7605 matches found
Security update for xen (important)
This update for xen to version 4.7.3 fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137:...
Security update for xen (important)
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates ...
Security update for gdk-pixbuf (important)
This update for gdk-pixbuf fixes the following issues: - CVE-2017-2862: JPEG gdkpixbufjpegimageloadincrement Code Execution Vulnerability bsc1048289 - CVE-2017-2870: tiffimageparse Code Execution Vulnerability bsc1048544 - CVE-2017-6313: A dangerous integer underflow in io-icns.c bsc1027024 -...
Security update for postgresql94 (important)
This update for postgresql94 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
Security update for postgresql96 (important)
This update for postgresql96 fixes the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.3 kernel was updated to 4.4.85 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-14051: An integer overflow in the qla2x00sysfswriteoptromctl function in drivers/scsi/qla2xxx/qlaattr.c in the Linux kernel allowed local users to cause...
Security update for libzypp, zypper (important)
The Software Update Stack was updated to receive fixes and enhancements. libzypp: - Adapt to work with GnuPG 2.1.23. bsc1054088 - Support signing with subkeys. bsc1008325 - Enhance sort order for media.1/products. bsc1054671 zypper: - Also show a gpg key's subkeys. bsc1008325 - Improve signature...
Security update for php7 (important)
This update for php7 fixes the following issues: - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...
Security update for libzypp (important)
The Software Update Stack was updated to receive fixes and enhancements. libzypp: - CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix GPG check workflows, mainly for unsigned repositories and packages. bsc1045735, bsc1038984 - Fix gpg-pubkey release creation time computation. bsc1036659 - Update...
Security update for freerdp (important)
This update for freerdp fixes the following issues: - CVE-2017-2834: Out-of-bounds write in licenserecv bsc1050714 - CVE-2017-2835: Out-of-bounds write in rdprecvtpktpdu bsc1050712 - CVE-2017-2836: Rdp Client Read Server Proprietary Certificate Denial of Service bsc1050699 - CVE-2017-2837: Client...
Security update for git (important)
This update for git fixes the following issues: - CVE-2017-1000117: A client side code execution via shell injection when receiving special submodule strings from a malicious server was fixed bsc1052481 This update was imported from the SUSE:SLE-12:Update update project...
Security update for samba and resource-agents (important)
This update provides Samba 4.6.7, which fixes the following issues: - CVE-2017-11103: Metadata were being taken from the unauthenticated plaintext the Ticket rather than the authenticated and encrypted KDC response. bsc1048278 - Fix cephwrapchdir. bsc1048790 - Fix ctdb logs to /var/log/log.ctdb...
Security update for postgresql93 (important)
Postgresql93 was updated to 9.3.18 to fix the following issues: CVE-2017-7547: Further restrict visibility of pgusermappings.umoptions, to protect passwords stored as user mapping options. bsc1051685 CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. bsc1051684...
Security update for exim (important)
This update for exim fixes the following issues: Changes in exim: - specify users with ref:mail, to make them dynamic. boo1046971 - CVE-2017-1000369: Fixed memory leaks that could be exploited to "stack crash" local privilege escalation boo1044692 - Require usermail groupmail to meet new users...
Security update for ImageMagick (important)
This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2017-9439: A memory leak was found in the function ReadPDBImage incoders/pdb.c bsc1042826 - CVE-2017-9440: A memory leak was found in the function ReadPSDChannelin coders/psd.c bsc1042812 - CVE-2017-9501: An...
Security update for freeradius-server (important)
This update for freeradius-server fixes the following issues: - update to 3.0.15 bsc1049086 Bind the lifetime of program name and python path to the module CVE-2017-10978: FR-GV-201: Check input / output length in makesecret bsc1049086 CVE-2017-10983: FR-GV-206: Fix read overflow when decoding DH...
Security update for MozillaThunderbird (important)
This update for MozillaThunderbird to version 52.3 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2017-7798: XUL injection in the style editor in devtools - CVE-2017-7800: Use-after-free in WebSockets during disconnection - CVE-2017-7801: Use-after-free with marqu...
Security update for openjpeg2 (important)
This update for openjpeg2 fixes the following issues: - CVE 2016-7163: Integer Overflow could lead to remote code execution bsc997857 - CVE 2015-8871: Use-after-free in opjj2kwritemco function could lead to denial of service bsc979907 This update was imported from the SUSE:SLE-12-SP2:Update updat...
Security update for subversion (important)
This update for subversion to 1.9.7 fixes security issues and bugs. The following vulnerabilities were fixed: - CVE-2017-9800: A remote attacker could have caused svn clients to execute arbitrary code via specially crafted URLs in svn:externals and svn:sync-from-url properties. boo1051362 -...
Security update for git (important)
This update for git fixes the following security issues: - CVE-2017-1000117: A malicious third-party could have caused a git client to execute arbitrary commands via crafted "ssh://..." URLs, including submodules boo1052481...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000111: Fixed a race condition in net-packet code that could be exploited to cause out-of-bounds memory access bsc1052365. - CVE-2017-1000112: Fixed a race...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000111: Fixed a race condition in net-packet code that could be exploited to cause out-of-bounds memory access bsc1052365. - CVE-2017-1000112: Fixed a race...
Security update for tcmu-runner (important)
This update for tcmu-runner fixes the following issues: - qcow handler opens up an information leak via the CheckConfig D-Bus method bsc1049491 - glfs handler allows local DoS via crafted CheckConfig strings bsc1049485 - UnregisterHandler dbus method in tcmu-runner daemon for non-existing handler...
Security update for libsoup (important)
This update for libsoup fixes the following issues: - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup bsc1052916, CVE-2017-2885. This update was imported from the...
Security update for MozillaFirefox (important)
This update to Mozilla Firefox 52.3esr fixes a number of security issues. The following vulnerabilities were advised upstream under MFSA 2017-19 boo1052829: - CVE-2017-7798: XUL injection in the style editor in devtools - CVE-2017-7800: Use-after-free in WebSockets during disconnection -...
Security update for mariadb (important)
This MariaDB update to version 10.0.31 GA fixes the following issues: Security issues fixed: - CVE-2017-3308: Subcomponent: Server: DML: Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.3 kernel was updated to 4.4.79 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7542: The ip6find1stfragopt function in net/ipv6/outputcore.c in the Linux kernel allowed local users to cause a denial of service integer overflow and...
Security update for libzypp, zypper (important)
The Software Update Stack was updated to receive fixes and enhancements. libzypp: Security issues fixed: - CVE-2017-7435, CVE-2017-7436, CVE-2017-9269: Fix GPG check workflows, mainly for unsigned repositories and packages. bsc1045735, bsc1038984 Bug fixes: - Re-probe on refresh if the repository...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.79 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7542: The ip6find1stfragopt function in net/ipv6/outputcore.c in the Linux kernel allowed local users to cause a denial of service integer overflow and...
Security update for chromium (important)
This update Chromium to version 60.0.3112.78 fixes security issue and bugs. The following security issues were fixed: CVE-2017-5091: Use after free in IndexedDB CVE-2017-5092: Use after free in PPAPI CVE-2017-5093: UI spoofing in Blink CVE-2017-5094: Type confusion in extensions CVE-2017-5095:...
Security update for chromium (important)
This update Chromium to version 60.0.3112.78 fixes security issue and bugs. The following security issues were fixed: CVE-2017-5091: Use after free in IndexedDB CVE-2017-5092: Use after free in PPAPI CVE-2017-5093: UI spoofing in Blink CVE-2017-5094: Type confusion in extensions CVE-2017-5095:...
Security update for rubygem-puppet (important)
This update for rubygem-puppet fixes the following issues: - CVE-2017-2295: A remote attacker could have forced unsafe YAML deserialization which could have led to code execution bsc1040151...
Security update for evince (important)
This update for evince fixes the following issues: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code. bsc1046856, bgo784630 This update was imported from the SUSE:SLE-12-SP2:Update update project...
Security update for xorg-x11-server (important)
This update for xorg-x11-server fixes the following issues: - CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a stack overflow by clients. bnc1035283 - Make sure the type of all events to be sent by ProcXSendExtensionEvent are in the allowed range. - CVE-2017-10972: Initialize t...
Recommended update for ncurses (important)
This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmtentry function. bsc1046858 - CVE-2017-10685: Possible RCE with format string vulnerability in the fmtentry function. bsc1046853 Bugfixes: - Drop patc...
Security update for qemu (important)
This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...
Security update for spice (important)
This update for spice fixes the following issues: - CVE-2017-7506: A possible buffer overflow via invalid monitor configurations bsc1046779 This update was imported from the SUSE:SLE-12-SP2:Update update project...
Security update for xen (important)
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-10912: Page transfer might have allowed PV guest to elevate privilege XSA-217, bsc1042882 - CVE-2017-10913 CVE-2017-10914: Races in the grant table unmap code allowed for informations leaks and potentially...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.74 to receive various security and bugfixes. This update fixes some long standing btrfs issues. The following security bugs were fixed: - CVE-2017-7518: A KVM debug exception in the syscall handling was fixed which might have been used for local...
Security update for bind (important)
This update for bind fixes the following issues: - An attacker with the ability to send and receive messages to an authoritative DNS server was able to circumvent TSIG authentication of AXFR requests. A server that relied solely on TSIG keys for protection could be manipulated into 1 providing an...
Security update for clamav (important)
This update for clamav fixes the following security issue: - CVE-2012-6706: Fixed an arbitrary memory write in VMSFDELTA filter in libclamunrar bsc1045490 This update was imported from the SUSE:SLE-12:Update update project...
Security update for sudo (important)
This update for sudo fixes the following security issue: - CVE-2017-1000368: A follow-up fix to CVE-2017-1000367, the Linux process name could also contain a newline, which could be used to trick sudo to read/write to an arbitrary open terminal. bsc1042146 Also the following non security bug was...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.73 to receive security and bugfixes. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped"...
Security update for openvpn (important)
This update for openvpn fixes the following issues: - Some parts of the certificate-parsing code did not always clear all allocated memory. This would have allowed clients to leak a few bytes of memory for each connection attempt, thereby facilitating a quite inefficient DoS attack on the server...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.72 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be...
Security update for glibc (important)
This update for glibc fixes the following issues: - CVE-2017-1000366: Fix a potential privilege escalation vulnerability that allowed unprivileged system users to manipulate the stack of setuid binaries to gain special privileges. bsc1039357 - A bug in glibc that could result in deadlocks between...
Security update for exim (important)
This update for exim fixes the following issues: - CVE-2017-1000369: Fixed a memory leak in exim commandline handling, which could be used to exhaust memory and make "stack crash" attacks likely. boo1044692...
Security update for Mozilla based packages (important)
This update for Mozilla Firefox, Thunderbird, and NSS fixes the following issues: Mozilla Firefox was updated to 52.2esr boo1043960 MFSA 2017-16: CVE-2017-5472 bmo1365602 Use-after-free using destroyed node when regenerating trees CVE-2017-7749 bmo1355039 Use-after-free during docshell reloading...
Security update for mercurial (important)
This update for mercurial fixes the following issues: - CVE-2017-9462: Fix the arbitrary code exec by remote users via "hg serve --stdio" boo1043063...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.70 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-9076: The dccpv6requestrecvsock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of...