Lucene search
K
OpensuseRecent

7848 matches found

OPENSUSE Linux
OPENSUSE Linux
•added 2016/03/02 11:14 p.m.•52 views

Security update for openssl (important)

This update for openssl fixes various security issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...

10CVSS1.4AI score0.82112EPSS
Exploits2
OPENSUSE Linux
OPENSUSE Linux
•added 2016/03/02 11:12 p.m.•43 views

Security update for openssl (important)

This update for openssl fixes various security issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...

10CVSS1.3AI score0.83645EPSS
Exploits2References9
OPENSUSE Linux
OPENSUSE Linux
•added 2016/03/02 2:11 p.m.•49 views

Security update for openssl (important)

This update for openssl fixes various security issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...

10CVSS1.2AI score0.82112EPSS
Exploits2References10
OPENSUSE Linux
OPENSUSE Linux
•added 2016/03/02 12:11 p.m.•96 views

Security update for openssl (important)

This update for openssl fixes the following issues: Security issues fixed: - CVE-2016-0800 aka the "DROWN" attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a...

10CVSS0.7AI score0.82112EPSS
Exploits2References7
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/25 2:11 p.m.•41 views

Security update for postgresql94 (important)

This update for postgresql94 fixes the following issues: - Security and bugfix release 9.4.6: IMPORTANT Users of version 9.4 will need to reindex any jsonbpathops indexes they have created, in order to fix a persistent issue with missing index entries. Fix infinite loops and buffer-overrun proble...

9CVSS0.2AI score0.06948EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/22 12:11 p.m.•64 views

Security update for the Linux Kernel (important)

The openSUSE 13.2 kernel was updated to receive security and bugfixes. It also fixes a regression that caused the Chromium sandbox to no longer work bsc965356. Following security bugs were fixed: - CVE-2016-2069: A flaw was discovered in a way the Linux deals with paging structures. When Linux...

5.6CVSS1.5AI score0.00382EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/21 11:16 a.m.•43 views

Security update for qemu (important)

This update fixes the following security issues: - Enforce receive packet size, thus eliminating buffer overflow and potential security issue. bsc957162 CVE-2015-7512 - Infinite loop in processing command block list. CVE-2015-8345 bsc956829: This update also fixes a non-security bug: - Due to spa...

6.8CVSS0.8AI score0.0773EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/21 11:11 a.m.•45 views

Security update for postgresql93 (important)

This update for postgresql93 fixes the following issues: - Security and bugfix release 9.3.11: Fix infinite loops and buffer-overrun problems in regular expressions CVE-2016-0773, boo966436. Fix regular-expression compiler to handle loops of constraint arcs CVE-2007-4772. Prevent certain PL/Java...

9CVSS0.6AI score0.06948EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/20 5:12 p.m.•33 views

Security update for Chromium (critical)

This update contains Chromium 48.0.2564.116 and fixes the following security flaw: - CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome. boo967376...

10CVSS2.9AI score0.02639EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/20 1:13 p.m.•35 views

Security update to Chromium 48.0.2564.116 (critical)

This update contains Chromium 48.0.2564.116 ans fixes the following security flaw: - CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome. boo967376...

10CVSS3AI score0.02639EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/20 1:11 p.m.•24 views

Security update for obs-service-download_files, obs-service-extract_file, obs-service-recompress, obs-service-source_validator, obs-service-verify_file (important)

This update for a number of source services fixes the following issues: - boo967265: Various code/parameter injection issues could have allowed malicious service definition to execute commands or make changes to the user's file system The following source services are affected -...

4.2AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/20 1:11 p.m.•35 views

Security update to Chromium 48.0.2564.116 (critical)

This update contains Chromium 48.0.2564.116 ans fixes the following security flaw: - CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome. boo967376...

10CVSS3AI score0.02639EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/19 12:11 p.m.•41 views

Security update for glibc (critical)

This update for glibc fixes the following security issues: fix stack overflow in the glibc libresolv DNS resolver function getaddrinfo, known as CVE-2015-7547. It is a client side networked/remote vulnerability...

6.8CVSS2.4AI score0.89557EPSS
Exploits17
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/19 12:11 p.m.•44 views

Security update for glibc (critical)

This update for glibc fixes the following security issues: fix stack overflow in the glibc libresolv DNS resolver function getaddrinfo, known as CVE-2015-7547. It is a client side networked/remote vulnerability...

6.8CVSS2.4AI score0.89557EPSS
Exploits17
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/19 12:11 a.m.•44 views

Security update for glibc (important)

This update for glibc fixes the following issues: - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex boo956716, BZ 17514 - reinitialize-dlloadwritelock.patch: Reinitialize dlloadwritelock on fork boo958315, BZ 19282 - send-dg-buffer-overflow.patch: Fix getaddrin...

7.5CVSS1.3AI score0.89557EPSS
Exploits18References7
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/17 12:11 p.m.•42 views

Security update for glibc (important)

This update for glibc fixes the following security issues: - CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses bsc961721 - CVE-2015-8777: Insufficient checking of LDPOINTERGUARD...

7.5CVSS2.7AI score0.89557EPSS
Exploits19References9
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/16 9:11 p.m.•28 views

Security update for vlc (important)

This update for vlc fixes the following issues: - CVE-2015-5949: Remote attackers could have caused a denial of service crash and possibly execute arbitrary code via a crafted 3GP file boo965227...

6.8CVSS6.7AI score0.13337EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/11 12:11 p.m.•30 views

Security update for flash-player (important)

This update for flash-player fixes the following issues: - Security update to 11.2.202.569 bsc965901: APSB16-04, CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,...

10CVSS1.9AI score0.55375EPSS
Exploits14References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/10 10:11 p.m.•34 views

Security update for flash-player (important)

This update for flash-player fixes the following issues: - Security update to 11.2.202.569 boo965901: APSB16-04, CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0971, CVE-2016-0972, CVE-2016-0973, CVE-2016-0974, CVE-2016-0975,...

10CVSS2.2AI score0.55375EPSS
Exploits14References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/08 2:11 p.m.•48 views

Security update for MySQL (important)

This update to MySQL 5.6.28 fixes the following issues bsc962779: - CVE-2015-7744: Lack of verification against faults associated with the Chinese Remainder Theorem CRT process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote...

7.2CVSS4.2AI score0.07505EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/07 8:14 p.m.•43 views

Security update for MySQL (important)

This update to MySQL 5.6.28 fixes the following issues bsc962779: - CVE-2015-7744: Lack of verification against faults associated with the Chinese Remainder Theorem CRT process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote...

7.2CVSS4.1AI score0.07505EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/07 5:11 p.m.•58 views

Security update for rubygem-rails-html-sanitizer (important)

This update for rubygem-rails-html-sanitizer fixes the following issues: - CVE-2015-7579: XSS vulnerability in rails-html-sanitizer bsc963327 - CVE-2015-7578: XSS vulnerability via attributes bsc963326 - CVE-2015-7580: XSS via whitelist sanitizer bsc963328...

4.3CVSS3AI score0.02587EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/03 3:11 p.m.•60 views

Security update for the Linux Kernel (important)

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc962075. - CVE-2015-7550: A local user could have...

7.8CVSS2.4AI score0.05059EPSS
Exploits18References37
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/02 2:14 a.m.•32 views

Security update for xulrunner (important)

XULRunner was updated to 38.6.0 to fix two security issues. The following vulnerabilities were fixed: CVE-2016-1930: Miscellaneous memory safety hazards boo963632 CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation boo963635...

10CVSS1.8AI score0.05992EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/02 2:12 a.m.•57 views

Security update for the MozillaFirefox, mozilla-nss and mozilla-nspr (important)

This update to MozillaFirefox fixes several security issues and bugs. Mozilla Firefox was updated to 44.0. Mozilla NSS was updated to 3.21 Mozilla NSPR was updated to 4.11. The following vulnerabilities were fixed: CVE-2016-1930/CVE-2016-1931: Miscellaneous memory safety hazards boo963633...

10CVSS2.8AI score0.05992EPSS
Exploits0References9
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/02 2:11 a.m.•38 views

Security update for Mozilla Firefox (important)

This update fixes the following security related issues by updating packages to a more recent version: Update of NSPR to 4.11 Update of NSS to 3.21 Update of Firefox to 44.0 MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 Miscellaneous memory safety hazards MFSA 2016-02/CVE-2016-1933 bmo1231761 Out of...

10CVSS3.5AI score0.05992EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
•added 2016/02/01 4:11 p.m.•75 views

Security update for the Linux Kernel (important)

The openSUSE 13.1 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc962075. - CVE-2015-7550: A local user could have...

10CVSS2.4AI score0.09828EPSS
Exploits31References78
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/29 2:11 p.m.•62 views

Security update for the Linux Kernel (important)

The Linux kernel for openSUSE Leap 42.1 was updated to the 4.1.15 stable release, and also includes security and bugfixes. Following security bugs were fixed: - CVE-2016-0728: A reference leak in keyring handling with joinsessionkeyring could lead to local attackers gain root privileges. bsc96207...

7.2CVSS8.9AI score0.03646EPSS
Exploits16References28
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/28 8:11 p.m.•276 views

Security update for java-1_7_0-openjdk (critical)

java-170-openjdk was updated to version 7u95 to fix 9 security issues. bsc962743 - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 SLOTH bsc960996 - CVE-2015-8126: Vulnerability in the AWT...

10CVSS2.1AI score0.14714EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/28 1:11 a.m.•46 views

Security update for Java7 (important)

Update OpenJDK to 7u95 / IcedTea 2.6.4 including the following fixes: Security fixes - S8059054, CVE-2016-0402: Better URL processing - S8130710, CVE-2016-0448: Better attributes processing - S8132210: Reinforce JMX collector internals - S8132988: Better printing dialogues - S8133962,...

10CVSS6.4AI score0.14714EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/27 10:11 p.m.•36 views

Security update for Chromium (important)

Chromium was updated to 48.0.2564.82 to fix security issues and bugs. The following vulnerabilities were fixed: - CVE-2016-1612: Bad cast in V8 boo963184 - CVE-2016-1613: Use-after-free in PDFium boo963185 - CVE-2016-1614: Information leak in Blink boo963186 - CVE-2016-1615: Origin confusion in...

9.3CVSS0.7AI score0.01662EPSS
Exploits1References9
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/27 9:14 p.m.•48 views

Security update for java-1_8_0-openjdk (critical)

java-180-openjdk was updated to version 7u95 to fix several security issues. bsc962743 The following vulnerabilities were fixed: - CVE-2015-7575: Further reduce use of MD5 SLOTH bsc960996 - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472:...

10CVSS3.7AI score0.14714EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/27 9:13 p.m.•63 views

Security update for java-1_7_0-openjdk (critical)

java-170-openjdk was updated to version 7u95 to fix 9 security issues. bsc962743 - CVE-2015-4871: Rebinding of the receiver of a DirectMethodHandle may allow a protected method to be accessed - CVE-2015-7575: Further reduce use of MD5 SLOTH bsc960996 - CVE-2015-8126: Vulnerability in the AWT...

10CVSS2.2AI score0.14714EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/27 9:11 p.m.•42 views

Security update for java-1_8_0-openjdk (critical)

java-180-openjdk was updated to version 7u95 to fix 9 security issues. bsc962743 - CVE-2015-7575: Further reduce use of MD5 SLOTH bsc960996 - CVE-2015-8126: Vulnerability in the AWT component related to splashscreen displays - CVE-2015-8472: Vulnerability in the AWT component, addressed by same f...

10CVSS1.8AI score0.14714EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/27 7:11 p.m.•28 views

Security update for openldap2 (important)

This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...

5CVSS1.6AI score0.9986EPSS
Exploits2References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/27 11:11 a.m.•40 views

Security update for openldap2 (important)

This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...

5CVSS1.9AI score0.9986EPSS
Exploits2References4
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/26 6:13 p.m.•44 views

Security update for Chromium (important)

Chromium was updated to 48.0.2564.82 to fix security issues and bugs. The following vulnerabilities were fixed: - CVE-2016-1612: Bad cast in V8 boo963184 - CVE-2016-1613: Use-after-free in PDFium boo963185 - CVE-2016-1614: Information leak in Blink boo963186 - CVE-2016-1615: Origin confusion in...

9.3CVSS0.7AI score0.01662EPSS
Exploits1References9
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/26 6:11 p.m.•46 views

Security update for Chromium (important)

Chromium was updated to 48.0.2564.82 to fix security issues and bugs. The following vulnerabilities were fixed: - CVE-2016-1612: Bad cast in V8 boo963184 - CVE-2016-1613: Use-after-free in PDFium boo963185 - CVE-2016-1614: Information leak in Blink boo963186 - CVE-2016-1615: Origin confusion in...

9.3CVSS0.7AI score0.01662EPSS
Exploits1References9
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/25 10:11 p.m.•37 views

Security update for ffmpeg (important)

This update to ffmpeg 2.8.5 fixes the following issues: CVE-2016-1897: Cross-origin issue in URL processing concat - local file disclosure boo961937 CVE-2016-1898: Cross-origin issue in URL processing subfile - local file disclosure boo961937...

4.3CVSS1.4AI score0.14621EPSS
Exploits3References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/25 1:13 p.m.•29 views

Security update for openldap2 (important)

This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...

5CVSS1.9AI score0.9986EPSS
Exploits2References4
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/24 7:11 p.m.•23 views

Security update for roundcubemail (important)

Update to 1.0.8 - Add workaround for https://bugs.php.net/bug.php?id=70757 1490582 - Fix HTML sanitizer to skip !-- node type X -- in output 1490583 - Fix charset encoding of message/rfc822 part bodies 1490606 - Fix handling of message/rfc822 attachments on replies and forwards 1490607 - Fix PDF...

6CVSS7.9AI score0.22212EPSS
Exploits5References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/24 3:12 p.m.•27 views

Security update for roundcubemail (important)

This update to roundcubemail 1.1.4 fixes the following issues: - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...

6CVSS4AI score0.22212EPSS
Exploits5References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/24 3:11 p.m.•28 views

Security update for roundcubemail (important)

This update to roundcubemail 1.0.8 fixes the following issues: - CVE-2015-8770: Path traversal vulnerability allowed code execution to remote authenticated users if they were also upload files to the same server through some other method boo962067 This update also contains all upstream fixes in...

6CVSS4AI score0.22212EPSS
Exploits5References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/22 7:11 p.m.•31 views

Security update for giflib (important)

The following patch fixes - a heap overflow in giffix - a memory leak in libgif6...

4.3CVSS2.2AI score0.01481EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/22 6:12 p.m.•29 views

Security update for bind (important)

This update for bind fixes the following issues: - CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations bsc962189...

6.8CVSS3AI score0.20172EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/22 2:12 p.m.•40 views

Security update for bind (important)

This update for bind fixes the following issues: - CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations bsc962189...

6.8CVSS3AI score0.20172EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/22 2:11 p.m.•33 views

Security update for bind (important)

This update for bind fixes the following issues: - CVE-2015-8704: Specific APL data allowed remote attacker to trigger a crash in certain configurations bsc962189 This update was imported from the SUSE:SLE-12-SP1:Update update project...

6.8CVSS2.5AI score0.20172EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/16 3:11 a.m.•46 views

openssh (critical)

CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature bsc961642 - CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the...

6.5CVSS2AI score0.63468EPSS
Exploits3References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/16 3:11 a.m.•54 views

Security update for openssh (critical)

CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature bsc961642 - CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the...

6.5CVSS1.7AI score0.63468EPSS
Exploits3References3
OPENSUSE Linux
OPENSUSE Linux
•added 2016/01/15 3:11 a.m.•40 views

Security update for openssh (critical)

This update for openssh fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature bsc961642 - CVE-2016-0778: A malicious or compromised server could could trigger a...

6.5CVSS1.8AI score0.63468EPSS
Exploits3References2
Total number of security vulnerabilities7848