 1180146 1180994 Cross-References: CVE-2020-26217 CVE-2020-26258 CVE-2020-26259 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is n...
Security update for vlc (important)
openSUSE Security Update: Security update for vlc Announcement ID: openSUSE-SU-2021:0122-1 Rating: important References: 1133290 1172727 1180755 Cross-References: CVE-2020-13428 CVE-2020-26664 Affected Products: openSUSE Backports SLE-15-SP2 An update that solves two vulnerabilities and has one...
Security update for postgresql12 (important)
openSUSE Security Update: Security update for postgresql12 Announcement ID: openSUSE-SU-2020:2018-1 Rating: important References: 1178666 1178667 1178668 Cross-References: CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities...
Security update for ImageMagick (moderate)
openSUSE Security Update: Security update for ImageMagick Announcement ID: openSUSE-SU-2020:1884-1 Rating: moderate References: 1178067 Cross-References: CVE-2020-27560 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...
Security update for transfig (moderate)
openSUSE Security Update: Security update for transfig Announcement ID: openSUSE-SU-2020:1843-1 Rating: moderate References: 1143650 Cross-References: CVE-2019-14275 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for transfi...
Security update for lout (important)
openSUSE Security Update: Security update for lout Announcement ID: openSUSE-SU-2020:1813-1 Rating: important References: 1159713 1159714 Cross-References: CVE-2019-19917 CVE-2019-19918 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes two vulnerabilities is now available...
Security update for perl-DBI (important)
openSUSE Security Update: Security update for perl-DBI Announcement ID: openSUSE-SU-2020:1620-1 Rating: important References: 1176764 Cross-References: CVE-2019-20919 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for perl-D...
Security update for perl-DBI (important)
openSUSE Security Update: Security update for perl-DBI Announcement ID: openSUSE-SU-2020:1502-1 Rating: important References: 1176409 1176412 Cross-References: CVE-2020-14392 CVE-2020-14393 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Descriptio...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1499-1 Rating: important References: 1175757 1176306 1176450 Cross-References: CVE-2020-15959 CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565...
Security update for lilypond (moderate)
openSUSE Security Update: Security update for lilypond Announcement ID: openSUSE-SU-2020:1453-1 Rating: moderate References: 1174949 Cross-References: CVE-2020-17353 Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available...
Security update for librepo (important)
openSUSE Security Update: Security update for librepo Announcement ID: openSUSE-SU-2020:1428-1 Rating: important References: 1175475 Cross-References: CVE-2020-14352 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update...
Security update for targetcli-fb (moderate)
openSUSE Security Update: Security update for targetcli-fb Announcement ID: openSUSE-SU-2020:1141-1 Rating: moderate References: 1172743 Cross-References: CVE-2020-13867 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for perl-YAML-LibYAML (moderate)
openSUSE Security Update: Security update for perl-YAML-LibYAML Announcement ID: openSUSE-SU-2020:1089-1 Rating: moderate References: 1173703 Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for perl-YAML-LibYAML fixes the...
Security update for libraw (moderate)
openSUSE Security Update: Security update for libraw Announcement ID: openSUSE-SU-2020:1088-1 Rating: moderate References: 1173674 Cross-References: CVE-2020-15503 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for libraw...
Security update for redis (moderate)
openSUSE Security Update: Security update for redis Announcement ID: openSUSE-SU-2020:1035-1 Rating: moderate References: 1173018 Cross-References: CVE-2020-14147 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 SUSE Package Hub for SUSE Linux Enterprise 12 An update that fixes...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0902-1 Rating: important References: 1173107 1173187 1173188 1173251 1173254 1173292 Cross-References: CVE-2020-6509 Affected Products: openSUSE Backports SLE-15-SP1 An update that solves one vulnerability an...
Security update for aubio (moderate)
openSUSE Security Update: Security update for aubio Announcement ID: openSUSE-SU-2019:1852-1 Rating: moderate References: 1137823 1142433 1142435 1142436 Cross-References: CVE-2018-19802 CVE-2019-1010222 CVE-2019-1010223 CVE-2019-1010224 Affected Products: openSUSE Backports SLE-15 An update that...
Security update for GraphicsMagick (moderate)
This update for GraphicsMagick fixes the following issues: Security issues fixed: - CVE-2018-20184: Fixed heap-based buffer overflow in the WriteTGAImage function of tga.c bsc1119822 - CVE-2018-20189: Fixed denial of service vulnerability in ReadDIBImage function of coders/dib.c bsc1119790...
Security update for dpdk (moderate)
This update for dpdk to version 16.11.8 provides the following security fix: - CVE-2018-1059: restrict untrusted guest to misuse virtio to corrupt host application ovs-dpdk memory which could have lead all VM to lose connectivity bsc1089638 and following non-security fixes: - Enable the broadcom...
Security update for nextcloud (moderate)
This update for nextcloud fixes security issues and bugs. Security issues fixed: - CVE-2018-3780: Stored XSS in autocomplete suggestions for file comments boo1114817 This update also contains all bug fixes and improvements in the 13.0.8 version, including: - Password expiration time changed from...
Security update for soundtouch (moderate)
This update for soundtouch fixes the following security issue: - CVE-2018-1000223: Prevent buffer overflow in WavInFile::readHeaderBlock that could have resulted in arbitrary code execution when opening maliocius file in soundstretch utility bsc1103676 This update was imported from the...
Security update for phpMyAdmin (moderate)
This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed: - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially-crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...
opensuse-security@xxxxxxxxxxxx</li> <li><span class="identifier"> Date</span>: Tue, 19 Jun 2018 12:08:11 +0200 (CEST)</li> <li><span class="identifier"> Message-id</span>: <<a href="msg00037.html">[email protected]</a>></li> </ul> <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin--> </div> <div class="body"> <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message--> openSUSE Security Update: Security update for aubio<br> ______________________________________________________________________________<br> <br> Announcement ID: openSUSE-SU-2018:1734-1<br> Rating: low<br> References: #1072317 <br> Cross-References: CVE-2017-17554<br> Affected Products:<br> openSUSE Leap 15.0<br> ______________________________________________________________________________<br> <br> An update that fixes one vulnerability is now available.<br> <br> Description:<br> <br> This update for aubio fixes the following security issue:<br> <br> - CVE-2017-17554: Prevent NULL pointer dereference in the function<br> aubio_source_avcodec_readframe which may have lead to DoS when playing a<br> crafted audio file (bsc#1072317).<br> <br> <br> Patch Instructions:<br> <br> To install this openSUSE Security Update use the SUSE recommended <br> installation methods<br> like YaST online_update or "zypper patch".<br> <br> Alternatively you can run the command listed for your product:<br> <br> - openSUSE Leap 15.0:<br> <br> zypper in -t patch openSUSE-2018-652=1<br> <br> <br> <br> Package List:<br> <br> - openSUSE Leap 15.0 (i586 x86_64):<br> <br> aubio-debugsource-0.4.6-lp150.3.3.1<br> aubio-tools-0.4.6-lp150.3.3.1<br> aubio-tools-debuginfo-0.4.6-lp150.3.3.1<br> libaubio-devel-0.4.6-lp150.3.3.1<br> libaubio5-0.4.6-lp150.3.3.1<br> libaubio5-debuginfo-0.4.6-lp150.3.3.1<br> <br> - openSUSE Leap 15.0 (x86_64):<br> <br> libaubio5-32bit-0.4.6-lp150.3.3.1<br> libaubio5-32bit-debuginfo-0.4.6-lp150.3.3.1<br> python-aubio-debugsource-0.4.6-lp150.3.3.1<br> python2-aubio-0.4.6-lp150.3.3.1<br> python2-aubio-debuginfo-0.4.6-lp150.3.3.1<br> python3-aubio-0.4.6-lp150.3.3.1<br> python3-aubio-debuginfo-0.4.6-lp150.3.3.1<br> <br> <br> References:<br> <br> <a rel="nofollow" href="https://www.suse.com/security/cve/CVE-2017-17554.html">https://www.suse.com/security/cve/CVE-2017-17554.html</a><br> <a rel="nofollow" href="https://bugzilla.suse.com/1072317">https://bugzilla.suse.com/1072317</a><br> <br> -- <br> To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx<br> For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx<br> <br> <!--X-Body-of-Message-End--> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <!-- SwishCommand noindex --> </div> <table class="bodynav"> <tr> <td align="left"> < Previous </td> <td align="right"> Next > </td> </tr> </table> </div> <div class="visualClear"></div> </div> </div> </div> <div id="column-one"> <a name="indexes"></a> <div class="portlet" id="p-topnav"> <div class="pBody"> <ul> <li><a href="threads.html">Thread Index</a></li> <li><a href="author.html">Author Index</a></li> <li><a href="date.html">Date Index</a></li> <li><a href="all.html">All Messages</a></li> </ul> </div> </div> <div class="portlet" id="p-logo"> <a style="background-image: url(/skins/opensuse/opensuse.gif);" href="../" title="Back"></a> </div> <script type="text/javascript"> if (window.isMSIE55) fixalpha(); </script> <a name="search"></a> <div id="p-search" class="portlet" style="white-space: nowrap;"> <h5><label for="searchInput">Search this list</label> (Security update for aubio</h5> <!--X-Subject-Header-End--> <!--X-Head-of-Message--> <ul> <li><span class="identifier"> From</span>)
This update for aubio fixes the following security issue: - CVE-2017-17554: Prevent NULL pointer dereference in the function aubiosourceavcodecreadframe which may have lead to DoS when playing a crafted audio file bsc1072317...
Security update for freexl (important)
This update for freexl fixes the following issues: freexl was updated to version 1.0.5: No changelog provided by upstream Various heapoverflows in 1.0.4 have been fixed: CVE-2018-7439: heap-buffer-overflow in freexl.c:3912 readminibiffnextrecord boo1082774 CVE-2018-7438: heap-buffer-overflow in...
Security update for freetype2 (important)
This update for freetype2 fixes the following security issues: - CVE-2016-10244: Make sure that the parsecharstrings function in type1/t1load.c does ensure that a font contains a glyph name to prevent a DoS through a heap-based buffer over-read or possibly have unspecified other impact via a...
Security update for newsbeuter (important)
This update for newsbeuter fixes one issues. This security issue was fixed: - CVE-2017-12904: Improper neutralization of special elements allowed remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL bsc1054578...
Security update for snack (important)
This update for snack fixes the following issues: Security issue fixed: - CVE-2012-6303: Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service crash and...
Security update for mercurial (important)
This update for mercurial fixes the following issues: - CVE-2017-9462: Fix the arbitrary code exec by remote users via "hg serve --stdio" boo1043063...
Security update for spice (important)
This security update for spice fixes the following issues: CVE-2016-9577: A buffer overflow in the spice server could have potentially been used by unauthenticated attackers to execute arbitrary code. bsc1023078 CVE-2016-9578: Unauthenticated attackers could have caused a denial of service via a...
Security update for gstreamer-0_10-plugins-good (important)
This update for gstreamer-010-plugins-good fixes the following issues: - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write bsc1012102 - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write bsc1012103 - CVE-2016-9636: Prevent maliciously craft...
Security update for Chromium (important)
Chromium was updated to 51.0.2704.79 to fix a number of security issues. boo982719 - CVE-2016-1696: Cross-origin bypass in Extension bindings - CVE-2016-1697: Cross-origin bypass in Blink - CVE-2016-1698: Information leak in Extension bindings - CVE-2016-1699: Parameter sanitization failure in...
Security update for graphite2 (important)
This update for graphite2 fixes the following issues: - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...
Security update for exim (important)
This update to exim 4.86.2 fixes the following issues: CVE-2016-1531: local privilege escalation for set-uid root exim when using 'perlstartup' boo968844 Important: Exim now cleans the complete execution environment by default. This affects Exim and subprocesses such as transports calling other...
Security update for qemu (important)
This update fixes the following security issues: - Enforce receive packet size, thus eliminating buffer overflow and potential security issue. bsc957162 CVE-2015-7512 - Infinite loop in processing command block list. CVE-2015-8345 bsc956829: This update also fixes a non-security bug: - Due to spa...
Security update for MySQL (important)
This update to MySQL 5.6.28 fixes the following issues bsc962779: - CVE-2015-7744: Lack of verification against faults associated with the Chinese Remainder Theorem CRT process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote...
Security update for xen (important)
This update for xen fixes the following security issues: - CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop in...
Security update for libpng12 (important)
The libpng12 package was updated to fix the following security issues: - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in pnggetPLTE/pngsetPLTE functions bsc954980. - CVE-2015-7981: Fixed an out-of-bound read bsc952051...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.535 to fix a number of security issues. boo950169, APSB15-25 The following vulnerabilities were fixed: CVE-2015-7628: Vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure CVE-2015-5569: Defense-in-dept...
Security update for seamonkey (important)
seamonkey was updated to fix 25 security issues. These security issues were fixed: - CVE-2015-4520: Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed remote attackers to bypass CORS preflight protection mechanisms by leveraging 1 duplicate cache-key generation or 2 retrieval of...
kernel update for Evergreen 11.4 (important)
Kernel update for Evergreen 11.4, fixes CVE-2014-8133 CVE-2014-9090 CVE-2014-9322...
chromium to 33.0.1750.152 stable release (important)
Chromium was updated to the 33.0.1750.152 stable channel uodate: - Security fixes: CVE-2014-1713: Use-after-free in Blink bindings CVE-2014-1714: Windows clipboard vulnerability CVE-2014-1705: Memory corruption in V8 CVE-2014-1715: Directory traversal issue Previous stable channel update...
update flash-player to 11.2.202.336 (critical)
Flash Player received an out of band critical security update to fix an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system CVE-2014-0497. More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14 -04.html...
Mozilla updates 10/2013 (important)
Update NSPR to 4.10.1 Update Thunderbird to 24.1.0 incl. enigmail 1.6 Update Firefox to 24.1.0esr Changes in MozillaFirefox: requires NSS 3.15.2 or above MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards MFSA 2013-94/CVE-2013-5593 bmo868327 Spoofing...
flash-player to 11.2.202.273 (critical)
Flash Player was updated to 11.2.202.273 to fix critical security issues: bnc806415 APSB13-08, CVE-2013-0504, CVE-2013-0643, CVE-2013-0648 More information can be found on: https://www.adobe.com/support/security/bulletins/apsb13-08.h tml...
Mozilla Januarys (important)
The Mozilla January 8th 2013 security release contains updates: Mozilla Firefox was updated to version 18.0. Mozilla Seamonkey was updated to version 2.15. Mozilla Thunderbird was updated to version 17.0.2. Mozilla XULRunner was updated to version 17.0.2. MFSA...
xen to fix various denial of service issues (important)
XEN was updated to fix various denial of service issues. - bnc789945 - CVE-2012-5510: xen: Grant table version switch list corruption vulnerability XSA-26 - bnc789944 - CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs XSA-27 - bnc789940 - CVE-2012-5512: xen:...
xen to fix various denial of service issues (important)
This update of XEN fixes various denial of service bugs. - bnc789945 - CVE-2012-5510: xen: Grant table version switch list corruption vulnerability XSA-26 - bnc789944 - CVE-2012-5511: xen: Several HVM operations do not validate the range of their inputs XSA-27 - bnc789940 - CVE-2012-5512: xen:...