7849 matches found
Security update for json-c (important)
openSUSE Security Update: Security update for json-c Announcement ID: openSUSE-SU-2022:0184-2 Rating: important References: 1171479 Cross-References: CVE-2020-12762 CVSS scores: CVE-2020-12762 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2020-12762 SUSE: 7.8...
Security update for SDL2 (important)
openSUSE Security Update: Security update for SDL2 Announcement ID: openSUSE-SU-2022:0104-2 Rating: important References: 1181201 1181202 Cross-References: CVE-2020-14409 CVE-2020-14410 CVSS scores: CVE-2020-14409 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2020-14409 SUSE: 7.8...
Security update for virtualbox (important)
openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2022:0020-1 Rating: important References: 1194065 1194126 1194128 1194924 Cross-References: CVE-2022-21394 CVSS scores: CVE-2022-21394 NVD : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products:...
Security update for xen (moderate)
openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2021:3968-1 Rating: moderate References: 1027519 1191363 1192554 1192557 1192559 Cross-References: CVE-2021-28702 CVE-2021-28704 CVE-2021-28705 CVE-2021-28706 CVE-2021-28707 CVE-2021-28708 CVE-2021-28709 CVSS scores:...
Security update for go1.17 (moderate)
openSUSE Security Update: Security update for go1.17 Announcement ID: openSUSE-SU-2021:3833-1 Rating: moderate References: 1190649 1192377 1192378 Cross-References: CVE-2021-41771 CVE-2021-41772 CVSS scores: CVE-2021-41772 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products:...
Security update for netcdf (important)
openSUSE Security Update: Security update for netcdf Announcement ID: openSUSE-SU-2021:3804-1 Rating: important References: 1191856 Cross-References: CVE-2019-20005 CVE-2019-20006 CVE-2019-20007 CVE-2019-20198 CVE-2019-20199 CVE-2019-20200 CVE-2019-20201 CVE-2019-20202 CVE-2021-26220 CVE-2021-262...
Security update for barrier (moderate)
openSUSE Security Update: Security update for barrier Announcement ID: openSUSE-SU-2021:1498-1 Rating: moderate References: Cross-References: CVE-2021-42072 CVE-2021-42073 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Description: This update for...
Security update for binutils (moderate)
openSUSE Security Update: Security update for binutils Announcement ID: openSUSE-SU-2021:3643-1 Rating: moderate References: 1183909 1184519 1188941 1191473 1192267 Cross-References: CVE-2021-20294 CVSS scores: CVE-2021-20294 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-20294...
Security update for salt (moderate)
openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2021:3557-1 Rating: moderate References: 1190265 Cross-References: CVE-2021-21996 CVSS scores: CVE-2021-21996 SUSE: 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L Affected Products: openSUSE Leap 15.3 An update that...
Security update for ffmpeg (moderate)
openSUSE Security Update: Security update for ffmpeg Announcement ID: openSUSE-SU-2021:3521-1 Rating: moderate References: 1186756 1187852 1189166 1190718 1190719 1190722 1190723 1190726 1190729 1190733 1190734 1190735 Cross-References: CVE-2020-20891 CVE-2020-20892 CVE-2020-20895 CVE-2020-20896...
Security update for haproxy (moderate)
openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2021:1329-1 Rating: moderate References: 1189877 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for haproxy fixes the following issues: -...
Security update for gd (moderate)
openSUSE Security Update: Security update for gd Announcement ID: openSUSE-SU-2021:3236-1 Rating: moderate References: 1190400 Cross-References: CVE-2021-40812 CVSS scores: CVE-2021-40812 SUSE: 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: openSUSE Leap 15.3 An update that fix...
Security update for libass (important)
openSUSE Security Update: Security update for libass Announcement ID: openSUSE-SU-2021:1174-1 Rating: important References: 1188539 Cross-References: CVE-2020-36430 CVSS scores: CVE-2020-36430 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2020-36430 SUSE: 7.5...
Security update for polkit (important)
openSUSE Security Update: Security update for polkit Announcement ID: openSUSE-SU-2021:1843-1 Rating: important References: 1186497 Cross-References: CVE-2021-3560 CVSS scores: CVE-2021-3560 SUSE: 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.3 An update tha...
Security update for libwebp (critical)
openSUSE Security Update: Security update for libwebp Announcement ID: openSUSE-SU-2021:1860-1 Rating: critical References: 1185652 1185654 1185673 1185674 1185685 1185686 1185688 1185690 1185691 1186247 Cross-References: CVE-2018-25009 CVE-2018-25010 CVE-2018-25011 CVE-2018-25012 CVE-2018-25013...
Security update for wireshark (important)
openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2021:2125-1 Rating: important References: 1179930 1179931 1179932 1179933 1180102 1180232 1181598 1181599 1183353 1184110 1185128 Cross-References: CVE-2020-26418 CVE-2020-26419 CVE-2020-26420 CVE-2020-26421...
Security update for roundcubemail (important)
openSUSE Security Update: Security update for roundcubemail Announcement ID: openSUSE-SU-2021:0943-1 Rating: important References: 1180399 1187706 1187707 Cross-References: CVE-2020-18670 CVE-2020-18671 CVE-2020-35730 CVSS scores: CVE-2020-18670 NVD : 5.4...
Security update for go1.14 (moderate)
openSUSE Security Update: Security update for go1.14 Announcement ID: openSUSE-SU-2021:0194-1 Rating: moderate References: 1164903 1181145 1181146 Cross-References: CVE-2021-3114 CVE-2021-3115 Affected Products: openSUSE Leap 15.2 An update that solves two vulnerabilities and has one errata is no...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:2216-1 Rating: important References: 1179576 Cross-References: CVE-2020-16037 CVE-2020-16038 CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042 Affected Products: openSUSE Leap 15.1 An update that...
Security update for python-pip (important)
openSUSE Security Update: Security update for python-pip Announcement ID: openSUSE-SU-2020:2169-1 Rating: important References: 1176262 Cross-References: CVE-2019-20916 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...
Security update for ceph (moderate)
openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2020:2082-1 Rating: moderate References: 1163764 1170200 1170498 1173079 1174466 1174529 1174644 1175120 1175161 1175169 1176451 1176499 1176638 1177078 1177151 1177319 1177344 1177450 1177643 1177676 1177843 1177933...
Security update for ceph (moderate)
openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2020:2057-1 Rating: moderate References: 1151612 1158257 1169134 1170487 1174591 1175061 1175240 1175781 1177843 Cross-References: CVE-2020-25660 Affected Products: openSUSE Leap 15.1 An update that solves one...
Security update for pacemaker (important)
openSUSE Security Update: Security update for pacemaker Announcement ID: openSUSE-SU-2020:1825-1 Rating: important References: 1167171 1173668 1175557 1177916 Cross-References: CVE-2020-25654 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has three fixes is now...
Security update for perl-DBI (important)
openSUSE Security Update: Security update for perl-DBI Announcement ID: openSUSE-SU-2020:1483-1 Rating: important References: 1176409 1176412 Cross-References: CVE-2020-14392 CVE-2020-14393 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Descriptio...
Security update for xorg-x11-server (important)
openSUSE Security Update: Security update for xorg-x11-server Announcement ID: openSUSE-SU-2020:1374-1 Rating: important References: 1174910 1174913 Cross-References: CVE-2020-14361 CVE-2020-14362 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available...
Security update for postgresql10 (important)
openSUSE Security Update: Security update for postgresql10 Announcement ID: openSUSE-SU-2020:1312-1 Rating: important References: 1175193 1175194 Cross-References: CVE-2020-14349 CVE-2020-14350 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available...
Recommended update for evince (moderate)
openSUSE Security Update: Recommended update for evince Announcement ID: openSUSE-SU-2019:1667-1 Rating: moderate References: 1122794 1133037 Cross-References: CVE-2019-11459 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now...
Security update for postgresql96 (moderate)
openSUSE Security Update: Security update for postgresql96 Announcement ID: openSUSE-SU-2019:1668-1 Rating: moderate References: 1134689 Cross-References: CVE-2019-10130 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for...
opensuse-security@xxxxxxxxxxxx</li> <li><span class="identifier"> Date</span>: Tue, 19 Jun 2018 12:08:11 +0200 (CEST)</li> <li><span class="identifier"> Message-id</span>: <<a href="msg00037.html">[email protected]</a>></li> </ul> <!--X-Head-of-Message-End--> <!--X-Head-Body-Sep-Begin--> </div> <div class="body"> <!--X-Head-Body-Sep-End--> <!--X-Body-of-Message--> openSUSE Security Update: Security update for aubio<br> ______________________________________________________________________________<br> <br> Announcement ID: openSUSE-SU-2018:1734-1<br> Rating: low<br> References: #1072317 <br> Cross-References: CVE-2017-17554<br> Affected Products:<br> openSUSE Leap 15.0<br> ______________________________________________________________________________<br> <br> An update that fixes one vulnerability is now available.<br> <br> Description:<br> <br> This update for aubio fixes the following security issue:<br> <br> - CVE-2017-17554: Prevent NULL pointer dereference in the function<br> aubio_source_avcodec_readframe which may have lead to DoS when playing a<br> crafted audio file (bsc#1072317).<br> <br> <br> Patch Instructions:<br> <br> To install this openSUSE Security Update use the SUSE recommended <br> installation methods<br> like YaST online_update or "zypper patch".<br> <br> Alternatively you can run the command listed for your product:<br> <br> - openSUSE Leap 15.0:<br> <br> zypper in -t patch openSUSE-2018-652=1<br> <br> <br> <br> Package List:<br> <br> - openSUSE Leap 15.0 (i586 x86_64):<br> <br> aubio-debugsource-0.4.6-lp150.3.3.1<br> aubio-tools-0.4.6-lp150.3.3.1<br> aubio-tools-debuginfo-0.4.6-lp150.3.3.1<br> libaubio-devel-0.4.6-lp150.3.3.1<br> libaubio5-0.4.6-lp150.3.3.1<br> libaubio5-debuginfo-0.4.6-lp150.3.3.1<br> <br> - openSUSE Leap 15.0 (x86_64):<br> <br> libaubio5-32bit-0.4.6-lp150.3.3.1<br> libaubio5-32bit-debuginfo-0.4.6-lp150.3.3.1<br> python-aubio-debugsource-0.4.6-lp150.3.3.1<br> python2-aubio-0.4.6-lp150.3.3.1<br> python2-aubio-debuginfo-0.4.6-lp150.3.3.1<br> python3-aubio-0.4.6-lp150.3.3.1<br> python3-aubio-debuginfo-0.4.6-lp150.3.3.1<br> <br> <br> References:<br> <br> <a rel="nofollow" href="https://www.suse.com/security/cve/CVE-2017-17554.html">https://www.suse.com/security/cve/CVE-2017-17554.html</a><br> <a rel="nofollow" href="https://bugzilla.suse.com/1072317">https://bugzilla.suse.com/1072317</a><br> <br> -- <br> To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx<br> For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx<br> <br> <!--X-Body-of-Message-End--> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <!-- SwishCommand noindex --> </div> <table class="bodynav"> <tr> <td align="left"> < Previous </td> <td align="right"> Next > </td> </tr> </table> </div> <div class="visualClear"></div> </div> </div> </div> <div id="column-one"> <a name="indexes"></a> <div class="portlet" id="p-topnav"> <div class="pBody"> <ul> <li><a href="threads.html">Thread Index</a></li> <li><a href="author.html">Author Index</a></li> <li><a href="date.html">Date Index</a></li> <li><a href="all.html">All Messages</a></li> </ul> </div> </div> <div class="portlet" id="p-logo"> <a style="background-image: url(/skins/opensuse/opensuse.gif);" href="../" title="Back"></a> </div> <script type="text/javascript"> if (window.isMSIE55) fixalpha(); </script> <a name="search"></a> <div id="p-search" class="portlet" style="white-space: nowrap;"> <h5><label for="searchInput">Search this list</label> (Security update for aubio</h5> <!--X-Subject-Header-End--> <!--X-Head-of-Message--> <ul> <li><span class="identifier"> From</span>)
This update for aubio fixes the following security issue: - CVE-2017-17554: Prevent NULL pointer dereference in the function aubiosourceavcodecreadframe which may have lead to DoS when playing a crafted audio file bsc1072317...
Security update for wireshark (moderate)
This update for wireshark fixes the following issues: Minor vulnerabilities that could be used to trigger dissector crashes or cause excessive memory use by making Wireshark read specially crafted packages from the network or capture files boo1094301: - CVE-2018-11356: DNS dissector crash -...
Security update for postgresql96 (important)
This update for postgresql96 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
Security update for apparmor (important)
This update for apparmor fixes the following issues: These security issues were fixed: - CVE-2017-6507: Preserve unknown profiles when reloading apparmor.service lp1668892, boo1029696 - boo1017260: Migration to apparmor.service accidently disable AppArmor. Note: This will re-enable AppArmor if it...
Security update for util-linux (important)
This update for util-linux fixes the following issues: This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges bsc1023041. This non-security issues were fixed: - lscpu: Implement WSL...
Security update for dnsmasq (important)
This update for dnsmasq fixes the following issues: - CVE-2015-8899: Denial of service between local and remote dns entries bsc983273 This update was imported from the SUSE:SLE-12-SP1:Update update project...
Security update for flash-player (important)
This update to Adobe Flash Player 11.2.202.644 fixes the following security issues: - type confusion vulnerabilities that could lead to code execution CVE-2016-7860, CVE-2016-7861, CVE-2016-7865 - use-after-free vulnerabilities that could lead to code execution CVE-2016-7857, CVE-2016-7858,...
Security update for GraphicsMagick (important)
This update for GraphicsMagick fixes the following issues: - CVE-2014-9805: SEGV due to a corrupted pnm file boo983752 - CVE-2016-5240: SVG converting issue resulting in DoS endless loop boo983309 - CVE-2016-5241: Arithmetic exception div by 0 in SVG conversion boo983455 - CVE-2014-9846: Overflow...
Security update for Chromium (important)
Chromium was updated to 51.0.2704.63 to fix the following vulnerabilities boo981886: - CVE-2016-1672: Cross-origin bypass in extension bindings - CVE-2016-1673: Cross-origin bypass in Blink - CVE-2016-1674: Cross-origin bypass in extensions - CVE-2016-1675: Cross-origin bypass in Blink -...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.94 to fix a number of vulnerabilities boo977830: - CVE-2016-1660: Out-of-bounds write in Blink - CVE-2016-1661: Memory corruption in cross-process frames - CVE-2016-1662: Use-after-free in extensions - CVE-2016-1663: Use-after-free in Blink’s V8 bindings -...
Security update for Chromium (important)
Chromium was updated to 49.0.2623.110 to fix the following security issues: - CVE-2016-1646: Out-of-bounds read in V8 - CVE-2016-1647: Use-after-free in Navigation - CVE-2016-1648: Use-after-free in Extensions - CVE-2016-1649: Buffer overflow in libANGLE - CVE-2016-1650: Various fixes from intern...
Security update for Chromium (important)
Chromium was updated to 49.0.2623.75 to fix the following security issues: boo969333 - CVE-2016-1630: Same-origin bypass in Blink - CVE-2016-1631: Same-origin bypass in Pepper Plugin - CVE-2016-1632: Bad cast in Extensions - CVE-2016-1633: Use-after-free in Blink - CVE-2016-1634: Use-after-free i...
Security update for openldap2 (important)
This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...
Security update for bind (important)
This update for bind fixes the following issues: - CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations bsc962189...
Security update for openssh (critical)
This update for openssh fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature bsc961642 - CVE-2016-0778: A malicious or compromised server could could trigger a...
Security update for grub2 (important)
Fix buffer overflows when reading username and password. bsc956631, CVE-2015-8370 - Check MS-DOS header to find PE file header. bsc954126 - Use dirname for copying Xen kernel and initrd to esp. bsc955493 - Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty. bsc954519 - Add luks,...
Security update for bouncycastle (important)
bouncycastle was updated to version 1.53 to fix one security issue. This security issue was fixed: - CVE-2015-7940: Invalid curve attack bsc951727...
Security update for flash-player (critical)
Security update to 11.2.202.508 bsc941239: APSB15-19: CVE-2015-3107, CVE-2015-5124, CVE-2015-5125, CVE-2015-5127, CVE-2015-5128, CVE-2015-5129, CVE-2015-5130, CVE-2015-5131, CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545,...
Security update for cups (critical)
This update fixes the following issues: - CVE-2015-1158 and CVE-2015-1159 fixes a possible privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on server CUPS STR4609 CERT-VU-810572 CVE-2015-1158 CVE-2015-1159 bugzilla.suse.com bsc924208. In genera...
Security update for xen (important)
Xen was updated to 4.3.4 to fix multiple vulnerabities and non-security bugs. The following vulnerabilities were fixed: - Long latency MMIO mapping operations are not preemptible XSA-125 CVE-2015-2752 bnc922705 - Unmediated PCI command register access in qemu XSA-126 CVE-2015-2756 bnc922706 -...
curl (important)
libcurl was updated to fix security issues: CVE-2014-3613: Cookies for hosts specified by numeric IP could be assigned or used for other numeric IP hosts if portions of the numerics were the same. CVE-2014-3620: libcurl allowed cookies to be set for toplevel domains, making them to broad...
MozillaThunderbird: Update to 24.7.0 (important)
MozillaThunderbird was updated to Thunderbird 24.7.0 bnc887746 MFSA 2014-56/CVE-2014-1547/CVE-2014-1548 Miscellaneous memory safety hazards MFSA 2014-61/CVE-2014-1555 bmo1023121 Use-after-free with FireOnStateChange event MFSA 2014-62/CVE-2014-1556 bmo1028891 Exploitable WebGL crash with Cesium...