7581 matches found
Security update for libwebp (critical)
openSUSE Security Update: Security update for libwebp Announcement ID: openSUSE-SU-2021:1860-1 Rating: critical References: 1185652 1185654 1185673 1185674 1185685 1185686 1185688 1185690 1185691 1186247 Cross-References: CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013...
Security update for ruby2.5 (moderate)
openSUSE Security Update: Security update for ruby2.5 Announcement ID: openSUSE-SU-2021:0607-1 Rating: moderate References: 1184644 Cross-References: CVE-2021-28965 CVSS scores: CVE-2021-28965 SUSE: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: openSUSE Leap 15.2 An update...
Security update for python (moderate)
openSUSE Security Update: Security update for python Announcement ID: openSUSE-SU-2021:0435-1 Rating: moderate References: 1182379 Cross-References: CVE-2021-23336 CVSS scores: CVE-2021-23336 NVD : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H CVE-2021-23336 SUSE: 5.9...
Security update for nodejs12 (important)
openSUSE Security Update: Security update for nodejs12 Announcement ID: openSUSE-SU-2021:0357-1 Rating: important References: 1182333 1182619 1182620 Cross-References: CVE-2021-22883 CVE-2021-22884 CVE-2021-23840 CVSS scores: CVE-2021-22883 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...
Security update for firejail (important)
openSUSE Security Update: Security update for firejail Announcement ID: openSUSE-SU-2021:0271-1 Rating: important References: 1181990 Cross-References: CVE-2020-17367 CVE-2020-17368 CVE-2021-26910 CVSS scores: CVE-2020-17367 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-17368 NV...
Security update for go1.14 (moderate)
openSUSE Security Update: Security update for go1.14 Announcement ID: openSUSE-SU-2021:0190-1 Rating: moderate References: 1164903 1181145 1181146 Cross-References: CVE-2021-3114 CVE-2021-3115 Affected Products: openSUSE Leap 15.1 An update that solves two vulnerabilities and has one errata is no...
Security update for xstream (important)
openSUSE Security Update: Security update for xstream Announcement ID: openSUSE-SU-2021:0140-1 Rating: important References: 1180145 1180146 1180994 Cross-References: CVE-2020-26217 CVE-2020-26258 CVE-2020-26259 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is n...
Security update for mariadb (important)
openSUSE Security Update: Security update for mariadb Announcement ID: openSUSE-SU-2020:2254-1 Rating: important References: 1177472 1178428 Cross-References: CVE-2020-14765 CVE-2020-14776 CVE-2020-14789 CVE-2020-14812 CVE-2020-15180 Affected Products: openSUSE Leap 15.2 An update that fixes 5...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:2213-1 Rating: important References: 1179576 Cross-References: CVE-2020-16037 CVE-2020-16038 CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042 Affected Products: openSUSE Backports SLE-15-SP2 An...
Security update for python-pip (important)
openSUSE Security Update: Security update for python-pip Announcement ID: openSUSE-SU-2020:2169-1 Rating: important References: 1176262 Cross-References: CVE-2019-20916 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...
Security update for lout (important)
openSUSE Security Update: Security update for lout Announcement ID: openSUSE-SU-2020:1812-1 Rating: important References: 1159713 1159714 Cross-References: CVE-2019-19917 CVE-2019-19918 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes two vulnerabilities is now available...
Security update for sane-backends (important)
openSUSE Security Update: Security update for sane-backends Announcement ID: openSUSE-SU-2020:1791-1 Rating: important References: 1172524 Cross-References: CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 Affected Products: openSUSE Leap 15...
Recommended update for mailman (moderate)
openSUSE Security Update: Recommended update for mailman Announcement ID: openSUSE-SU-2020:1752-1 Rating: moderate References: 1171363 1173369 Cross-References: CVE-2020-12108 CVE-2020-12137 CVE-2020-15011 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes three vulnerabilities...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1718-1 Rating: important References: 1177936 Cross-References: CVE-2020-15999 CVE-2020-16000 CVE-2020-16001 CVE-2020-16002 CVE-2020-16003 Affected Products: openSUSE Leap 15.1 An update that fixes 5...
Security update for transfig (moderate)
openSUSE Security Update: Security update for transfig Announcement ID: openSUSE-SU-2020:1702-1 Rating: moderate References: 1143650 Cross-References: CVE-2019-14275 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for transfi...
Security update for perl-DBI (important)
openSUSE Security Update: Security update for perl-DBI Announcement ID: openSUSE-SU-2020:1620-1 Rating: important References: 1176764 Cross-References: CVE-2019-20919 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for perl-D...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1499-1 Rating: important References: 1175757 1176306 1176450 Cross-References: CVE-2020-15959 CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565...
Security update for libraw (moderate)
openSUSE Security Update: Security update for libraw Announcement ID: openSUSE-SU-2020:1088-1 Rating: moderate References: 1173674 Cross-References: CVE-2020-15503 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for libraw...
Security update for redis (moderate)
openSUSE Security Update: Security update for redis Announcement ID: openSUSE-SU-2020:1035-1 Rating: moderate References: 1173018 Cross-References: CVE-2020-14147 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 SUSE Package Hub for SUSE Linux Enterprise 12 An update that fixes...
Security update for GraphicsMagick (moderate)
This update for GraphicsMagick fixes the following issues: Security issues fixed: - CVE-2018-20184: Fixed heap-based buffer overflow in the WriteTGAImage function of tga.c bsc1119822 - CVE-2018-20189: Fixed denial of service vulnerability in ReadDIBImage function of coders/dib.c bsc1119790...
Security update for libraw (moderate)
This update for libraw fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-5804: Fixed a type confusion error within the identify function that could trigger a division by zero, leading to a denial of service Dos. boo1097975 - CVE-2018-5805: Fixed a...
Security update for nextcloud (moderate)
This update for nextcloud fixes security issues and bugs. Security issues fixed: - CVE-2018-3780: Stored XSS in autocomplete suggestions for file comments boo1114817 This update also contains all bug fixes and improvements in the 13.0.8 version, including: - Password expiration time changed from...
Security update for python (moderate)
This update for python fixes the following issues: The following security vulnerabilities were addressed: - Add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this, attackers could cause a denial of service via a crafted wav format audio file. bsc1083507,...
opensuse-security@xxxxxxxxxxxx</li> <li><span class="identifier"> Date</span>: Tue, 19 Jun 2018 12:08:11 +0200 (CEST)</li> <li><span class="identifier"> Message-id</span>: <<a href="msg00037.html">[email protected]</a>></li> </ul> <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin--> </div> <div class="body"> <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message--> openSUSE Security Update: Security update for aubio<br> ______________________________________________________________________________<br> <br> Announcement ID: openSUSE-SU-2018:1734-1<br> Rating: low<br> References: #1072317 <br> Cross-References: CVE-2017-17554<br> Affected Products:<br> openSUSE Leap 15.0<br> ______________________________________________________________________________<br> <br> An update that fixes one vulnerability is now available.<br> <br> Description:<br> <br> This update for aubio fixes the following security issue:<br> <br> - CVE-2017-17554: Prevent NULL pointer dereference in the function<br> aubio_source_avcodec_readframe which may have lead to DoS when playing a<br> crafted audio file (bsc#1072317).<br> <br> <br> Patch Instructions:<br> <br> To install this openSUSE Security Update use the SUSE recommended <br> installation methods<br> like YaST online_update or "zypper patch".<br> <br> Alternatively you can run the command listed for your product:<br> <br> - openSUSE Leap 15.0:<br> <br> zypper in -t patch openSUSE-2018-652=1<br> <br> <br> <br> Package List:<br> <br> - openSUSE Leap 15.0 (i586 x86_64):<br> <br> aubio-debugsource-0.4.6-lp150.3.3.1<br> aubio-tools-0.4.6-lp150.3.3.1<br> aubio-tools-debuginfo-0.4.6-lp150.3.3.1<br> libaubio-devel-0.4.6-lp150.3.3.1<br> libaubio5-0.4.6-lp150.3.3.1<br> libaubio5-debuginfo-0.4.6-lp150.3.3.1<br> <br> - openSUSE Leap 15.0 (x86_64):<br> <br> libaubio5-32bit-0.4.6-lp150.3.3.1<br> libaubio5-32bit-debuginfo-0.4.6-lp150.3.3.1<br> python-aubio-debugsource-0.4.6-lp150.3.3.1<br> python2-aubio-0.4.6-lp150.3.3.1<br> python2-aubio-debuginfo-0.4.6-lp150.3.3.1<br> python3-aubio-0.4.6-lp150.3.3.1<br> python3-aubio-debuginfo-0.4.6-lp150.3.3.1<br> <br> <br> References:<br> <br> <a rel="nofollow" href="https://www.suse.com/security/cve/CVE-2017-17554.html">https://www.suse.com/security/cve/CVE-2017-17554.html</a><br> <a rel="nofollow" href="https://bugzilla.suse.com/1072317">https://bugzilla.suse.com/1072317</a><br> <br> -- <br> To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx<br> For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx<br> <br> <!--X-Body-of-Message-End--> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <!-- SwishCommand noindex --> </div> <table class="bodynav"> <tr> <td align="left"> < Previous </td> <td align="right"> Next > </td> </tr> </table> </div> <div class="visualClear"></div> </div> </div> </div> <div id="column-one"> <a name="indexes"></a> <div class="portlet" id="p-topnav"> <div class="pBody"> <ul> <li><a href="threads.html">Thread Index</a></li> <li><a href="author.html">Author Index</a></li> <li><a href="date.html">Date Index</a></li> <li><a href="all.html">All Messages</a></li> </ul> </div> </div> <div class="portlet" id="p-logo"> <a style="background-image: url(/skins/opensuse/opensuse.gif);" href="../" title="Back"></a> </div> <script type="text/javascript"> if (window.isMSIE55) fixalpha(); </script> <a name="search"></a> <div id="p-search" class="portlet" style="white-space: nowrap;"> <h5><label for="searchInput">Search this list</label> (Security update for aubio</h5> <!--X-Subject-Header-End--> <!--X-Head-of-Message--> <ul> <li><span class="identifier"> From</span>)
This update for aubio fixes the following security issue: - CVE-2017-17554: Prevent NULL pointer dereference in the function aubiosourceavcodecreadframe which may have lead to DoS when playing a crafted audio file bsc1072317...
Security update for postgresql96 (important)
This update for postgresql96 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
Security update for chromium (important)
This update to Chromium 59.0.3071.86 fixes the following security issues: - CVE-2017-5070: Type confusion in V8 - CVE-2017-5071: Out of bounds read in V8 - CVE-2017-5072: Address spoofing in Omnibox - CVE-2017-5073: Use after free in print preview - CVE-2017-5074: Use after free in Apps Bluetooth...
Security update for Chromium (important)
This update to Chromium 57.0.2987.133 fixes the following issues boo1031677: - CVE-2017-5055: Use after free in printing - CVE-2017-5054: Heap buffer overflow in V8 - CVE-2017-5052: Bad cast in Blink - CVE-2017-5056: Use after free in Blink - CVE-2017-5053: Out of bounds memory access in V8 The...
Security update for mbedtls (important)
This update to mbedtls 1.3.19 fixes security issues and bugs. The following vulnerability was fixed: CVE-2017-2784: A remote user could have used a specially crafted certificate to cause mbedtls to free a buffer allocated on the stack when verifying the validity of public key with a secp224k1...
Security update for Chromium (important)
Chromium was updated to 54.0.2840.59 to fix security issues and bugs. The following security issues are fixed bnc1004465: - CVE-2016-5181: Universal XSS in Blink - CVE-2016-5182: Heap overflow in Blink - CVE-2016-5183: Use after free in PDFium - CVE-2016-5184: Use after free in PDFium -...
Security update for ntp (important)
ntp was updated to version 4.2.8p8 to fix five security issues. These security issues were fixed: - CVE-2016-4953: Bad authentication demobilizes ephemeral associations bsc982065. - CVE-2016-4954: Processing spoofed server packets bsc982066. - CVE-2016-4955: Autokey association reset bsc982067. -...
Security update for ImageMagick (important)
This update for ImageMagick fixes the following issues: - security update: CVE-2016-5118 boo982178 + ImageMagick-CVE-2016-5118.patch...
Security update for exim (important)
This update to exim 4.86.2 fixes the following issues: CVE-2016-1531: local privilege escalation for set-uid root exim when using 'perlstartup' boo968844 Important: Exim now cleans the complete execution environment by default. This affects Exim and subprocesses such as transports calling other...
Security update for openssl (important)
This update for openssl fixes various security issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...
Security update for postgresql94 (important)
This update for postgresql94 fixes the following issues: - Security and bugfix release 9.4.6: IMPORTANT Users of version 9.4 will need to reindex any jsonbpathops indexes they have created, in order to fix a persistent issue with missing index entries. Fix infinite loops and buffer-overrun proble...
Security update for MySQL (important)
This update to MySQL 5.6.28 fixes the following issues bsc962779: - CVE-2015-7744: Lack of verification against faults associated with the Chinese Remainder Theorem CRT process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote...
Security update for Chromium (important)
Chromium was updated to 48.0.2564.82 to fix security issues and bugs. The following vulnerabilities were fixed: - CVE-2016-1612: Bad cast in V8 boo963184 - CVE-2016-1613: Use-after-free in PDFium boo963185 - CVE-2016-1614: Information leak in Blink boo963186 - CVE-2016-1615: Origin confusion in...
Security update for flash-player (critical)
This security issue was fixed: - CVE-2015-7645: Critical vulnerability affecting 11.2.202.535 used in Pawn Storm APSA15-05 bsc950474...
Security update for flash-player (critical)
Security update to 11.2.202.508 bsc941239: APSB15-19: CVE-2015-3107, CVE-2015-5124, CVE-2015-5125, CVE-2015-5127, CVE-2015-5128, CVE-2015-5129, CVE-2015-5130, CVE-2015-5131, CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545,...
Security update for flash-player (important)
The Adobe flash-player package was updated to version 11.2.202.460 to fix several security issues. The following vulnerabilities were fixed bsc930677: APSB15-09, CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079, CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083, CVE-2015-3084,...
update to Firefox 31.5.3 (important)
Update to Firefox 31.5.3 bnc923534 MFSA 2015-28/CVE-2015-0818 bmo1144988 Privilege escalation through SVG navigation MFSA 2015-29/CVE-2015-0817 bmo1145255 Code execution through incorrect JavaScript bounds checking elimination - update to Firefox 31.5.0esr bnc917597 MFSA 2015-11/CVE-2015-0836...
kernel update for Evergreen 11.4 (important)
Kernel update for Evergreen 11.4, fixes CVE-2014-8133 CVE-2014-9090 CVE-2014-9322...
update flash-player to 11.2.202.40 (important)
Adobe Flash Player was updated to 11.2.202.406 bnc895856: APSB14-21, CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559 More information can be found on:...
java-1_6_0-openjdk: update to icedtea 1.12.3 (important)
java-160-openjdk was updated to IcedTea 1.12.3 bnc804654 containing security and bugfixes: Security fixes - S8006446: Restrict MBeanServer access CVE-2013-1486 - S8006777: Improve TLS handling of invalid messages Lucky 13 CVE-2013-0169 - S8007688: Blacklist known bad certificate issued by DigiCer...
update for chromium, v8 (important)
Version upgrade of chromium to address multiple security vulnerabilities...
update for samba (critical)
Samba upgrade to version 3.6.3 fixes the following security issue: - PIDL based autogenerated code allows overwriting beyond of allocated array. Remove attackers could exploit that to execute arbitrary code as root CVE-2012-1182, bso8815, bnc752797 Please see...
tomcat6: Fix multiple weaknesses in HTTP DIGESTS (important)
This update fixes a regression in parameter passing in urldecoding of parameters that contain spaces. In addition, multiple weaknesses in HTTP DIGESTS are fixed CVE-2011-1184. CVE-2011-5062: The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0....
MozillaThunderbird: Update to 3.1.12 (important)
Mozilla Thunderbird was updated to 3.1.12 fixing various bugs and security issues: Mozilla Foundation Security Advisory 2011-32 MFSA 2011-32 http://www.mozilla.org/security/announce/2011/mfsa2011-32.ht ml Many of the issues listed below are not exploitable through mail since JavaScript is disable...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10139-1 Rating: important References: 1203808 Cross-References: CVE-2022-3201 CVE-2022-3304 CVE-2022-3305 CVE-2022-3306 CVE-2022-3307 CVE-2022-3308 CVE-2022-3309 CVE-2022-3310 CVE-2022-3311 CVE-2022-3312...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10138-1 Rating: important References: 1203808 Cross-References: CVE-2022-3201 CVE-2022-3304 CVE-2022-3305 CVE-2022-3306 CVE-2022-3307 CVE-2022-3308 CVE-2022-3309 CVE-2022-3310 CVE-2022-3311 CVE-2022-3312...
Security update for harfbuzz (important)
openSUSE Security Update: Security update for harfbuzz Announcement ID: openSUSE-SU-2022:2663-1 Rating: important References: 1200900 Cross-References: CVE-2022-33068 CVSS scores: CVE-2022-33068 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-33068 SUSE: 7.3...