7581 matches found
Security update for libupnp (moderate)
openSUSE Security Update: Security update for libupnp Announcement ID: openSUSE-SU-2020:0805-1 Rating: moderate References: 1172625 Cross-References: CVE-2020-13848 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for libupnp...
Security update for krb5 (important)
This update for krb5 fixes the following securitz issueÖ - CVE-2017-15088: A buffer overflow in getmatchingdata was fixed that could under specific circumstances be used to execute code bsc1065274 This update was imported from the SUSE:SLE-12-SP2:Update update project...
Security update for apparmor (important)
This update for apparmor fixes the following issues: These security issues were fixed: - CVE-2017-6507: Preserve unknown profiles when reloading apparmor.service lp1668892, boo1029696 - boo1017260: Migration to apparmor.service accidently disable AppArmor. Note: This will re-enable AppArmor if it...
Security update for flash-player (important)
This update to Adobe Flash 24.0.0.194 fixes the following vulnerabilities advised under APSB17-02: - security bypass vulnerability that could lead to information disclosure CVE-2017-2938 - use-after-free vulnerabilities that could lead to code execution CVE-2017-2932, CVE-2017-2936, CVE-2017-2937...
Security update for Chromium (important)
This update to Chromium 54.0.2840.100 fixes the following vulnerabilities: - CVE-2016-5199: Heap corruption in FFmpeg boo1009892 - CVE-2016-5200: out of bounds memory access in v8 boo1009893 - CVE-2016-5201: info leak in extensions boo1009894 - CVE-2016-5202: various fixes from internal audits...
Security update for bind (important)
This update for bind fixes the following issues: - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. CVE-2016-8864, bsc1007829...
Security update for Chromium (important)
Chromium was updated to 53.0.2785.101 to fix a number of security issues and bugs. The following vulnerabilities were fixed: boo996648 - CVE-2016-5147: Universal XSS in Blink. - CVE-2016-5148: Universal XSS in Blink. - CVE-2016-5149: Script injection in extensions. - CVE-2016-5150: Use after free...
Security update for ImageMagick (important)
ImageMagick was updated to fix 66 security issues. These security issues were fixed: - CVE-2014-9810: SEGV in dpx file handler bsc983803. - CVE-2014-9811: Crash in xwd file handler bsc984032. - CVE-2014-9812: NULL pointer dereference in ps file handling bsc984137. - CVE-2014-9813: Crash on...
Security update for Chromium (important)
Chromium was updated to 49.0.2623.110 to fix the following security issues: - CVE-2016-1646: Out-of-bounds read in V8 - CVE-2016-1647: Use-after-free in Navigation - CVE-2016-1648: Use-after-free in Extensions - CVE-2016-1649: Buffer overflow in libANGLE - CVE-2016-1650: Various fixes from intern...
Security update for Adobe Flash Player (important)
This update to Adobe Flash Player 11.2.202.577 fixes a number of vulnerabilities that could have allowed remote attackers to execute arbitrary code through crafted content. boo970547 APSB16-08, CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0963, CVE-2016-0986, CVE-2016-0987, CVE-2016-0988...
Security update for java-1_8_0-openjdk (critical)
java-180-openjdk was updated to version 7u95 to fix 9 security issues. bsc962743 - CVE-2015-7575: Further reduce use of MD5 SLOTH bsc960996 - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same f...
Security update to MariaDB 10.0.22 (important)
MariaDB was updated to 10.0.22 to fix security issues and bugs. The following vulnerabilities were fixed in the upstream release: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4913, CVE-2015-4792 A...
Security update for flash-player (critical)
Security update to 11.2.202.508 bsc941239: APSB15-19: CVE-2015-3107, CVE-2015-5124, CVE-2015-5125, CVE-2015-5127, CVE-2015-5128, CVE-2015-5129, CVE-2015-5130, CVE-2015-5131, CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545,...
Security update for bind (important)
bind was updated to fix one security issue. This security issue was fixed: - CVE-2015-5477: Remote DoS via TKEY queries boo939567 Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet...
flash-player (critical)
flash-player was updated to fix two security issues. These security issues were fixed: - CVE-2015-5123: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 AS3 implementation in Adobe Flash Player allowed remote attackers to execute arbitrary code or cause a denial of servi...
Security update for MozillaFirefox (important)
MozillaFirefox was updated to version 35.0 bnc910669 Notable features: Firefox Hello with new rooms-based conversations model Implemented HTTP Public Key Pinning Extension for enhanced authentication of encrypted connections Security fixes: MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous...
xen: security and bugfix update (important)
XEN was updated to fix security issues and bugs. Security issues fixed: - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 - CVE-2014-7155:...
NSS update to avoid signature forgery (critical)
NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates...
kernel: security and bugfix update (important)
This Linux kernel security update fixes various security issues and bugs. The Linux Kernel was updated to fix various security issues and bugs. Main security issues fixed: A security issue in the tty layer that was fixed that could be used by local attackers for code execution CVE-2014-0196. Two...
update for flash-player (critical)
This flash-player update fixes a critical buffer overflow vulnerability that leads to arbitrary code execution. The flash-player package was updated to version 11.2.202.356. bnc875577, APSB14-13, CVE-2014-0515...
gnutls (critical)
The gnutls library was updated to fix SSL certificate validation. Remote man-in-the-middle attackers were able to make the verification believe that a SSL certificate is valid even though it was not. Also the TLS-CBC timing attack vulnerability was fixed...
kernel (critical)
The openSUSE 12.1 kernel was updated to fix a critical security issue and also some reiserfs bugs. CVE-2013-2850: Incorrect strncpy usage in the network listening part of the iscsi target driver could have been used by remote attackers to crash the kernel or execute code. This required the iscsi...
NRPE metacharacter filtering omission (important)
NRPE the Nagios Remote Plug-In Executor allows the passing of $ to plugins/scripts which, if run under bash, will execute that shell command under a subprocess and pass the output as a parameter to the called script. Using this, it is possible to get called scripts, such as checkhttp, to execute...
Seamonkey update (critical)
Seamonkey was upgraded to version 2.5 in order to fix the following security problems: MFSA 2011-47/CVE-2011-3648 bmo690225 Potential XSS against sites using Shift-JIS MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 Miscellaneous memory safety hazards MFSA 2011-49/CVE-2011-3650 bmo674776...
xen: Fixed a security bug and various other bugs (important)
Security / Collective Update for Xen Xen: - bnc702025 - VUL-0: xen: VT-d PCI passthrough MSI trap injection CVE-2011-1898 - bnc703924 - update block-npiv scripts to support BFA HBA - bnc689954 - L3: Live migrations fail when guest crashes: domaincrashsync called from entry.S - bnc693472 - Bridge...
kvm (important)
A privileged guest user could cause a buffer overflow in the virtio subsystem of the host, therefore crashing the guest or potentially execute arbitrary code on the host CVE-2011-2212, CVE-2011-2512...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10146-1 Rating: important References: 1204223 Cross-References: CVE-2022-3445 CVE-2022-3446 CVE-2022-3447 CVE-2022-3448 CVE-2022-3449 CVE-2022-3450 Affected Products: openSUSE Backports SLE-15-SP4 An update...
Security update for lighttpd (moderate)
openSUSE Security Update: Security update for lighttpd Announcement ID: openSUSE-SU-2022:10140-1 Rating: moderate References: 1203872 Cross-References: CVE-2022-41556 CVSS scores: CVE-2022-41556 SUSE: 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP...
Security update for mupdf (moderate)
openSUSE Security Update: Security update for mupdf Announcement ID: openSUSE-SU-2022:10126-1 Rating: moderate References: 1202858 Cross-References: CVE-2018-25032 CVE-2021-4216 CVSS scores: CVE-2018-25032 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-25032 SUSE: 8.1...
Security update for opera (important)
openSUSE Security Update: Security update for opera Announcement ID: openSUSE-SU-2022:10108-1 Rating: important References: Cross-References: CVE-2022-2852 CVE-2022-2853 CVE-2022-2854 CVE-2022-2855 CVE-2022-2856 CVE-2022-2857 CVE-2022-2858 CVE-2022-2859 CVE-2022-2860 CVE-2022-2861 Affected...
Security update for libreoffice (moderate)
openSUSE Security Update: Security update for libreoffice Announcement ID: openSUSE-SU-2022:0886-1 Rating: moderate References: 1196456 SLE-18214 Cross-References: CVE-2021-25636 CVSS scores: CVE-2021-25636 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2021-25636 SUSE: 6.3...
Security update for rust, rust1.58, rust1.59 (moderate)
openSUSE Security Update: Security update for rust, rust1.58, rust1.59 Announcement ID: openSUSE-SU-2022:0843-1 Rating: moderate References: 1194767 Cross-References: CVE-2022-21658 CVSS scores: CVE-2022-21658 NVD : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2022-21658 SUSE: 6.2...
Security update for bitcoin (moderate)
openSUSE Security Update: Security update for bitcoin Announcement ID: openSUSE-SU-2022:0072-1 Rating: moderate References: Cross-References: CVE-2021-3195 CVSS scores: CVE-2021-3195 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: openSUSE Backports SLE-15-SP3 An update...
Security update for firejail (important)
openSUSE Security Update: Security update for firejail Announcement ID: openSUSE-SU-2022:0037-1 Rating: important References: 1195880 Affected Products: openSUSE Backports SLE-15-SP3 An update that contains security fixes can now be installed. Description: This update for firejail fixes the...
Security update for runc (moderate)
openSUSE Security Update: Security update for runc Announcement ID: openSUSE-SU-2021:4171-1 Rating: moderate References: 1193436 Cross-References: CVE-2021-43784 CVSS scores: CVE-2021-43784 NVD : 6 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L Affected Products: openSUSE Leap 15.3 An update that...
Security update for seamonkey (important)
openSUSE Security Update: Security update for seamonkey Announcement ID: openSUSE-SU-2021:1588-1 Rating: important References: Affected Products: openSUSE Backports SLE-15-SP3 An update that contains security fixes can now be installed. Description: This update for seamonkey fixes the following...
Security update for xen (moderate)
openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2021:3968-1 Rating: moderate References: 1027519 1191363 1192554 1192557 1192559 Cross-References: CVE-2021-28702 CVE-2021-28704 CVE-2021-28705 CVE-2021-28706 CVE-2021-28707 CVE-2021-28708 CVE-2021-28709 CVSS scores:...
Security update for openexr (moderate)
openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2021:3844-1 Rating: moderate References: 1192498 1192556 Cross-References: CVE-2021-3933 CVE-2021-3941 CVSS scores: CVE-2021-3933 SUSE: 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-3941 SUSE: 5.5...
Security update for netcdf (important)
openSUSE Security Update: Security update for netcdf Announcement ID: openSUSE-SU-2021:3815-1 Rating: important References: 1191856 Cross-References: CVE-2019-20005 CVE-2019-20006 CVE-2019-20007 CVE-2019-20198 CVE-2019-20199 CVE-2019-20200 CVE-2019-20201 CVE-2019-20202 CVE-2021-26220 CVE-2021-262...
Security update for transfig (important)
openSUSE Security Update: Security update for transfig Announcement ID: openSUSE-SU-2021:1481-1 Rating: important References: 1189325 1189343 1189345 1189346 1190607 1190611 1190612 1190615 1190616 1190617 1190618 1192019 Cross-References: CVE-2020-21529 CVE-2020-21530 CVE-2020-21531 CVE-2020-215...
Security update for mailman (important)
openSUSE Security Update: Security update for mailman Announcement ID: openSUSE-SU-2021:1452-1 Rating: important References: 1047218 1191959 1191960 Cross-References: CVE-2021-42096 CVE-2021-42097 CVSS scores: CVE-2021-42096 SUSE: 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-42097...
Security update for krb5 (moderate)
openSUSE Security Update: Security update for krb5 Announcement ID: openSUSE-SU-2021:1411-1 Rating: moderate References: 1189929 Cross-References: CVE-2021-37750 CVSS scores: CVE-2021-37750 SUSE: 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 An update that...
Security update for shibboleth-sp (low)
openSUSE Security Update: Security update for shibboleth-sp Announcement ID: openSUSE-SU-2021:3244-1 Rating: low References: 1184222 Affected Products: openSUSE Leap 15.3 An update that contains security fixes can now be installed. Description: This update for shibboleth-sp fixes the following...
Security update for ghostscript (critical)
openSUSE Security Update: Security update for ghostscript Announcement ID: openSUSE-SU-2021:1273-1 Rating: critical References: 1184123 1190381 Cross-References: CVE-2021-3781 CVSS scores: CVE-2021-3781 SUSE: 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 A...
Security update for wireshark (moderate)
openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2021:1276-1 Rating: moderate References: 1188375 Cross-References: CVE-2021-22235 CVSS scores: CVE-2021-22235 SUSE: 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 An update...
Security update for libtpms (important)
openSUSE Security Update: Security update for libtpms Announcement ID: openSUSE-SU-2021:3004-1 Rating: important References: 1189935 Cross-References: CVE-2021-3746 CVSS scores: CVE-2021-3746 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.3 An update th...
Security update for dbus-1 (moderate)
openSUSE Security Update: Security update for dbus-1 Announcement ID: openSUSE-SU-2021:2810-1 Rating: moderate References: 1172505 Cross-References: CVE-2020-12049 CVSS scores: CVE-2020-12049 NVD : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-12049 SUSE: 5.5...
Security update for libass (important)
openSUSE Security Update: Security update for libass Announcement ID: openSUSE-SU-2021:1174-1 Rating: important References: 1188539 Cross-References: CVE-2020-36430 CVSS scores: CVE-2020-36430 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2020-36430 SUSE: 7.5...
Security update for roundcubemail (important)
openSUSE Security Update: Security update for roundcubemail Announcement ID: openSUSE-SU-2021:0942-1 Rating: important References: 1180399 1187706 1187707 Cross-References: CVE-2020-18670 CVE-2020-18671 CVE-2020-35730 CVSS scores: CVE-2020-18670 NVD : 5.4...
Security update for go1.15 (important)
openSUSE Security Update: Security update for go1.15 Announcement ID: openSUSE-SU-2021:2214-1 Rating: important References: 1175132 1186622 1187443 1187444 1187445 Cross-References: CVE-2021-33195 CVE-2021-33196 CVE-2021-33197 CVE-2021-33198 CVSS scores: CVE-2021-33195 SUSE: 6.1...