Lucene search
K
OpensuseRecent

7843 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2014/03/25 10:4 a.m.30 views

perl-HTTP-Body: update to 1.19 release with security fixes (important)

perl-HTTP-Body was updated to 1.19 and also received a security fix for a potential remote code injection when upload files...

6.8CVSS2.2AI score0.02877EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/03/21 11:4 p.m.56 views

Mozilla updates 2014/03 (important)

This patch contains a collection of security relevant updates for Mozilla applications. Update Firefox to 24.4.0 bnc868603 Update Thunderbird to 24.4.0 Update NSPR to 4.10.4 Update NSS to 3.15.5 MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards MFSA 2014-17/CVE-2014-149...

10CVSS1AI score0.83633EPSS
Exploits31References4
OPENSUSE Linux
OPENSUSE Linux
added 2014/03/15 10:4 a.m.45 views

flash-player to 11.2.202.346 (important)

Adobe Flash Player was updated to version 11.2.202.346 to fix security issues: CVE-2014-0503: A vulnerability that could be used to bypass the same origin policy was fixed. CVE-2014-0504: A vulnerability that could be used to read the contents of the clipboard was fixed. More information can be...

6.4CVSS0.1AI score0.04293EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/03/14 9:4 p.m.30 views

flash-player to 11.2.202.346 (important)

Adobe Flash Player was updated to version 11.2.202.346 to fix security issues: CVE-2014-0503: A vulnerability that could be used to bypass the same origin policy was fixed. CVE-2014-0504: A vulnerability that could be used to read the contents of the clipboard was fixed. More information can be...

10CVSS0.1AI score0.09516EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/03/08 7:4 p.m.38 views

gnutls (critical)

The gnutls library was updated to fix SSL certificate validation. Remote man-in-the-middle attackers were able to make the verification believe that a SSL certificate is valid even though it was not. Also the TLS-CBC timing attack vulnerability was fixed...

5.8CVSS5.3AI score0.29958EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/03/06 10:4 a.m.25 views

percona-toolkit,xtrabackup: disable remote version check (important)

percona-toolkit and xtrabackup were updated: - disable automatic version check for all tools bnc864194 Prevents transmission of version information to an external host in the default configuration. CVE-2014-2029 Can be used by owner of a Percona Server or an attacker who can control this...

5.5CVSS3.6AI score0.01964EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/03/05 7:4 p.m.36 views

gnutls: fixed SSL certificate validation (critical)

The gnutls library was updated to fix SSL certificate validation. Remote man-in-the-middle attackers were able to make the verification believe that a SSL certificate is valid even though it was not...

5.8CVSS5.1AI score0.29958EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/03/05 8:4 a.m.39 views

gnutls: fixed SSL certificate validation problems (critical)

The gnutls library was updated to fixed x509 certificate validation problems, where man-in-the-middle attackers could hijack SSL connections. This update also reenables Elliptic Curve support to meet current day cryptographic requirements...

5.8CVSS2.9AI score0.29958EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/02/24 11:4 a.m.32 views

flash-player: update to 11.2.202.341 security release (critical)

Adobe Flash Player was updated to 11.2.202.341: bnc865021 APSB14-07, CVE-2014-0498 CVE-2014-0499 CVE-2014-0502 - Contents of flashplayer11sa.i386.tar.gz changed back: spec file updated, supplementary script update.sh updated...

10CVSS0.8AI score0.24204EPSS
Exploits4References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/02/24 8:4 a.m.38 views

flash-player: update to 11.2.202.341 security release (critical)

Adobe Flash Player was updated to 11.2.202.341: bnc865021 APSB14-07, CVE-2014-0498 CVE-2014-0499 CVE-2014-0502 - Contents of flashplayer11sa.i386.tar.gz changed back: spec file updated, supplementary script update.sh updated...

10CVSS0.8AI score0.24204EPSS
Exploits4References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/02/18 10:4 a.m.46 views

chromium to 32.0.1700.102 (important)

Chromium was updated to version 32.0.1700.102: Stable channel update: - Security Fixes: CVE-2013-6649: Use-after-free in SVG images CVE-2013-6650: Memory corruption in V8 and 12 other fixes - Other: Mouse Pointer disappears after exiting full-screen mode Drag and drop files into Chromium may not...

7.5CVSS1.3AI score0.02032EPSS
Exploits9References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/02/08 1:4 p.m.69 views

Mozilla updates February 2014 (important)

Updates for mozilla-nss 3.15.4 MozillaFirefox 24.3.0esr MozillaThunderbird 24.3.0 including fixes for the following issues: MFSA 2014-01/CVE-2014-1477/CVE-2014-1478 Miscellaneous memory safety hazards rv:27.0 / rv:24.3 MFSA 2014-02/CVE-2014-1479 bmo911864 Clone protected content with XBL scopes...

10CVSS2AI score0.07072EPSS
Exploits11References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/02/08 9:4 a.m.42 views

Mozilla Firefox 27 release (important)

Mozilla Firefox was updated to version 27. Mozilla Seamonkey was updated to 2.24, fixing similar issues as Firefox 27. Mozilla Thunderbird was updated to 24.3.0, fixing similar issues as Firefox 27. The Firefox 27 release brings TLS 1.2 support as a major security feature. It also fixes following...

10CVSS0.7AI score0.07072EPSS
Exploits12
OPENSUSE Linux
OPENSUSE Linux
added 2014/02/06 7:21 p.m.56 views

kernel to 3.11.10 (important)

The Linux Kernel was updated to version 3.11.10, fixing security issues and bugs: - floppy: bail out in open if drive is not responding to block0 read bnc773058. - compatsysrecvmmsg X32 fix bnc860993 CVE-2014-0038. - HID: usbhid: fix sis quirk bnc859804. - hwmon: coretemp Fix truncated name of...

7.2CVSS7.2AI score0.34649EPSS
Exploits24References21
OPENSUSE Linux
OPENSUSE Linux
added 2014/02/06 7:4 p.m.51 views

kernel: security and bugfix update (important)

The Linux kernel was updated to fix various bugs and security issues: - mm/page-writeback.c: do not count anon pages as dirtyable memory reclaim stalls. - mm/page-writeback.c: fix dirtybalancereserve subtraction from dirtyable memory reclaim stalls. - compatsysrecvmmsg X32 fix bnc860993...

7.2CVSS7.6AI score0.34649EPSS
Exploits27References28
OPENSUSE Linux
OPENSUSE Linux
added 2014/02/06 7:4 p.m.43 views

update flash-player to 11.2.202.336 (critical)

Flash Player received an out of band critical security update to fix an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system CVE-2014-0497. More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14 -04.html...

10CVSS2AI score0.99883EPSS
Exploits7References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/02/06 2:4 p.m.33 views

flash-player to 11.2.202.336 (critical)

Flash Player received an out of band critical security update to fix an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system CVE-2014-0497. More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14 -04.html...

10CVSS2AI score0.99883EPSS
Exploits7References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/01/24 11:4 p.m.29 views

flash-player to 11.2.202.335 (important)

Adobe Flash Player was updated to version 11.2.202.335: bnc858822 APSB14-02, CVE-2014-0491, CVE-2014-0492 More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14 -02.html...

10CVSS1.4AI score0.07117EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/01/03 10:4 p.m.16 views

acroread: not supported anymore (important)

Adobe discontinued the Adobe Reader 9 for Linux in June 2013 and has not fixed and will not fix any further security issues in it. As there is no new version, it is officially out of support. The SUSE Security Team strongly recommends to not use it anymore. Installing this update will deinstall t...

3.7AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/12/25 6:10 p.m.30 views

Fixes a local vulnerability (important)

Fixed CVE-2013-3709: make the secret token file secrettoken.rb readable only for the webyast user to avoid forging the session cookie bnc851116 reported by joernchen of Phenoelit...

7.2CVSS1.1AI score0.00481EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/12/25 6:8 p.m.30 views

Fixes a local vulnerability (important)

Fixed CVE-2013-3709: make the secret token file secrettoken.rb readable only for the webyast user to avoid forging the session cookie bnc851116 reported by joernchen of Phenoelit...

7.2CVSS1.1AI score0.00481EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/12/25 6:4 p.m.26 views

Fixes a local vulnerability (important)

Fixed CVE-2013-3709: make the secret token file secrettoken.rb readable only for the webyast user to avoid forging the session cookie bnc851116...

7.2CVSS1.2AI score0.00481EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/12/16 4:4 p.m.27 views

ca-certificates-mozilla: add, remove or blacklist some certificates (important)

The Mozilla CA certificates package was updated to match the current Mozilla revision 1.95 of certdata.txt. It blacklists some misused certificate authorities, adds some new and adjusts some others. On openSUSE 13.1 a problem with names was also fixed. distrust: AC DG Tresor SSL bnc854367 new:...

2.5AI score
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2013/12/13 3:4 p.m.38 views

Mozilla updates 2013/12 (important)

This patch contains mozilla-nss 3.15.3.1 which includes a certstore update 1.95 to explicitely revoke AC DG Tresor SSL intermediate CA which was misused. Firefox 24.2esr Thunderbird 24.2 Seamonkey 2.23 These updates fix several security issues: CVE-2013-5611 Mozilla: Application Installation...

10CVSS1.1AI score0.11076EPSS
Exploits13References2
OPENSUSE Linux
OPENSUSE Linux
added 2013/12/13 3:4 p.m.16 views

ca-certificates-mozilla: add, remove or blacklist some certificates (important)

The Mozilla CA certificates package was updated to match the current Mozilla revision 1.95 of certdata.txt. It blacklists some misused certificate authorities, adds some new and adjusts some others. On openSUSE 13.1 a problem with names was also fixed. distrust: AC DG Tresor SSL bnc854367 new:...

2.5AI score
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2013/12/12 6:5 p.m.42 views

chromium: update to 31.0.1650.57 (important)

Chromium was updated to 31.0.1650.57: Stable channel update: - Security Fixes: CVE-2013-6632: Multiple memory corruption issues. - Update to Chromium 31.0.1650.48 Stable Channel update: - Security fixes: CVE-2013-6621: Use after free related to speech input elements.. CVE-2013-6622: Use after fre...

10CVSS1.5AI score0.10117EPSS
Exploits5
OPENSUSE Linux
OPENSUSE Linux
added 2013/11/27 8:4 p.m.42 views

chromium: update to 31.0.1650.57 (important)

Chromium was updated to 31.0.1650.57: Stable channel update: - Security Fixes: CVE-2013-6632: Multiple memory corruption issues. - Update to Chromium 31.0.1650.48 bnc850430 Stable Channel update: - Security fixes: CVE-2013-6621: Use after free related to speech input elements.. CVE-2013-6622: Use...

10CVSS2.3AI score0.10117EPSS
Exploits4References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/11/27 8:4 p.m.41 views

chromium: 31.0.1650.57 version update (important)

Security and bugfix update to Chromium 31.0.1650.57 - Update to Chromium 31.0.1650.57: - Security Fixes: CVE-2013-6632: Multiple memory corruption issues. - Update to Chromium 31.0.1650.48 Stable Channel update: - Security fixes: CVE-2013-6621: Use after free related to speech input elements...

10CVSS1.9AI score0.10117EPSS
Exploits4References2
OPENSUSE Linux
OPENSUSE Linux
added 2013/11/21 12:4 p.m.39 views

flash-player to 11.2.202.327 (important)

Adobe Flash Player was updated to 11.2.202.327: bnc850220 APSB13-26, CVE-2013-5329, CVE-2013-5330...

10CVSS1.9AI score0.1129EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/11/18 1:5 p.m.29 views

openssh: security fix for remote code execution with AES-GCM (important)

openssh was updated to fix a memory corruption when AES-GCM is used which could lead to remote code execution after successful authentication. CVE-2013-4548...

6CVSS2.6AI score0.0267EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/11/17 3:4 p.m.39 views

flash-player to 11.2.202.327 (important)

Adobe Flash Player was updated to 11.2.202.327: bnc850220 APSB13-26, CVE-2013-5329, CVE-2013-5330...

10CVSS1.9AI score0.1129EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/11/07 11:4 a.m.43 views

Mozilla updates 10/2013 (important)

Update NSPR to 4.10.1 Update Thunderbird to 24.1.0 incl. enigmail 1.6 Update Firefox to 24.1.0esr Changes in MozillaFirefox: requires NSS 3.15.2 or above MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592 Miscellaneous memory safety hazards MFSA 2013-94/CVE-2013-5593 bmo868327 Spoofing...

10CVSS1.1AI score0.06493EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/11/07 10:4 a.m.70 views

Mozilla Suite: Update to October 2013 release (important)

MozillaFirefox was updated to Firefox 25.0. MozillaThunderbird was updated to Thunderbird 24.1.0. Mozilla XULRunner was updated to 17.0.10esr. Mozilla NSPR was updated to 4.10.1. Changes in MozillaFirefox: requires NSS 3.15.2 or above MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592...

10CVSS0.9AI score0.08894EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2013/10/16 6:4 p.m.57 views

chromium: 30.0.1599.66 security and bugfix update (important)

Update to Chromium 30.0.1599.66: - Easier searching by image - A number of new apps/extension APIs - Lots of under the hood changes for stability and performance - Security fixes: + CVE-2013-2906: Races in Web Audio + CVE-2013-2907: Out of bounds read in Window.prototype object + CVE-2013-2908:...

7.5CVSS10AI score0.02531EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2013/09/17 12:4 p.m.25 views

update for flash-player (important)

Adobe flash-player has been updated to version 11.2.202.310 ABSP13-21 which fixes bugs and security issues. bnc839897 These updates resolve memory corruption vulnerabilities that could lead to code execution. CVE-2013-3361, CVE-2013-3362, CVE-2013-3363, CVE-2013-5324...

10CVSS4.6AI score0.05759EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/08/22 3:4 p.m.27 views

puppet: security fix for YAML support (critical)

A potential remote code execution via YAML was fixed in puppet. CVE-2013-3567...

7.5CVSS3AI score0.03408EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/08/19 12:4 p.m.44 views

update for bind (important)

A specially crafted query with malicious rdata could have caused a crash DoS in named...

7.8CVSS2.8AI score0.3415EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/08/19 11:4 a.m.38 views

bind: 9.9.3P2 security and bugfix update (important)

The BIND nameserver was updated to 9.9.3P2 to fix a security issue where incorrect bounds checking on private type 'keydata' could lead to a remotely triggerable REQUIRE failure. CVE-2013-4854, bnc831899...

7.8CVSS1.5AI score0.3415EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/08/16 3:4 p.m.35 views

update for samba (important)

This update of samba fixed the following issues: - The pamwinbind requiremembershipof option allows for a list of SID, but currently only provides buffer space for 20; bnc806501. - Samba 3.0.x to 4.0.7 are affected by a denial of service attack on authenticated or guest connections; CVE-2013-4124...

5CVSS0.1AI score0.69008EPSS
Exploits7References12
OPENSUSE Linux
OPENSUSE Linux
added 2013/08/16 3:4 p.m.27 views

update for MozillaFirefox, MozillaThunderbird, mozilla-nspr, mozilla-nss, seamonkey, xulrunner (important)

Changes in seamonkey: - update to SeaMonkey 2.20 bnc833389 MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards MFSA 2013-64/CVE-2013-1704 bmo883313 Use after free mutating DOM during SetBody MFSA 2013-65/CVE-2013-1705 bmo882865 Buffer underflow when generating CRMF reques...

10CVSS0.4AI score0.40118EPSS
Exploits14References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/08/14 12:4 p.m.32 views

update for phpMyAdmin (important)

This version upgrade of phpMyAdmin fixed various security issues SQL injection, XSS, full path disclosure, Clickjacking...

4.3CVSS3.2AI score0.02276EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2013/08/14 3:8 a.m.31 views

update for samba (important)

This update of samba fixed the following issues: - The pamwinbind requiremembershipof option allows for a list of SID, but currently only provides buffer space for 20; bnc806501. - Samba 3.0.x to 4.0.7 are affected by a denial of service attack on authenticated or guest connections; CVE-2013-4124...

5CVSS0.3AI score0.69008EPSS
Exploits7References9
OPENSUSE Linux
OPENSUSE Linux
added 2013/08/14 3:5 a.m.44 views

Mozilla updates August 2013 (important)

This patch contains updates for - Firefox to 23.0 - xulrunner to 17.0.8esr - Thunderbird to 17.0.8 - mozilla-nspr to 4.10 - mozilla-nss to 3.15,1 MFSA 2013-63/CVE-2013-1701/CVE-2013-1702 Miscellaneous memory safety hazards MFSA 2013-64/CVE-2013-1704 bmo883313 Use after free mutating DOM during...

10CVSS1.4AI score0.40118EPSS
Exploits14References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/07/12 11:4 p.m.27 views

flash-player for APSB13-17 (important)

This update fixes APSB13-17, several security problems in the Adobe Flash Player: CVE-2013-3344, CVE-2013-3345, CVE-2013-3347...

10CVSS2.3AI score0.08031EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/07/12 10:4 p.m.31 views

flash-player for APSB13-17 (important)

This update fixes APSB13-17, several security problems in the Adobe Flash Player: CVE-2013-3344, CVE-2013-3345, CVE-2013-3347 For more see https://bugzilla.novell.com/showbug.cgi?id=828810...

10CVSS0.6AI score0.08031EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/07/12 2:4 p.m.29 views

Mesa: security fixes for Intel drivers (important)

Mesa was updated to fix a security problem in the Intel drivers, where potentially remote attackers via 3D models could inject code. CVE-2013-1872 - i965: fix problem with constant out of bounds access bnc 828007...

6.8CVSS5.8AI score0.02609EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/07/12 9:4 a.m.48 views

3.0.80 kernel update (important)

The kernel was updated to Linux kernel 3.0.80, fixing various bugs and security issues. Following security issues were fixed: CVE-2013-0160: Timing side channel on attacks were possible on /dev/ptmx that could allow local attackers to predict keypresses like e.g. passwords. This has been fixed...

6.9CVSS1.3AI score0.01557EPSS
Exploits12References48
OPENSUSE Linux
OPENSUSE Linux
added 2013/07/11 6:4 a.m.56 views

update to SeaMonkey 2.19 (important)

Seamonkey was updated to version 2.19 MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer MFSA 2013-51/CVE-2013-1687 bmo863933, bmo866823 Privileged content access and...

10CVSS3AI score0.69021EPSS
Exploits11References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/07/04 12:4 p.m.53 views

xulrunner: 17.0.7esr (important)

Mozilla xulrunner was update to 17.0.7esr bnc825935 Security issues fixed: MFSA 2013-49/CVE-2013-1682 Miscellaneous memory safety hazards MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer MFSA 2013-51/CVE-2013-1687 bmo863933, bmo866823 Privileg...

10CVSS3.5AI score0.69021EPSS
Exploits9References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/07/04 12:4 p.m.48 views

MozillaFirefox: Update to Firefox 22.0 release (important)

MozillaFirefox was updated to Firefox 22.0 bnc825935 Following security issues were fixed: MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer MFSA 2013-51/CVE-2013-1687...

10CVSS1.8AI score0.69021EPSS
Exploits11References1
Total number of security vulnerabilities7843