7605 matches found
Security update for wget (important)
openSUSE Security Update: Security update for wget Announcement ID: openSUSE-SU-2019:0057-1 Rating: important References: 1120382 Cross-References: CVE-2018-20483 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for wget fixes...
Security update for aria2 (moderate)
openSUSE Security Update: Security update for aria2 Announcement ID: openSUSE-SU-2019:0050-1 Rating: moderate References: 1120488 Cross-References: CVE-2019-3500 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 An update that fixes one vulnerability is now...
Security update for irssi (important)
openSUSE Security Update: Security update for irssi Announcement ID: openSUSE-SU-2019:0048-1 Rating: important References: 1121396 Cross-References: CVE-2019-5882 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 SUSE Package Hub for SUSE Linux Enterprise 12 An...
Security update for sssd (moderate)
openSUSE Security Update: Security update for sssd Announcement ID: openSUSE-SU-2019:0051-1 Rating: moderate References: 1010700 1072728 1080156 1087320 1098377 1101877 1110299 Cross-References: CVE-2018-10852 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has 6...
Security update for gpg2 (moderate)
openSUSE Security Update: Security update for gpg2 Announcement ID: openSUSE-SU-2019:0020-1 Rating: moderate References: 1120346 Cross-References: CVE-2018-1000858 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for gpg2 fixe...
Security update for java-1_7_0-openjdk (important)
openSUSE Security Update: Security update for java-170-openjdk Announcement ID: openSUSE-SU-2019:0042-1 Rating: important References: 1101644 1101645 1101651 1101656 1112142 1112143 1112144 1112146 1112147 1112152 1112153 Cross-References: CVE-2018-13785 CVE-2018-16435 CVE-2018-2938 CVE-2018-2940...
Security update for java-1_8_0-openjdk (important)
openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2019:0043-1 Rating: important References: 1112142 1112143 1112144 1112146 1112147 1112148 1112152 1112153 Cross-References: CVE-2018-13785 CVE-2018-16435 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149...
Security update for gthumb (important)
openSUSE Security Update: Security update for gthumb Announcement ID: openSUSE-SU-2019:0022-1 Rating: important References: 1113749 Cross-References: CVE-2018-18718 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 An update that fixes one vulnerability is now...
Security update for LibVNCServer (important)
openSUSE Security Update: Security update for LibVNCServer Announcement ID: openSUSE-SU-2019:0045-1 Rating: important References: 1120114 1120115 1120116 1120117 1120118 1120119 1120120 1120121 1120122 Cross-References: CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021...
Security update for haproxy (important)
openSUSE Security Update: Security update for haproxy Announcement ID: openSUSE-SU-2019:0044-1 Rating: important References: 1119368 1119419 Cross-References: CVE-2018-20102 CVE-2018-20103 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available. Description...
Security update for discount (moderate)
openSUSE Security Update: Security update for discount Announcement ID: openSUSE-SU-2019:0019-1 Rating: moderate References: 1094809 1098252 Cross-References: CVE-2018-11468 CVE-2018-12495 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 An update that fixes two...
Security update for libgit2 (important)
openSUSE Security Update: Security update for libgit2 Announcement ID: openSUSE-SU-2019:0021-1 Rating: important References: 1110949 1114729 Cross-References: CVE-2018-19456 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has one errata is now available...
Security update for GraphicsMagick (moderate)
openSUSE Security Update: Security update for GraphicsMagick Announcement ID: openSUSE-SU-2019:0016-1 Rating: moderate References: 1120381 Cross-References: CVE-2018-20467 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for...
Security update for libraw (moderate)
openSUSE Security Update: Security update for libraw Announcement ID: openSUSE-SU-2019:0008-1 Rating: moderate References: 1097975 1103200 1103206 Cross-References: CVE-2018-5804 CVE-2018-5813 CVE-2018-5815 CVE-2018-5816 Affected Products: openSUSE Leap 15.0 An update that fixes four...
Security update for singularity (important)
openSUSE Security Update: Security update for singularity Announcement ID: openSUSE-SU-2019:0009-1 Rating: important References: 1111411 Cross-References: CVE-2018-19295 Affected Products: openSUSE Leap 15.0 openSUSE Backports SLE-15 An update that fixes one vulnerability is now available...
Security update for polkit (moderate)
openSUSE Security Update: Security update for polkit Announcement ID: openSUSE-SU-2019:0010-1 Rating: moderate References: 1118277 Cross-References: CVE-2018-19788 Affected Products: openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This update for polkit...
Security update for GraphicsMagick (moderate)
openSUSE Security Update: Security update for GraphicsMagick Announcement ID: openSUSE-SU-2019:1-1 Rating: moderate References: 1119790 1119822 Cross-References: CVE-2018-20184 CVE-2018-20189 Affected Products: openSUSE Leap 15.0 An update that fixes two vulnerabilities is now available...
Security update for GraphicsMagick (moderate)
openSUSE Security Update: Security update for GraphicsMagick Announcement ID: openSUSE-SU-2019:0003-1 Rating: moderate References: 1119790 1119822 Cross-References: CVE-2018-20184 CVE-2018-20189 Affected Products: openSUSE Backports SLE-15 An update that fixes two vulnerabilities is now available...
Security update for GraphicsMagick (moderate)
This update for GraphicsMagick fixes the following issues: Security issues fixed: - CVE-2018-20184: Fixed heap-based buffer overflow in the WriteTGAImage function of tga.c bsc1119822 - CVE-2018-20189: Fixed denial of service vulnerability in ReadDIBImage function of coders/dib.c bsc1119790...
Security update for wireshark (moderate)
This update for wireshark fixes the following issues: Update to Wireshark 2.4.11 bsc1117740. Security issues fixed: - CVE-2018-19625: The Wireshark dissection engine could crash wnpa-sec-2018-51 - CVE-2018-19626: The DCOM dissector could crash wnpa-sec-2018-52 - CVE-2018-19623: The LBMPDM dissect...
Security update for containerd, docker and go (important)
This update for containerd, docker and go fixes the following issues: containerd and docker: - Add backport for building containerd bsc1102522, bsc1113313 - Upgrade to containerd v1.1.2, which is required for Docker v18.06.1-ce. bsc1102522 - Enable seccomp support fate325877 - Update to container...
Security update for xen (important)
This update for xen fixes the following issues: Update to Xen 4.10.2 bug fix release bsc1027519. Security vulnerabilities fixed: - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may...
Security update for go (important)
This update for go fixes the following issues: - golang: arbitrary command execution via VCS path bsc1081495, CVE-2018-7187 - Make profile.d/go.sh no longer set GOROOT=, in order to make switching between versions no longer break. This ends up removing the need for go.sh entirely because GOPATH i...
Security update for libraw (moderate)
This update for libraw fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-5804: Fixed a type confusion error within the identify function that could trigger a division by zero, leading to a denial of service Dos. boo1097975 - CVE-2018-5805: Fixed a...
Security update for netatalk (important)
This update for netatalk fixes the following issues: Security issue fixed: - CVE-2018-1160 Fixed a missing bounds check in the handling of the DSI OPEN SESSION request, which allowed an unauthenticated to overwrite memory with data of their choice leading for arbitrary code execution with root...
Security update for mozilla-nspr and mozilla-nss (moderate)
This update for mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in mozilla-nss: - Update to NSS 3.40.1 bsc1119105 - CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack bsc1119069 - CVE-2018-12384: Fixed an issue in the SSL handshake. NSS responded...
Security update for polkit (moderate)
This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-19788: Fixed handling of UIDs over MAXUINT boo1118277...
Security update for yast2-rmt (important)
This update for yast2-rmt to version 1.1.12 fixes the following issues: Security issue fixed: - CVE-2018-17957: Secure MySQL credentials by not exposing them on the command line bsc1117602 This update was imported from the SUSE:SLE-15:Update update project...
Security update for pdns (moderate)
This update for pdns fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer bsc1114157...
Security update for libqt5-qtbase (moderate)
This update for libqt5-qtbase fixes the following issues: Security issues fixed: - CVE-2018-15518: Fixed double free in QXmlStreamReader bsc1118595 - CVE-2018-19873: Fixed Denial of Service on malformed BMP file in QBmpHandler bsc1118596 This update was imported from the SUSE:SLE-12-SP3:Update...
Security update for libnettle (moderate)
This update for libnettle fixes the following issues: Security issues fixed: - CVE-2018-16869: Fixed a leaky data conversion exposing a manager oracle bsc1118086 This update was imported from the SUSE:SLE-15:Update update project...
Security update for bluez (moderate)
This update for bluez fixes the following issues: Security issues fixed: - CVE-2016-9800: Fixed a buffer overflow in pincodereplydump function bsc1013721 - CVE-2016-9801: Fixed a buffer overflow in setextctrl function bsc1013732 This update was imported from the SUSE:SLE-15:Update update project...
Security update for perl (moderate)
This update for perl fixes the following issues: Secuirty issues fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment bsc1114674. - CVE-2018-18312: Fixed heap-buffer-overflow write / regnode overrun bsc1114675. - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contai...
Security update for git (moderate)
This update for git fixes the following issues: Security issue fixed: - CVE-2018-19486: Fixed git that executed commands from the current working directory as if '.' were at the end of $PATH in certain cases involving the runcommand API and run-command.c, because there was bsc1117257. This update...
Security update for tiff (moderate)
This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function bsc1115717. - CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function bsc1054594. - CVE-2016-10094: Fixed...
Security update for go1.10 (important)
This update for go1.10 fixes the following issues: Security vulnerabilities fixed: - CVE-2018-16873 bsc1118897: cmd/go: remote command execution during "go get -u". - CVE-2018-16874 bsc1118898: cmd/go: directory traversal in "go get" via curly braces in import paths - CVE-2018-16875 bsc1118899:...
Security update for ovmf (moderate)
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...
Security update for tcpdump (moderate)
This update for tcpdump fixes the following security issue: - CVE-2018-19519: Fixed a stack-based buffer over-read in the printprefix function bsc1117267 This update was imported from the SUSE:SLE-12:Update update project...
Security update for tryton (moderate)
This update for tryton to version 4.2.19 fixes the following issues boo1107771: Security issue fixed: - CVE-2018-19443: Fixed an information leakage by attemping to initiate an unencrypted connection, which would fail eventually, but might leak session information of the user boo1117105 This upda...
Security update for tryton (moderate)
This update for tryton to version 4.2.19 fixes the following issues: Security issue fixed: - CVE-2018-19443: Fixed an information leakage by attemping to initiate an unencrypted connection, which would fail eventually, but might leak session information of the user boo1117105 This update also...
Security update for ovmf (moderate)
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...
Security update for keepalived (moderate)
This update for keepalived to version 2.0.10 fixes the following issues: Security issues fixed bsc1015141: - CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new...
Security update for keepalived (moderate)
This update for keepalived to version 2.0.10 fixes the following issues: Security issues fixed bsc1015141: - CVE-2018-19044: Fixed a check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats - CVE-2018-19045: Fixed mode when creating new...
Security update for salt (moderate)
This update for salt fixes the following issues: - Crontab module fix: file attributes option missing boo1114824 - Fix gitpillar merging across multiple env repositories boo1112874 - Bugfix: unable to detect os arch when RPM is not installed boo1114197 - Fix LDAP authentication issue when a valid...
Security update for go1.11 (important)
This new package for go1.11 fixes the following issues: Security issues fixed: - CVE-2018-16873: Fixed a remote code execution in go get, when executed with the -u flag bsc1118897 - CVE-2018-16874: Fixed an arbitrary filesystem write in go get, which could lead to code execution bsc1118898 -...
Security update for pdns-recursor (moderate)
This update for pdns-recursor fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer bsc1114157. - CVE-2018-14644: Fixed denial of service via crafted query for meta-types bsc1114170. - CVE-2018-14626: Fixed packet...
Security update for pdns (moderate)
This update for pdns fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer bsc1114157. - CVE-2018-14626: Fixed packet cache pollution via crafted query bsc1114169. This update was imported from the...
Security update for salt (important)
This update for salt fixes the following issues: Security issues fixed: - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api bsc1113698. - CVE-2018-15751: Fixed remote authentication bypass in salt-apinetapi that allows to execute arbitrary commands bsc1113699. Non-security issue...
Security update for pdns (moderate)
This update for pdns fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer bsc1114157. - CVE-2018-14626: Fixed packet cache pollution via crafted query bsc1114169...
Security update for pdns-recursor (moderate)
This update for pdns-recursor fixes the following issues: Security issues fixed: - CVE-2018-10851: Fixed denial of service via crafted zone record or crafted answer bsc1114157. - CVE-2018-14644: Fixed denial of service via crafted query for meta-types bsc1114170. - CVE-2018-14626: Fixed packet...