Download
| Alert*
|
oval:org.secpod.oval:def:89000384
This update for perl-PlRPC fixes the following issues: - Security notice: [bsc#858243, CVE-2013-7284] * Document security vulnerability on Storable and reply attack - Add perl-PlRPC-CVE-2013-7284.patch oval:org.secpod.oval:def:89000005 SUSE Linux Enterprise Server 12 SP5 is installed oval:org.secpod.oval:def:89043978 This is a security test update for SUSE:SLE-12-SP5:Update oval:org.secpod.oval:def:89045542 This update for unrar to version 5.6.1 fixes several issues. These security issues were fixed: - CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file . - CVE ... oval:org.secpod.oval:def:89000529 This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND=quot;ldapquot; was used . - Changed DB_CONFIG to root:ldap permissions . - Fixed an issue where slapd becomes unresponsive after many fai ... oval:org.secpod.oval:def:89046429 This update of oracleasm fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89046734 This update of dpdk fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89003265 This update for cups fixes the following issues: - CVE-2019-8675: Fixed a stack buffer overflow in libcups"s asn1_get_type function. - CVE-2019-8696: Fixed a stack buffer overflow in libcups"s asn1_get_packed function . oval:org.secpod.oval:def:89003012 This update for ovmf fixes the following issues: - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler . - Use openSUSE CA for the opensuse flavor oval:org.secpod.oval:def:89003130 This update for aspell fixes the following issues: - CVE-2019-17544: Fixed a stack-based buffer over-read in acommon:unescape in common/getdata.cpp via an isolated backslash . oval:org.secpod.oval:def:89003131 This update for ghostscript fixes the following issue: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code . oval:org.secpod.oval:def:89003016 This update for ucode-intel fixes the following issues: - Intel CPU Microcode updated to 20201027 prerelease - CVE-2020-8695: Fixed Intel RAPL sidechannel attack - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 # New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New V ... oval:org.secpod.oval:def:89003018 This update for bluez fixes the following issues: - CVE-2020-0556: Fixed improper access control which may lead to escalation of privilege and denial of service by an unauthenticated user . oval:org.secpod.oval:def:89003248 This update for libcaca fixes the following issues: Security issues fixed: - CVE-2018-20544: Fixed a floating point exception at caca/dither.c - CVE-2018-20545: Fixed a WRITE memory access in the load_image function at common-image.c for 4bpp - CVE-2018-20546: Fixed a READ memory access in the get ... oval:org.secpod.oval:def:89003233 This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigated ECDSA timing attack oval:org.secpod.oval:def:89003184 This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder . - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder . - CVE-2019-1000019: Fixed an Out-Of-Bounds Read vulnerability in 7zip decompr ... oval:org.secpod.oval:def:89003065 This update for libpcap fixes the following issues: - CVE-2019-15165: Added sanity checks for PHB header length before allocating memory . - CVE-2018-16301: Fixed a buffer overflow . oval:org.secpod.oval:def:89003181 This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs oval:org.secpod.oval:def:89003179 This update for libseccomp fixes the following issues: Update to new upstream release 2.4.1: * Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 : * Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS ... oval:org.secpod.oval:def:89003171 This update for dovecot22 fixes the following issues: - CVE-2019-11500: Fixed a potential remote code execution in the IMAP and ManageSieve protocol parsers . oval:org.secpod.oval:def:89003044 This update for perl fixes the following issues: Security issue fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment . oval:org.secpod.oval:def:89003039 This update for permissions fixes the following issues: Security issues fixed: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary . - CVE-2019-3690: Fixed a privilege escalation through untrusted ... oval:org.secpod.oval:def:89003089 This update for xen fixes the following issues: - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm . - CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 . - CVE-2019-19583: Fixed improper checks which could have allowed HVM ... oval:org.secpod.oval:def:89003075 This update for accountsservice fixes the following issues: Security issue fixed: - CVE-2018-14036: Prevent directory traversal caused by an insufficient path check in user_change_icon_file_authorized_cb . Non-security issue fixed: - Improved wtmp io performance . oval:org.secpod.oval:def:89003076 This update for dhcp fixes the following issues: Secuirty issue fixed: - CVE-2019-6470: Fixed DHCPv6 server crashes . Bug fixes: - Add compile option --enable-secs-byteorder to avoid duplicate lease warnings . - Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6 . oval:org.secpod.oval:def:89003194 This update for libjpeg-turbo fixes the following issues: - CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. [bsc#1156402] oval:org.secpod.oval:def:89002932 This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201110 official release. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack INTEL-SA-00389 - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 - CVE-2020-8696: Vector Register Sampling Acti ... oval:org.secpod.oval:def:89002923 This update for gcc10 fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with quot;-10quot; suffix, you can specify ... oval:org.secpod.oval:def:89002918 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation . - CVE-2019-14553: Fixed the TLS certification verification in HTTPS-over-IPv6 boot sequences . - CVE-2019-14559: Fixed a remotely exploitabl ... oval:org.secpod.oval:def:89002914 This update for systemd fixes the following issues: - CVE-2019-20386: Fixed a memory leak when executing the udevadm trigger command . - Renamed the persistent link for ATA devices - shared/install: try harder to find enablement symlinks when disabling a unit - tmpfiles: removed unnecessary assert ... oval:org.secpod.oval:def:89002974 This update for LibVNCServer fixes the following issues: - CVE-2019-15690: Fixed a heap buffer overflow . - CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory . - CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large h ... oval:org.secpod.oval:def:89044017 This is a security test update for SUSE:SLE-12-SP5:Update oval:org.secpod.oval:def:89044004 This update for freeradius-server fixes the following issues: - move logrotate options into specific parts for each log as global options will persist past and clobber global options in the main logrotate config oval:org.secpod.oval:def:89002956 This update for cyrus-sasl fixes the following issues: - CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet . oval:org.secpod.oval:def:89002947 This update for PackageKit fixes the following issues: - CVE-2020-16121: Fixed an information disclosure in InstallFiles, GetFilesLocal and GetDetailsLocal . oval:org.secpod.oval:def:89002946 This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters . oval:org.secpod.oval:def:89002937 This update for dpdk fixes the following issues: - CVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base . - CVE-2020-10723: Fixed an integer truncation in vhost_user_check_and_alloc_queue_pair . - CVE-2020-10724: Fixed a missing inputs validation in Vhost-crypto . oval:org.secpod.oval:def:89002894 This update for vim fixes the following issues: - CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces . oval:org.secpod.oval:def:89044211 This update for gdm fixes the following issues: - Avoid the signal SIGTRAP when gdm exits . oval:org.secpod.oval:def:89002889 This update for libjpeg-turbo fixes the following issues: - CVE-2020-13790: Fixed a heap-based buffer over-read via a malformed PPM input file . oval:org.secpod.oval:def:89002990 This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:89002870 This update for ovmf fixes the following issues: - CVE-2019-14584: Fixed a null dereference in AuthenticodeVerify . oval:org.secpod.oval:def:89044236 This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - Avoid free"ing our own pointer in memcache when memcache_trim attempts to reduce cache size . - Adjust smbcacls "--propagate-inheritance" feature to align with upstream . oval:org.secpod.oval:def:89044235 This update for java-1_7_0-openjdk fixes the following issues: - Update to 2.6.25 - OpenJDK 7u291 * Security fixes + JDK-8247619: Improve Direct Buffering of Characters * Import of OpenJDK 7 u291 build 1 + JDK-8254177: Upgrade time-zone data to tzdata2020b + JDK-8254982: Upgrade time-zone data to ... oval:org.secpod.oval:def:89002989 This update for bind fixes the following issues: Security issues fixed: - CVE-2020-8616: Fixed the insufficient limit on the number of fetches performed when processing referrals . - CVE-2020-8617: Fixed a logic error in code which checks TSIG validity . Non-security issue fixed: - Fixed an invalid ... oval:org.secpod.oval:def:89003409 This update for mariadb-100 fixes the following issues: Security issue fixed: - CVE-2019-2974: Fixed Server Optimizer . oval:org.secpod.oval:def:89003103 This update for bluez fixes the following issue: - CVE-2016-9798: Fixed a use-after-free in conf_opt . oval:org.secpod.oval:def:89003224 This update for ibus fixes the following issues: Security issue fixed: - CVE-2019-14822: Fixed a misconfiguration of the DBus server that allowed an unprivileged user to monitor and send method calls to the ibus bus of another user oval:org.secpod.oval:def:89003461 This update for gdb fixes the following issues: Update to gdb 8.3.1: Security issues fixed: - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version gt; librpm.so.3 [bsc#1145692]: * Allow a ... oval:org.secpod.oval:def:89003214 This update for sqlite3 fixes the following issues: - CVE-2017-2518: Fixed a use-after-free vulnerability which could have led to buffer overflow via a crafted SQL statement . oval:org.secpod.oval:def:89044284 This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update which could have caused named to terminate unexpectedly . - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the ... oval:org.secpod.oval:def:89003439 This update for libssh2_org fixes the following issues: - Fix the previous fix for CVE-2019-3860 oval:org.secpod.oval:def:89003084 This update for ghostscript to 9.27 fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. - CVE-2019 ... oval:org.secpod.oval:def:89045547 This update for aspell fixes the following issues: - CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top . oval:org.secpod.oval:def:89003003 This update for postgresql10 fixes the following issues: Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89047808 This update for tcl fixes the following issues: - Fixed a race condition in test socket-13.1. - Removed the SQLite extension and use the packaged sqlite3 instead . oval:org.secpod.oval:def:89044232 This update for apache-commons-io fixes the following issues: - CVE-2021-29425: Limited path traversal when invoking the method FileNameUtils.normalize with an improper input string . oval:org.secpod.oval:def:89002972 This update for LibVNCServer fixes the following issues: - CVE-2020-25708 [bsc#1178682], libvncserver/rfbserver.c has a divide by zero which could result in DoS oval:org.secpod.oval:def:89003383 This update for java-1_7_0-openjdk fixes the following issues: Security issues fixed : - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes - CVE-2019-2964: Better support for patt ... oval:org.secpod.oval:def:89003034 This update for java-11-openjdk fixes the following issues: Security issues fixed : - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes - CVE-2019-2964: Better support for pattern ... oval:org.secpod.oval:def:89003474 This update for mailman fixes the following issues: - CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root . oval:org.secpod.oval:def:89045605 This update for gstreamer-plugins-good fixes the following issues: - CVE-2021-3497: Matroskademux: Fix extraction of multichannel WavPack . oval:org.secpod.oval:def:89002873 This update for systemd provides the following fixes: - CVE-2020-1712 Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or potentially execute cod ... oval:org.secpod.oval:def:89045795 This update for libarchive fixes the following issues: - CVE-2019-19221: Fixed out-of-bounds read caused by incorrect mbrtowc or mbtowc call - backporting symlink security fixes from 3.5.2: - extracting with ACLs modifies ACLs of target - modifies file flags of target - avoid follow on fixup entr ... oval:org.secpod.oval:def:89045554 This update for openssl-1_0_0 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89045102 This update for permissions fixes the following issues: - Fork package for 12-SP5 - make btmp root:utmp - pcp: remove no longer needed / conflicting entries . Fixes a potential security issue. - do not follow symlinks that are the final path element - fix handling of relative directory symlinks i ... oval:org.secpod.oval:def:89003240 This update for mariadb to version 10.2.29 fixes the following issues: MariaDB was updated to 10.2.29 Security issues fixed: - CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service - CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause deni ... oval:org.secpod.oval:def:89003122 This update for sysstat fixes the following issue: - CVE-2019-16167: Fixed a memory corruption due to an integer overflow oval:org.secpod.oval:def:89048082 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.60 state of Mozilla SSL root CAs Removed CAs: - Global Chambersign Root - EC-ACC - Network Solutions Certificate Authority - Staat der Nederlanden EV Root CA - SwissSign Platinum CA - G2 Added CAs: - DIGITALSIGN GLOB ... oval:org.secpod.oval:def:89003021 This update for tigervnc fixes the following issues: - CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder . - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode . - CVE-2019-15693: Fixed a heap-based buffer overflow in TightDecoder::Filte ... oval:org.secpod.oval:def:89003005 This update for postgresql12 fixes the following issues: Upgrade to version 12.5: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89045771 This update for postgresql12 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045796 This update for postgresql10 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045567 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:89002906 This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU . - Fixed a packaging issue where samba_winbind package was installing python3-base without python3 . - Fi ... oval:org.secpod.oval:def:89000695 This update for ghostscript to version 9.52 fixes the following issues: - CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2_image_compose . oval:org.secpod.oval:def:89045778 This update for postgresql, postgresql13 and postgresql14 fixes the following issues: Security issues fixed: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshak ... oval:org.secpod.oval:def:89045576 This update for libesmtp fixes the following issues: - CVE-2019-19977: Fix stack-based buffer over-read in ntlm/ntlmstruct.c . oval:org.secpod.oval:def:89045568 This update for file fixes the following issues: - CVE-2019-18218: Fixed heap-based buffer overflow in cdf_read_property_info in cdf.c . oval:org.secpod.oval:def:89002953 This update for python-PyYAML fixes the following issues: - CVE-2020-1747: Fixed an arbitrary code execution when YAML files are parsed by FullLoader . oval:org.secpod.oval:def:89045095 This update for systemd fixes the following issues: - CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape - Fixed a regression with hostnamectl and timedatectl - Fixed permissions for /usr/lib/udev/compat-symlink-generation Special Instructions and Notes: Please reboot ... oval:org.secpod.oval:def:89003120 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 68.3esr Security issues fixed: - CVE-2019-17008: Fixed a use-after-free in worker destruction - CVE-2019-13722: Fixed a stack corruption due to incorrect number of arguments in WebRTC code - CVE-2019-11745: ... oval:org.secpod.oval:def:89003390 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 - CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sa ... oval:org.secpod.oval:def:89045793 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-afte ... oval:org.secpod.oval:def:89046072 This update for gnutls fixes the following issues: - CVE-2021-4209: Fixed null pointer dereference in MD_UPDATE . oval:org.secpod.oval:def:89046014 This update for gnutls fixes the following issues: - CVE-2021-4209: Fixed null pointer dereference in MD_UPDATE . oval:org.secpod.oval:def:89045553 This update for openssl-1_1 fixes the following security issues: - CVE-2021-3711: A bug in the implementation of the SM2 decryption code could lead to buffer overflows. [bsc#1189520] - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious a ... oval:org.secpod.oval:def:89045582 This update for apache2-mod_auth_mellon fixes the following issues: - CVE-2021-3639: Fixed Open Redirect vulnerability in logout URLs . oval:org.secpod.oval:def:89000668 This update for squid fixes the following issues: squid was updated to version 4.12 Security issue fixed: - CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake . Other issues addressed: - Reverted to slow search for new SMP shm pages due ... oval:org.secpod.oval:def:89002876 This update for gcc9 fixes the following issues: The GNU Compiler Collection is shipped in version 9. A detailed changelog on what changed in GCC 9 is available at https://gcc.gnu.org/gcc-9/changes.html The compilers have been added to the SUSE Linux Enterprise Toolchain Module. To use these compile ... oval:org.secpod.oval:def:89003263 This update for tiff fixes the following issues: Security issues fixed: - CVE-2019-14973: Fixed an improper check which was depended on the compiler which could have led to integer overflow . - CVE-2016-5102: Fixed a buffer overflow in readgifimage - CVE-2018-17000: Fixed a NULL pointer dereference ... oval:org.secpod.oval:def:89003293 This update for binutils fixes the following issues: binutils was updated to current 2.32 branch @7b468db3 [jsc#ECO-368]: Includes the following security fixes:. oval:org.secpod.oval:def:89003117 This update for glib2 provides the following fix: Security issues fixed: - CVE-2019-12450: Fixed an improper file permission when copy operation takes place . - CVE-2018-16428: Avoid a null pointer dereference that could crash glib2 users in markup processing . - CVE-2018-16429: Fixed out-of-bounds ... oval:org.secpod.oval:def:89048668 This update of oracleasm fixes the following issues: * rebuild the package with the new secure boot key . oval:org.secpod.oval:def:89048546 This update of grub2 fixes the following issues: * rebuild the package with the new secure boot key . oval:org.secpod.oval:def:89048538 This update of dpdk fixes the following issues: * rebuild the package with the new secure boot key . oval:org.secpod.oval:def:89048605 This update for perl-Net-Server fixes the following issues: * CVE-2013-1841: Fixed insufficient hostname access checking . oval:org.secpod.oval:def:89044234 This update for cups fixes the following issues: - CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks oval:org.secpod.oval:def:89047037 This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths . - Add capability for prometheus-blackbox_exporter . - Make btmp root:utmp . oval:org.secpod.oval:def:89047012 This update for libjpeg-turbo fixes the following issues: - CVE-2020-35538: Fixed null pointer dereference in jcopy_sample_rows function . oval:org.secpod.oval:def:89047668 This update for jasper fixes the following issues: - CVE-2022-2963: Fixed memory leaks in function cmdopts_parse . oval:org.secpod.oval:def:89046061 This update for jasper fixes the following issues: - CVE-2021-27845: Fixed divide-by-zery issue in cp_create . oval:org.secpod.oval:def:89046056 This update for virglrenderer fixes the following issues: - CVE-2022-0135: Fixed out-of-bonds write in read_transfer_data . oval:org.secpod.oval:def:89048767 This update for openssl-ibmca fixes the following issues: * Fixed a timing-based side channel attack in RSA in the IBMCA engine oval:org.secpod.oval:def:89048705 This update provides updated tftboot-installation images, rebuilt with current shim and kernels oval:org.secpod.oval:def:89003093 This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an arbitrary command execution . oval:org.secpod.oval:def:89045540 This update for cpio fixes the following issues: - A patch previously applied to remedy CVE-2021-38185 introduced a regression that had the potential to cause a segmentation fault in cpio. [bsc#1189465] oval:org.secpod.oval:def:89003276 This update for cpio fixes the following issues: - CVE-2019-14866: Fixed an improper validation of the values written in the header of a TAR file through the to_oct function which could have led to unexpected TAR generation . oval:org.secpod.oval:def:89000548 This update for taglib fixes the following issues: - CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function allowed remote attackers to cause information disclosure via a crafted audio file . oval:org.secpod.oval:def:89048179 This update for bluez fixes the following issues: - CVE-2022-39176: Fixed a memory safety issue that could allow physically proximate attackers to obtain sensitive information . - CVE-2022-39177: Fixed a memory safety issue that could allow physically proximate attackers to cause a denial of service ... oval:org.secpod.oval:def:89003278 This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of ... oval:org.secpod.oval:def:89047670 This update for clone-master-clean-up fixes the following issues: - CVE-2021-32000: Fixed some potentially dangerous file system operations . Bugfixes: - Fixed failures to remove btrfs snapshots . oval:org.secpod.oval:def:89045563 This update for python-PyYAML fixes the following issues: - Update to 5.3.1. - CVE-2020-14343: A vulnerability was discovered in the PyYAML library, where it was susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. ... oval:org.secpod.oval:def:89044299 This update for python36 fixes the following issues: - CVE-2021-3426: Fixed an information disclosure via pydoc . oval:org.secpod.oval:def:89003366 This update for ncurses fixes the following issues: Security issue fixed: - - CVE-2019-17594: Fixed a heap-based buffer over-read in _nc_find_entry function in tinfo/comp_hash.c . - CVE-2019-17595: Fixed a heap-based buffer over-read in fmt_entry function in tinfo/comp_hash.c . Bug fixes: - Fixed pp ... oval:org.secpod.oval:def:89048940 This update for supportutils fixes the following issues: Security fixes: * CVE-2022-45154: Removed iSCSI passwords from supportconfig archive . Bug fixes: * Fixed missing status detail for apparmor * Corrected invalid argument list in docker.txt * Changed _sanitize_file to include lio_setup.sh oval:org.secpod.oval:def:89048080 This update for freeradius-server fixes the following issues: - CVE-2022-41859: Fixes an information leakage in EAP-PWD . - CVE-2022-41860: Fixes a crash on unknown option in EAP-SIM . - CVE-2022-41861: Fixes a crash on invalid abinary data . oval:org.secpod.oval:def:89048116 This update for net-snmp fixes the following issues: - CVE-2022-44793: Fixed a NULL pointer dereference issue that could allow a remote attacker with write access to crash the server instance . - CVE-2022-44792: Fixed a NULL pointer dereference issue that could allow a remote attacker with write acc ... oval:org.secpod.oval:def:89048976 This update for bluez fixes the following issues: * CVE-2023-27349: Fixed crash while handling unsupported events . oval:org.secpod.oval:def:89048031 This update for colord fixes the following issues: - CVE-2021-42523: Fixed a small memory leak in sqlite3_exec . oval:org.secpod.oval:def:89048021 This update for busybox fixes the following issues: - CVE-2022-30065: Fixed use-after-free in the AWK applet . oval:org.secpod.oval:def:89048020 This update for LibVNCServer fixes the following issues: - CVE-2020-29260: Fixed memory leakage via rfbClientCleanup . oval:org.secpod.oval:def:89047681 This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser . oval:org.secpod.oval:def:89048887 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230512 release. * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL-N | A0 | 06-be-00/01 | | 0000 ... oval:org.secpod.oval:def:89047044 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:89046080 This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb . - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image . - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS ... oval:org.secpod.oval:def:89046090 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:89049103 This update for java-1_8_0-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 6 : * Fixed issue in Java Virtual Machine where outofmemory killer terminates the jvm due to failure in control groups detection. oval:org.secpod.oval:def:89049237 This update for tomcat fixes the following issues: * Remove the log4j dependency as it is not used by the tomcat package Security hardening, related to Spring Framework vulnerabilities: \- Deprecate getResources and always return null . oval:org.secpod.oval:def:89049304 This update for ca-certificates-mozilla fixes the following issues: * Updated to 2.62 state of Mozilla SSL root CAs Added: * Atos TrustedRoot Root CA ECC G2 2020 * Atos TrustedRoot Root CA ECC TLS 2021 * Atos TrustedRoot Root CA RSA G2 2020 * Atos TrustedRoot Root CA RSA TLS 2021 * BJCA Global Root ... oval:org.secpod.oval:def:89049094 This update of installation-images fixes the following issues: * rebuild the package with the new secure boot key . oval:org.secpod.oval:def:89049205 This update for javapackages-tools, javassist, mysql-connector-java, protobuf, python-python-gflags contains the following fixes: Changes in mysql-connector-java: \- Restrict license to GPL-2.0-only \- Fix README adjustments \- Depend on log4j rather than log4j-mini and adjust log4j dependencies to ... oval:org.secpod.oval:def:89048043 This update for zabbix fixes the following issues: - CVE-2022-43515: X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode . oval:org.secpod.oval:def:89003199 This update for libssh2_org fixes the following issue: - CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service . oval:org.secpod.oval:def:89002971 This update for samba fixes the following issues: - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing . oval:org.secpod.oval:def:89049183 This update for gnuplot fixes the following issues: * CVE-2020-25969: Fixed buffer overflow via the function plotrequest . * CVE-2020-25559: Fixed double free when executing print_set_output . oval:org.secpod.oval:def:89049421 This update for busybox fixes the following issues: * CVE-2022-48174: Fixed stack overflow vulnerability oval:org.secpod.oval:def:89000441 This update for xen to version 4.12.2 fixes the following issues: Security issues fixed: - CVE-2020-11742: Bad continuation handling in GNTTABOP_copy . - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues . - CVE-2020-11739: Missing memory barriers in read-write unlock paths . - C ... oval:org.secpod.oval:def:89000129 This update for wicked fixes the following issues: Security issues fixed: - CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options . - CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IA_PD option . - CVE-2020-7216: Fixed a potential denial of service v ... oval:org.secpod.oval:def:89000157 This update for mariadb fixes the following issues: MariaDB was updated to version 10.2.31 GA . Security issues fixed: - CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client . - CVE-2019-18901: Fixed an unsafe path handling behavior in mysql-systemd- ... oval:org.secpod.oval:def:89000138 This update for mgetty fixes the following issues: - CVE-2019-1010190: Fixed a denial of service which could be caused by a local attacker in putwhitespan . oval:org.secpod.oval:def:89000363 This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues: - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method . - CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images . - CVE-2020-6825: Fixed Memory ... oval:org.secpod.oval:def:89000542 This update for Mesa fixes the following issues: Security issue fixed: - CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability . oval:org.secpod.oval:def:89044266 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ... oval:org.secpod.oval:def:89002960 This is a version update for ceph to version 12.2.13: Security issue fixed: - CVE-2020-10753: Fixed an HTTP header injection via CORS ExposeHeader tag . - Notable changes in this update for ceph: * mgr: telemetry: backported and now available on SES5.5. Please consider enabling via quot;ceph telemet ... oval:org.secpod.oval:def:89002962 This update for ceph fixes the following issues: - CVE-2020-12059: Fixed a denial of service caused by a specially crafted XML payload on POST requests . oval:org.secpod.oval:def:89002949 This update for ceph fixes the following issues: - CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting . oval:org.secpod.oval:def:89046099 This update for tomcat fixes the following issues: Security issues fixed: - CVE-2022-23181: Fixed time of check, time of use vulnerability that allowed local privilege escalation. - Remove log4j dependency, which is currently directly in use - Make the package RPM conflict even more specific to co ... oval:org.secpod.oval:def:89048162 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - CVE-2022-37966: Fixed an issue where a weak cipher would be selected to encrypt session ... oval:org.secpod.oval:def:89048527 This update for libX11 fixes the following issues: * Fixed regression introduced with security update for CVE-2022-3555 oval:org.secpod.oval:def:89003420 This update for apache2-mod_perl fixes the following issues: Security issue fixed: - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account . Other issue addressed: - Restore process name after sv_setpv_mg call oval:org.secpod.oval:def:89048166 This update for libXpm fixes the following issues: - CVE-2022-46285: Fixed an infinite loop that could be triggered when reading a XPM image with a C-style comment that is never closed . - CVE-2022-44617: Fixed an excessive resource consumption that could be triggered when reading small crafted XPM ... oval:org.secpod.oval:def:89048018 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:89048078 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting . Bug fixes: - Restrict cpu rule to x86_64, and also update the rule files to make use of the "CONST{arch}" syntax . oval:org.secpod.oval:def:89048115 This update for systemd fixes the following issues: Fixing the following issues: - units: restore RemainAfterExit=yes in systemd-vconsole-setup.service - vconsole-setup: don"t concat strv if we don"t need to - vconsole-setup: add more log messages - units: restore Before dependencies for systemd-vc ... oval:org.secpod.oval:def:89047005 This update for squid fixes the following issues: - CVE-2022-41317: Fixed exposure of sensitive information in cache manager . - CVE-2022-41318: Fixed buffer overread in SSPI and SMB Authentication . oval:org.secpod.oval:def:89000353 This update for opensc fixes the following issues: Security issue fixed: - CVE-2019-6502: Fixed a memory leak in sc_context_create . oval:org.secpod.oval:def:89048912 This update for tiff fixes the following issues: Fixed multiple out of bounds read/write security issues: CVE-2023-0795 , CVE-2023-0796 , CVE-2023-0797 , CVE-2023-0798 , CVE-2023-0799 , CVE-2023-0800 , CVE-2023-0801 , CVE-2023-0802 , CVE-2023-0803 , CVE-2023-0804 . oval:org.secpod.oval:def:89048032 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ... oval:org.secpod.oval:def:89048146 This update for MozillaFirefox fixes the following issues: - Updated to version 102.7.0 ESR : - CVE-2022-46871: Updated an out of date library which contained several vulnerabilities. - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and drop on Linux. - CVE-2023-23601: Fixed a potential ... oval:org.secpod.oval:def:89048766 This update for dmidecode fixes the following issues: * CVE-2023-30630: Fixed potential privilege escalation vulnerability via file overwrite . oval:org.secpod.oval:def:89048781 This update for shadow fixes the following issues: * CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn . oval:org.secpod.oval:def:89049175 This update for zabbix fixes the following issues: * CVE-2023-29450: Fixed unauthorized file system access in JS preprocessing . oval:org.secpod.oval:def:89049156 This update for xmltooling fixes the following issues: * CVE-2023-36661: Fixed a server-side-request-forgery vulnerability . oval:org.secpod.oval:def:89048512 This update for samba fixes the following issues: * CVE-2023-0922: Fixed Samba AD DC admin tool samba-tool sending passwords in cleartext . The following non-security bug was fixed: * Prevent use after free of messaging_ctdb_fde_ev structs . oval:org.secpod.oval:def:89049293 This update for python-configobj fixes the following issues: * CVE-2023-26112: Fixed regular expression denial of service vulnerability in validate.py . oval:org.secpod.oval:def:89048549 This update for systemd fixes the following issues: * CVE-2023-26604: Fixed a privilege escalation via the less pager oval:org.secpod.oval:def:89048132 This update for python36-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document . oval:org.secpod.oval:def:89048131 This update for python-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document . oval:org.secpod.oval:def:89048657 This update for xterm fixes the following issues: * CVE-2022-45063: Fixed command injection in ESC 50 fontoperation by disabling the change font functionality . oval:org.secpod.oval:def:89047033 This update for samba fixes the following issues: - CVE-2022-1615: Fixed error handling in random number generation . Bugfixes: - Fixed use after free when iterating smbd_server_connection-connections after tree disconnect failure . oval:org.secpod.oval:def:89047007 This update for dpdk fixes the following issues: - CVE-2022-2132: Fixed DoS when a vhost header crosses more than two descriptors and exhausts all mbufs . oval:org.secpod.oval:def:89048591 This update for poppler fixes the following issues: * CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder . * CVE-2019-13283: Fixed heap-based buffer over-read that could be triggered by sending a crafted PDF document to the pdftotext tool . oval:org.secpod.oval:def:89047042 This update for postgresql-jdbc fixes the following issues: - CVE-2022-31197: Fixed SQL injection vulnerability . oval:org.secpod.oval:def:89047634 This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed denial of service vulnerability with lots of connections . - Exclude ipv6 addresses in client protocol version 2 code oval:org.secpod.oval:def:89046905 This update for perl-HTTP-Daemon fixes the following issues: - CVE-2022-31081: Fixed request smuggling in HTTP::Daemon . oval:org.secpod.oval:def:89046065 This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c . oval:org.secpod.oval:def:89046089 This update for polkit fixes the following issues: - CVE-2021-4115: Fixed a denial of service via file descriptor leak . oval:org.secpod.oval:def:89047765 This update fixes the following issues: golang-github-lusitaniae-apache_exporter: - Update to upstream release 0.11.0 * Add TLS support * Switch to logger, please check --log.level and --log.format flags - Update to version 0.10.1 * Bugfix: Reset ProxyBalancer metrics on each scrape to remove stale ... oval:org.secpod.oval:def:89046083 This update for xen fixes the following issues: - CVE-2022-23033: Fixed guest_physmap_remove_page not removing the p2m mappings. - CVE-2022-23034: Fixed possible DoS by a PV guest Xen while unmapping a grant. - CVE-2022-23035: Fixed insufficient cleanup of passed-through device IRQs. Special I ... oval:org.secpod.oval:def:89046011 This update for wpa_supplicant fixes the following issues: - CVE-2022-23303: Fixed side-channel attacks in SAE . - CVE-2022-23304: Fixed side-channel attacks in EAP-pwd . oval:org.secpod.oval:def:89000341 This update for mariadb and mariadb-connector-c fixes the following issues: - Update mariadb to 10.2.36 GA [bsc#1177472, bsc#1178428] fixing for the following security vulnerabilities: CVE-2020-14812, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 CVE-2020-15180 - Update mariadb-connector-c to 3.1.1 ... oval:org.secpod.oval:def:89046912 This update for raptor fixes the following issues: - CVE-2020-25713: Fixed an out of bounds access triggered via a malformed input file . oval:org.secpod.oval:def:89000062 This update for mariadb-connector-c fixes the following issues: Security issue fixed: - CVE-2020-13249: Fixed an improper validation of OK packets received from clients . Non-security issues fixed: - Update to release 3.1.8 * CONC-304: Rename the static library to libmariadb.a and other libmariadb ... oval:org.secpod.oval:def:89000083 This update for openssl-1_1 fixes the following issues: - CVE-2020-1967: Fixed a denial of service via NULL pointer dereference in SSL_check_chain . oval:org.secpod.oval:def:89000021 This update for mariadb-100 fixes the following issues: mariadb-100 was updated to version 10.0.44 - CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-2812: Fixed an issue which could have resulted in unauthorized ability to cause ... oval:org.secpod.oval:def:89000372 This update for mariadb fixes the following issues: mariadb was updated to version 10.2.32 - CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-2812: Fixed an issue which could have resulted in unauthorized ability to cause denial ... oval:org.secpod.oval:def:89000236 This update for libssh fixes the following issues: - CVE-2020-1730: Fixed a possible denial of service when using AES-CTR . oval:org.secpod.oval:def:89000272 This update for krb5-appl fixes the following issues: - CVE-2020-10188: Fixed a remote root execution . oval:org.secpod.oval:def:89000360 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2019-20479: Fixed an open redirect issue in URLs with slash and backslash . oval:org.secpod.oval:def:89000492 This update for dpdk to version 18.11.3 fixes the following issues: dpdk was updated to 18.11.3 Security issue fixed: - CVE-2019-14818: Fixed a memory leak vulnerability caused by a malicious container may lead to to denial of service . Other issues addressed: - Changed to multibuild . - Fixed a reg ... oval:org.secpod.oval:def:89046088 This update for tcpdump fixes the following issues: - CVE-2018-16301: Fixed segfault when handling large files . oval:org.secpod.oval:def:89049570 This update for libpng15 fixes the following issues: Security issue fixed: * CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks . oval:org.secpod.oval:def:89000406 This update for libpng12 fixes the following issues: Security issue fixed: - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks . oval:org.secpod.oval:def:89046013 glibc was updated to fix the following issues: Security issues fixed: - CVE-2021-3999: Fixed incorrect errno in getcwd - CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for unix - CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create Bugs fixed: - Make endian-conversion macro ... oval:org.secpod.oval:def:89002941 This update for spice-gtk fixes the following issues: - CVE-2020-14355: Fixed multiple buffer overflow vulnerabilities in QUIC image decoding . oval:org.secpod.oval:def:89048584 This update for mozilla-nss fixes the following issues: Updated to NSS 3.79.4 : * CVE-2023-0767: Fixed handling of unknown PKCS#12 safe bag types. oval:org.secpod.oval:def:89046062 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89046101 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:89046745 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89047050 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ... oval:org.secpod.oval:def:89047795 This update for MozillaFirefox fixes the following issues: Updated to version 102.4.0 ESR : - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.prin ... oval:org.secpod.oval:def:89048140 This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions . Other fixes: - Fixed a potential crash while using the sssd plugin . oval:org.secpod.oval:def:89047708 This update for tiff fixes the following issues: - CVE-2022-2519: Fixed a double free in rotateImage . - CVE-2022-2520: Fixed a assertion failure in rotateImage . - CVE-2022-2521: Fixed invalid free in TIFFClose . - CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c . - CVE-2022-2868: F ... oval:org.secpod.oval:def:89046911 This update for bluez fixes the following issues: - CVE-2019-8922: Fixed a buffer overflow in the implementation of the Service Discovery Protocol . oval:org.secpod.oval:def:89047647 This update for bluez fixes the following issues: - CVE-2019-8921: Fixed heap-based buffer overflow via crafted request . - CVE-2016-9803: Fixed memory leak . oval:org.secpod.oval:def:89048026 This update for nautilus fixes the following issues: - CVE-2022-37290: Fixed a denial of service caused by pasted ZIP archives . oval:org.secpod.oval:def:89051052 This update for libsndfile fixes the following issues: * CVE-2022-33065: Fixed an integer overflow that could cause memory safety issues when reading a MAT4 file . oval:org.secpod.oval:def:89048999 This update for iniparser fixes the following issues: * CVE-2023-33461: Fixed NULL pointer dereference in iniparser_getboolean . oval:org.secpod.oval:def:89046045 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege - CVE-2021-0127: Intel Processor Breakpoint Control Flow - CVE-2021-0145: Fa ... oval:org.secpod.oval:def:89047020 This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack . Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled . - Allowed wait4 to be called so that the broker can wait for its child processes . - Allowed sendto syscall whe ... oval:org.secpod.oval:def:89002905 This update for tigervnc fixes the following issues: - CVE-2020-26117: Server certificates were stored as certiticate authorities, allowing malicious owners of these certificates to impersonate any server after a client had added an exception oval:org.secpod.oval:def:89047679 This update for multipath-tools fixes the following issues: - CVE-2022-41973: Fixed a symlink attack in multipathd. - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. - Avoid linking to libreadline to avoid licensing issue - Fix that some zfcp devices have large/negative LUN IDs oval:org.secpod.oval:def:89049173 This update for cjose fixes the following issues: * CVE-2023-37464: Fixed AES GCM decryption uses the Tag length from the actual Authentication Tag . oval:org.secpod.oval:def:89048959 This update for open-vm-tools fixes the following issues: * CVE-2023-20867: Fixed authentication bypass vulnerability in the vgauth module . Bug fixes: * Fixed build problem with grpc 1.54 . oval:org.secpod.oval:def:89048988 This update for openvswitch fixes the following issues: * CVE-2023-1668: Fixed remote traffic denial-of-service via crafted packets with IP proto 0 . oval:org.secpod.oval:def:89048869 This update for openvswitch fixes the following issues: * CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV . * CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV . oval:org.secpod.oval:def:89046900 This update for rsync fixes the following issues: - CVE-2022-29154: Fixed an arbitrary file write issue that could be triggered by a malicious remote server . oval:org.secpod.oval:def:89046739 This update for openssl-1_1 fixes the following issues: - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode. oval:org.secpod.oval:def:89047028 This update for unzip fixes the following issues: - CVE-2022-0530: Fixed SIGSEGV during the conversion of an utf-8 string to a local string . - CVE-2022-0529: Fixed heap out-of-bound writes and reads during conversion of wide string to local string . oval:org.secpod.oval:def:89048987 This update for ntp fixes the following issues: ntp was updated to 4.2.8p17: * Fix some regressions of 4.2.8p16 Update to 4.2.8p16: * [Sec 3808] Assertion failure in ntpq on malformed RT-11 date * [Sec 3807], bsc#1210390, CVE-2023-26555: praecis_parse in the Palisade refclock driver has a hypothetic ... oval:org.secpod.oval:def:89048833 This update for ntp fixes the following issues: Fixed multiple out of bound writes: CVE-2023-26551 , CVE-2023-26552 , CVE-2023-26553 , CVE-2023-26554 . oval:org.secpod.oval:def:89049116 This update for ImageMagick fixes the following issues: * CVE-2023-3195: Fixed stack overflow in coders/tiff.c while parsing malicious tiff file . oval:org.secpod.oval:def:89047023 This update for postgresql14 fixes the following issues: - Upgrade to version 14.5: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to version 14.4 - Release notes: https://www.postgresql.org/docs/release/14.4/ - Release anno ... oval:org.secpod.oval:def:89048010 This update for tomcat fixes the following issues: - CVE-2022-42252: Fixed a request smuggling . oval:org.secpod.oval:def:89048013 This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags . oval:org.secpod.oval:def:89049408 This update for libcares2 fixes the following issues: * CVE-2020-22217: Fixed an out of bounds read in ares_parse_soa_reply oval:org.secpod.oval:def:89048488 This update for xorg-x11-server fixes the following issues: * Fixed a regression introduced with security update for CVE-2022-46340 . oval:org.secpod.oval:def:89000479 This update for audiofile fixes the following issues: Security issue fixed: - CVE-2018-13440: Return AF_FAIL instead of causing NULL pointer dereferences later . oval:org.secpod.oval:def:89000318 This update for xerces-c fixes the following issues: - CVE-2017-12627: Processing of external DTD paths could have resulted in a null pointer dereference under certain conditions oval:org.secpod.oval:def:89048947 This update for gdb fixes the following issues: gdb was updated to 12.1. * DBX mode is deprecated, and will be removed in GDB 13. * GDB 12 is the last release of GDB that will support building against Python 2. From GDB 13, it will only be possible to build GDB itself with Python 3 support. * Impro ... oval:org.secpod.oval:def:89000628 This update for samba to version 4.10.17 fixes the following issues: - Fixed net command unable to negotiate SMB2; ; - Update to 4.10.17 - CVE-2020-10745: Invalid DNS or NBT queries containing dots use several seconds of CPU each; ; . - CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ ... oval:org.secpod.oval:def:89000616 This update for python36 fixes the following issues: - CVE-2019-20907, bsc#1174091: avoiding possible infinite loop in specifically crafted tarball. - CVE-2020-14422, bsc#1173274: where hash collisions in IPv4Interface and IPv6Interface could lead to DOS. oval:org.secpod.oval:def:89000427 This update for librsvg to version 2.40.21 fixes the following issues: librsvg was updated to version 2.40.21 fixing the following issues: - CVE-2019-20446: Fixed an issue where a crafted SVG file with nested patterns can cause denial of service . NOTE: Librsvg now has limits on the number of loaded ... oval:org.secpod.oval:def:89000410 This update for libexif fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file . - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c . - CVE-2 ... oval:org.secpod.oval:def:89000229 This update for glibc fixes the following issues: - CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution . - CVE-2020-1751: Fixed an ... oval:org.secpod.oval:def:89049667 This update for gpg2 fixes the following issues: * CVE-2018-9234: Fixed unenforced configuration allows for apparently valid certifications actually signed by signing subkeys . oval:org.secpod.oval:def:89046050 This update for zsh fixes the following issues: - CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion . - CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option . - ... oval:org.secpod.oval:def:89000671 This update for dbus-1 fixes the following issues: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication . oval:org.secpod.oval:def:89000582 This update for libqt4 fixes the following issues: - CVE-2018-15518: Fixed a double free in QXmlStreamReader - CVE-2018-19873: Fixed a segmantation fault via a malformed BMP file . - CVE-2018-19869: Fixed an improper checking which might lead to a crach via a malformed url reference . - Added stric ... oval:org.secpod.oval:def:89000310 This update for file-roller fixes the following issues: - CVE-2019-16680: Fixed a path traversal vulnerability which could have allowed an overwriting of a file during extraction . oval:org.secpod.oval:def:89000534 This update for memcached fixes the following issues: Security issue fixed: - CVE-2019-11596: Fixed a NULL pointer dereference in process_lru_command . - CVE-2019-15026: Fixed a stack-based buffer over-read . oval:org.secpod.oval:def:89000054 This update for libxslt fixes the following issue: - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure . oval:org.secpod.oval:def:89000504 This update for python36 fixes the following issues: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised . oval:org.secpod.oval:def:89000608 This update for git fixes the following issues: Security issue fixed: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host . Non-security issue fixed: git was updated to 2.26.0 for SHA256 supp ... oval:org.secpod.oval:def:89000554 This update for file-roller fixes the following issues: Security issue fixed: - CVE-2020-11736: Fixed a directory traversal vulnerability due to improper checking whether a file"s parent is an external symlink . oval:org.secpod.oval:def:89000307 This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised . - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expre ... oval:org.secpod.oval:def:89000544 This update for djvulibre fixes the following issues: - CVE-2019-18804: Fixed a null pointer dereference . oval:org.secpod.oval:def:89000663 This update for python36 fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP . Non-security issue fixed: - If the locale ... oval:org.secpod.oval:def:89000651 This update for icu fixes the following issues: - CVE-2020-10531: Fixed integer overflow in UnicodeString:doAppend . oval:org.secpod.oval:def:89000402 This update for git to 2.26.2 fixes the following issues: Security issue fixed: - CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted . Non-security issue fixed: - ... oval:org.secpod.oval:def:89000599 This update for squid to version 4.10 fixes the following issues: Security issues fixed: - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway . - CVE-2020-8449: Fixed a buffer overflow when squid is acting as reverse-proxy . - CVE-2020-8450: Fixed a buffer overflow when squid is ... oval:org.secpod.oval:def:89000477 This update for ovmf fixes the following issues: - CVE-2019-14559: Fixed a memory leak in ArpOnFrameRcvdDpc . oval:org.secpod.oval:def:89000573 This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug . - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion . Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives . - Don"t defaul ... oval:org.secpod.oval:def:89000440 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53.1 - CVE-2020-12402: Fixed a potential side channel attack during RSA key generation . - CVE-2020-12399: Fixed a timing attack on DSA signature generation . - CVE-2019-17006: Added length che ... oval:org.secpod.oval:def:89000494 This update for mariadb-100 fixes the following issues: MariaDB was updated to version 10.0.40-3 . Security issue fixed: - CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client . oval:org.secpod.oval:def:89000243 This update for libxml2 fixes the following issues: - CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun . - CVE-2020-7595: Fixed an infinite loop in an EOF situation . - CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal . - Fixed invalid xmlns references due to CVE-201 ... oval:org.secpod.oval:def:89000075 This update for python to version 2.7.17 fixes the following issues: Syncing with lots of upstream bug fixes and security fixes. Bug fixes: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed t ... oval:org.secpod.oval:def:89000170 This update for openexr provides the following fix: Security issues fixed: - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp . - CVE-2020-11763: Fixed an out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp . - CVE-2020-11758: Fixed an out-of-bounds ... oval:org.secpod.oval:def:89000044 This update for pam_radius fixes the following issues: - CVE-2015-9542: Fixed a buffer overflow in password field . - On s390x didn"t decrypt passwords correctly . oval:org.secpod.oval:def:89000630 This update for qemu fixes the following issues: Security issue fixed: - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . Non-security issue fixed: - Fixed an issue where limiting the memory bandwidth was not possible . - Miscellaneous fixes to the in-package support documen ... oval:org.secpod.oval:def:89000314 This update for dovecot22 fixes the following issues: - CVE-2020-12673: improper implementation of NTLM does not check message buffer size . - CVE-2020-12674: improper implementation of RPA mechanism . oval:org.secpod.oval:def:89000667 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows oval:org.secpod.oval:def:89000106 This update for libX11 fixes the following issues: - CVE-2020-14363: Fix an integer overflow in init_om . oval:org.secpod.oval:def:89000452 This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol . - Add fibre channel device"s ofpath support to grub-ofpathname and search hint to speed up root device discovery . oval:org.secpod.oval:def:89000572 This update for openssl-1_1 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . - CVE-2019-1563: Fixed bleichenbacher attack against cms/pkcs7 encryptioon transported key . - ... oval:org.secpod.oval:def:89000382 This update for openssl-1_0_0 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . oval:org.secpod.oval:def:89000498 This update for qemu fixes the following issues: - CVE-2020-7039: Fixed a heap buffer overflow in tcp_emu routine while emulating IRC and other protocols . - CVE-2019-15034: Fixed a buffer overflow in hw/display/bochs-display.c due to improper PCI config space allocation . - CVE-2020-1711: Fixed an ... oval:org.secpod.oval:def:89000242 This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to version 68.9.0 Extended Support Release . - CVE-2020-12405: Fixed a use-after-free in SharedWorkerService. - CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes. - CVE-2020-12410: Fixed multiple ... oval:org.secpod.oval:def:89000069 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:89000052 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows . oval:org.secpod.oval:def:89049132 This update for poppler fixes the following issues: * CVE-2022-27337: Fixed a logic error in the Hints::Hints function which can cause denial of service . * CVE-2018-21009: Fixed integer overflow in Parser:makeStream in Parser.cc . * CVE-2019-12293: Fixed heap-based buffer over-read in JPXStream:ini ... oval:org.secpod.oval:def:89046904 This update for p11-kit fixes the following issues: - CVE-2020-29362: Fixed a 4 byte overread that could lead to crashes oval:org.secpod.oval:def:89000622 This update for python3 fixes the following issues: - bsc#1177211 no longer allowing special characters in the method parameter of HTTPConnection.putrequest in httplib, stopping injection of headers. oval:org.secpod.oval:def:89000670 This update for spice fixes the following issues: - CVE-2020-14355: Fixed multiple buffer overflow vulnerabilities in QUIC image decoding . oval:org.secpod.oval:def:89000403 This update for openldap2 fixes the following issues: - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules . oval:org.secpod.oval:def:89000449 This update for openssl-1_0_0 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:89000012 This update for vino fixes the following issues: - CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory . oval:org.secpod.oval:def:89047019 This update for python3-lxml fixes the following issues: - CVE-2020-27783: Fixed XSS due to the use of improper parser . oval:org.secpod.oval:def:89000298 This update for openssl-1_1 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:89047002 This update for openvswitch fixes the following issues: - CVE-2020-35498: Fixed packet parsing vulnerability . oval:org.secpod.oval:def:89047027 This update for libcaca fixes the following issues: - CVE-2021-3410: Fixed overflow when multiplying large ints . oval:org.secpod.oval:def:89051071 This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-40474: Fixed a remote code execution issue due to improper parsing of H265 encoded video files . oval:org.secpod.oval:def:89048042 This update for xorg-x11-server fixes the following issues: - CVE-2022-46340: Server XTestSwapFakeInput stack overflow - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access - CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free - CVE-2022-46343: Server ScreenSaverSetAttribute ... oval:org.secpod.oval:def:89049108 This update for ghostscript fixes the following issues: * CVE-2023-36664: Fixed permission validation mishandling for pipe devices with the %pipe% prefix or the | pipe character prefix . oval:org.secpod.oval:def:89048969 This update for libwebp fixes the following issues: * CVE-2023-1999: Fixed double free . oval:org.secpod.oval:def:89048632 This update for MozillaFirefox fixes the following issues: Update to version 102.9.0 ESR : * CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android * CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android * CVE-2023-25749: Fi ... oval:org.secpod.oval:def:89048702 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 102.10.0 ESR * CVE-2023-29531: Out-of-bound memory access in WebGL on macOS * CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533: Fullscreen notification obscured * MFSA-TMP-202 ... oval:org.secpod.oval:def:89048641 This update for MozillaFirefox fixes the following issues: Updated to version 102.8.0 ESR : * CVE-2023-25728: Fixed content security policy leak in violation reports using iframes. * CVE-2023-25730: Fixed screen hijack via browser fullscreen mode. * CVE-2023-25743: Fixed Fullscreen notification not ... oval:org.secpod.oval:def:89048490 This update for xorg-x11-server fixes the following issues: * CVE-2023-1393: Fixed use-after-free overlay window . oval:org.secpod.oval:def:89048796 This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url using tab character . * CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied . oval:org.secpod.oval:def:89048791 This update for liblouis fixes the following issues: * CVE-2023-26767: Fixed buffer overflow vulnerability in lou_logFile function . * CVE-2023-26768: Fixed buffer overflow in lou_logFile . * CVE-2023-26769: Fixed buffer Overflow vulnerability in resolveSubtable function . oval:org.secpod.oval:def:89048967 This update for libX11 fixes the following issues: * CVE-2023-3138: Fixed buffer overflows in InitExt.c . oval:org.secpod.oval:def:89048646 This update for flatpak fixes the following issues: * CVE-2023-28101: Fixed misleading terminal output with metadata with ANSI control codes . * CVE-2023-28100: Fixed unsandboxed TIOCLINUX commands . oval:org.secpod.oval:def:89048818 This update for dnsmasq fixes the following issues: * CVE-2023-28450: Fixed default maximum size for EDNS.0 UDP packets . oval:org.secpod.oval:def:89048694 This update for ghostscript fixes the following issues: * CVE-2023-28879: Fixed buffer Overflow in s_xBCPE_process . oval:org.secpod.oval:def:89048745 This update for libmicrohttpd fixes the following issues: * CVE-2023-27371: Fixed parser bug that could be used to crash servers using the MHD_PostProcessor . oval:org.secpod.oval:def:89048939 This update for opensc fixes the following issues: * CVE-2023-2977: Fixed out of bounds read in pkcs15 cardos_have_verifyrc_package . oval:org.secpod.oval:def:89048927 This update for cups fixes the following issues: * CVE-2023-32324: Fixed a buffer overflow in format_log_line which could cause a denial-of-service . oval:org.secpod.oval:def:89048946 This update for libcares2 fixes the following issues: * CVE-2023-32067: Fixed a denial of service that could be triggered by a 0-byte UDP payload . * CVE-2023-31147: Fixed an insufficient randomness in generation of DNS query IDs . * CVE-2023-31130: Fixed a buffer underflow when configuring specific ... oval:org.secpod.oval:def:89049154 This update for libqt5-qtbase fixes the following issues: * CVE-2023-24607: Fixed Qt SQL ODBC driver plugin DOS . * CVE-2023-33285: Fixed buffer overflow in QDnsLookup . * CVE-2023-34410: Fixed certificate validation does not always consider whether the root of a chain is a configured CA certificate ... oval:org.secpod.oval:def:89047043 This update for krb5-appl fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in krb5-appl telnetd . oval:org.secpod.oval:def:89047684 This update for telnet fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in telnetd . oval:org.secpod.oval:def:89049122 This update for dbus-1 fixes the following issues: * CVE-2023-34969: Fixed a possible dbus-daemon crash by an unprivileged users . oval:org.secpod.oval:def:89048148 This update for git fixes the following issues: - CVE-2022-41903: Fixed a heap overflow in the "git archive" and "git log --format" commands . - CVE-2022-23521: Fixed an integer overflow that could be triggered when parsing a gitattributes file . oval:org.secpod.oval:def:89003300 This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice . - CVE-2019-19604: Fixed a recursive clone followed by a su ... oval:org.secpod.oval:def:89045108 This update for dbus-1 fixes the following issues: - CVE-2020-35512: users with the same numeric UID could lead to use-after-free and undefined behaviour - CVE-2020-12049: truncated messages lead to resource exhaustion Special Instructions and Notes: Please reboot the system after installing this ... oval:org.secpod.oval:def:89049124 This update for curl fixes the following issues: * CVE-2023-32001: Fixed TOCTOU race condition . oval:org.secpod.oval:def:89049045 This update for libcap fixes the following issues: * CVE-2023-2603: Fixed an integer overflow or wraparound in libcap/cap_alloc.c:_libcap_strdup . oval:org.secpod.oval:def:89049412 This update for bluez fixes the following issues: * CVE-2021-41229: Fixed leaking buffers stored in cstates cache . oval:org.secpod.oval:def:89049307 This update for poppler fixes the following issues: * CVE-2019-16115: Fixed an uninitialized memory error in GfxUnivariateShading::setupCache oval:org.secpod.oval:def:89049272 This update for pcre2 fixes the following issues: * CVE-2022-41409: Fixed integer overflow vulnerability in pcre2test that allows attackers to cause a denial of service via negative input . oval:org.secpod.oval:def:89049308 This update for krb5 fixes the following issues: * CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated remote user oval:org.secpod.oval:def:89049314 This update for gawk fixes the following issues: * CVE-2023-4156: Fix a heap out of bound read by validating the index into argument list oval:org.secpod.oval:def:89049416 This update for libssh2_org fixes the following issues: * CVE-2020-22218: Fixed a bug in _libssh2_packet_add which allows to access out of bounds memory oval:org.secpod.oval:def:89049417 This update for postfix fixes the following issues: Security fixes: * CVE-2023-32182: Fixed config_postfix SUSE specific script using potentially bad /tmp file . Other fixes: * postfix: config.postfix causes too tight permission on main.cf . oval:org.secpod.oval:def:89049411 This update for mutt fixes the following issues: * CVE-2023-4874: Fixed NULL pointer dereference when composing an email . * CVE-2023-4875: Fixed NULL pointer dereference when receiving an email . oval:org.secpod.oval:def:89049419 This update for xrdp fixes the following issues: * CVE-2023-40184: Fixed restriction bypass via improper session handling . oval:org.secpod.oval:def:89049423 This update for exempi fixes the following issues: * CVE-2020-18651: Fixed a buffer overflow in ID3 support . oval:org.secpod.oval:def:89049955 This update for poppler fixes the following issues: * CVE-2020-23804: Fixed uncontrolled recursion in pdfinfo and pdftops . * CVE-2020-36024: Fixed NULL Pointer Deference in `FoFiType1C:convertToType1` . * CVE-2022-37050: Fixed denial-of-service via savePageAs in PDFDoc.c . * CVE-2022-37051: Fixed a ... oval:org.secpod.oval:def:89049399 This update for mdadm fixes the following issues: * CVE-2023-28736: Fixed a buffer overflow . * CVE-2023-28938: Fixed uncontrolled resource consumption . oval:org.secpod.oval:def:89049561 This update for nghttp2 fixes the following issues: * CVE-2023-35945: Fixed memory leak when PUSH_PROMISE or HEADERS frame cannot be sent . oval:org.secpod.oval:def:89050212 This update for python fixes the following issues: * CVE-2022-48566: Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest. * CVE-2022-48565: Fixed an XXE in the plistlib module oval:org.secpod.oval:def:89051056 This update for poppler fixes the following issues: * CVE-2019-9545: Fixed a potential crash due to uncontrolled recursion in the JBIG parser . * CVE-2019-9631: Fixed an out of bounds read when converting a PDF to an image . * CVE-2022-37052: Fixed a reachable assertion when extracting pages of a PD ... oval:org.secpod.oval:def:89049249 This update for util-linux fixes the following issues: * CVE-2018-7738: Fixed shell code injection in umount bash-completions oval:org.secpod.oval:def:89048606 This update for emacs fixes the following issues: * CVE-2022-48337: Fixed etags local command injection vulnerability . * CVE-2022-48339: Fixed htmlfontify.el command injection vulnerability . oval:org.secpod.oval:def:89049340 This update for procps fixes the following issues: * CVE-2023-4016: Fixed ps buffer overflow . oval:org.secpod.oval:def:89048748 This update for avahi fixes the following issues: * CVE-2023-1981: Fixed crash in avahi-daemon . oval:org.secpod.oval:def:89044298 This update for avahi fixes the following issues: - CVE-2021-3468: avoid infinite loop by handling HUP event in client_work . oval:org.secpod.oval:def:89049227 This update for gstreamer-plugins-good fixes the following issues: * CVE-2023-37327: Fixed FLAC file parsing integer overflow remote code execution vulnerability oval:org.secpod.oval:def:89049240 This update for gstreamer-plugins-base fixes the following issues: * CVE-2023-37327: Fixed FLAC file parsing integer overflow remote code execution vulnerability. * CVE-2023-37328: Fixed PGS file parsing heap-based buffer overflow remote code execution vulnerability oval:org.secpod.oval:def:89049303 This update for gstreamer-plugins-base fixes the following issues: * The patch for CVE-2023-37328 is removed because it was added by mistake and the package has never been affected by this vulnerability oval:org.secpod.oval:def:89049376 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.2.1 ESR . * CVE-2023-4863: Fixed heap buffer overflow in libwebp . The following non-security bug was fixed: * Fix i586 build by reducing debug info to -g1 . oval:org.secpod.oval:def:89048936 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.12.0 ESR : * CVE-2023-34414: Click-jacking certificate exceptions through rendering lag * CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 oval:org.secpod.oval:def:89048839 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR : * CVE-2023-32205: Browser prompts could have been obscured by popups * CVE-2023-32206: Crash in RLBox Expat driver * CVE-2023-32207: Potential permissions request bypass via clickjacking * CVE-2023-322 ... oval:org.secpod.oval:def:89049316 This update for libcares2 fixes the following issues: * CVE-2022-4904: Fixed stack overflow in ares_set_sortlist . oval:org.secpod.oval:def:89048061 This update for java-1_7_1-ibm fixes the following issues: IBM Security Update November 2022: - CVE-2022-3676: A security vulnerability was fixed in version 7.1.5.15, adding the reference here. oval:org.secpod.oval:def:89048069 This update for java-1_8_0-ibm fixes the following issues: IBM Security Update November 2022: - CVE-2022-3676: A security vulnerability was fixed in version 8.0.7.20, adding the reference here. oval:org.secpod.oval:def:89051002 This update for xen fixes the following issues: * CVE-2023-34323: Fixed a potential crash in C Xenstored due to an incorrect assertion . * CVE-2023-34326: Fixed a missing IOMMU TLB flush on x86 AMD systems with IOMMU hardware and PCI passthrough enabled . * CVE-2023-34325: Fixed multiple parsing i ... oval:org.secpod.oval:def:89049352 This update for open-vm-tools fixes the following issues: * CVE-2023-20900: Fixed SAML token signature bypass vulnerability . oval:org.secpod.oval:def:89049559 This update for open-vm-tools fixes the following issues: Update to 12.3.0 * There are no new features in the open-vm-tools 12.3.0 release. This is primarily a maintenance release that addresses a few critical problems, including: * This release integrates CVE-2023-20900 without the need for a pat ... oval:org.secpod.oval:def:89051094 This update for squashfs fixes the following issues: * CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs- tools * CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination * CVE-2021-41072: Fixed an issue where an attacker m ... oval:org.secpod.oval:def:89051107 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20231114 pre-release . * CVE-2023-23583: Fixed potential CPU deadlocks or privilege escalation oval:org.secpod.oval:def:89051113 This update for python-urllib3 fixes the following issues: * CVE-2023-45803: Fix a request body leak that could occur when receiving a 303 HTTP response . oval:org.secpod.oval:def:89051123 This update for xen fixes the following issues: * CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels . * CVE-2023-46836: x86: BTC/SRSO fixes not fully effective . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89051137 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20231114 release. * CVE-2023-23583: Fixed potential CPU deadlocks or privilege escalation. ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89051173 This update for sqlite3 fixes the following issues: * CVE-2023-2137: Fixed heap buffer overflow . oval:org.secpod.oval:def:89051253 This update for xrdp fixes the following issues: * CVE-2023-42822: Fixed unchecked access to font glyph info . * CVE-2023-40184: Fixed restriction bypass via improper session handling . oval:org.secpod.oval:def:89051276 This update for ghostscript fixes the following issues: * CVE-2023-46751: Fixed dangling pointer in gdev_prn_open_printer_seekable . oval:org.secpod.oval:def:89051288 This update for poppler fixes the following issues: * CVE-2018-20662: PDFDoc setup in PDFDoc.cc allows attackers to cause DOS because of a wrong return value from PDFDoc:setup . oval:org.secpod.oval:def:89051309 This update for jbigkit fixes the following issues: * CVE-2022-1210: Fixed denial of service in TIFF File Handler . oval:org.secpod.oval:def:89051316 This update for gstreamer fixes the following issues: * CVE-2023-40474: Fixed GStreamer MXF File Parsing Integer Overflow . oval:org.secpod.oval:def:89051331 This update for libxkbcommon fixes the following issues: Fixed multiple memory handling and correctness issues : * CVE-2018-15859 * CVE-2018-15856 * CVE-2018-15858 * CVE-2018-15864 * CVE-2018-15863 * CVE-2018-15862 * CVE-2018-15861 * CVE-2018-15855 * CVE-2018-15854 * CVE-2018-15857 * CVE-2018-15853 oval:org.secpod.oval:def:89051344 This update for tar fixes the following issues: * CVE-2023-39804: Incorrectly handled extension attributes in PAX archives can lead to a crash oval:org.secpod.oval:def:89051143 This update for avahi fixes the following issues: * CVE-2023-38473: Fixed a reachable assertion when parsing a host name . oval:org.secpod.oval:def:89051188 This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video . * CVE-2023-40476: Fixed possible overflow using max_sub_layers_minus1 . oval:org.secpod.oval:def:89051312 This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-40475: Fixed GStreamer MXF File Parsing Integer Overflow . oval:org.secpod.oval:def:89051345 This update for LibreOffice fixes the following issues: libreoffice: * Version update from 7.3.6.2 to 7.5.4.1 : * For the highlights of changes of version 7.5 please consult the official release notes: https://wiki.documentfoundation.org/ReleaseNotes/7.5 * For the highlights of changes of version 7. ... oval:org.secpod.oval:def:89049229 This update for webkit2gtk3 fixes the following issues: Update to version 2.40.5 : * CVE-2023-38133: Fixed information disclosure. * CVE-2023-38572: Fixed Same-Origin-Policy bypass. * CVE-2023-38592: Fixed arbitrary code execution. * CVE-2023-38594: Fixed arbitrary code execution. * CVE-2023-38595: ... oval:org.secpod.oval:def:89048187 This update for tiff fixes the following issues: - CVE-2022-48281: Fixed a buffer overflow that could be triggered via a crafted image . oval:org.secpod.oval:def:89048114 This update for tiff fixes the following issues: - CVE-2022-3570: Fixed a potential crash in the tiffcrop utility . - CVE-2022-3598: Fixed a potential crash in the tiffcrop utility . oval:org.secpod.oval:def:89000649 This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 - Fix for CVE-2020-15706 - Fix for CVE-2020-15707 - Use overflow checking primitives where the arithmetic expression for buffer allocations may inclu ... oval:org.secpod.oval:def:89048789 This update for shim fixes the following issues: * Update only adds the CVE reference to the previously released update oval:org.secpod.oval:def:89048017 This update for bcel fixes the following issues: - CVE-2022-42920: Fixed producing arbitrary bytecode via out-of-bounds writing . oval:org.secpod.oval:def:89047036 This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c . oval:org.secpod.oval:def:89046084 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:89047045 This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA a ... oval:org.secpod.oval:def:89044205 This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars . oval:org.secpod.oval:def:89051112 This update for apache2 fixes the following issues: * CVE-2023-31122: Fixed an out of bounds read in mod_macro . Non-security fixes: * Fixed the content type handling in mod_proxy_http2 . * Fixed a floating point exception crash . oval:org.secpod.oval:def:89048189 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp ... oval:org.secpod.oval:def:89048492 This update for apache2 fixes the following issues: * CVE-2023-27522: Fixed HTTP response splitting in mod_proxy_uwsgi . * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy . The following non-security bugs were fixed: * Fixed passing health check does not recover worker fr ... oval:org.secpod.oval:def:89048125 This update for python-future fixes the following issues: - CVE-2022-40899: Fixed an issue that could allow attackers to cause an excessive CPU usage via a crafted Set-Cookie header . oval:org.secpod.oval:def:89048121 This update for python3 fixes the following issues: - CVE-2022-40899: Fixed an issue that could allow attackers to cause an excessive CPU usage via a crafted Set-Cookie header . oval:org.secpod.oval:def:89046428 This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash oval:org.secpod.oval:def:89045577 This update for apache2 fixes the following issues: - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy . oval:org.secpod.oval:def:89046030 This update for apache2 fixes the following issues: - CVE-2021-44224: Fixed NULL dereference or SSRF in forward proxy configurations - CVE-2021-44790: Fixed a buffer overflow when parsing multipart content in mod_lua This update also enables TLS 1.3 support, by building against openssl 1.1 [jsc#SL ... oval:org.secpod.oval:def:89048746 This update for ovmf fixes the following issues: * CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 . * CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd . oval:org.secpod.oval:def:89048809 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled . oval:org.secpod.oval:def:89048692 This update for openssl-1_1 fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled . oval:org.secpod.oval:def:89003236 This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend . oval:org.secpod.oval:def:89049286 This update for ImageMagick fixes the following issues: * CVE-2023-3745: Fixed heap out of bounds read in PushCharPixel in quantum- private.h . oval:org.secpod.oval:def:89046729 This update for ImageMagick fixes the following issues: - CVE-2019-17540: Fixed heap-based buffer overflow in ReadPSInfo in coders/ps.c. - CVE-2022-32545: Fixed an outside the range of representable values of type. - CVE-2022-32546: Fixed an outside the range of representable values of type. - CV ... oval:org.secpod.oval:def:89049424 This update for ImageMagick fixes the following issues: * CVE-2020-21679: Fixed a buffer overflow in WritePCXImage function in pcx.c which may allow a remote attackers to cause a denial of service oval:org.secpod.oval:def:89051249 This update for traceroute fixes the following issues: * CVE-2023-46316: wrapper scripts do not properly parse command lines . oval:org.secpod.oval:def:89051018 This update for zlib fixes the following issues: * CVE-2023-45853: Fixed an integer overflow that would lead to a buffer overflow in the minizip subcomponent . oval:org.secpod.oval:def:89051012 This update for vorbis-tools fixes the following issues: * CVE-2023-43361: Fixed a buffer overflow vulnerability during the conversion of wav files to ogg files oval:org.secpod.oval:def:89049313 This update for clamav fixes the following issues: * Update to 0.103.9 * CVE-2023-20197: Fixed a possible denial of service vulnerability in the HFS+ file parser oval:org.secpod.oval:def:89048664 This update for clamav fixes the following issues: * CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser . * CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser . oval:org.secpod.oval:def:89048593 This update for vim fixes the following issues: * CVE-2023-0512: Fixed a divide By Zero . * CVE-2023-1175: vim: an incorrect calculation of buffer size . * CVE-2023-1170: Fixed a heap-based Buffer Overflow . * CVE-2023-1127: Fixed divide by zero in scrolldown . Updated to version 9.0 with patch leve ... oval:org.secpod.oval:def:89045570 This update for xen fixes the following issues: Security issues fixed: - CVE-2021-28693: xen/arm: Boot modules are not scrubbed - CVE-2021-28692: xen: inappropriate x86 IOMMU timeout detection / handling - CVE-2021-0089: xen: Speculative Code Store Bypass - CVE-2021-28690: xen: x86: TSX Async Abo ... oval:org.secpod.oval:def:89045528 This update for qemu fixes the following issues: Security issues fixed: - usbredir: free call on invalid pointer in bufp_alloc - NULL pointer dereference in ESP - NULL pointer dereference issue in megasas-gen2 host bus adapter - eepro100: stack overflow via infinite recursion - usb: unbounded ... oval:org.secpod.oval:def:89048734 This update for glib2 fixes the following issues: * CVE-2023-24593: Fixed a denial of service caused by handling a malicious text-form variant . * CVE-2023-25180: Fixed a denial of service caused by malicious serialised variant . oval:org.secpod.oval:def:89051269 This update for ncurses fixes the following issues: * CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry oval:org.secpod.oval:def:89050952 This update for python-urllib3 fixes the following issues: * CVE-2023-43804: Fixed a potential cookie leak via HTTP redirect if the user manually set the corresponding header . oval:org.secpod.oval:def:89049278 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value oval:org.secpod.oval:def:89049222 This update for openssl-1_1 fixes the following issues: * CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value oval:org.secpod.oval:def:89049143 This update for openssl-1_1 fixes the following issues: * CVE-2023-3446: Fixed DH_check excessive time with over sized modulus . oval:org.secpod.oval:def:89049170 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-3446: Fixed DH_check excessive time with over sized modulus . oval:org.secpod.oval:def:89048913 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . oval:org.secpod.oval:def:89048920 This update for openssl-1_1 fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . oval:org.secpod.oval:def:89048777 This update for git fixes the following issues: * CVE-2023-25652: Fixed partial overwrite of paths outside the working tree . * CVE-2023-25815: Fixed malicious placemtn of crafted message . * CVE-2023-29007: Fixed arbitrary configuration injection . oval:org.secpod.oval:def:89048611 This update for openssl-1_0_0 fixes the following issues: Security fixes: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . Other fixes: * Fix DH key generation in FIPS mode, add support for constant BN for DH parameters oval:org.secpod.oval:def:89048523 This update for openssl-1_1 fixes the following issues: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . oval:org.secpod.oval:def:89051270 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 115.6.0 ESR changelog-entry * CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver . * CVE-2023-6857: Symlinks may resolve to smaller than expected buffers . ... oval:org.secpod.oval:def:89051030 This update for open-vm-tools fixes the following issues: * CVE-2023-34058: Fixed a SAML token signature bypass issue . * CVE-2023-34059: Fixed a privilege escalation issue through vmware-user-suid- wrapper . oval:org.secpod.oval:def:89049092 This update for libqt5-qtbase fixes the following issues: * CVE-2020-24741: Fixed a bug that allow QLibrary to load libraries relative to CWD which could result in arbitrary code execution . * CVE-2023-32763: Fixed buffer overflow in QTextLayout . oval:org.secpod.oval:def:89048638 This update for xen fixes the following issues: * CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode . * CVE-2022-42333,CVE-2022-42334: Fixed x86/HVM pinned cache attributes mis- handling . * CVE-2022-42331: Fixed speculative vulnerability in 32bit SYSCALL path on x86 . ## Specia ... oval:org.secpod.oval:def:89048992 This update for openssl-1_0_0 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . oval:org.secpod.oval:def:89048991 This update for openssl-1_1 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . * Update further expiring certificates t ... oval:org.secpod.oval:def:89048592 This update for xen fixes the following issues: * CVE-2022-23824: Fixed multiple speculative execution issues . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89048019 This update for xen fixes the following issues: - CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory - CVE-2022-42309: xen: Xenstore: Guests can crash xenstored - ... oval:org.secpod.oval:def:89000433 This update for squid fixes the following issues: squid was updated to version 4.13: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply . - CVE-2020-15811: Improve Transfer-Encoding handling . - CVE-2020-15810: Enforce token characters for field-name . oval:org.secpod.oval:def:89000232 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 68.6.1esr MFSA 2020-11 * CVE-2020-6819 Use-after-free while running the nsDocShell destructor * CVE-2020-6820 Use-after-free when handling a ReadableStream oval:org.secpod.oval:def:89003341 This update for evince fixes the following issues: Security issues fixed: - CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory . - CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c . oval:org.secpod.oval:def:89000578 This update for python3 fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000446 This update for python36 fixes the following issues: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen - CVE-2019-20916: Fixed a directory traversal in _download_http_url . - CVE-2020-27619: Fixed an issue where the CJK codec tests call eval on content retrieve ... oval:org.secpod.oval:def:89049725 This update fixes the following issues: golang-github-lusitaniae-apache_exporter: * Security issues fixed: * CVE-2022-32149: Fix denial of service vulnerability * CVE-2022-41723: Fix uncontrolled resource consumption * CVE-2022-46146: Fix authentication bypass vulnarability * Changes and bugs fix ... oval:org.secpod.oval:def:89050949 This update for opensc fixes the following issues: * CVE-2021-42782: Fixed several stack buffer overflows . * CVE-2023-40661: Fixed several memory safety issues that could happen during the card enrollment process using pkcs15-init . oval:org.secpod.oval:def:89048615 This update for python-cffi fixes the following issues: * CVE-2023-23931: Fixed memory corruption due to immutable python object being changed . oval:org.secpod.oval:def:89048519 This update for python-cryptography fixes the following issues: * CVE-2023-23931: Fixed memory corruption in Cipher.update_into . oval:org.secpod.oval:def:89051264 This update for kernel-firmware fixes the following issues: Update AMD ucode to 20231030 : * CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution. * CVE-2021-46774: Insufficient input validatio ... oval:org.secpod.oval:def:89003360 This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multi ... oval:org.secpod.oval:def:89051242 This update for webkit2gtk3 fixes the following issues: Update to version 2.42.3 : * Fix flickering while playing videos with DMA-BUF sink. * Fix color picker being triggered in the inspector when typing "tan". * Do not special case the "sans" font family name. * Fix build failure with libxml2 versi ... oval:org.secpod.oval:def:89051190 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 Fix Pack 15: * Oracle October 17 2023 CPU [bsc#1216640] Security fixes: * CVE-2023-22081: Fixed enhanced TLS connections * CVE-2023-22067: Fixed IOR deserialization issue in CORBA * CVE-2023-22025: Fi ... oval:org.secpod.oval:def:89051149 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u392 October 2023 CPU: * CVE-2023-22067: Fixed IOR deserialization issue in CORBA . * CVE-2023-22081: Fixed certificate path validation issue during client authentication . * CVE-2015-4000: Fixed Logjam issue in SL ... oval:org.secpod.oval:def:89049817 This update for vim fixes the following issues: Security fixes: * CVE-2023-4733: Fixed use-after-free in function buflist_altfpos . * CVE-2023-4734: Fixed segmentation fault in function f_fullcommand . * CVE-2023-4735: Fixed out of bounds write in ops.c . * CVE-2023-4738: Fixed heap buffer overflow ... oval:org.secpod.oval:def:89048502 This update for nrpe fixes the following issues: * CVE-2015-4000: Fixed Logjam Attack by increasing the standard size of 512 bit dh parameters to 2048 . oval:org.secpod.oval:def:89050989 This update for java-11-openjdk fixes the following issues: * Upgraded to JDK 11.0.21+9 : * CVE-2023-22081: Fixed a partial denial of service issue that could be triggered via HTTPS . Please visit the Oracle Release Notes page for the full changelog: https://www.oracle.com/java/technologies/javase/1 ... oval:org.secpod.oval:def:89049142 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.0.2 ESR Security fixes: * CVE-2023-3600: Fixed use-after-free in workers Other fixes: * Fixed a startup crash experienced by some Windows users by blocking instances of a malicious injected DLL * Fixed ... oval:org.secpod.oval:def:89049373 This update for MozillaFirefox fixes the following issues: Firefox was updated to Extended Support Release 115.2.0 ESR . * CVE-2023-4574: Fixed memory corruption in IPC ColorPickerShownCallback * CVE-2023-4575: Fixed memory corruption in IPC FilePickerShownCallback * CVE-2023-4576: Fixed integer ... oval:org.secpod.oval:def:89049574 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.3.0 ESR : Security fixes: * CVE-2023-5168: Out-of-bounds write in FilterNodeD2D1 . * CVE-2023-5169: Out-of-bounds write in PathOps . * CVE-2023-5171: Use-after-free in Ion Compiler . * CVE-2023- ... oval:org.secpod.oval:def:89049191 This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR . * CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas . * CVE-2023-4046: Fixed incorrect value used during WASM compilation . * CVE-2023-4047: Fix ... oval:org.secpod.oval:def:89049808 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 115.3.1 ESR, fixing a security issue: MFSA 2023-44 * CVE-2023-5217: Fixed heap buffer overflow in libvpx oval:org.secpod.oval:def:89049807 This update for libvpx fixes the following issues: * CVE-2023-5217: Fixed a heap buffer overflow . oval:org.secpod.oval:def:89049110 This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox and MozillaFirefox-branding-SLE: This update provides Firefox Extended Support Release 115.0 ESR * New: * Required fields are now highlighted in PDF forms. * Improved performance on high ... oval:org.secpod.oval:def:89051017 This update for MozillaFirefox fixes the following issues: * Updated to version 115.4.0 ESR . * CVE-2023-5721: Fixed a potential clickjack via queued up rendering. * CVE-2023-5722: Fixed a cross-Origin size and header leakage. * CVE-2023-5723: Fixed unexpected errors when handling invalid cookie cha ... oval:org.secpod.oval:def:89051159 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 115.5.0 ESR Placeholder changelog-entry * Fixed: Various security fixes and other quality improvements. MFSA 2023-46 * CVE-2023-5721: Queued up rendering could have allowed websites to clickjack * CVE-202 ... oval:org.secpod.oval:def:89048815 This update for ncurses fixes the following issues: * CVE-2023-29491: Fixed memory corruption issues when processing malformed terminfo data . oval:org.secpod.oval:def:89049319 This update for vim fixes the following issues: Updated to version 9.0 with patch level 1572. * CVE-2023-2426: Fixed Out-of-range Pointer Offset use . * CVE-2023-2609: Fixed NULL Pointer Dereference . * CVE-2023-2610: Fixed nteger Overflow or Wraparound . * CVE-2023-1264: Fixed NULL Pointer Derefere ... oval:org.secpod.oval:def:89049403 This update for cups fixes the following issues: * CVE-2023-4504: Fixed heap overflow in OpenPrinting CUPS Postscript Parsing . * CVE-2023-34241: Fixed a use-after-free problem in cupsdAcceptClient . * CVE-2023-32360: Fixed information leak through Cups-Get-Document operation . oval:org.secpod.oval:def:89051104 This update for postgresql12 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value at runtime. This could result in disclosure o ... oval:org.secpod.oval:def:89051102 This update for postgresql, postgresql15, postgresql16 fixes the following issues: This update ships postgresql 16 . Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unkno ... oval:org.secpod.oval:def:89049281 This update for postgresql15 fixes the following issues: * Update to 15.4 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions. * CVE-2023-39418: Fix MERGE to enforce row security oval:org.secpod.oval:def:89049273 This update for postgresql15 fixes the following issues: * Update to 14.9 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions oval:org.secpod.oval:def:89051105 This update for postgresql13 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value at runtime. This could result in disclosure o ... oval:org.secpod.oval:def:89049277 This update for postgresql12 fixes the following issues: * Update to 12.16 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions oval:org.secpod.oval:def:89049275 This update for postgresql15 fixes the following issues: * Update to 13.12 * CVE-2023-39417: Fixed potential SQL injection for trusted extensions oval:org.secpod.oval:def:89048848 This update for postgresql12 fixes the following issues: Updated to version 12.15: \- CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script . \- CVE-2023-2455: Fixed an issue that could allow a u ... oval:org.secpod.oval:def:89048846 This update for postgresql14 fixes the following issues: Updated to version 14.8: \- CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script . \- CVE-2023-2455: Fixed an issue that could allow a us ... oval:org.secpod.oval:def:89048842 This update for postgresql13 fixes the following issues: Updated to version 13.11: \- CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script . \- CVE-2023-2455: Fixed an issue that could allow a u ... oval:org.secpod.oval:def:89048841 This update for postgresql15 fixes the following issues: Updated to version 15.3: \- CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script . \- CVE-2023-2455: Fixed an issue that could allow a us ... oval:org.secpod.oval:def:89051093 This update for postgresql14 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value at runtime. This could result in disclosure o ... oval:org.secpod.oval:def:89049148 This update for java-11-openjdk fixes the following issues: Updated to jdk-11.0.20+8 : * CVE-2023-22006: Fixed vulnerability in the network component . * CVE-2023-22036: Fixed vulnerability in the utility component . * CVE-2023-22041: Fixed vulnerability in the hotspot component . * CVE-2023-22044: ... oval:org.secpod.oval:def:89049299 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 Fix Pack 10 * CVE-2022-40609: Fixed an unsafe deserialization flaw which could allow a remote attacker to execute arbitrary code on the system. * CVE-2023-22041: Fixed a flaw whcih could allow unautho ... oval:org.secpod.oval:def:89048858 This update for java-1_8_0-openjdk fixes the following issues: * Updated to version jdk8u372 : * CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker to access critical data without authorization . * CVE-2023-21937: Fixed an issue in the Networking component that could a ... oval:org.secpod.oval:def:89048801 This update for java-11-openjdk fixes the following issues: Upgrade to upsteam tag jdk-11.0.19+7 : * CVE-2023-21930: Fixed AES support . * CVE-2023-21937: Fixed String platform support . * CVE-2023-21938: Fixed runtime support . * CVE-2023-21939: Fixed Swing platform support . * CVE-2023-21954: Fixe ... oval:org.secpod.oval:def:89048944 This update for java-1_8_0-ibm fixes the following issues: * CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS . * CVE-2023-21937: Fixed vulnerability inside the networking component . * CVE-2023-21938: Fixed vulnerability inside the library componen ... oval:org.secpod.oval:def:89049325 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u382 * CVE-2023-22045: Fixed a difficult to exploit vulnerability that allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Ora ... oval:org.secpod.oval:def:89048799 This update for harfbuzz fixes the following issues: * CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O growth via consecutive marks . oval:org.secpod.oval:def:89051054 This update for tomcat fixes the following issues: * CVE-2023-42795: Fixed a potential information leak due to insufficient cleanup . * CVE-2023-45648: Fixed a request smuggling issue due to an incorrect parsing of HTTP trailer headers . oval:org.secpod.oval:def:89050180 This update for tomcat fixes the following issues: * CVE-2023-41080: Fixed URL Redirection to Untrusted Site vulnerability in FORM authentication feature . oval:org.secpod.oval:def:89048673 This update for tomcat fixes the following issues: * CVE-2023-28708: Fixed information disclosure by not including the secure attribute . oval:org.secpod.oval:def:89048197 This update for vim fixes the following issues: - Updated to version 9.0.1234: - CVE-2023-0433: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0288: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0054: Fixed an out of bounds memory write that c ... oval:org.secpod.oval:def:89045113 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970: Use-after-free in accessibility features of a document * CVE-2021-30547: Out of bounds write in ANGLE ... oval:org.secpod.oval:def:89046068 This update for java-11-openjdk fixes the following issues: - CVE-2022-21248: Fixed incomplete deserialization class filtering in ObjectInputStream. - CVE-2022-21277: Fixed incorrect reading of TIFF files in TIFFNullDecompressor. - CVE-2022-21282: Fixed Insufficient URI checks in the XSLT Transfor ... oval:org.secpod.oval:def:89048022 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u352 : - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows unauthenticated attacker with network access and can cause unauthorized update, insert or delete access via multiple protocols ... oval:org.secpod.oval:def:89046909 This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 11 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead to ... oval:org.secpod.oval:def:89046914 This update for java-1_7_1-ibm fixes the following issues: - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead t ... oval:org.secpod.oval:def:89044244 This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.11+9 * CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled algorithms * CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder - moved mozilla-nss depende ... oval:org.secpod.oval:def:89045774 This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ... oval:org.secpod.oval:def:89045792 This update for java-1_7_0-openjdk fixes the following issues: Update to OpenJDK 7u321 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFReader . - ... oval:org.secpod.oval:def:89045551 This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u302 - CVE-2021-2341: Improve file transfers. - CVE-2021-2369: Better jar file validation. - CVE-2021-2388: Enhance compiler validation. - CVE-2021-2161: Less ambiguous processing oval:org.secpod.oval:def:89048794 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 : * Security fixes: * CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . * CVE-2023-21843: Fixed soundbank URL ... oval:org.secpod.oval:def:89044283 This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal . - CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesIntern ... oval:org.secpod.oval:def:89046998 This update for exiv2 fixes the following issues: - CVE-2021-29457: Fixed heap-based buffer overflow vulnerability in jp2image.cpp may lead to a denial of service . - CVE-2021-32617: Fixed denial of service inside inefficient algorithm . oval:org.secpod.oval:def:89000563 This update for exiv2 fixes the following issues: - CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory which might have led to denial of service . - CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which might have le ... oval:org.secpod.oval:def:89002926 This update for freetype2 fixes the following issues: - CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps . oval:org.secpod.oval:def:89000213 This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server . - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect . - CVE-2020-1938: mod_proxy_ajp: Add quot;secretquot; parameter to proxy ... oval:org.secpod.oval:def:89002928 This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command . - CVE-2016-7798: Fixed an IV Reuse in GCM Mode . - CVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf ... oval:org.secpod.oval:def:89045115 This update for qemu fixes the following issues: Security fixes: - CVE-2021-3595: Fixed slirp: invalid pointer initialization may lead to information disclosure - CVE-2021-3592: Fix for slirp: invalid pointer initialization may lead to information disclosure - CVE-2021-3594: Fix for slirp: inval ... oval:org.secpod.oval:def:89051042 This update for clamav fixes the following issues: * Updated to version 0.103.11: * CVE-2023-40477: Updated libclamunrar dependency to version 6.2.12 . oval:org.secpod.oval:def:89051163 This update for xerces-c fixes the following issues: * CVE-2023-37536: Fixed an integer overflow that could have led to a out-of- bounds memory accesses . oval:org.secpod.oval:def:89051141 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service . oval:org.secpod.oval:def:89051152 This update for openssl-1_1 fixes the following issues: * CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service . oval:org.secpod.oval:def:89048834 This update fixes the following issues: golang-github-prometheus-alertmanager: * Security issues fixed: * CVE-2022-46146: Fix authentication bypass via cache poisoning prometheus-blackbox_exporter: * Security issues fixed: * CVE-2022-46146: Fix authentication bypass via cache poisoning * Other non ... oval:org.secpod.oval:def:89051380 This update for pam fixes the following issues: * CVE-2024-22365: Fixed a local denial of service during PAM login due to a missing check during path manipulation . oval:org.secpod.oval:def:89048948 This update for openldap2 fixes the following issues: * CVE-2023-2953: Fixed null pointer deref in ber_memalloc_x . oval:org.secpod.oval:def:89050562 This update for shadow fixes the following issues: * CVE-2023-4641: Fixed potential password leak . oval:org.secpod.oval:def:89048501 This update for sudo fixes the following issue: Security fixes: * CVE-2023-28486: Fixed missing control characters escaping in log messages . * CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output . Other fixes: * Fix a situation where "sudo -U otheruser -l" would dereferen ... oval:org.secpod.oval:def:89049383 This update for gcc12 fixes the following issues: * CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 . oval:org.secpod.oval:def:89051055 This update for gcc13 fixes the following issues: NOTE: This update was retracted as it caused breakage with third party applications. This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace t ... oval:org.secpod.oval:def:89051130 This update for gcc13 fixes the following issues: This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 12 ones. The new compilers for C, C++, and Fortran are provided for ... oval:org.secpod.oval:def:89051047 This update for gcc13 fixes the following issues: This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 12 ones. The new compilers for C, C++, and Fortran are provided for ... oval:org.secpod.oval:def:89049813 This update for ghostscript fixes the following issues: * CVE-2023-43115: Fixed remote code execution via crafted PostScript documents in gdevijs.c . oval:org.secpod.oval:def:89045572 This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommands . oval:org.secpod.oval:def:89049318 This update for ghostscript fixes the following issues: * CVE-2023-38559: Fixed out-of-bounds read in devn_pcx_write_rle that could result in DoS . oval:org.secpod.oval:def:89050944 This update for ImageMagick fixes the following issues: * CVE-2023-5341: Fixed a heap use-after-free in coders/bmp.c oval:org.secpod.oval:def:89048924 This update for ImageMagick fixes the following issues: * CVE-2023-34151: Fixed an undefined behavior issue due to floating point truncation . oval:org.secpod.oval:def:89048583 This update for ImageMagick fixes the following issues: * CVE-2023-1289: Fixed segmentation fault and possible DoS via specially crafted SVG oval:org.secpod.oval:def:89048943 This update for python36 fixes the following issues: * CVE-2007-4559: Fixed filter for tarfile.extractall . * Fixed unittest.mock.patch.dict returns function when applied to coroutines . oval:org.secpod.oval:def:89051321 This update for w3m fixes the following issues: * CVE-2023-4255: Fixed out-of-bounds write in function checkType in etc.c . oval:org.secpod.oval:def:89048676 This update for curl fixes the following issues: * CVE-2023-27533: Fixed TELNET option IAC injection . * CVE-2023-27534: Fixed SFTP path ~ resolving discrepancy . * CVE-2023-27535: Fixed FTP too eager connection reuse . * CVE-2023-27536: Fixed GSS delegation too eager connection reuse . * CVE-2023-2 ... oval:org.secpod.oval:def:89048071 This update for curl fixes the following issues: - CVE-2022-43552: HTTP Proxy deny use-after-free . oval:org.secpod.oval:def:89048136 This update for postgresql-jdbc fixes the following issues: - CVE-2022-41946: Fixed a local information disclosure issue due to improper handling of temporary files . oval:org.secpod.oval:def:89047738 This update for curl fixes the following issues: - CVE-2022-32221: Fixed POST following PUT confusion . oval:org.secpod.oval:def:89048117 This update for w3m fixes the following issues: - CVE-2022-38223: Fixed a memory safety issue when dumping crafted input to standard out . oval:org.secpod.oval:def:89048865 This update for curl adds the following feature: Update to version 8.0.1 * CVE-2023-28319: use-after-free in SSH sha256 fingerprint check . * CVE-2023-28320: siglongjmp race condition . * CVE-2023-28321: IDN wildcard matching . * CVE-2023-28322: POST-after-PUT confusion . oval:org.secpod.oval:def:89044207 This update for curl fixes the following issues: - CVE-2021-22876: Fixed an issue where the automatic referer was leaking credentials . oval:org.secpod.oval:def:89000499 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2020-10703: Fixed a daemon crash caused by pools without target paths . - CVE-2020-12430: Fixed a memory leak in qemuDomainGetStatsIOThread . Non-security issues fixed: - Support setting credit2 scheduler parameters for ... oval:org.secpod.oval:def:89049136 This update for openssh fixes the following issues: * CVE-2023-38408: Fixed a condition where specific libaries loaded via ssh- agent"s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if those libraries were present on the victim"s system and if the agen ... oval:org.secpod.oval:def:89000064 This update for gd fixes the following issues: - CVE-2017-7890: Fixed a buffer over-read into uninitialized memory . - CVE-2018-14553: Fixed a null pointer dereference in gdImageClone . - CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm . oval:org.secpod.oval:def:89051258 This update for webkit2gtk3 fixes the following issues: Update to version 2.42.2 : * CVE-2023-41983: Processing web content may lead to a denial-of-service. * CVE-2023-42852: Processing web content may lead to arbitrary code execution. Already previously fixed: * CVE-2022-32919: Visiting a website t ... oval:org.secpod.oval:def:89048070 This update for sqlite3 fixes the following issues: - CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, when relying on --safe for execution of an untrusted CLI script . oval:org.secpod.oval:def:89047730 This update for libxml2 fixes the following issues: - CVE-2016-3709: Fixed possible XSS vulnerability . - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE . - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles . oval:org.secpod.oval:def:89046159 A flaw was found in the way the flags member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cach ... oval:org.secpod.oval:def:89048540 This update for libxslt fixes the following issues: * CVE-2021-30560: Fixing a use after free vulnerability in Blink XSLT . oval:org.secpod.oval:def:89051222 This update for squid fixes the following issues: * CVE-2023-49285: Fixed buffer over read bug on HTTP Message processing flow * CVE-2023-49286: Fixed Denial of Service vulnerability in helper process management * Fix X-Forwarded-For Stack Overflow oval:org.secpod.oval:def:89051171 This update for squid fixes the following issues: * CVE-2023-46728: Remove gopher support . * Fixed overread in HTTP request header parsing . oval:org.secpod.oval:def:89049073 This update for bind fixes the following issues: * CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm . oval:org.secpod.oval:def:89050996 This update for suse-module-tools fixes the following issues: * Updated to version 12.13: * CVE-2023-1829: Blacklisted the Linux kernel tcindex classifier module . * CVE-2023-23559: Blacklisted the Linux kernel RNDIS modules . * Disabled the isst_if_mbox_msr driver . oval:org.secpod.oval:def:89049158 This update for kernel-firmware fixes the following issues: * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049422 This update for python36 fixes the following issues: * CVE-2023-40217: Fixed TLS handshake bypass on closed sockets . oval:org.secpod.oval:def:89049420 This update for python fixes the following issues: * CVE-2023-40217: Fixed TLS handshake bypass on closed sockets . oval:org.secpod.oval:def:89046009 This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs . - CVE-2022-25235: Fixed UTF-8 character validation in a certain context . - CVE-2022-25313: Fixed stack exhaustion in build_model via uncontrolled recursi ... oval:org.secpod.oval:def:89051561 This update for shim fixes the following issues: * Updated shim signature after shim 15.7 be signed back: signature- sles.x86_64.asc, signature-sles.aarch64.asc * Add POST_PROCESS_PE_FLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe because g ... oval:org.secpod.oval:def:89051555 This update for wayland fixes the following issues: * CVE-2021-3782: Fixed a reference-count overflow in libwayland-server SHM handling oval:org.secpod.oval:def:89051550 This update for python-requests fixes the following issues: * CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header . oval:org.secpod.oval:def:89051548 This update for python3-requests fixes the following issues: * CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header . oval:org.secpod.oval:def:89051576 This update for python-pip fixes the following issues: * Removed .exe files from the RPM package, to prevent issues with security scanners . oval:org.secpod.oval:def:89051578 This update for libqt5-qtsvg fixes the following issues: * CVE-2021-45930: Fixed an out-of-bounds write that may have let to a denial- of-service . * CVE-2023-32573: Fixed missing initialization of QtSvg QSvgFont m_unitsPerEm variable . oval:org.secpod.oval:def:89051572 This update for gcc7 fixes the following issues: Security issues fixed: * CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 . * CVE-2019-15847: Fixed POWER9 DARN miscompilation. * CVE-2019-14250: Includes fix for LTO linker plugin heap overflow. Update to GCC 7.5.0 release. Ot ... oval:org.secpod.oval:def:89051398 This update for tomcat fixes the following issues: Security fixes: * CVE-2023-46589: Fixed HTTP request smuggling due to incorrect headers parsing. Other fixes: * Streamline how patches are handled in the spec file of the package oval:org.secpod.oval:def:89051399 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.7.0 ESR : * CVE-2024-0741: Out of bounds write in ANGLE * CVE-2024-0742: Failure to update user input timestamp * CVE-2024-0746: Crash when listing printers on Linux * CVE-2024-0747: Bypass of ... oval:org.secpod.oval:def:89051416 This update for jasper fixes the following issues: * CVE-2023-51257: Fixed an out of bounds write in the JPC encoder . oval:org.secpod.oval:def:89051410 This update for cpio fixes the following issues: * CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction . oval:org.secpod.oval:def:89051424 This update for xen fixes the following issues: * CVE-2023-46839: Fixed phantom functions assigned to incorrect contexts ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89051429 This update for xerces-c fixes the following issues: * CVE-2018-1311: fixed use-after-free triggered during the scanning of external DTDs potentially leading to DOS oval:org.secpod.oval:def:89051434 This update for gstreamer fixes the following issues: * CVE-2023-40474: Fixed an integer overflow during MXF file parsing . oval:org.secpod.oval:def:89051441 This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn"t needed because there"s a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it"s bogus since RPM auto generated dependency will ... oval:org.secpod.oval:def:89051454 This update for netpbm fixes the following issues: * CVE-2017-5849: Fixed out-of-bound read and write issue that can occur in function putgreytile and put1bitbwtile . oval:org.secpod.oval:def:89051449 This update for python36 fixes the following issues: * CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character . oval:org.secpod.oval:def:89051448 This update for python fixes the following issues: * CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character . oval:org.secpod.oval:def:89051447 This update for python3 fixes the following issues: * CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character . oval:org.secpod.oval:def:89051472 This update for postgresql15 fixes the following issues: Upgrade to 15.6: * CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY . oval:org.secpod.oval:def:89051503 This update for postgresql14 fixes the following issues: Upgrade to 14.11: * CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY . oval:org.secpod.oval:def:89051498 This update for postgresql13 fixes the following issues: Upgrade to 13.14: * CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY . oval:org.secpod.oval:def:89051491 This update for postgresql12 fixes the following issues: Upgrade to 12.18: * CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY . oval:org.secpod.oval:def:89051487 This update for openvswitch fixes the following issues: * CVE-2024-22563: Fixed memory leak via the function xmalloc__ in /lib/util.c . oval:org.secpod.oval:def:89051499 This update for postgresql16 fixes the following issues: Upgrade to 16.2: * CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY . oval:org.secpod.oval:def:89051488 This update for dpdk fixes the following issues: * Fixed a regression caused by incomplete fix for CVE-2022-2132 . oval:org.secpod.oval:def:89051523 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.8.0 ESR : * CVE-2024-1546: Out-of-bounds memory read in networking channels * CVE-2024-1547: Alert dialog could have been spoofed on another site * CVE-2024-1548: Fullscreen Notification could ... oval:org.secpod.oval:def:89051529 This update for tiff fixes the following issues: * CVE-2023-52356: Fixed segfault in TIFFReadRGBATileExt . oval:org.secpod.oval:def:89051602 This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2024-24814: Fixed a denial of service when using `OIDCSessionType client-cookie` and manipulating cookies . oval:org.secpod.oval:def:89051601 This update for postgresql-jdbc fixes the following issues: * CVE-2024-1597: Fixed SQL Injection via line comment generation . oval:org.secpod.oval:def:89051618 This update for sudo fixes the following issues: * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks . oval:org.secpod.oval:def:89051624 This update for sudo fixes the following issues: NOTE: This update has been retracted as some sudo functionality was changed incorrectly. * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks . oval:org.secpod.oval:def:89051623 This update for openssl-1_1 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file . oval:org.secpod.oval:def:89051631 This update for openssl-1_0_0 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file . oval:org.secpod.oval:def:89051620 This update for wpa_supplicant fixes the following issues: * CVE-2023-52160: Bypassing WiFi Authentication . oval:org.secpod.oval:def:89051632 This update for cpio fixes the following issues: * Fixed cpio not extracting correctly when using --no-absolute-filenames option the security fix for CVE-2023-7207 oval:org.secpod.oval:def:89051637 This update for tomcat fixes the following issues: * CVE-2024-21733: Fixed leaking of unrelated request bodies in default error page . oval:org.secpod.oval:def:89051667 This update for spectre-meltdown-checker fixes the following issues: * updated to 0.46 This release mainly focuses on the detection of the new Zenbleed vulnerability, among few other changes that were in line waiting for a release: * feat: detect the vulnerability and mitigation of Zenbleed * feat ... oval:org.secpod.oval:def:89051668 This update for sudo fixes the following issues: * CVE-2023-42465: Fixed issues introduced by first patches . oval:org.secpod.oval:def:89051673 This update for tiff fixes the following issues: * CVE-2023-41175: Fixed potential integer overflow in raw2tiff.c . * CVE-2023-38288: Fixed potential integer overflow in raw2tiff.c . * CVE-2023-40745: Fixed integer overflow in tiffcp.c . * CVE-2015-8668: Fixed Heap-based buffer overflow in bmp2tiff ... oval:org.secpod.oval:def:89051686 This update for ghostscript fixes the following issues: * Fixed segfaults in gs_heap_free_object ref:_00D1igLOd._500Tr4BRgx:ref . Previously fixed security issue: * CVE-2020-36773: Fixed out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c . oval:org.secpod.oval:def:89051728 This update for ncurses fixes the following issues: * CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file . oval:org.secpod.oval:def:89051726 This update for postfix fixes the following issues: * CVE-2023-51764: Prevent SMTP smuggling attack oval:org.secpod.oval:def:89051743 This update for apache2-mod_jk fixes the following issues: * Upgrade from version 1.2.40 to 1.2.49 * CVE-2023-41081: Fix an information disclosure issue in mod_jk oval:org.secpod.oval:def:89051755 This update for texlive fixes the following issues: * CVE-2023-46048: Fixed null pointer dereference in texk/web2c/pdftexdir/writet1.c oval:org.secpod.oval:def:89051779 This update for wireshark fixes the following issues: * CVE-2024-24476: Fixed a denial of service in ws_manuf_lookup_str oval:org.secpod.oval:def:89051797 This update for jasper fixes the following issues: * CVE-2024-31744: Fixed denial of service through assertion failure in jpc_streamlist_remove . oval:org.secpod.oval:def:89051805 This update for python-idna fixes the following issues: * CVE-2024-3651: Fixed potential DoS via resource consumption via specially crafted inputs to idna.encode . oval:org.secpod.oval:def:89051612 This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file . oval:org.secpod.oval:def:89051675 This update for PackageKit fixes the following issues: * CVE-2024-0217: Check that Finished signal is emitted at most once . ## Special Instructions and Notes: oval:org.secpod.oval:def:89051699 This update for avahi fixes the following issues: * CVE-2023-38471: Fixed reachable assertion in dbus_set_host_name . * CVE-2023-38469: Fixed reachable assertions in avahi . oval:org.secpod.oval:def:89051607 This update for vim fixes the following issues: * CVE-2023-48231: Fixed Use-After-Free in win_close . * CVE-2023-48232: Fixed Floating point Exception in adjust_plines_for_skipcol . * CVE-2023-48233: Fixed overflow with count for :s command . * CVE-2023-48234: Fixed overflow in nv_z_get_count . * CV ... oval:org.secpod.oval:def:89051541 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 20: [bsc#1219843] Security fixes: * CVE-2023-33850: Fixed information disclosure vulnerability due to the consumed GSKit library . * CVE-2024-20932: Fixed incorrect handling of ZIP files with dup ... oval:org.secpod.oval:def:89051402 This update for java-11-openjdk fixes the following issues: Updated to version 11.0.22 : * CVE-2024-20918: Fixed an out of bounds access in the Hotspot JVM due to a missing bounds check . * CVE-2024-20919: Fixed a sandbox bypass in the Hotspot JVM class file verifier . * CVE-2024-20921: Fixed an inc ... oval:org.secpod.oval:def:89051614 This update for java-1_8_0-openjdk fixes the following issues: * CVE-2024-20952: Fixed RSA padding issue and timing side-channel attack against TLS . * CVE-2024-20921: Fixed range check loop optimization issue . * CVE-2024-20926: Fixed rbitrary Java code execution in Nashorn . * CVE-2024-20919: F ... oval:org.secpod.oval:def:89051736 This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall oval:org.secpod.oval:def:89051526 This update for mozilla-nss fixes the following issues: Update to NSS 3.90.2: * CVE-2023-5388: Fixed timing attack against RSA decryption in TLS oval:org.secpod.oval:def:89051427 This update for squid fixes the following issues: * CVE-2023-50269: fixed X-Forwarded-For Stack Overflow. * CVE-2024-23638: fixed Denial of Service attack against Cache Manager error responses oval:org.secpod.oval:def:89051711 This update for squid fixes the following issues: * CVE-2024-25617: Fixes denial of service in HTTP header parser * CVE-2024-25111: Fixes Chunked Encoding Stack Overflow oval:org.secpod.oval:def:89051315 This update for python-pip fixes the following issues: * CVE-2023-5752: Fixed injection of arbitrary configuration through Mercurial parameter . oval:org.secpod.oval:def:89051671 This update for python36-pip fixes the following issues: * CVE-2023-5752: Fixed possible injection of arbitrary configuration through Mercurial parameter oval:org.secpod.oval:def:89051731 This update for libcares2 fixes the following issues: * CVE-2024-25629: Fixed out of bounds read in ares__read_line . oval:org.secpod.oval:def:89051767 This update for emacs fixes the following issues: * CVE-2024-30203: Fixed denial of service via MIME contents * CVE-2024-30204: Fixed denial of service via LaTeX preview in e-mail attachments * CVE-2024-30205: Fixed Org mode considering contents of remote files as trusted oval:org.secpod.oval:def:89051656 This update for zabbix fixes the following issues: * CVE-2024-22119: Fixed ability to run XSS in graph item names . oval:org.secpod.oval:def:89050939 This update for samba fixes the following issues: * CVE-2023-4091: Fixed a bug where a client can truncate file with read-only permissions oval:org.secpod.oval:def:89051014 This update for nghttp2 fixes the following issues: * CVE-2023-44487: Fixed HTTP/2 Rapid Reset attack oval:org.secpod.oval:def:89049334 This update for samba fixes the following issues: * CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in winbindd_pam_auth_crap_send . * CVE-2023-34966: Fixed samba spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability . * CVE-2023-34967: Fixed samba spotligh ... oval:org.secpod.oval:def:89002915 This update for samba fixes the following issues: - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records . - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . oval:org.secpod.oval:def:89048149 This update for mozilla-nss fixes the following issues: - CVE-2022-3479: Fixed a potential crash that could be triggered when a server requested a client authentication certificate, but the client had no certificates stored . - Updated to version 3.79.3 : - CVE-2022-23491: Removed trust for 3 root c ... oval:org.secpod.oval:def:89003297 This update for bzip2 fixes the following issues: - Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors . oval:org.secpod.oval:def:89003284 This update for bzip2 fixes the following issues: Security issue fixed: - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . - CVE-2016-3189: Fixed a use-after-free in bzip2recover . oval:org.secpod.oval:def:89051610 This update for python3 fixes the following issues: * CVE-2023-40217: Fixed bypass TLS handshake on closed sockets . * CVE-2023-6597: Fixed symlink bug in cleanup . oval:org.secpod.oval:def:89051740 This update for less fixes the following issues: * CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters . oval:org.secpod.oval:def:89000274 This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the "Cache-Digest" header in a HTTP/2 request . - CVE-2020-11985: IP address spoofing when proxying using mod_remoteip and mod_rewrite . - CVE-2020-11993: When trace/debug was e ... oval:org.secpod.oval:def:89046425 This update for openssl-1_1 fixes the following issues: - CVE-2022-1292: Fixed command injection in c_rehash . - CVE-2022-2068: Fixed more shell code injection issues in c_rehash oval:org.secpod.oval:def:89048009 This update for grub2 fixes the following issues: Security Fixes: - CVE-2022-2601: Fixed buffer overflow in grub_font_construct_glyph . - CVE-2022-3775: Fixed integer underflow in blit_comb . Other: - Bump upstream SBAT generation to 3 - Fix unreadable filesystem with xfs v4 superblock . - Remove zf ... oval:org.secpod.oval:def:89049102 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver . * CVE-2023-3111: Fixed a use-after-free vulnerability in prepare_to_relocate in fs/bt ... oval:org.secpod.oval:def:89049088 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity, that could cause memory corruption . * CVE-2023-1079: Fixed a use-after-free problem that could ... oval:org.secpod.oval:def:89051502 This update for libxml2 fixes the following issues: * CVE-2024-25062: Fixed use-after-free in XMLReader . oval:org.secpod.oval:def:89051688 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.0 ESR : * CVE-2024-0743: Crash in NSS TLS method . * CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector . * CVE-2024-2607: JIT code failed to save return registers on Armv7-A ... oval:org.secpod.oval:def:89051070 This update for squid fixes the following issues: * CVE-2023-46846: Request/Response smuggling in HTTP/1.1 and ICAP . * CVE-2023-46847: Denial of Service in HTTP Digest Authentication . * CVE-2023-46724: Fix validation of certificates with CN=* . * CVE-2023-46848: Denial of Service in FTP . oval:org.secpod.oval:def:89000472 This update for squid to version 4.11 fixes the following issues: - CVE-2020-11945: Fixed a potential remote code execution vulnerability when using HTTP Digest Authentication . - CVE-2019-12519, CVE-2019-12521: Fixed incorrect buffer handling that can result in cache poisoning, remote execution, an ... oval:org.secpod.oval:def:89051730 This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed a memory leak in pmap_rmt.c * CVE-2024-26461: Fixed a memory leak in k5sealv3.c oval:org.secpod.oval:def:89051694 This update for libvirt fixes the following issues: * CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces . * CVE-2024-1441: Fix off-by-one error in udevListInterfacesByStatus oval:org.secpod.oval:def:89048921 This update for tomcat fixes the following issues: * CVE-2023-28709: Mended an incomplete fix for CVE-2023-24998 . oval:org.secpod.oval:def:89048651 This update for jakarta-commons-fileupload fixes the following issues: * CVE-2016-3092: Fixed a usage of vulnerable FileUpload package can result in denial of service . * CVE-2023-24998: Fixed a FileUpload deny of service with excessive parts . oval:org.secpod.oval:def:89048552 This update for tomcat fixes the following issues: * CVE-2023-24998: Fixed FileUpload DoS with excessive parts . oval:org.secpod.oval:def:89051717 This update for nghttp2 fixes the following issues: * CVE-2024-28182: Fixed denial of service via http/2 continuation frames oval:org.secpod.oval:def:89051719 This update for curl fixes the following issues: * CVE-2024-2004: Fix the uUsage of disabled protocol logic. * CVE-2024-2398: Fix HTTP/2 push headers memory-leak oval:org.secpod.oval:def:89051244 This update for curl fixes the following issues: * CVE-2023-46218: Fixed cookie mixed case PSL bypass . * CVE-2023-46219: HSTS long file name clears contents . oval:org.secpod.oval:def:89051191 This update for libqt4 fixes the following issues: * CVE-2021-45930: Fix out of-bounds write when parsing path nodes . * CVE-2023-32573: Fix missing initialization of QSvgFont unitsPerEm . * CVE-2023-32763: Fix potential buffer when rendering a SVG file with an image inside . * CVE-2023-34410: Fix m ... oval:org.secpod.oval:def:89051691 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 * CVE-2024-29944: Privileged JavaScript Execution via Event Handlers . oval:org.secpod.oval:def:89051745 This update for tomcat fixes the following issues: * CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream * CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open oval:org.secpod.oval:def:89051761 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.10.0 ESR : * CVE-2024-3852: GetBoundName in the JIT returned the wrong object * CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement * CVE-2024-3857: Incorrect JITting of argu ... oval:org.secpod.oval:def:89049820 This update for python3 fixes the following issues: * CVE-2023-40217: Fixed TLS handshake bypass on closed sockets . * CVE-2023-41105: Fixed input truncation on null bytes in os.path.normpath . oval:org.secpod.oval:def:89048642 This update for libplist fixes the following issues: * CVE-2015-10082: Fixed XXEsecurity vulnerability with XML plists . oval:org.secpod.oval:def:89049405 This update for binutils fixes the following issues: Update to version 2.41 [jsc#PED-5778]: * The MIPS port now supports the Sony Interactive Entertainment Allegrex processor, used with the PlayStation Portable, which implements the MIPS II ISA along with a single-precision FPU and a few implementat ... oval:org.secpod.oval:def:89051299 This update for ppp fixes the following issues: * CVE-2022-4603: Fixed improper validation of array index of the component pppdump . oval:org.secpod.oval:def:89048499 This update for python-py fixes the following issues: Bugfixes: * Fixed bugs introduced with the fix for CVE-2022-42969 . oval:org.secpod.oval:def:89048962 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm- ioctl.c . * ... oval:org.secpod.oval:def:89048954 The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2269: Fixed a denial-of-service problem due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm- ioctl. ... oval:org.secpod.oval:def:89048649 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query . * CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol . A missing lock wh ... oval:org.secpod.oval:def:89048545 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query . * CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol . A missing l ... oval:org.secpod.oval:def:89048059 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-42328: Guests could trigger denial of service via the netback driver . - CVE-2022-42329: Gues ... oval:org.secpod.oval:def:89048055 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-42328: Guests could trigger denial of service via the netback driver . - CVE-2022-42329 ... oval:org.secpod.oval:def:89048182 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4662: Fixed a recursive locking violation in usb-storage that can cause the kernel to deadlock. - CVE-2022-3564: Fixed a bug which could lead to use after ... oval:org.secpod.oval:def:89047047 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice . - CVE-2022-3028: Fixed race condition tha ... oval:org.secpod.oval:def:89047038 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice . - CVE-2022-3028: Fixed race conditi ... oval:org.secpod.oval:def:89048828 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition . * CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that co ... oval:org.secpod.oval:def:89048827 The SUSE Linux Enterprise 12 SP5 AZURE kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition . * CVE-2023-2124: Fixed an out of bound access in the XFS subsystem t ... oval:org.secpod.oval:def:89048698 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information leak v ... oval:org.secpod.oval:def:89048697 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre V1 vulnerability on netlink . * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2021-3923: Fixed stack information ... oval:org.secpod.oval:def:89048551 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-23454: Fixed denial or service in cbq_classify in net/sched/sch_cbq.c . * CVE-2023-0590: Fixed race condition in qdisc_graft . * CVE-2023-0266: Fixed ... oval:org.secpod.oval:def:89048663 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen . * CVE-201 ... oval:org.secpod.oval:def:89047048 This update for python36 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:89048496 This update for python36 fixes the following issues: * CVE-2023-24329: Fixed a blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters . oval:org.secpod.oval:def:89049101 This update for python fixes the following issues: * CVE-2023-24329: Fixed urllib.parse bypass when supplying a URL that starts with blank characters . oval:org.secpod.oval:def:89047035 This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:89046724 This update for python fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module . oval:org.secpod.oval:def:89048505 This update for python3 fixes the following issues: * CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters . * CVE-2022-40899: Fixed REDoS in http.cookiejar . oval:org.secpod.oval:def:89048529 This update for python36 fixes the following issues: * CVE-2022-45061: Fixed DoS when IDNA decodes extremely long domain names . Bugfixes: * Solve a program error in the Python Garbage Collection. * Fixed issue where email.generator.py replaces a non-existent header . oval:org.secpod.oval:def:89049163 This update for qemu fixes the following issues: * CVE-2021-4207: Fixed double fetch in qxl_cursor that could lead to heap buffer overflow . * CVE-2023-0330: Fixed DMA reentrancy issue that could lead to stack overflow . * CVE-2023-2861: Fixed improper access control on special files . oval:org.secpod.oval:def:89051798 This update for qemu fixes the following issues: * CVE-2021-3750: Fixed DMA reentrancy issue that could lead to use-after-free * CVE-2022-0216: Fixed use-after-free in lsi_do_msgout function in hw/scsi/lsi53c895a.c * CVE-2023-0330: Fixed DMA reentrancy issue that could lead to stack overflow * CV ... oval:org.secpod.oval:def:89048567 This update for qemu fixes the following issues: * bsc#1172033 * bsc#1180207 * bsc#1172382 * bsc#1198038 * bsc#1193880 * bsc#1197653 * bsc#1205808 , bsc#1198712 * bsc#1175144 , bsc#1185000 , bsc#1201367, CVE-2022-35414 * About bsc#1175144, see also bsc#1182282 * bsc#1198035, CVE-2021-4206 oval:org.secpod.oval:def:89049200 This update for mariadb fixes the following issues: * CVE-2022-32084: Fixed segmentation fault via the component sub_select . oval:org.secpod.oval:def:89046106 This update for mariadb fixes the following issues: - Update to 10.2.43 : * 10.2.43: CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668 CVE-2021-46663 * 10.2.42: CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048 CVE-2021-46659, bsc#1195339 - The following issues have already been ... oval:org.secpod.oval:def:89049346 This update for xen fixes the following issues: * CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow . * CVE-2022-40982: Fixed x86/Intel Gather Data Sampling . * CVE-2023-20593: Fixed x86/AMD Zenbleed . oval:org.secpod.oval:def:89049290 This update for kernel-firmware fixes the following issues: * CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049296 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230808 release. * CVE-2022-40982: Fixed a potential security vulnerability in some Intel, Processors which may allow information disclosure. * CVE-2023-23908: Fixed a potential security vulnerability in some ... oval:org.secpod.oval:def:89046040 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:89047686 This update for xen fixes the following issues: - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don"t zero memory regions before sharing them with the backend . - CVE-2022-33740: Fixed issue where Linux Block and Network PV device frontends don"t zero memory regions b ... oval:org.secpod.oval:def:89046008 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were ... oval:org.secpod.oval:def:89046003 This update for webkit2gtk3 fixes the following issues: Update to version 2.34.5 : - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - CVE-2022-22590: A use after free issue was addressed with improved memory management. - CVE-2022-22592: A logic issue was addresse ... oval:org.secpod.oval:def:89003020 This update for webkit2gtk3 fixes the following issues: Security issue fixed: - CVE-2020-3899: Fixed a memory consumption issue that could have led to remote code execution . Non-security issues fixed: - Update to version 2.28.2 : + Fix excessive CPU usage due to GdkFrameClock not being stopped. + F ... oval:org.secpod.oval:def:89003028 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.3 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several ... oval:org.secpod.oval:def:89048973 This update for webkit2gtk3 fixes the following issues: Add security patches : * CVE-2023-28204: Fixed processing of web content that may disclose sensitive information . * CVE-2023-32373: Fixed processing of maliciously crafted web content that may lead to arbitrary code execution . oval:org.secpod.oval:def:89002964 This update for gdm fixes the following issues: - CVE-2020-16125: Fixed a privilege escalation . oval:org.secpod.oval:def:89002888 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.4 : + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925. oval:org.secpod.oval:def:89000457 This update for webkit2gtk3 to version 2.28.1 fixes the following issues: Security issues fixed: - CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled . - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free ... oval:org.secpod.oval:def:89045790 This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak . oval:org.secpod.oval:def:89048113 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.3 : - CVE-2022-42852: Fixed disclosure of process memory by improved memory handling. - CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content . - CVE-2022-42863: Fixed ... oval:org.secpod.oval:def:89003442 This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-13012: Fixed improper restriction of file permissions when creating directories . Non-security issue fixed: - Added explicit requires between libglib2 and libgio2 . oval:org.secpod.oval:def:89051233 This update for tiff fixes the following issues: * CVE-2023-2731: Fix null pointer deference in LZWDecode . * CVE-2023-1916: Fix out-of-bounds read in extractImageSection . * CVE-2023-26965: Fix heap-based use after free in loadImage . * CVE-2022-40090: Fix infinite loop in TIFFReadDirectory . oval:org.secpod.oval:def:89048127 This update for samba fixes the following issues: - Updated to version 4.15.13: - CVE-2022-38023: Removed weak cryptographic algorithms from the Netlogon RPC implementation . - CVE-2022-42898: Fixed several buffer overflow vulnerabilities on 32-bit systems . - CVE-2022-3437: Fixed a buffer overflow ... oval:org.secpod.oval:def:89047030 This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API . - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence . - Pa ... oval:org.secpod.oval:def:89048081 This update for vim fixes the following issues: Updated to version 9.0.0814: * Fixing bsc#1192478 VUL-1: CVE-2021-3928: vim: vim is vulnerable to Stack-based Buffer Overflow * Fixing bsc#1203508 VUL-0: CVE-2022-3234: vim: Heap-based Buffer Overflow prior to 9.0.0483. * Fixing bsc#1203509 VUL-1: CVE- ... oval:org.secpod.oval:def:89046991 This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 : - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution. oval:org.secpod.oval:def:89046742 This update for curl fixes the following issues: - CVE-2022-32206: HTTP compression denial of service - CVE-2022-32208: FTP-KRB bad message verification oval:org.secpod.oval:def:89048774 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.6 : * CVE-2022-0108: Fixed information leak. * CVE-2022-32885: Fixed arbitrary code execution. * CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer. * CVE-2023-27932: Fixed Same Origin Policy bypas ... oval:org.secpod.oval:def:89048543 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.5 : * CVE-2023-23529: Fixed possible arbitrary code execution via maliciously crafted web content. * CVE-2023-23518: Processing maliciously crafted web content may lead to Previously fixed inside update to version 2.38.4 ... oval:org.secpod.oval:def:89045109 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. - CVE-2021-33909: Fixed an out-of-bounds ... oval:org.secpod.oval:def:89045100 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33624: Fixed a bug which allows unprivileged BPF program to leak the contents of arbitrary kernel memory via a side-channel. - CVE-2019-25045: Fixed an u ... oval:org.secpod.oval:def:89045122 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. - CVE-2021-33909: Fixed an out-of-bounds ... oval:org.secpod.oval:def:89045114 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33624: Fixed a bug which allows unprivileged BPF program to leak the contents of arbitrary kernel memory via a side-channel. - CVE-2019-25045: Fixed an u ... oval:org.secpod.oval:def:89045789 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory . - CVE-2021-3715: Fixed a u ... oval:org.secpod.oval:def:89002982 This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 [bsc#1173876], unaligned acces ... oval:org.secpod.oval:def:89002977 This update for ucode-intel fixes the following issues: Updated Intel CPU Microcode to 20200602 This update contains security mitigations for: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one whic ... oval:org.secpod.oval:def:89000108 This update for cups fixes the following issues: - CVE-2020-3898: Fixed a heap buffer overflow in ppdFindOption . oval:org.secpod.oval:def:89003259 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003049 This update for spectre-meltdown-checker fixes the following issues: - version 0.43 - feat: implement TAA detection - feat: implement MCEPSC / iTLB Multihit detection - feat: taa: add TSX_CTRL MSR detection in hardware info - feat: fwdb: use both Intel GitHub repo and MCEdb to build our firmware v ... oval:org.secpod.oval:def:89003271 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003309 This update for ucode-intel to version fixes the following issues: - Updated to 20191115 official security release - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues oval:org.secpod.oval:def:89003329 This update for ucode-intel fixes the following issues: - Updated to 20191112 security release - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-gt;New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile - CNL-U D0 6-6 ... oval:org.secpod.oval:def:89000237 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a ... oval:org.secpod.oval:def:89003081 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89045571 This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression - enh: arm: add experimental support for binary arm images - enh: rsb filling: no lo ... oval:org.secpod.oval:def:89000049 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . oval:org.secpod.oval:def:89003246 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 40. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11772: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM ... oval:org.secpod.oval:def:89003187 This update for java-1_8_0-openjdk to version 8u222 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation . - CVE-2019-2762: Exceptional throw cases . - CVE-2019-2766: Improve file protocol handling . - CVE-2019-2769: Better copies of CopiesList . - CVE-2019 ... oval:org.secpod.oval:def:89003092 This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_str2de ... oval:org.secpod.oval:def:89003072 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks . oval:org.secpod.oval:def:89002991 This update for libsolv fixes the following issues: This is a reissue of an existing libsolv update that also included libsolv-devel for LTSS products. libsolv was updated to version 0.6.36 fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testc ... oval:org.secpod.oval:def:89003427 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 50. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM Security Update July 2019 - CVE-2019-7317: Fixed ... oval:org.secpod.oval:def:89003137 This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document . - CVE-2018-1000802: Fixed a command injection in th ... oval:org.secpod.oval:def:89003294 This update for MozillaFirefox fixes the following issues: Updated to new ESR version 68.1 . In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750 ... oval:org.secpod.oval:def:89003172 This update for python fixes the following issues: Security issue fixed: - CVE-2019-16056: Fixed a parser issue in the email module . - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py . oval:org.secpod.oval:def:89003079 This update for python fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation . oval:org.secpod.oval:def:89003071 This update for python3 fixes the following issues: - CVE-2019-16056: Fixed a parser issue in the email module. - CVE-2018-20852: Fixed an incorrect domain validation that could lead to cookies being sent to the wrong server oval:org.secpod.oval:def:89000565 This update for python3 fixes the following issues: Update to 3.4.10 from 3.4.6: Security issues fixed: - Update expat copy from 2.1.1 to 2.2.0 to fix the following issues: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2017-9233, CVE-2016-9063 - CVE-2017-1000158: Fix an integer overflow in thePy ... oval:org.secpod.oval:def:89000146 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to NSS 3.47.1: Security issues fixed: - CVE-2019-17006: Added length checks for cryptographic primitives . - CVE-2019-11745: EncryptUpdate should use maxout, not block size . - CVE-2019-11727: Fixed vulnera ... oval:org.secpod.oval:def:89003210 This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack . - CVE-2019-11711: Script injection within domain through inner window reuse . - CVE-2019-11712: Cross-origin POST ... oval:org.secpod.oval:def:89003333 This update for MozillaFirefox to ESR 60.9 fixes the following issues: Security issues fixed: - CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. - CVE-2019-11746: Fixed a use-after-free while manipulating video. - CVE-2019-11744: F ... oval:org.secpod.oval:def:89000180 This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball . - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service ... oval:org.secpod.oval:def:89003323 This update for MozillaFirefox to 68.2.0 ESR fixes the following issues: Mozilla Firefox was updated to version 68.2.0 ESR . Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library . - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB . - CVE ... oval:org.secpod.oval:def:89000055 This update for python36 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk . - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ signs . - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat . oval:org.secpod.oval:def:89000166 This update for python36 fixes the following issues: Update to 3.6.12, including the following fixes: - Fixed a directory traversal in _download_http_url - Fixed CRLF injection via HTTP request method in httplib/http.client - Fixed possible infinite loop in specifically crafted tarball - Fixed a ... oval:org.secpod.oval:def:89051809 This update for nrpe fixes the following issues: CVE-2014-2913: Fixed remote command execution when command arguments are enabled oval:org.secpod.oval:def:89051313 This update for webkit2gtk3 fixes the following issues: * CVE-2023-42890: Fixed processing malicious web content may lead to arbitrary code execution . * CVE-2023-42883: Fixed processing a malicious image may lead to a denial-of- service . * CVE-2023-41074: Fixed use-after-free in the MediaRecorder ... oval:org.secpod.oval:def:89051069 This update for tiff fixes the following issues: * CVE-2023-38289: Fixed a NULL pointer dereference in raw2tiff . * CVE-2023-38288: Fixed an integer overflow in raw2tiff . * CVE-2023-3576: Fixed a memory leak in tiffcrop . * CVE-2020-18768: Fixed an out of bounds read in tiffcp . * CVE-2023-26966: F ... oval:org.secpod.oval:def:89051168 This update for vim fixes the following issues: * CVE-2023-5344: Heap-based Buffer Overflow in vim prior to 9.0.1969 * CVE-2023-5441: segfault in exmode when redrawing * CVE-2023-5535: use-after-free from buf_contents_changed * CVE-2023-46246: Integer Overflow in :history command oval:org.secpod.oval:def:89050947 This update for curl fixes the following issues: * CVE-2023-38545: Fixed a heap buffer overflow in SOCKS5. * CVE-2023-38546: Fixed a cookie injection with none file oval:org.secpod.oval:def:89051759 webkit2gtk3 was updated to fix the following issues: Update to version 2.44.0 : * CVE-2024-23252: Credit to anbu1024 of SecANT. Impact: Processing web content may lead to a denial-of-service. Description: The issue was addressed with improved memory handling. * CVE-2024-23254: Credit to James Lee . ... oval:org.secpod.oval:def:89049409 This update for curl fixes the following issues: * CVE-2023-38039: Fixed possible DoS when receiving too large HTTP header oval:org.secpod.oval:def:89051741 This update for xorg-x11-server fixes the following issues: * CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length . * CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply . * CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to se ... oval:org.secpod.oval:def:89051748 This update for xorg-x11-server fixes the following issues: * Fixed regression for security fix for CVE-2024-31083 when using Android Studio oval:org.secpod.oval:def:89051706 This update for libvirt fixes the following issues: * CVE-2024-2494: Fixed negative g_new0 length leading to unbounded memory allocation . oval:org.secpod.oval:def:89051687 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20240312 release. * CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel Processors may allow an unauthenticated user to potentially enable denial of service via network access * CV ... oval:org.secpod.oval:def:89051708 This update for xen fixes the following issues: * CVE-2023-28746: Register file data sampling. * CVE-2024-2193: Fixed GhostRace, a speculative race conditions oval:org.secpod.oval:def:89051496 This update for webkit2gtk3 fixes the following issues: Update to version 2.42.5 : * CVE-2024-23222: Fixed processing maliciously crafted web content that may have led to arbitrary code execution . * CVE-2024-23206: Fixed fingerprint user via maliciously crafted webpages . * CVE-2024-23213: Fixed pr ... oval:org.secpod.oval:def:89051460 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation . * CVE-20 ... oval:org.secpod.oval:def:89051473 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation . * CVE-2024-034 ... oval:org.secpod.oval:def:89051642 This update for axis fixes the following issues: * CVE-2023-51441: Fixed SSRF when untrusted input is passed to the service admin HTTP API . oval:org.secpod.oval:def:89051542 This update for openssh fixes the following issues: * CVE-2023-51385: Fixed a command injection via user name or host name metacharacters . * Remember the state of sshd service during update / removal, to allow cut- over to a different openssh package. bsc#1220110 oval:org.secpod.oval:def:89051294 This update for libssh2_org fixes the following issues: * CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity . oval:org.secpod.oval:def:89051287 This update for openssh fixes the following issues: * CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity . oval:org.secpod.oval:def:89051501 This update for libssh2_org fixes the following issues: * Always add the KEX pseudo-methods "ext-info-c" and "kex-strict- c-v00 at openssh.com" when configuring custom method list. [bsc#1218971, CVE-2023-48795] * The strict-kex extension is announced in the list of available KEX methods. However, wh ... oval:org.secpod.oval:def:89051132 This update for libxml2 fixes the following issues: * CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode in tree.c . oval:org.secpod.oval:def:89049381 This update for libxml2 fixes the following issues: * CVE-2023-29469: Fixed not deterministic hashing of empty dict strings . * CVE-2023-28484: Fixed NULL dereference in xmlSchemaFixupComplexType . * CVE-2023-39615: Fixed crafted xml can cause global buffer overflow . * CVE-2016-3709: Fixed cross-si ... oval:org.secpod.oval:def:89048768 This update for libxml2 fixes the following issues: * CVE-2023-29469: Fixed inconsistent result when hashing empty strings . * CVE-2023-28484: Fixed NULL pointer dereference in xmlSchemaFixupComplexType . oval:org.secpod.oval:def:89051682 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26600: Fixed NULL pointer dereference for SRP . * CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed * CVE-2021-47076: Fixed a bug ... oval:org.secpod.oval:def:89051684 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed * CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied * CVE-2023- ... oval:org.secpod.oval:def:89051408 This update for xorg-x11-server fixes the following issues: * CVE-2024-0408: Fixed SELinux unlabeled GLX PBuffer. * CVE-2024-0409: Fixed SELinux context corruption oval:org.secpod.oval:def:89051374 This update for xorg-x11-server fixes the following issues: * CVE-2023-6816: Fixed heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer * CVE-2024-0229: Fixed reattaching to different master device may lead to out- of-bounds memory access * CVE-2024-21885: Fixed heap buffer overflow in ... oval:org.secpod.oval:def:89051225 This update for xorg-x11-server fixes the following issues: * CVE-2023-6377: Fixed out-of-bounds memory write in XKB button actions . * CVE-2023-6478: Fixed out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty . oval:org.secpod.oval:def:89051497 This update for libssh fixes the following issues: Update to version 0.9.8 : * Fix CVE-2023-6004: Command injection using proxycommand * Fix CVE-2023-48795: Potential downgrade attack using strict kex * Fix CVE-2023-6918: Missing checks for return values of MD functions * Allow @ in usernames whe ... oval:org.secpod.oval:def:89051285 This update for xorg-x11-server fixes the following issues: * CVE-2023-6377: Fixed out-of-bounds memory write in XKB button actions . oval:org.secpod.oval:def:89051372 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing debug information . * CVE-2022-2586: Fixed a use-after-free which can be triggered ... oval:org.secpod.oval:def:89051369 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft table is deleted . * CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted ... oval:org.secpod.oval:def:89051227 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-0461: Fixed use-after-free in icsk_ulp_data . * CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet . * CVE-2023-45863: Fixed a out-of-b ... oval:org.secpod.oval:def:89051267 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-0461: Fixed use-after-free in icsk_ulp_data . * CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl . * CVE-2023-39197: Fixed a out-of-bounds ... oval:org.secpod.oval:def:89051036 This update for xorg-x11-server fixes the following issues: * CVE-2023-5574: Fixed a privilege escalation issue that could be triggered via the Damage extension protocol . * CVE-2023-5380: Fixed a memory safety issue that could be triggered when using multiple protocol screens . * CVE-2023-5367: Fix ... oval:org.secpod.oval:def:89050962 This update for grub2 fixes the following issues: Security fixes: \- CVE-2023-4692: Fixed an out-of-bounds write at fs/ntfs.c which may lead to unsigned code execution. \- CVE-2023-4693: Fixed an out-of-bounds read at fs/ntfs.c which may lead to leak sensitive information. Other fixes: \- Fix "com ... oval:org.secpod.oval:def:89049826 This update for libXpm fixes the following issues: * CVE-2023-43788: Fixed an out of bounds read when creating an image . * CVE-2023-43789: Fixed an out of bounds read when parsing an XPM file with a corrupted colormap . oval:org.secpod.oval:def:89050199 This update for libX11 fixes the following issues: * CVE-2023-43786: Fixed stack exhaustion from infinite recursion in PutSubImage . * CVE-2023-43787: Fixed integer overflow in XCreateImage leading to a heap overflow . * CVE-2023-43785: Fixed out-of-bounds memory access in _XkbReadKeySyms . oval:org.secpod.oval:def:89051008 This update for webkit2gtk3 fixes the following issues: * CVE-2023-41993: Fixed an issue where processing malicious web content could have lead to arbitrary code execution . * CVE-2023-39928: Fixed a use-after-free that could be exploited to execute arbitrary code when visiting a malicious webpage . ... oval:org.secpod.oval:def:89050941 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-39192: Fixed an out of bounds read in the netfilter . * CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem . * CVE-2023-39194: Fixed an o ... oval:org.secpod.oval:def:89050940 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-39194: Fixed a flaw in the processing of state filters which could allow a local attackers to disclose sensitive information. * CVE-2023-39193: Fixe ... oval:org.secpod.oval:def:89049266 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-40982: A transient execution attack called 'Gather Data Sampling' affecting is mitigated, together with respective Intel CPU Microcode updates . * CVE-2023 ... oval:org.secpod.oval:def:89049280 The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched . * CVE-2023-3611: Fixed an out-of-bounds write in net/sched sch_qfq. * CVE-2023- ... oval:org.secpod.oval:def:89002916 This update for samba fixes the following issues: - Update to 4.10.18 - ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . |
