7848 matches found
Security update for MozillaFirefox, MozillaThunderbird, mozilla-nspr (important)
Mozilla Firefox and Thunderbird were updated to fix several important vulnerabilities. Mozilla Firefox was updated to 37.0.1. Mozilla Thunderbird was updated to 31.6.0. mozilla-nspr was updated to 4.10.8 as a dependency. The following vulnerabilities were fixed in Mozilla Firefox: Miscellaneous...
Security update for seamonkey (important)
SeaMonkey was updated to 2.33.1 to fix several vulnerabilities. The following vulnerabilities were fixed: Privilege escalation through SVG navigation CVE-2015-0818 Code execution through incorrect JavaScript bounds checking elimination CVE-2015-0817...
Security update for libXfont (important)
libXFont was updated to fix three vulnerabilities when parsing BDF files bnc921978 As libXfont is used by the X server to read font files, and an unprivileged user with access to the X server can tell the X server to read a given font file from a path of their choosing, these vulnerabilities have...
Security update for MozillaFirefox (important)
MozillaFirefox was updated to Firefox 36.0.4 to fix two critical security issues found during Pwn2Own: MFSA 2015-28/CVE-2015-0818 bmo1144988 Privilege escalation through SVG navigation MFSA 2015-29/CVE-2015-0817 bmo1145255 Code execution through incorrect JavaScript bounds checking elimination Al...
update to Firefox 31.5.3 (important)
Update to Firefox 31.5.3 bnc923534 MFSA 2015-28/CVE-2015-0818 bmo1144988 Privilege escalation through SVG navigation MFSA 2015-29/CVE-2015-0817 bmo1145255 Code execution through incorrect JavaScript bounds checking elimination - update to Firefox 31.5.0esr bnc917597 MFSA 2015-11/CVE-2015-0836...
kernel update for Evergreen 11.4, includes leap second deadlock fix (important)
kernel update for Evergreen 11.4, includes leap second deadlock fix and fixes for other security and stability issues...
Security update to Chromium 41.0.2272.76 (important)
Chromium was updated to 41.0.2272.76 bnc920825 Security fixes: CVE-2015-1212: Out-of-bounds write in media CVE-2015-1213: Out-of-bounds write in skia filters CVE-2015-1214: Out-of-bounds write in skia filters CVE-2015-1215: Out-of-bounds write in skia filters CVE-2015-1216: Use-after-free in v8...
flashplayer to version 11.2.202.451 (important)
Adobe Flash Player was updated to 11.2.202.451 bsc922033. These security issues were fixed: - Memory corruption vulnerabilities that could lead to code executionCVE-2016-0332,CVE-2015-0333, CVE-2015-0335, CVE-2015-0339. - Type confusion vulnerabilities that could lead to code...
Security update for flash-player (critical)
Adobe Flash Player was updated to 11.2.202.451 bsc922033. These security issues were fixed: - Memory corruption vulnerabilities that could lead to code execution CVE-2016-0332, CVE-2015-0333, CVE-2015-0335, CVE-2015-0339. - Type confusion vulnerabilities that could lead to code execution...
Security update for osc (important)
osc was updated to fix a security issue and some non-security bugs. osc was updated to 0.151.0, fixing the following vulnerability: fixed shell command injection via crafted service files CVE-2015-0778 boo901643 The following non-security bugs were fixed: fix times when data comes from OBS backen...
Security update for MozillaThunderbird (important)
MozillaThunderbird was updated to version 31.5.0 to fix four security issues. These security issues were fixed: - CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0831: Use-after-free in IndexedDB - CVE-2015-0827: Out-of-bounds read and write while rendering SVG content -...
Security update for chromium (important)
chromium was updated to version 40.0.2214.111 to fix 31 vulnerabilities. These security issues were fixed: - CVE-2015-1209: Use-after-free in DOM bnc916841. - CVE-2015-1210: Cross-origin-bypass in V8 bindings bnc916843. - CVE-2015-1211: Privilege escalation using service workers bnc916838. -...
Security update for php5 (important)
php5 was updated to fix two security issues. These security issues were fixed: - CVE-2014-9652: Out of bounds read in mconvert bnc917150. - CVE-2015-0273: Use after free vulnerability in unserialize with DateTimeZone bnc918768...
Security update for MozillaFirefox, mozilla-nss (important)
MozillaFirefox, mozilla-nss were updated to fix 18 security issues. MozillaFirefox was updated to version 36.0. These security issues were fixed: - CVE-2015-0835, CVE-2015-0836: Miscellaneous memory safety hazards - CVE-2015-0832: Appended period to hostnames can bypass HPKP and HSTS protections ...
Security update for snack (important)
snack was updated to fix one security issue. This security issue was fixed: - CVE-2012-6303: Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allowed remote attackers to cause a denial of service crash and...
Security update for samba (important)
samba was updated to fix two security issues. These security issues were fixed: - CVE-2015-0240: Ensure we don't call tallocfree on an uninitialized pointer bnc917376. - CVE-2014-8143: Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before 4.2rc4, when an Active Directory Domain...
Security update for clamav (important)
clamav was updated to version 0.98.6 that fixes bugs and several security issues: bsc916217, CVE-2015-1461: Remote attackers can have unspecified impact via Yoda's crypter or mew packer files. bsc916214, CVE-2015-1462: Unspecified impact via acrafted upx packer file. bsc916215, CVE-2015-1463:...
Security update for xen (important)
The XEN virtualization was updated to fix bugs and security issues: Security issues fixed: CVE-2015-0361: XSA-116: xen: xen crash due to use after free on hvm guest teardown CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation CVE-2014-9030: XSA-113: Guest effectable page reference lea...
update for flash-player (critical)
flash-player was updated to version 11.2.202.442 to fix 18 security issues. These security issues were fixed: - Use-after-free vulnerabilities that could lead to code execution CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, CVE-2015-0322. - Memory corruption vulnerabilities that could lead to code...
Security update for flash-player (critical)
flash-player was updated to version 11.2.202.442 to fix 18 security issues. These security issues were fixed: - Use-after-free vulnerabilities that could lead to code execution CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, CVE-2015-0322. - Memory corruption vulnerabilities that could lead to code...
Security update for xen (important)
The virtualization software XEN was updated to version 4.3.3 and also to fix bugs and security issues. Security issues fixed: CVE-2015-0361: XSA-116: xen: xen crash due to use after free on hvm guest teardown CVE-2014-9065, CVE-2014-9066: XSA-114: xen: p2m lock starvation CVE-2014-9030: XSA-113:...
Security update for seamonkey (important)
Mozilla seamonkey was updated to SeaMonkey 2.32 bnc910669 MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous memory safety hazards MFSA 2015-02/CVE-2014-8637 bmo1094536 Uninitialized memory use during bitmap rendering MFSA 2015-03/CVE-2014-8638 bmo1080987 sendBeacon requests lack an Origin...
Security update for java-1_7_0-openjdk (important)
OpenJDK was updated to 2.5.4 - OpenJDK 7u75 to fix security issues and bugs: Security fixes - S8046656: Update protocol support - S8047125, CVE-2015-0395: ref More phantom object references - S8047130: Fewer escapes from escape analysis - S8048035, CVE-2015-0400: Ensure proper proxy protocols -...
Security update for glibc (critical)
This update for glibc fixes the following security issue: CVE-2015-0235: A vulnerability was found and fixed in the GNU C Library, specifically in the function gethostbyname, that could lead to a local or remote buffer overflow. bsc913646...
Security update for flash-player (critical)
Adobe Flash Player was updated to 11.2.202.440 bsc914463: APSA15-01, CVE-2015-0311 - Update of flashplayer executable binary for i386 is not available. This binary was disabled. - Security update to 11.2.202.438 bsc914333: APSB15-02, CVE-2015-0310 - Security update to 11.2.202.429 bsc913057:...
glibc (critical)
CVE-2015-0235: A vulnerability was found and fixed in the GNU C Library, specifically in the function gethostbyname, that could lead to a local or remote buffer overflow. bsc913646...
Security update for libpng16 (important)
libpng was updated to fix some security issues: CVE-2014-9495 bnc912076: Heap-buffer overflow pngcombinerow with very wide interlaced images CVE-2015-0973 bnc912929: overflow in pngreadIDATdata libpng is now also build with -DPNGSAFELIMITSSUPPORTED...
Security update for flash-player (critical)
Adobe Flash Player was updated to 11.2.202.440 bsc914463, APSA15-01, CVE-2015-0311. More information can be found on https://helpx.adobe.com/security/products/flash-player/apsa15-01.html An update of flashplayer executable binary for i386 is currently not available. Disabled!...
update for Flash player (critical)
This update for Flash player fixes known security issues...
Firefox update to latest 31ESR release (important)
This update lifts Firefox to the latest 31 ESR release to fix known security issues...
Security update for openssl (important)
openssl was updated to 1.0.1k to fix various security issues and bugs. More information can be found in the openssl advisory: http://openssl.org/news/secadv20150108.txt Following issues were fixed: CVE-2014-3570 bsc912296: Bignum squaring BNsqr may have produced incorrect results on some platform...
Security update for flash-player (critical)
Adobe Flash Player was updated to 11.2.202.438 to fix one security isssue. http://helpx.adobe.com/security/products/flash-player/apsb15-02.html APSB15-02, CVE-2015-0310...
Security update for MozillaFirefox (important)
MozillaFirefox was updated to version 35.0 bnc910669 Notable features: Firefox Hello with new rooms-based conversations model Implemented HTTP Public Key Pinning Extension for enhanced authentication of encrypted connections Security fixes: MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous...
Security update for MozillaFirefox (important)
MozillaFirefox was updated to version 35.0 bnc910669 Notable features: Firefox Hello with new rooms-based conversations model Implemented HTTP Public Key Pinning Extension for enhanced authentication of encrypted connections Security fixes: MFSA 2015-01/CVE-2014-8634/CVE-2014-8635 Miscellaneous...
flashplayer to version 11.2.202.429 (important)
Following issues was resolved in this update: an improper file validation issue CVE-2015-0301, an information disclosure vulnerability that could be exploited to capture keystrokes on the affected system CVE-2015-0302, memory corruption vulnerabilities that could lead to code execution...
Security update for flash-player (important)
Adobe Flash Player was updated to 11.2.202.429 bsc913057: APSB15-01, CVE-2015-0301, CVE-2015-0302, CVE-2015-0303, CVE-2015-0304, CVE-2015-0305, CVE-2015-0306, CVE-2015-0307, CVE-2015-0308, CVE-2015-0309. - Disable flash player on machines without SSE2 bnc856386. More information can be found on...
kernel update for Evergreen 11.4 (important)
Kernel update for Evergreen 11.4, fixes CVE-2014-8133 CVE-2014-9090 CVE-2014-9322...
Security update for ntp (critical)
The network timeservice ntp was updated to fix critical security issues bnc910764, CERT VU852879 A potential remote code execution problem was found inside ntpd. The functions cryptorecv when using autokey authentication, ctlputdata, and configure where updated to avoid buffer overflows that coul...
Security update for clamav (important)
clamav was updated to version 0.98.5 to fix two security issues. These security issues were fixed: - Segmentation fault when processing certain files CVE-2013-6497. - Heap-based buffer overflow when scanning crypted PE files CVE-2014-9050. The following non-security issues were fixed: - Support f...
Security update for Linux Kernel (important)
The openSUSE 13.2 kernel was updated to version 3.16.7. These security issues were fixed: - CVE-2014-9322: A local privilege escalation in the x8664 32bit compatibility signal handling was fixed, which could be used by local attackers to crash the machine or execute code. bnc910251 - CVE-2014-909...
Security update for the Linux Kernel (important)
The openSUSE 13.1 kernel was updated to fix security issues and bugs: Security issues fixed: CVE-2014-9322: A local privilege escalation in the x8664 32bit compatibility signal handling was fixed, which could be used by local attackers to crash the machine or execute code. CVE-2014-9090: The...
Security update for ntp (critical)
The network timeservice ntp was updated to fix critical security issues bnc910764, CERT VU852879 A potential remote code execution problem was found inside ntpd. The functions cryptorecv when using autokey authentication, ctlputdata, and configure where updated to avoid buffer overflows that coul...
Security update for the Linux Kernel (important)
The openSUSE 12.3 kernel was updated to fix security issues: This will be the final kernel update for openSUSE 13.2 during its lifetime, which ends January 4th 2015. CVE-2014-9322: A local privilege escalation in the x8664 32bit compatibility signal handling was fixed, which could be used by loca...
Server crash caused by malformed network packet. (important)
Firebird server crashes when handling a malformed network packet...
Security update for flash-player (important)
flash-player received a security update to version to 11.2.202.425 bsc909219, which fixes: APSB14-27, CVE-2014-0580, CVE-2014-0587, CVE-2014-8443, CVE-2014-9162, CVE-2014-9163, CVE-2014-9164...
Security update for chromium (important)
chromium was updated to version 39.0.2171.65 to fix 13 security issues. These security issues were fixed: - Use-after-free in pepper plugins CVE-2014-7906. - Buffer overflow in OpenJPEG before r2911 in PDFium, as used in Google Chromebefore 39.0.2171.65, al... CVE-2014-7903. - Uninitialized memor...
Security update for flash-player (critical)
Flash-player was updated to version 11.2.202.245 fixing numerous vulnerabilities: memory corruption vulnerabilities that could lead to code execution CVE-2014-0587, CVE-2014-9164. use-after-free vulnerability that could lead to code execution CVE-2014-8443. stack-based buffer overflow vulnerabili...
fix server crash caused by malformed network packet. (important)
This patch contains a fix for Firebird server crashes when handling a malformed network packet...
Security update for docker (important)
docker was updated to version 1.3.2 to fix two security issues. These security issues were fixed: - Symbolic and hardlink issues leading to privilege escalation CVE-2014-6407. - Potential container escalation CVE-2014-6408. There non-security issues were fixed: - Fix deadlock in docker ps -f...
Security update for openvpn (important)
openvpn was updated to fix a denial-of-service vulnerability where an authenticated client could stop the server by triggering a server-side ASSERT bnc907764,CVE-2014-8104,...