7585 matches found
Security update for flash-player (important)
This security update for flash-player to 11.2.202.621 fixes the following issues boo979422: A critical vulnerability CVE-2016-4117 exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially...
Security update for flash-player (important)
This security update for flash-player to 11.2.202.621 fixes the following issues boo979422: A critical vulnerability CVE-2016-4117 exists in Adobe Flash Player 21.0.0.226 and earlier versions for Windows, Macintosh, Linux, and Chrome OS. Successful exploitation could cause a crash and potentially...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.102 to fix four vulnerabilities boo979859: - CVE-2016-1667: Same origin bypass in DOM - CVE-2016-1668: Same origin bypass in Blink V8 bindings - CVE-2016-1669: Buffer overflow in V8 - CVE-2016-1670: Race condition in loader...
Security update for ntp (important)
ntp was updated to version 4.2.8p6 to fix 12 security issues. Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 These security issues were fixed: - CVE-2015-8158: Fixed potential infinite loop in ntpq bsc962966. - CVE-2015-8138: Zero Origin Timestamp Bypass bsc963002....
Security update for php5 (important)
This update for php5 fixes the following issues: - CVE-2016-4073: A remote attacker could have caused denial of service, or possibly execute arbitrary code, due to incorrect handling of string length calculations in mbstrcut bsc977003 - CVE-2016-3074: Signedness vulnerability in bundled libgd may...
Security update for compat-openssl098 (important)
This update for compat-openssl098 fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2109: ASN.1 BIO excessive memory allocation bsc976942...
Security update for ImageMagick (important)
This update for ImageMagick fixes the following issues: Security issues fixed: - Several coders were vulnerable to remote code execution attacks, these coders have now been disabled by default but can be re-enabled by editing "/etc/ImageMagick-/policy.xml" bsc978061 - CVE-2016-3714: Insufficient...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk to version 2.6.6 fixes five security issues. These security issues were fixed: - CVE-2016-0686: Ensure thread consistency bsc976340. - CVE-2016-0687: Better byte behavior bsc976340. - CVE-2016-0695: Make DSA more fair bsc976340. - CVE-2016-3425: Better buffering o...
Security update for java-1_8_0-openjdk (important)
This update for java-180-openjdk fixes the following security issues - April 2016 Oracle CPU bsc976340: - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. - CVE-2016-0687: Unspecified...
Security update for ImageMagick (important)
This update for ImageMagick fixes the following issues: The update disables various insecure coders boo978061 These fix issues tracked in CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, CVE-2016-3718...
Security update for openssl (important)
This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check bsc977616 - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 -...
Security update for libopenssl0_9_8 (important)
This update for libopenssl098 fixes the following issues: - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2109: ASN.1 BIO excessive memory allocation bsc976942 -...
Security update for libopenssl0_9_8 (important)
This update for libopenssl098 fixes the following issues: - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2109: ASN.1 BIO excessive memory allocation bsc976942 -...
Security update for openssl (important)
This update for openssl fixes the following issues: - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check bsc977616 - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 -...
Security update for libopenssl0_9_8 (important)
This update for libopenssl098 fixes the following issues: - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 - CVE-2016-2109: ASN.1 BIO excessive memory allocation bsc976942 -...
Security update for openssl (important)
This update for openssl fixes the following issues: - CVE-2016-2108: Memory corruption in the ASN.1 encoder boo977617 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check boo977616 - CVE-2016-2105: EVPEncodeUpdate overflow boo977614 - CVE-2016-2106: EVPEncryptUpdate overflow boo977615 -...
Security update for openssl (important)
This update for openssl fixes the following issues: - CVE-2016-2105: EVPEncodeUpdate overflow bsc977614 - CVE-2016-2106: EVPEncryptUpdate overflow bsc977615 - CVE-2016-2107: Padding oracle in AES-NI CBC MAC check bsc977616 - CVE-2016-2108: Memory corruption in the ASN.1 encoder bsc977617 -...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk to version 2.6.6 fixes five security issues. These security issues were fixed: - CVE-2016-0686: Ensure thread consistency bsc976340. - CVE-2016-0687: Better byte behavior bsc976340. - CVE-2016-0695: Make DSA more fair bsc976340. - CVE-2016-3425: Better buffering o...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk to version 2.6.6 fixes five security issues. These security issues were fixed: - CVE-2016-0686: Ensure thread consistency bsc976340. - CVE-2016-0687: Better byte behavior bsc976340. - CVE-2016-0695: Make DSA more fair bsc976340. - CVE-2016-3425: Better buffering o...
Security update for yast2-users (important)
yast2-users was updated to fix one security issue. This security issue was fixed: - CVE-2016-1601: Empty passwords fields in /etc/shadow after SLES 12 SP1 autoyast installation bsc974220. This update includes a script that fixes installations that we're affected by this problem. It is run...
Security update for java-1_8_0-openjdk (important)
This update for java-180-openjdk fixes the following security issues - April 2016 Oracle CPU bsc976340: - CVE-2016-0686: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization. - CVE-2016-0687: Unspecified...
Security update update for MozillaFirefox, mozilla-nss (important)
This update to Mozilla Firefox 46.0 fixes several security issues and bugs boo977333. The following vulnerabilities were fixed: - CVE-2016-2804: Miscellaneous memory safety hazards - MFSA 2016-39 boo977373 - CVE-2016-2806: Miscellaneous memory safety hazards - MFSA 2016-39 boo977375 -...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.94 to fix a number of vulnerabilities boo977830: - CVE-2016-1660: Out-of-bounds write in Blink - CVE-2016-1661: Memory corruption in cross-process frames - CVE-2016-1662: Use-after-free in extensions - CVE-2016-1663: Use-after-free in Blink’s V8 bindings -...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.94 to fix a number of vulnerabilities boo977830: - CVE-2016-1660: Out-of-bounds write in Blink - CVE-2016-1661: Memory corruption in cross-process frames - CVE-2016-1662: Use-after-free in extensions - CVE-2016-1663: Use-after-free in Blink’s V8 bindings -...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.94 to fix a number of vulnerabilities boo977830: - CVE-2016-1660: Out-of-bounds write in Blink - CVE-2016-1661: Memory corruption in cross-process frames - CVE-2016-1662: Use-after-free in extensions - CVE-2016-1663: Use-after-free in Blink’s V8 bindings -...
Security update for php5 (important)
This update for php5 fixes the following security issues: - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from a type confusion issue that could have lead to crashes bsc973351 - CVE-2016-2554: A NULL pointer dereference in...
Security update for php5 (important)
This update for php5 fixes the following security issues: - bsc974305: buffer overflow in libmagic - CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM bnc973792. - CVE-2015-8835: SoapClient scall method suffered from type confusion issue bnc973351. - CVE-2016-3141: A use-after-free / double-free...
Security update for flash-player (important)
flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2016-1019: Adobe Flash Player earlier allowed remote attackers to cause a denial of service application crash or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities: - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding - CVE-2016-1652: Universal XSS in extension bindings - CVE-2016-1653: Out-of-bounds write in V8 - CVE-2016-1654: Uninitialized memory read in media -...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities: - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding - CVE-2016-1652: Universal XSS in extension bindings - CVE-2016-1653: Out-of-bounds write in V8 - CVE-2016-1654: Uninitialized memory read in media -...
Security update for samba (important)
This update fixes these security vulnerabilities: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain controller netlogon member computer...
Security update for samba (important)
This update fixes these security vulnerabilities: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain controller netlogon member computer...
Security update for systemd (important)
This update for systemd fixes several issues. These security issues were fixed: - CVE-2014-9770, CVE-2015-8842: Don't allow read access to journal files to users boo972612 These non-security issues were fixed: - Import commit 523777609a04fe9e590420e89f94ef07e3719baa: e5e362a udev: exclude MD from...
Security update for mercurial (important)
mercurial was updated to fix three security issues. These security issues were fixed: - CVE-2016-3069: Arbitrary code execution when converting Git repos bsc973176. - CVE-2016-3068: Arbitrary code execution with Git subrepos bsc973177. - CVE-2016-3630: Remote code execution in binary delta decodi...
Security update for samba (important)
samba was updated to version 4.2.4 to fix 14 security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111...
Security update for Chromium (important)
Chromium was updated to 50.0.2661.75 to fix the following vulnerabilities: - CVE-2016-1651: Out-of-bounds read in Pdfium JPEG2000 decoding - CVE-2016-1652: Universal XSS in extension bindings - CVE-2016-1653: Out-of-bounds write in V8 - CVE-2016-1654: Uninitialized memory read in media -...
Security update for Chromium (important)
Chromium was updated to 49.0.2623.110 to fix the following security issues: - CVE-2016-1646: Out-of-bounds read in V8 - CVE-2016-1647: Use-after-free in Navigation - CVE-2016-1648: Use-after-free in Extensions - CVE-2016-1649: Buffer overflow in libANGLE - CVE-2016-1650: Various fixes from intern...
java-1_7_0-openjdk (important)
This update for java-170-openjdk fixes the following issues: java-170-openjdk was updated to 2.6.5 - OpenJDK 7u99 boo972468 Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote...
Security update for samba (important)
samba was updated to fix seven security issues. These security issues were fixed: - CVE-2015-5370: DCERPC server and client were vulnerable to DOS and MITM attacks bsc936862. - CVE-2016-2110: A man-in-the-middle could have downgraded NTLMSSP authentication bsc973031. - CVE-2016-2111: Domain...
Security update for mercurial (important)
mercurial was updated to fix three security issues. These security issues were fixed: - CVE-2016-3069: Arbitrary code execution when converting Git repos bsc973176. - CVE-2016-3068: Arbitrary code execution with Git subrepos bsc973177. - CVE-2016-3630: Remote code execution in binary delta decodi...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.1 kernel was updated to 4.1.20 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-1339: A memory leak in cuse could be used to exhaust kernel memory. bsc969356. - CVE-2015-7799: The slhcinit function in drivers/net/slip/slhc.c in the...
Security update for java-1_8_0-openjdk (important)
This update for java-180-openjdk to version jdk8u77-b03 fixes the following security issue: CVE-2016-0636: Improve MethodHandle consistency, which had allowed attackers to execute code. bsc972468 This update was imported from the SUSE:SLE-12-SP1:Update update project...
Security update for java-1_7_0-openjdk (important)
The OpenJDK Java java-170-openjdk was updated to 2.6.5 to fix the following issues: Update to 2.6.5 - OpenJDK 7u99 bsc972468 Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remot...
Security update for flash-player (important)
flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2016-1019: Adobe Flash Player earlier allowed remote attackers to cause a denial of service application crash or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016...
Security update for xen (important)
xen was updated to version 4.4.4 to fix 33 security issues. These security issues were fixed: - CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling bsc967012. - CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463. - CVE-2016-2270: Xen allow...
Security update for flash-player (important)
flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2016-1019: Adobe Flash Player earlier allowed remote attackers to cause a denial of service application crash or possibly execute arbitrary code via unspecified vectors, as exploited in the wild in April 2016...
Security update for java-1_8_0-openjdk (important)
This update of java-180-openjdk to jdk8u77-b03 fixes the following issues: CVE-2016-0636: Improve MethodHandle consistency fixes crash / code execution problems...
Security update for java-1_7_0-openjdk (important)
This update for java-170-openjdk fixes the following issues: java-170-openjdk was updated to 2.6.5 - OpenJDK 7u99 boo972468 Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX remote...
Security update for Chromium (important)
Chromium was updated to 49.0.2623.110 to fix the following security issues: - CVE-2016-1646: Out-of-bounds read in V8 - CVE-2016-1647: Use-after-free in Navigation - CVE-2016-1648: Use-after-free in Extensions - CVE-2016-1649: Buffer overflow in libANGLE - CVE-2016-1650: Various fixes from intern...
Security update for Chromium (important)
Chromium was updated to 49.0.2623.110 to fix the following security issues: - CVE-2016-1646: Out-of-bounds read in V8 - CVE-2016-1647: Use-after-free in Navigation - CVE-2016-1648: Use-after-free in Extensions - CVE-2016-1649: Buffer overflow in libANGLE - CVE-2016-1650: Various fixes from intern...