7848 matches found
Security update for openssh (critical)
This update for openssh fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature bsc961642 - CVE-2016-0778: A malicious or compromised server could could trigger a...
Security update for xen (important)
This update for xen fixes the following issues: - CVE-2015-8567,CVE-2015-8568: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop in...
Security update for xen (important)
This update for xen fixes the following security issues: - CVE-2015-8550: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: qemu: usb: infinite loop in ehciadvancestate results in DoS boo959006 - CVE-2015-7549: qemu pci: null pointer dereference...
Security update for xen (important)
This update for xen fixes the following security issues: - CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop in...
Security update for ffmpeg (important)
This update to ffmpeg 2.8.4 fixes the following issues: CVE-2015-8661: Denial of service via crafted .mov file boo960385 CVE-2015-8662: Denial of service via crafted JPEG 2000 data boo960384 CVE-2015-8663: Denial of service via crafted H.264 data boo960383...
Security update for grub2 (important)
Fix buffer overflows when reading username and password. bsc956631, CVE-2015-8370 - Check MS-DOS header to find PE file header. bsc954126 - Use dirname for copying Xen kernel and initrd to esp. bsc955493 - Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty. bsc954519 - Add luks,...
Security update for Mozilla Thunderbird (important)
Mozilla Thunderbird was updated to 38.5.0 to fix multiple security issues. The following vulnerabilities were fixed: boo959277 CVE-2015-7201: Miscellaneous memory safety hazards CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed CVE-2015-7212: Integer overflow...
Security update for flash-player (important)
This update for flash-player fixes the following issues: - Security update to 11.2.202.559 boo960317: APSB16-01, CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644,...
Security update for flash-player (important)
This update for flash-player fixes the following issues: - Security update to 11.2.202.559 boo960317: APSB16-01, CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644,...
Security update for grub2 (important)
This update for grub2 fixes the following issue: - CVE-2015-8370: Fix for overflow in grubpasswordget and grubuserget functions bsc956631...
Security update for bind (important)
This update for bind fixes the following security issue: - CVE-2015-8000: Fix remote denial of service by misparsing incoming responses boo958861...
Security update for xulrunner (important)
Xulrunner was updated to 38.5.0 to fix several security issues. The following vulnerabilities were fixed boo959277: CVE-2015-7201: Miscellaneous memory safety hazards CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed CVE-2015-7212: Integer overflow allocating...
Security update for grub2 (important)
This update for grub2 fixes the following issue: Changes in grub2: - CVE-2015-8370: Fix for overflow in grubpasswordget and grubuserget functions bnc956631...
Security update for bind (important)
This update for bind fixes the following security issue: - CVE-2015-8000: Fix remote denial of service by misparsing incoming responses bsc958861. This update was imported from the SUSE:SLE-12-SP1:Update update project...
Security update for bind (important)
This update for bind fixes the following security issue: - CVE-2015-8000: Fix remote denial of service by misparsing incoming responses boo958861...
Security update for samba, ldb, talloc, tdb, tevent (important)
This update for ldb, samba, talloc, tdb, tevent fixes the following issues: ldb was updated to 1.1.24. + Fix ldap \00 search expression attack dos; cve-2015-3223; bso11325 + Fix remote read memory exploit in ldb; cve-2015-5330; bso11599 + Move ldbunpackdata into ldbmodule.h for testing + Fix...
Security update for ldb, samba, talloc, tdb, tevent (important)
This update for ldb, samba, talloc, tdb, tevent fixes the following security issues and bugs: The Samba LDB was updated to version 1.1.24: - Fix ldap \00 search expression attack dos; CVE-2015-3223; bso11325 - Fix remote read memory exploit in ldb; CVE-2015-5330; bso11599 - Move ldbunpackdata int...
Security update for Chromium (important)
Chromium was updated to 47.0.2525.106 to fix security issues. Vulnerabilities were fixed under the following collective identifier: CVE-2015-6792: Fixes from internal audits and fuzzing. boo959458...
Security update for Chromium (important)
Chromium was updated to 47.0.2525.106 to fix security issues. Vulnerabilities were fixed under the following collective identifier: CVE-2015-6792: Fixes from internal audits and fuzzing. boo959458...
Security update for Chromium (important)
Chromium was updated to 47.0.2526.80 to fix security issues and bugs. The following vulnerabilities were fixed: CVE-2015-6788: Type confusion in extensions CVE-2015-6789: Use-after-free in Blink CVE-2015-6790: Escaping issue in saved pages CVE-2015-6791: Various fixes from internal audits, fuzzin...
Security update for Chromium (important)
Chromium was updated to 47.0.2526.80 to fix security issues and bugs. The following vulnerabilities were fixed: CVE-2015-6788: Type confusion in extensions CVE-2015-6789: Use-after-free in Blink CVE-2015-6790: Escaping issue in saved pages CVE-2015-6791: Various fixes from internal audits, fuzzin...
Security update for mbedtls (important)
This update for mbedtls fixes the following security and non-security issues: - Update to 1.3.15 Fix potential double free if sslsetpsk is called more than once and some allocation fails. Cannot be forced remotely. Found by Guido Vranken, Intelworks. Fix potential heap corruption on windows when...
Security update to MariaDB 5.5.46 (important)
MariaDB was updated to 5.5.46 to fix security issues and bugs. The following vulnerabilities were fixed in the upstream release: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4913, CVE-2015-4792 A li...
Security update to MariaDB 10.0.22 (important)
MariaDB was updated to 10.0.22 to fix security issues and bugs. The following vulnerabilities were fixed in the upstream release: CVE-2015-4802, CVE-2015-4807, CVE-2015-4815, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4913, CVE-2015-4792 A...
Security update to MySQL 5.6.27 (important)
MySQL was updated to 5.6.27 to fix security issues and bugs. The following vulnerabilities were fixed as part of the upstream release boo951391: CVE-2015-1793, CVE-2015-0286, CVE-2015-0288, CVE-2015-1789, CVE-2015-4730, CVE-2015-4766, CVE-2015-4792, CVE-2015-4800, CVE-2015-4802, CVE-2015-4815,...
Security update for flash-player (important)
This update for flash-player to version 11.2.202.554 fixes the following security issues in Adobe security advisory APSB15-32. These updates resolve heap buffer overflow vulnerabilities that could lead to code execution CVE-2015-8438, CVE-2015-8446. These updates resolve memory corruption...
Security update for libpng16 (important)
The libpng16 package was updated to fix the following security issues: - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in pnggetPLTE/pngsetPLTE functions bsc954980...
Security update for libpng12 (important)
The libpng12 package was updated to fix the following security issues: - CVE-2015-8126: Fixed a buffer overflow vulnerabilities in pnggetPLTE/pngsetPLTE functions bsc954980. - CVE-2015-7981: Fixed an out-of-bound read bsc952051...
Security update for xen (important)
xen was updated to fix 12 security issues. These security issues were fixed: - CVE-2015-7972: Populate-on-demand balloon size inaccuracy can crash guests bsc951845. - CVE-2015-7969: Leak of main per-domain vcpu pointer array DoS bsc950703. - CVE-2015-7969: Leak of per-domain profiling-related vcp...
Security update for krb5 (important)
krb5 was updated to fix three security issues. These security issues were fixed: - CVE-2015-2695: Applications which call gssinquirecontext on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process cras...
Security update for java-1_7_0-openjdk (important)
java-170-openjdk was updated to version 7u91 to fix 17 security issues. These security issues were fixed: - CVE-2015-4843: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability...
Security update for xen (important)
xen was updated to fix 13 security issues. These security issues were fixed: - CVE-2015-7972: Populate-on-demand balloon size inaccuracy can crash guests bsc951845. - CVE-2015-7969: Leak of main per-domain vcpu pointer array DoS bsc950703. - CVE-2015-7969: Leak of per-domain profiling-related vcp...
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss, xulrunner, seamonkey (important)
Mozilla Firefox was updated to version 42.0, fixing bugs and security issues. Mozilla xulrunner was updated to xulrunner 38.4.0. Seamonkey was updated to 2.39. New features in Mozilla Firefox: Private Browsing with Tracking Protection blocks certain Web elements that could be used to record your...
Security update for krb5 (important)
krb5 was updated to fix three security issues. These security issues were fixed: - CVE-2015-2695: Applications which call gssinquirecontext on a partially-established SPNEGO context could have caused the GSS-API library to read from a pointer using the wrong type, generally causing a process cras...
Security update for bouncycastle (important)
bouncycastle was updated to version 1.53 to fix one security issue. This security issue was fixed: - CVE-2015-7940: Invalid curve attack bsc951727...
Security update for java-1_7_0-openjdk (important)
java-170-openjdk was updated to fix 17 security issues. These security issues were fixed: - CVE-2015-4843: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown...
Security update for java-1_8_0-openjdk (important)
java-180-openjdk was updated to fix 24 security issues. These security issues were fixed: - CVE-2015-4734: A remote user can exploit a flaw in the Embedded JGSS component to partially access data - CVE-2015-4803: A remote user can exploit a flaw in the JRockit JAXP component to cause partial deni...
Security update for java-1_7_0-openjdk (important)
java-170-openjdk was updated to fix 17 security issues. These security issues were fixed: - CVE-2015-4843: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allowed remote attackers to affect confidentiality, integrity, and availability via unknown...
Security update for Chromium (important)
Chromium was updated to 45.0.2454.101 to fix two security issues. The following vulnerabilities were fixed: CVE-2015-1303: Cross-origin bypass in DOM boo947504 CVE-2015-1304: Cross-origin bypass in V8 boo947507...
Security update for the Linux Kernel (important)
The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: CVE-2015-3290: arch/x86/entry/entry64.S in the Linux kernel on the x8664 platform improperly relied on espfix64 during nested NMI processing, which allowed local users to gain...
Security update for haproxy (important)
haproxy was updated to fix two security issues. These security issues were fixed: - CVE-2015-3281: The bufferslowrealign function in HAProxy did not properly realign a buffer that is used for pending outgoing data, which allowed remote attackers to obtain sensitive information uninitialized memor...
Security update for MozillaFirefox (important)
MozillaFirefox was updated to version 41.0.2 to fix one security issue. This security issue was fixed: - CVE-2015-7184: Cross-origin restriction bypass using Fetch bsc950686. These non-security issues were fixed: Fix a startup crash related to Yandex toolbar and Adblock Plus bmo1209124 Fix...
Security update for flash-player (critical)
This security issue was fixed: - CVE-2015-7645: Critical vulnerability affecting 11.2.202.535 used in Pawn Storm APSA15-05 bsc950474...
Security update for flash-player (critical)
flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2015-7645: Critical vulnerability affecting 11.2.202.535 used in Pawn Storm APSA15-05 bsc950474...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.535 to fix a number of security issues. boo950169, APSB15-25 The following vulnerabilities were fixed: CVE-2015-7628: Vulnerability that could be exploited to bypass the same-origin-policy and lead to information disclosure CVE-2015-5569: Defense-in-dept...
Security update for polkit (important)
Polkit was updated to 0.113 to fix four security issues. The following vulnerabilities were fixed: CVE-2015-4625: a local privilege escalation due to predictable authentication session cookie values. boo935119 CVE-2015-3256: various memory corruption vulnerabilities in use of the JavaScript...
Security update for Chromium (important)
Chromium was updated to 45.0.2454.101 to fix two security issues. The following vulnerabilities were fixed: CVE-2015-1303: Cross-origin bypass in DOM boo947504 CVE-2015-1304: Cross-origin bypass in V8 boo947507...
Security update for seamonkey (important)
seamonkey was updated to fix 25 security issues. These security issues were fixed: - CVE-2015-4520: Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed remote attackers to bypass CORS preflight protection mechanisms by leveraging 1 duplicate cache-key generation or 2 retrieval of...
Security update for MozillaThunderbird (important)
MozillaThunderbird was updated to fix 17 security issues. These security issues were fixed: - CVE-2015-4509: Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allowed remote attackers to execute arbitrary code via crafte...
Security update for bind (important)
BIND was updated to fix a denial of service against servers performing validation on DNSSEC-signed records CVE-2015-5722, bsc944066...