7581 matches found
Security update for docker-distribution (moderate)
openSUSE Security Update: Security update for docker-distribution Announcement ID: openSUSE-SU-2020:1433-1 Rating: moderate References: 1033172 1049850 Cross-References: CVE-2017-11468 Affected Products: openSUSE Backports SLE-15-SP2 An update that solves one vulnerability and has one errata is n...
Security update for xorg-x11-server (important)
openSUSE Security Update: Security update for xorg-x11-server Announcement ID: openSUSE-SU-2020:1374-1 Rating: important References: 1174910 1174913 Cross-References: CVE-2020-14361 CVE-2020-14362 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available...
Security update for postgresql10 (important)
openSUSE Security Update: Security update for postgresql10 Announcement ID: openSUSE-SU-2020:1312-1 Rating: important References: 1175193 1175194 Cross-References: CVE-2020-14349 CVE-2020-14350 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available...
Security update for MozillaFirefox (moderate)
openSUSE Security Update: Security update for MozillaFirefox Announcement ID: openSUSE-SU-2020:1034-1 Rating: moderate References: 1173948 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for MozillaFirefox fixes the...
Security update for graphviz (moderate)
openSUSE Security Update: Security update for graphviz Announcement ID: openSUSE-SU-2020:0906-1 Rating: moderate References: 1132091 Cross-References: CVE-2019-11023 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for graphvi...
Security update for opera (moderate)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2019:2154-1 Rating: moderate References: Affected Products: openSUSE Leap 15.2:NonFree An update that contains security fixes can now be installed. Description: This update for opera fixes the following issues: Opera...
Security update for file-roller (low)
openSUSE Security Update: Security update for file-roller Announcement ID: openSUSE-SU-2020:0825-1 Rating: low References: 1151585 1169428 Cross-References: CVE-2019-16680 CVE-2020-11736 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...
Security update for python-markdown2 (moderate)
openSUSE Security Update: Security update for python-markdown2 Announcement ID: openSUSE-SU-2020:0656-1 Rating: moderate References: 1171379 Cross-References: CVE-2020-11888 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This...
Security update for postgresql96 (moderate)
openSUSE Security Update: Security update for postgresql96 Announcement ID: openSUSE-SU-2019:1668-1 Rating: moderate References: 1134689 Cross-References: CVE-2019-10130 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for...
Security update for freetype2 (important)
This update for freetype2 fixes the following security issues: - CVE-2016-10244: Make sure that the parsecharstrings function in type1/t1load.c does ensure that a font contains a glyph name to prevent a DoS through a heap-based buffer over-read or possibly have unspecified other impact via a...
Security update for util-linux (important)
This update for util-linux fixes the following issues: This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041. This non-security issues were fixed: - lscpu: Implement WSL...
Security update for dnsmasq (important)
This update for dnsmasq fixes the following issues: - CVE-2015-8899: Denial of service between local and remote dns entries bsc983273 This update was imported from the SUSE:SLE-12-SP1:Update update project...
Security update for gd (important)
This update for gd fixes the following security issues: - CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp bsc1001900 - CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf bsc1004924 -...
Security update for MozillaFirefox, mozilla-nss (important)
MozillaFirefox was updated to version 49.0 boo999701 - New features Updated Firefox Login Manager to allow HTTPS pages to use saved HTTP logins. Added features to Reader Mode that make it easier on the eyes and the ears Improved video performance for users on systems that support SSE3 without...
Security update for Chromium (important)
Chromium was updated to 51.0.2704.63 to fix the following vulnerabilities boo981886: - CVE-2016-1672: Cross-origin bypass in extension bindings - CVE-2016-1673: Cross-origin bypass in Blink - CVE-2016-1674: Cross-origin bypass in extensions - CVE-2016-1675: Cross-origin bypass in Blink -...
Security update for cgit (important)
This update for cgit fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code CVE-2016-2315, CVE-2016-2324, bsc971328...
Security update for Firefox (important)
This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues: MozillaFirefox was updated to Firefox 45.0 boo969894 requires NSPR 4.12 / NSS 3.21.1 Instant browser tab sharing through Hello Synced Tabs button in button bar Tabs synced via Firefox Accounts from other devices...
Security update for Chromium (important)
Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...
Security update for bind (important)
This update for bind fixes the following issues: - CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations bsc962189...
Security update for openssh (critical)
This update for openssh fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature bsc961642 - CVE-2016-0778: A malicious or compromised server could could trigger a...
Security update for samba, ldb, talloc, tdb, tevent (important)
This update for ldb, samba, talloc, tdb, tevent fixes the following issues: ldb was updated to 1.1.24. + Fix ldap \00 search expression attack dos; cve-2015-3223; bso11325 + Fix remote read memory exploit in ldb; cve-2015-5330; bso11599 + Move ldbunpackdata into ldbmodule.h for testing + Fix...
Security update for bouncycastle (important)
bouncycastle was updated to version 1.53 to fix one security issue. This security issue was fixed: - CVE-2015-7940: Invalid curve attack bsc951727...
Security update for java-1_8_0-openjdk (important)
OpenJDK was updated to 2.6.1 - OpenJDK 8u51 to fix security issues and bugs. The following vulnerabilities were fixed: CVE-2015-2590: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this...
Security update for cups (critical)
This update fixes the following issues: - CVE-2015-1158 and CVE-2015-1159 fixes a possible privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on server CUPS STR4609 CERT-VU-810572 CVE-2015-1158 CVE-2015-1159 bugzilla.suse.com bsc924208. In genera...
Update to Firefox 31.7.0esr (important)
update to Firefox 31.7.0esr bnc930622 MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety hazards MFSA 2015-47/VE-2015-0797 bmo1080995 Buffer overflow parsing H.264 video with Linux Gstreamer MFSA 2015-48/CVE-2015-2710 bmo1149542 Buffer overflow with SVG content and CSS MFSA...
Security update for MozillaFirefox, mozilla-nss (important)
MozillaFirefox, mozilla-nss were updated to fix 18 security issues. MozillaFirefox was updated to version 36.0. These security issues were fixed: - CVE-2015-0835, CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0832: Appended period to hostnames can bypass HPKP and HSTS protections ...
MozillaThunderbird: Update to 24.7.0 (important)
MozillaThunderbird was updated to Thunderbird 24.7.0 bnc887746 MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards MFSA 2014-61/CVE-2014-1555 bmo1023121 Use-after-free with FireOnStateChange event MFSA 2014-62/CVE-2014-1556 bmo1028891 Exploitable WebGL crash with Cesium...
gnutls: fixed SSL certificate validation problems (critical)
The gnutls library was updated to fixed x509 certificate validation problems, where man-in-the-middle attackers could hijack SSL connections. This update also reenables Elliptic Curve support to meet current day cryptographic requirements...
flash-player: update to 11.2.202.341 security release (critical)
Adobe Flash Player was updated to 11.2.202.341: bnc865021 APSB14-07, CVE-2014-0498 CVE-2014-0499 CVE-2014-0502 - Contents of flashplayer11sa.i386.tar.gz changed back: spec file updated, supplementary script update.sh updated...
update flash-player to 11.2.202.336 (critical)
Flash Player received an out of band critical security update to fix an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system CVE-2014-0497. More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14 -04.html...
chromium: 31.0.1650.57 version update (important)
Security and bugfix update to Chromium 31.0.1650.57 - Update to Chromium 31.0.1650.57: - Security Fixes: CVE-2013-6632: Multiple memory corruption issues. - Update to Chromium 31.0.1650.48 Stable Channel update: - Security fixes: CVE-2013-6621: Use after free related to speech input elements...
flash-player to 11.2.202.327 (important)
Adobe Flash Player was updated to 11.2.202.327: bnc850220 APSB13-26, CVE-2013-5329, CVE-2013-5330...
flash-player to 11.2.202.327 (important)
Adobe Flash Player was updated to 11.2.202.327: bnc850220 APSB13-26, CVE-2013-5329, CVE-2013-5330...
MozillaThunderbird: update to 17.0.6 (important)
MozillaThunderbird was updated to security update Thunderbird 17.0.6 bnc819204: MFSA 2013-41/CVE-2013-0801/CVE-2013-1669 Miscellaneous memory safety hazards MFSA 2013-42/CVE-2013-1670 bmo853709 Privileged access for content level constructor MFSA 2013-46/CVE-2013-1674 bmo860971 Use-after-free wit...
MozillaFirefox to 14.0.1 (critical)
MozillaFirefox was updated to 14.0.1 to fix various bugs and security issues. Following security issues were fixed: MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...
MozillaFirefox, MozillaThunderbird, mozilla-nss, seamonkey, xulrunner: June (important)
Changes in MozillaFirefox: - update to Firefox 13.0 bnc765204 MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101 Miscellaneous memory safety hazards MFSA 2012-36/CVE-2012-1944 bmo751422 Content Security Policy inline-script bypass MFSA 2012-37/CVE-2012-1945 bmo670514 Information disclosure...
krb5-appl: Fixed remote buffer overflow in ktelnetd (important)
This update of krb5 applications fixes two security issues. CVE-2011-4862: A remote code execution in the kerberized telnet daemon was fixed. This only affects the ktelnetd from the krb5-appl RPM, not the regular telnetd supplied by SUSE. CVE-2011-1526 / MITKRB5-SA-2011-005: Fixed krb5 ftpd...
xorg-x11-libs (important)
Specially crafted font files could cause a buffer overflow in applications that use libXfont to load such files CVE-2011-2895...
MozillaFirefox: Update to Firefox 6 (important)
Mozilla Firefox was updated to version 6. It brings new features, fixes bugs and security issues. Following security issues were fixed: http://www.mozilla.org/security/announce/2011/mfsa2011-29.ht ml Mozilla Foundation Security Advisory 2011-29 MFSA 2011-29 Miscellaneous memory safety hazards:...
bind: fixing remote Denial of Service (CVE-2011-2464) (important)
A remote Denial of Service vulnerability has been fixed in bind. Specially crafted packets could cause bind servers recursive as well as authoritative to exit. CVE-2011-2464 has been assigned to this issue...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:0125-1 Rating: important References: 1198917 1199118 Cross-References: CVE-2022-1477 CVE-2022-1478 CVE-2022-1479 CVE-2022-1480 CVE-2022-1481 CVE-2022-1482 CVE-2022-1483 CVE-2022-1484 CVE-2022-1485 CVE-2022-14...
Security update for pdns-recursor (important)
openSUSE Security Update: Security update for pdns-recursor Announcement ID: openSUSE-SU-2022:0105-1 Rating: important References: 1197525 Cross-References: CVE-2022-27227 CVSS scores: CVE-2022-27227 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27227 SUSE: 7.5...
Security update for mariadb (important)
openSUSE Security Update: Security update for mariadb Announcement ID: openSUSE-SU-2022:0731-1 Rating: important References: 1195325 1195334 1195339 1196016 SLE-22245 Cross-References: CVE-2021-46657 CVE-2021-46658 CVE-2021-46659 CVE-2021-46661 CVE-2021-46663 CVE-2021-46664 CVE-2021-46665...
Security update for sphinx (moderate)
openSUSE Security Update: Security update for sphinx Announcement ID: openSUSE-SU-2022:0054-1 Rating: moderate References: 1157590 1195227 Cross-References: CVE-2020-29050 CVSS scores: CVE-2020-29050 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Leap 15.3 An...
Security update for python-Twisted (important)
openSUSE Security Update: Security update for python-Twisted Announcement ID: openSUSE-SU-2022:0499-1 Rating: important References: 1195667 Cross-References: CVE-2022-21712 CVSS scores: CVE-2022-21712 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-21712 SUSE: 7.1...
Security update for json-c (important)
openSUSE Security Update: Security update for json-c Announcement ID: openSUSE-SU-2022:0184-2 Rating: important References: 1171479 Cross-References: CVE-2020-12762 CVSS scores: CVE-2020-12762 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2020-12762 SUSE: 7.8...
Security update for gegl (important)
openSUSE Security Update: Security update for gegl Announcement ID: openSUSE-SU-2021:4209-1 Rating: important References: 1194045 Cross-References: CVE-2021-45463 CVSS scores: CVE-2021-45463 SUSE: 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update tha...
Security update for glib-networking (important)
openSUSE Security Update: Security update for glib-networking Announcement ID: openSUSE-SU-2021:1554-1 Rating: important References: 1172460 Cross-References: CVE-2020-13645 CVSS scores: CVE-2020-13645 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2020-13645 SUSE: 6.5...
Security update for bind (important)
openSUSE Security Update: Security update for bind Announcement ID: openSUSE-SU-2021:1502-1 Rating: important References: 1192146 Cross-References: CVE-2021-25219 CVSS scores: CVE-2021-25219 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2021-25219 SUSE: 5.3...
Security update for qemu (important)
openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2021:3605-1 Rating: important References: 1189234 1189702 1189938 1190425 Cross-References: CVE-2021-3713 CVE-2021-3748 CVSS scores: CVE-2021-3713 SUSE: 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2021-3748...