7849 matches found
Security update for Chromium (important)
Chromium was updated to 49.0.2623.110 to fix the following security issues: - CVE-2016-1646: Out-of-bounds read in V8 - CVE-2016-1647: Use-after-free in Navigation - CVE-2016-1648: Use-after-free in Extensions - CVE-2016-1649: Buffer overflow in libANGLE - CVE-2016-1650: Various fixes from intern...
Security update for glibc (important)
This update for glibc fixes the following security issues: - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses bsc961721 - CVE-2015-8777: Insufficient checking of LDPOINTERGUARD...
Security update for java-1_8_0-openjdk (critical)
java-180-openjdk was updated to version 7u95 to fix 9 security issues. bsc962743 - CVE-2015-7575: Further reduce use of MD5 SLOTH bsc960996 - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same f...
Security update for icedtea-web (important)
The icedtea-web java plugin was updated to 1.6.1. Changes included: Enabled Entry-Point attribute check permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not at all. fixed DownloadService comments in deployment.properties now should...
Security update for java-1_8_0-openjdk (important)
OpenJDK was updated to 2.6.1 - OpenJDK 8u51 to fix security issues and bugs. The following vulnerabilities were fixed: CVE-2015-2590: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.466 to fix multiple security issues. The following vulnerabilities were fixed: CVE-2015-3096: bypass for CVE-2014-5333 CVE-2015-3098: vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure CVE-2015-309...
Update to Firefox 31.7.0esr (important)
update to Firefox 31.7.0esr bnc930622 MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety hazards MFSA 2015-47/VE-2015-0797 bmo1080995 Buffer overflow parsing H.264 video with Linux Gstreamer MFSA 2015-48/CVE-2015-2710 bmo1149542 Buffer overflow with SVG content and CSS MFSA...
Security update for MozillaFirefox, MozillaThunderbird, mozilla-nspr (important)
Mozilla Firefox and Thunderbird were updated to fix several important vulnerabilities. Mozilla Firefox was updated to 37.0.1. Mozilla Thunderbird was updated to 31.6.0. mozilla-nspr was updated to 4.10.8 as a dependency. The following vulnerabilities were fixed in Mozilla Firefox: Miscellaneous...
update to Firefox 31.5.3 (important)
Update to Firefox 31.5.3 bnc923534 MFSA 2015-28/CVE-2015-0818 bmo1144988 Privilege escalation through SVG navigation MFSA 2015-29/CVE-2015-0817 bmo1145255 Code execution through incorrect JavaScript bounds checking elimination - update to Firefox 31.5.0esr bnc917597 MFSA 2015-11/CVE-2015-0836...
Security update for samba (important)
samba was updated to fix two security issues. These security issues were fixed: - CVE-2015-0240: Ensure we don't call tallocfree on an uninitialized pointer bnc917376. - CVE-2014-8143: Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain...
Security update for xen (important)
The XEN virtualization was updated to fix bugs and security issues: Security issues fixed: CVE-2015-0361: XSA-116: xen: xen crash due to use after free on hvm guest teardown CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation CVE-2014-9030: XSA-113: Guest effectable page reference lea...
update for openssl (important)
The following issues were fixed in this release: CVE-2014-3566: SSLv3 POODLE attack bnc901223 CVE-2014-3513, CVE-2014-3567: DTLS memory leak and session ticket memory leak...
update flash-player to 11.2.202.40 (important)
Adobe Flash Player was updated to 11.2.202.406 bnc895856: APSB14-21, CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559 More information can be found on:...
kernel: security and bugfix update (important)
This Linux kernel security update fixes various security issues and bugs. The Linux Kernel was updated to fix various security issues and bugs. Main security issues fixed: A security issue in the tty layer that was fixed that could be used by local attackers for code execution CVE-2014-0196. Two...
postgresql: security and bugfix update to 9.0.13 (important)
Postgresql was updated to version 9.0.13 bnc812525: CVE-2013-1899: Fix insecure parsing of server command-line switches. A connection request containing a database name that begins with "-" could be crafted to damage or destroy files within the server's data directory, even if the request is...
NRPE metacharacter filtering omission (important)
NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...
flash-player to 11.2.202.273 (critical)
Flash Player was updated to 11.2.202.273 to fix critical security issues: bnc806415 APSB13-08, CVE-2013-0504, CVE-2013-0643, CVE-2013-0648 More information can be found on: https://www.adobe.com/support/security/bulletins/apsb13-08.h tml...
java-1_6_0-openjdk: icedtea-web update to 1.11.4 (bnc#) (critical)
The icedtea-web Java plugin was updated to 1.11.4 to fix critical security issues: Security fixes - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder - S7163201, CVE-2012-0547: Simplify toolkit internals references OpenJDK - S7182135: Impossible to use some editors directly -...
update for chromium, v8 (important)
Version upgrade of chromium to address multiple security vulnerabilities...
tomcat6: Fix multiple weaknesses in HTTP DIGESTS (important)
This update fixes a regression in parameter passing in urldecoding of parameters that contain spaces. In addition, multiple weaknesses in HTTP DIGESTS are fixed CVE-2011-1184. CVE-2011-5062: The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0....
MozillaThunderbird: Update to 3.1.12 (important)
Mozilla Thunderbird was updated to 3.1.12 fixing various bugs and security issues: Mozilla Foundation Security Advisory 2011-32 MFSA 2011-32 http://www.mozilla.org/security/announce/2011/mfsa2011-32.ht ml Many of the issues listed below are not exploitable through mail since JavaScript is disable...
ecryptfs-utils: Update to fix various symlink race attacks (important)
This update of ecryptfs-utils fixes several security problems: - CVE-2011-1831 - Race condition when checking mountpoint during mount. - CVE-2011-1832 - Race condition when checking mountpoint during unmount. - CVE-2011-1833 - Race condition when checking source during mount. - CVE-2011-1834 -...
bind: fixing remote Denial of Service (CVE-2011-2464) (important)
A remote Denial of Service vulnerability has been fixed in bind. Specially crafted packets could cause bind servers recursive as well as authoritative to exit. CVE-2011-2464 has been assigned to this issue...
Security update for v4l2loopback (moderate)
openSUSE Security Update: Security update for v4l2loopback Announcement ID: openSUSE-SU-2022:10160-1 Rating: moderate References: 1202156 Cross-References: CVE-2022-2652 CVSS scores: CVE-2022-2652 NVD : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H CVE-2022-2652 SUSE: 6...
Security update for nim (important)
openSUSE Security Update: Security update for nim Announcement ID: openSUSE-SU-2022:10101-1 Rating: important References: 1175332 1175333 1175334 1181705 1185083 1185084 1185085 1185948 1192712 Cross-References: CVE-2020-15690 CVE-2020-15692 CVE-2020-15693 CVE-2020-15694 CVE-2021-21372...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10099-1 Rating: important References: 1202509 Cross-References: CVE-2022-2852 CVE-2022-2853 CVE-2022-2854 CVE-2022-2855 CVE-2022-2856 CVE-2022-2857 CVE-2022-2858 CVE-2022-2859 CVE-2022-2860 CVE-2022-2861...
Security update for librecad (important)
openSUSE Security Update: Security update for librecad Announcement ID: openSUSE-SU-2022:10002-1 Rating: important References: 1195105 1195122 1197664 Cross-References: CVE-2021-45341 CVE-2021-45342 CVSS scores: CVE-2021-45341 NVD : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-45342...
Security update for php-composer (important)
openSUSE Security Update: Security update for php-composer Announcement ID: openSUSE-SU-2022:0132-1 Rating: important References: 1198494 Cross-References: CVE-2021-41116 CVE-2022-24828 CVSS scores: CVE-2021-41116 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-24828 NVD : 8.8...
Security update for lapack (moderate)
openSUSE Security Update: Security update for lapack Announcement ID: openSUSE-SU-2022:0915-1 Rating: moderate References: 1193562 Cross-References: CVE-2021-4048 CVSS scores: CVE-2021-4048 NVD : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2021-4048 SUSE: 4.7...
Security update for MozillaThunderbird (important)
openSUSE Security Update: Security update for MozillaThunderbird Announcement ID: openSUSE-SU-2022:0804-1 Rating: important References: 1196809 Cross-References: CVE-2022-26485 CVE-2022-26486 CVSS scores: CVE-2022-26485 SUSE: 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-26486 SUSE: 8...
Security update for mariadb (important)
openSUSE Security Update: Security update for mariadb Announcement ID: openSUSE-SU-2022:0725-1 Rating: important References: 1195325 1195334 1195339 1196016 Cross-References: CVE-2021-46657 CVE-2021-46658 CVE-2021-46659 CVE-2021-46661 CVE-2021-46663 CVE-2021-46664 CVE-2021-46665 CVE-2021-46668...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:0042-1 Rating: important References: 1195986 Cross-References: CVE-2022-0603 CVE-2022-0604 CVE-2022-0605 CVE-2022-0606 CVE-2022-0607 CVE-2022-0608 CVE-2022-0609 CVE-2022-0610 Affected Products: openSUSE...
Security update for qemu (low)
openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2022:0210-1 Rating: low References: 1172033 1181361 Cross-References: CVE-2020-13253 CVE-2021-20196 CVSS scores: CVE-2020-13253 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-13253 SUSE: 3.3...
Security update for python-pip (moderate)
openSUSE Security Update: Security update for python-pip Announcement ID: openSUSE-SU-2021:4002-1 Rating: moderate References: 1186819 Cross-References: CVE-2021-3572 CVSS scores: CVE-2021-3572 SUSE: 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N Affected Products: openSUSE Leap 15.3 An update...
Security update for ruby2.5 (important)
openSUSE Security Update: Security update for ruby2.5 Announcement ID: openSUSE-SU-2021:1535-1 Rating: important References: 1188160 1188161 1190375 Cross-References: CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 CVSS scores: CVE-2021-31799 SUSE: 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...
Security update for rubygem-activerecord-5_1 (moderate)
openSUSE Security Update: Security update for rubygem-activerecord-51 Announcement ID: openSUSE-SU-2021:3634-1 Rating: moderate References: 1182169 Cross-References: CVE-2021-22880 CVSS scores: CVE-2021-22880 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-22880 SUSE: 5.3...
Security update for libqt5-qtsvg (moderate)
openSUSE Security Update: Security update for libqt5-qtsvg Announcement ID: openSUSE-SU-2021:3354-1 Rating: moderate References: 1184783 Cross-References: CVE-2021-3481 CVSS scores: CVE-2021-3481 SUSE: 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L Affected Products: openSUSE Leap 15.3 An updat...
Security update for cacti, cacti-spine (moderate)
openSUSE Security Update: Security update for cacti, cacti-spine Announcement ID: openSUSE-SU-2021:1208-1 Rating: moderate References: 1188188 Cross-References: CVE-2020-14424 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: Th...
Security update for krb5 (important)
openSUSE Security Update: Security update for krb5 Announcement ID: openSUSE-SU-2021:1182-1 Rating: important References: 1188571 Cross-References: CVE-2021-36222 CVSS scores: CVE-2021-36222 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 An update tha...
Security update for go1.16 (moderate)
openSUSE Security Update: Security update for go1.16 Announcement ID: openSUSE-SU-2021:2788-1 Rating: moderate References: 1182345 1189162 Cross-References: CVE-2021-36221 Affected Products: openSUSE Leap 15.3 An update that solves one vulnerability and has one errata is now available. Descriptio...
Security update for tor (important)
openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2021:1169-1 Rating: important References: 1189489 Cross-References: CVE-2021-38385 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for tor fixes t...
Security update for crmsh (moderate)
openSUSE Security Update: Security update for crmsh Announcement ID: openSUSE-SU-2021:1087-1 Rating: moderate References: 1163460 1175982 1179999 1184465 1185423 1187553 SLE-17979 Cross-References: CVE-2020-35459 CVSS scores: CVE-2020-35459 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H...
Security update for gsoap (important)
openSUSE Security Update: Security update for gsoap Announcement ID: openSUSE-SU-2021:0664-1 Rating: important References: 1182098 Cross-References: CVE-2020-13576 CVSS scores: CVE-2020-13576 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP2 A...
Security update for ruby2.5 (moderate)
openSUSE Security Update: Security update for ruby2.5 Announcement ID: openSUSE-SU-2021:0607-1 Rating: moderate References: 1184644 Cross-References: CVE-2021-28965 CVSS scores: CVE-2021-28965 SUSE: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: openSUSE Leap 15.2 An update...
Security update for apache-commons-io (moderate)
openSUSE Security Update: Security update for apache-commons-io Announcement ID: openSUSE-SU-2021:0605-1 Rating: moderate References: 1184755 Cross-References: CVE-2021-29425 CVSS scores: CVE-2021-29425 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2021-29425 SUSE: 4.3...
Security update for ovmf (moderate)
openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2021:0495-1 Rating: moderate References: 1183578 1183579 Cross-References: CVE-2021-28210 CVE-2021-28211 CVSS scores: CVE-2021-28210 SUSE: 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H CVE-2021-28211 SUSE: 4.4...
Security update for ldb (important)
openSUSE Security Update: Security update for ldb Announcement ID: openSUSE-SU-2021:0469-1 Rating: important References: 1183572 1183574 Cross-References: CVE-2020-27840 CVE-2021-20277 CVSS scores: CVE-2020-27840 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-20277 SUSE: 7.1...
Security update for gnome-autoar (moderate)
openSUSE Security Update: Security update for gnome-autoar Announcement ID: openSUSE-SU-2021:0390-1 Rating: moderate References: 1181930 Cross-References: CVE-2020-36241 CVSS scores: CVE-2020-36241 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2020-36241 SUSE: 3.9...
Security update for gdk-pixbuf (moderate)
openSUSE Security Update: Security update for gdk-pixbuf Announcement ID: openSUSE-SU-2021:0150-1 Rating: moderate References: 1174307 1180393 Cross-References: CVE-2020-29385 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available...
Security update for vlc (important)
openSUSE Security Update: Security update for vlc Announcement ID: openSUSE-SU-2021:0091-1 Rating: important References: 1133290 1172727 1180755 Cross-References: CVE-2020-13428 CVE-2020-26664 Affected Products: openSUSE Leap 15.2 An update that solves two vulnerabilities and has one errata is no...