7848 matches found
Security update for MozillaFirefox (important)
MozillaFirefox was updated to Firefox 41.0 bnc947003 Security issues fixed: MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety hazards MFSA 2015-97/CVE-2015-4503 bmo994337 Memory leak in mozTCPSocket to servers MFSA 2015-98/CVE-2015-4504 bmo1132467 Out of bounds read in QCMS...
Security update for php5 (important)
The PHP5 script interpreter was updated to fix various security issues: CVE-2015-6831: A use after free vulnerability in unserialize has been fixed which could be used to crash php or potentially execute code. bnc942291 bnc942294 bnc942295 CVE-2015-6832: A dangling pointer in the unserialization ...
Security update for flash-player (critical)
Adobe Flash Player was updated to 11.2.202.521 APSB15-23 bsc946880 fixing several security issues: More information can be found on: https://helpx.adobe.com/security/products/flash-player/apsb15-23.html...
Security update for bind (important)
BIND was updated to fix a denial of service against servers performing validation on DNSSEC-signed records CVE-2015-5722, bsc944066...
Security update for icedtea-web (important)
The icedtea-web java plugin was updated to 1.6.1. Changes included: Enabled Entry-Point attribute check permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not at all. fixed DownloadService comments in deployment.properties now should...
Security update for flash-player (critical)
Security update to 11.2.202.508 bsc941239: APSB15-19: CVE-2015-3107, CVE-2015-5124, CVE-2015-5125, CVE-2015-5127, CVE-2015-5128, CVE-2015-5129, CVE-2015-5130, CVE-2015-5131, CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545,...
Security update for MozillaFirefox (important)
update to Firefox 40.0 bnc940806 Added protection against unwanted software downloads Suggested Tiles show sites of interest, based on categories from your recent browsing history Hello allows adding a link to conversations to provide context on what the conversation will be about New style for...
Security update for MozillaFirefox (important)
update to Firefox 40.0 bnc940806 Added protection against unwanted software downloads Suggested Tiles show sites of interest, based on categories from your recent browsing history Hello allows adding a link to conversations to provide context on what the conversation will be about New style for...
Security update for flash-player (critical)
Security update to 11.2.202.508 bsc941239: APSB15-19: CVE-2015-3107, CVE-2015-5124, CVE-2015-5125, CVE-2015-5127, CVE-2015-5128, CVE-2015-5129, CVE-2015-5130, CVE-2015-5131, CVE-2015-5132, CVE-2015-5133, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5541, CVE-2015-5544, CVE-2015-5545,...
Security update for glibc (important)
glibc was updated to fix one security issue. This security issue was fixed: - CVE-2014-4043: The posixspawnfileactionsaddopen function in glibc did not copy its path argument in accordance with the POSIX specification, which allowed context-dependent attackers to trigger use-after-free...
Security update for the Linux Kernel (important)
The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2015-3290: A flaw was found in the way the Linux kernels nested NMI handler and espfix64 functionalities interacted during NMI processing. A local, unprivileged user could use...
Security update for bind (important)
bind was updated to fix one security issue. This security issue was fixed: - CVE-2015-5477: Remote DoS via TKEY queries boo939567 Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet...
Security update for libuser (important)
libuser was updated to fix on security issue. The following vulnerability was fixed: CVE-2015-3246: local root exploit through passwd file handling boo937533...
Security update for bind (important)
bind was updated to fix one security issue. This security issue was fixed: - CVE-2015-5477: Remote DoS via TKEY queries boo939567 Exposure to this issue can not be prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet...
Security update for java-1_8_0-openjdk (important)
OpenJDK was updated to 2.6.1 - OpenJDK 8u51 to fix security issues and bugs. The following vulnerabilities were fixed: CVE-2015-2590: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this...
Security update for java-1_7_0-openjdk (important)
OpenJDK was updated to 2.6.1 - OpenJDK 7u85 to fix security issues and bugs. The following vulnerabilities were fixed: CVE-2015-2590: Easily exploitable vulnerability in the Libraries component allowed successful unauthenticated network attacks via multiple protocols. Successful attack of this...
Security update for Chromium (important)
Chromium was updated to 44.0.2403.89 to fix multiple security issues. The following vulnerabilities were fixed: CVE-2015-1271: Heap-buffer-overflow in pdfium CVE-2015-1273: Heap-buffer-overflow in pdfium CVE-2015-1274: Settings allowed executable files to run immediately after download...
Security update for libressl (important)
libressl was updated to version 2.2.1 to fix 16 security issues. LibreSSL is a fork of OpenSSL. Because of that CVEs affecting OpenSSL often also affect LibreSSL. These security issues were fixed: - CVE-2014-3570: The BNsqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1...
flash-player (critical)
flash-player was updated to fix two security issues. These security issues were fixed: - CVE-2015-5123: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 AS3 implementation in Adobe Flash Player allowed remote attackers to execute arbitrary code or cause a denial of servi...
Mozilla (Firefox/Thunderbird) updates to 31.8.0 (important)
Combined Mozilla update: - Update Firefox to 31.8.0 - Update Thunderbird to 31.8.0 - Update mozilla-nspr to 4.10.6 - Update mozilla-nss to 3.19.2 to fix several security issues...
Security update for MozillaFirefox, mozilla-nss (important)
MozillaFirefox was updated to version 39.0 to fix 21 security issues. These security issues were fixed: - CVE-2015-2724/CVE-2015-2725/CVE-2015-2726: Miscellaneous memory safety hazards bsc935979. - CVE-2015-2727: Local files or privileged URLs in pages can be opened into new tabs bsc935979. -...
Security update for MariaDB (important)
MariaDB was updated to its current minor version, fixing bugs and security issues. These updates include a fix for Logjam CVE-2015-4000, making MariaDB work with client software that no longer allows short DH groups over SSL, as e.g. our current openssl packages. On openSUSE 13.1, MariaDB was...
Security update for flash-player (critical)
flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2015-5119: Unspecified vulnerability allowing remote attackers to take over the system bsc937339...
Security update for flash-player (critical)
flash-player was updated to fix one security issue. This security issue was fixed: - CVE-2015-5119: Unspecified vulnerability allowing remote attackers to take over the system bsc937339...
Security update for php5 (important)
The PHP script interpreter was updated to receive various security fixes: CVE-2015-4602 bnc935224: Fixed an incomplete Class unserialization type confusion. CVE-2015-4599, CVE-2015-4600, CVE-2015-4601 bnc935226: Fixed type confusion issues in unserialize with various SOAP methods. CVE-2015-4603...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.468 to fix one security issue. The following vulnerability was fixed: CVE-2015-3113: A heap buffer overflow vulnerability could have allowed code execution bsc935701, APSB15-14...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.468 to fix one security issue. The following vulnerability was fixed: CVE-2015-3113: A heap buffer overflow vulnerability could have allowed code execution bsc935701, APSB15-14...
Security update for openssl (important)
openssl was updated to fix six security issues. The following vulnerabilities were fixed: CVE-2015-4000: The Logjam Attack / weakdh.org. Rject connections with DH parameters shorter than 768 bits, generates 2048-bit DH parameters by default. boo931698 CVE-2015-1788: Malformed ECParameters causes...
Security update for xen (important)
Xen was updated to fix eight vulnerabilities. The following vulnerabilities were fixed: CVE-2015-2751: Certain domctl operations may be abused to lock up the host XSA-127 boo922709 CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu XSA-128 boo931625 CVE-2015-4104:...
Security update for xen (important)
Xen was updated to 4.4.2 to fix multiple vulnerabilities and non-security bugs. The following vulnerabilities were fixed: CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu XSA-128 boo931625 CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests XSA-129...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.466 to fix multiple security issues. The following vulnerabilities were fixed: CVE-2015-3096: bypass for CVE-2014-5333 CVE-2015-3098: vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure CVE-2015-309...
Security update for cups (critical)
This update fixes the following issues: - CVE-2015-1158 and CVE-2015-1159 fixes a possible privilege escalation via cross-site scripting and bad print job submission used to replace cupsd.conf on server CUPS STR4609 CERT-VU-810572 CVE-2015-1158 CVE-2015-1159 bugzilla.suse.com bsc924208. In genera...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.466 to fix multiple security issues. The following vulnerabilities were fixed: CVE-2015-3096: bypass for CVE-2014-5333 CVE-2015-3098: vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure CVE-2015-309...
Security update for xen (important)
The XEN hypervisor was updated to fix two security issues: - Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host. CVE-2015-3456 - Xen did not initialize certain fields, which allowed certain remote...
Security update for flash-player (important)
The Adobe flash-player package was updated to version 11.2.202.460 to fix several security issues. The following vulnerabilities were fixed bsc930677: APSB15-09, CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079, CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083, CVE-2015-3084,...
Security update for qemu (important)
qemu was updated to fix a security issue: CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host...
Security update for qemu (important)
Qemu was updated to v2.1.3: See http://wiki.qemu-project.org/ChangeLog/2.1 for more information. This update includes a security fix: CVE-2015-3456: Fixed a buffer overflow in the floppy drive emulation, which could be used to denial of service attacks or potential code execution against the host...
Update to Firefox 31.7.0esr (important)
update to Firefox 31.7.0esr bnc930622 MFSA 2015-46/CVE-2015-2708 Miscellaneous memory safety hazards MFSA 2015-47/VE-2015-0797 bmo1080995 Buffer overflow parsing H.264 video with Linux Gstreamer MFSA 2015-48/CVE-2015-2710 bmo1149542 Buffer overflow with SVG content and CSS MFSA...
Security update for flash-player (important)
The Adobe flash-player package was updated to version 11.2.202.460 to fix several security issues. The following vulnerabilities were fixed bsc930677: APSB15-09, CVE-2015-3044, CVE-2015-3077, CVE-2015-3078, CVE-2015-3079, CVE-2015-3080, CVE-2015-3081, CVE-2015-3082, CVE-2015-3083, CVE-2015-3084,...
Security update for php5 (important)
PHP was updated to fix three security issues. The following vulnerabilities were fixed: CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 apache2handler, allow arbitrary code execution bnc928506 CVE-2015-3329: Specially crafted PHAR data could lead to...
Security update for wpa_supplicant (important)
The wireless network encryption and authentication daemon wpasupplicant was updated to fix a security issue. The following vulnerability was fixed: CVE-2015-1863: A buffer overflow in handling SSIDs in P2P management frames allowed attackers in radio range to crash, expose memory content or...
Security update for DirectFB (important)
DirectFB was updated to fix two security issues. The following vulnerabilities were fixed: CVE-2014-2977: Multiple integer signedness errors could allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based...
Security update for java-1_7_0-openjdk (important)
OpenJDK was updated to 2.5.5 - OpenJdk 7u79 to fix security issues and bugs: The following vulnerabilities were fixed: CVE-2015-0458: Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols. CVE-2015-0459: 2D: unauthenticated remote attackers could execute...
Security update for java-1_8_0-openjdk (important)
OpenJDK was updated to jdk8u45-b14 to fix security issues and bugs. The following vulnerabilities were fixed: CVE-2015-0458: Deployment: unauthenticated remote attackers could execute arbitrary code via multiple protocols. CVE-2015-0459: 2D: unauthenticated remote attackers could execute arbitrar...
Security update for xen (important)
Xen was updated to 4.3.4 to fix multiple vulnerabities and non-security bugs. The following vulnerabilities were fixed: - Long latency MMIO mapping operations are not preemptible XSA-125 CVE-2015-2752 bnc922705 - Unmediated PCI command register access in qemu XSA-126 CVE-2015-2756 bnc922706 -...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.457 to fix several security issues that could lead to remote code execution. An exploit for CVE-2015-3043 was reported to exist in the wild. The following vulnerabilities were fixed: Memory corruption vulnerabilities that could lead to code execution...
Security update for Adobe Flash Player (important)
Adobe Flash Player was updated to 11.2.202.457 to fix several security issues that could lead to remote code execution. An exploit for CVE-2015-3043 was reported to exist in the wild. The following vulnerabilities were fixed: Memory corruption vulnerabilities that could lead to code execution...
Security update for the Linux Kernel (important)
The Linux kernel was updated to fix various bugs and security issues. Following security issues were fixed: - CVE-2014-8173: A NULL pointer dereference flaw was found in the way the Linux kernels madvise MADVWILLNEED functionality handled page table locking. A local, unprivileged user could have...
Security update for Linux Kernel (important)
The Linux kernel was updated to fix bugs and security issues: Following security issues were fixed: - CVE-2015-1421: Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel allowed remote attackers to cause a denial of service slab corruption and...
Security update for Chromium (important)
Chromium was updated to 41.0.2272.118 to fix two security issues. The following vulnerabilities were fixed: A combination of V8, Gamepad and IPC bugs could lead to remote code execution outside of the sandbox CVE-2015-1233, boo925713 Buffer overflow via race condition in GPU CVE-2015-1234, boo925...