Download
| Alert*
|
oval:org.secpod.oval:def:89000014
SUSE Linux Enterprise Server 12 SP3 is installed oval:org.secpod.oval:def:89045015 This update for SuSEfirewall2 fixes the following issues: - CVE-2017-15638: Fixed security issue with too open implicit portmapper rules : A source net restriction for _rpc_ services was not taken into account for the implicitly added rules for port 111, making the portmap service accessible to ever ... oval:org.secpod.oval:def:89045012 This update for openvswitch fixes the following issues: - CVE-2017-9263: OpenFlow role status message can cause a call to abort leading to application crash - CVE-2017-9265: Buffer over-read while parsing message could lead to crash or maybe arbitrary code execution - Do not restart the ovs-vswitc ... oval:org.secpod.oval:def:89045542 This update for unrar to version 5.6.1 fixes several issues. These security issues were fixed: - CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file . - CVE ... oval:org.secpod.oval:def:89043997 This update fixes the following issues: - CVE-2018-1172: Squid Proxy Cache Denial of Service vulnerability . oval:org.secpod.oval:def:89000529 This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND=quot;ldapquot; was used . - Changed DB_CONFIG to root:ldap permissions . - Fixed an issue where slapd becomes unresponsive after many fai ... oval:org.secpod.oval:def:89046722 This update of oracleasm fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89046733 This update of dpdk fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89045020 This update for libsoup fixes the following issues: - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup . oval:org.secpod.oval:def:89043980 This update for apache2 fixes several issues. These security issues were fixed: - CVE-2017-9789: When under stress the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour . - CVE-2017-7659: A maliciously constructed HTTP/2 request c ... oval:org.secpod.oval:def:89002297 This update for dpdk to version 16.11.8 provides the following security fix: - CVE-2018-1059: restrict untrusted guest to misuse virtio to corrupt host application memory which could have lead all VM to lose connectivity and following non-security fixes: - Enable the broadcom chipset family Broadc ... oval:org.secpod.oval:def:89003265 This update for cups fixes the following issues: - CVE-2019-8675: Fixed a stack buffer overflow in libcups"s asn1_get_type function. - CVE-2019-8696: Fixed a stack buffer overflow in libcups"s asn1_get_packed function . oval:org.secpod.oval:def:89003386 This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication . oval:org.secpod.oval:def:89003024 This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201118 official release. - Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack INTEL-SA-00389 - CVE-2020-8698: Fixed Fast Store For ... oval:org.secpod.oval:def:89003268 This update for LibVNCServer fixes the following issues: Security issues fixed: - CVE-2018-15126: Fixed use-after-free in file transfer extension - CVE-2018-6307: Fixed use-after-free in file transfer extension server code - CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC cli ... oval:org.secpod.oval:def:89002293 This update for cairo fixes the following issues: - CVE-2017-9814: out-of-bounds read in cairo-truetype-subset.c could lead to denial of service . oval:org.secpod.oval:def:89003261 This update for postgresql10 to version 10.9 fixes the following issue: Security issue fixed: - CVE-2019-10164: Fixed buffer-overflow vulnerabilities in SCRAM verifier parsing . More information at https://www.postgresql.org/docs/10/release-10-9.html oval:org.secpod.oval:def:89003385 This update for avahi fixes the following issues: Security issue fixed: - CVE-2017-6519: Fixed DNS amplification and reflection to spoofed addresses oval:org.secpod.oval:def:89044807 This update for curl fixes the following issues: Security issues fixed: - CVE-2017-1000254: FTP PWD response parser out of bounds read - CVE-2017-1000257: IMAP FETCH response out of bounds read Bugs fixed: - Fixed error error:1408F10B:SSL routines when connecting to ftps via proxy oval:org.secpod.oval:def:89002059 This update for spice-gtk fixes the following issues: - CVE-2017-12194: A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions ... oval:org.secpod.oval:def:89044812 This update for curl fixes the following issues: - CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service - CVE-2017-1000101: URL globbing out of bounds read could lead to a denial of service oval:org.secpod.oval:def:89002171 This update for libvorbis fixes the following issues: Security issues fixed: - CVE-2018-10393: Fixed stack-based buffer over-read in bark_noise_hybridm . - CVE-2017-14160: Fixed out-of-bounds access inside bark_noise_hybridmp function . oval:org.secpod.oval:def:89002044 This update for poppler fixes the following issues: These security issues were fixed: - CVE-2017-14517: Prevent NULL Pointer dereference in the XRef::parseEntry function via a crafted PDF document . - CVE-2017-9865: Fixed a stack-based buffer overflow vulnerability in GfxState.cc that would have all ... oval:org.secpod.oval:def:89003134 This update for webkit2gtk3 to version 2.22.6 fixes the following issues: Security issues fixed: - CVE-2019-6212: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content. - CVE-2019-6215: Fixed a type confusion ... oval:org.secpod.oval:def:89003255 This update for file fixes the following issues: The following security vulnerabilities were addressed: - Fixed an out-of-bounds read in the function do_core_note in readelf.c, which allowed remote attackers to cause a denial of service via a crafted ELF file . - CVE-2019-8905: Fixed a stack-based ... oval:org.secpod.oval:def:89003371 This update for ghostscript fixes the following issue: Security issue fixed: - CVE-2019-3838: Fixed a vulnerability which made forceput operator in DefineResource to be still accessible which could allow access to file system outside of the constraints of -dSAFER . oval:org.secpod.oval:def:89003492 This update for audit fixes the following issues: Audit on SUSE Linux Enterprise 12 SP3 was updated to 2.8.1 to bring new features and bugfixes oval:org.secpod.oval:def:89003131 This update for ghostscript fixes the following issue: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code . oval:org.secpod.oval:def:89003252 This update for spice fixes the following issues: Security issue fixed: - CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution . oval:org.secpod.oval:def:89044917 This update for evince fixes the following issue: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code . oval:org.secpod.oval:def:89003018 This update for bluez fixes the following issues: - CVE-2020-0556: Fixed improper access control which may lead to escalation of privilege and denial of service by an unauthenticated user . oval:org.secpod.oval:def:89003139 This update for wireshark to version 2.4.13 fixes the following issues: Security issues fixed: - CVE-2019-9214: Avoided a dereference of a null coversation which could make RPCAP dissector crash . - CVE-2019-9209: Fixed a buffer overflow in time values which could make ASN.1 BER and related dissecto ... oval:org.secpod.oval:def:89044915 This update for xorg-x11-server fixes several issues. These security issues were fixed: - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm could lead to shared memory segments of other users beeing freed - CVE-2017-13723: A local denial of service via unusual characters in XkbA ... oval:org.secpod.oval:def:89003364 This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users These non-security issues were fixed: - Fix a segmentation fault in sss_cache command. ... oval:org.secpod.oval:def:89002035 This update for jasper fixes the following issues: - CVE-2018-9055: denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c could lead to denial of service oval:org.secpod.oval:def:89002277 This update for openssh fixes the following issues: Security issue fixed: - CVE-2016-10708: Prevent DoS due to crashes caused by out-of-sequence NEWKEYS message . oval:org.secpod.oval:def:89003125 This update for libssh2_org fixes the following issues: - Incorrect upstream fix for CVE-2019-3859 broke public key authentication [bsc#1133528, bsc#1130103] oval:org.secpod.oval:def:89003362 This update for sysstat fixes the following issues: Security issues fixed: - CVE-2018-19416: Fixed out-of-bounds read during a memmove call inside the remap_struct function . - CVE-2018-19517: Fixed out-of-bounds read during a memset call inside the remap_struct function . oval:org.secpod.oval:def:89002274 This update for tcpdump fixes the following issues: Security issues fixed: - CVE-2018-19519: Fixed a stack-based buffer over-read in the print_prefix function oval:org.secpod.oval:def:89003242 This update for wireshark to version 2.4.15 fixes the following issues: Security issue fixed: - Fixed a denial of service in the dissection engine . oval:org.secpod.oval:def:89003127 This update for webkit2gtk3 fixes the following issues: Security issue fixed: - CVE-2019-8375: Fixed an issue in UIProcess subsystem which could allow the script dialog size to exceed the web view size leading to Buffer Overflow or other unspecified impact . oval:org.secpod.oval:def:89003369 This update for curl fixes the following issues: Security issues fixed: - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP . - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message . - CVE-2018-1689 ... oval:org.secpod.oval:def:89003008 This update for kernel-firmware fixes the following issue: - CVE-2020-12321: Updated the Intel Bluetooth firmware for buffer overflow security bugs . oval:org.secpod.oval:def:89044705 This update for kernel-firmware fixes the following issues: - Update Intel WiFi firmwares for the 3160, 7260 and 7265 adapters. Security issues fixed are part of the KRACK attacks affecting the firmware: - CVE-2017-13080: The reinstallation of the Group Temporal key could be used for replay attacks ... oval:org.secpod.oval:def:89044713 This update for emacs fixes one issues. This security issue was fixed: - CVE-2017-14482: Remote code execution via mails with Content-Type: text/enriched oval:org.secpod.oval:def:89044712 This MariaDB update to version 10.0.31 GA fixes the following issues: Security issues fixed: - CVE-2017-3308: Subcomponent: Server: DML: Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this ... oval:org.secpod.oval:def:89002264 This update for evince fixes the following issues: - CVE-2017-1000159: Command injection in evince via filename when printing to PDF could lead to command execution oval:org.secpod.oval:def:89002144 This update for libsoup fixes the following issues: Security issue fixed: - CVE-2018-12910: Fix crash when handling empty hostnames . - CVE-2017-2885: Fix chunk decoding buffer overrun that could be exploited against either clients or servers . Bug fixes: - bsc#1086036: translation-update-upstream c ... oval:org.secpod.oval:def:89003233 This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigated ECDSA timing attack oval:org.secpod.oval:def:89003114 This update for gstreamer-plugins-base fixes the following issue: Security issue fixed: - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser . oval:org.secpod.oval:def:89003477 This update for ucode-intel fixes the following issues: Updated to the 20190312 bundle release New Platforms: - AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile - CFL-S P0 6-9e-c/22 000000a2 Core Gen9 Deskto ... oval:org.secpod.oval:def:89002263 This update for libarchive fixes the following issues: - CVE-2016-10209: The archive_wstring_append_from_mbs function in archive_string.c allowed remote attackers to cause a denial of service via a crafted archive file. - CVE-2016-10349: The archive_le32dec function in archive_endian.h allowed rem ... oval:org.secpod.oval:def:89002384 This update for augeas fixes the following issues: Security issue fixed: - CVE-2017-7555: Fix a memory corruption bug could have lead to arbitrary code execution by passing crafted strings that would be mis-handled by parse_name . oval:org.secpod.oval:def:89002026 This update for libvorbis fixes the following issues: The following security issue was fixed: - Fixed the validation of channels in mapping0_forward, which previously allowed remote attackers to cause a denial of service via specially crafted files oval:org.secpod.oval:def:89003115 This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 . - CVE-2018-20506: Fixed an integer overflow when FTS3 extension is enabled . oval:org.secpod.oval:def:89044814 The Software Update Stack was updated to receive fixes and enhancements. libzypp: - Adapt to work with GnuPG 2.1.23. - Support signing with subkeys. - Enhance sort order for media.1/products. zypper: - Also show a gpg key"s subkeys. - Improve signature check callback messages. - Add options to ... oval:org.secpod.oval:def:89003116 This update for sudo fixes the following issues: Security issue fixed: - CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers . oval:org.secpod.oval:def:89002149 This update for bluez fixes the following issues: Security issues fixed: - CVE-2016-9800: Fix hcidump memory leak in pin_code_reply_dump . - CVE-2016-9804: Fix hcidump buffer overflow in commands_dump . - CVE-2016-7837: Fix possible buffer overflow, make sure we don"t write past the end of the array ... oval:org.secpod.oval:def:89044944 This update for ImageMagick fixes the following issues: Security issues fixed: * CVE-2017-15033: A denial of service attack was fixed in ReadYUVImage in coders/yuv.c [bsc#1061873] * CVE-2017-11446: An infinite loop in ReadPESImage was fixed. * CVE-2017-12433: A memory leak in ReadPESImage in coder ... oval:org.secpod.oval:def:89003189 This update for vim fixes the following issue: Security issue fixed: - CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c . oval:org.secpod.oval:def:89003185 This update for openssl fixes the following issues: OpenSSL Security Advisory [10 September 2019] - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance . - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key . oval:org.secpod.oval:def:89003065 This update for libpcap fixes the following issues: - CVE-2019-15165: Added sanity checks for PHB header length before allocating memory . - CVE-2018-16301: Fixed a buffer overflow . oval:org.secpod.oval:def:89003181 This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs oval:org.secpod.oval:def:89003182 This update for postgresql10 to version 10.9 fixes the following issue: Security issue fixed: - CVE-2019-10164: Fixed buffer-overflow vulnerabilities in SCRAM verifier parsing . More information at https://www.postgresql.org/docs/10/release-10-9.html oval:org.secpod.oval:def:89002094 This update for samba fixes the following issues: The following security vulnerability was fixed: - CVE-2018-10858: Fixed insufficient input validation on client directory listing in libsmbclient; ; The following other change was made: - s3: winbind: Fix "winbind normalize names" in wb_getpwsid; - w ... oval:org.secpod.oval:def:89003299 This update for webkit2gtk3 to version 2.22.5 fixes the following issues: Security issues fixed: - CVE-2018-4438: Fixed a logic issue which lead to memory corruption - CVE-2018-4437, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464: Fixed multiple memory corruption issues with improved me ... oval:org.secpod.oval:def:89003179 This update for libseccomp fixes the following issues: Update to new upstream release 2.4.1: * Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 : * Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS ... oval:org.secpod.oval:def:89003052 This update for libssh2_org fixes the following issues: Security issues fixed: - CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets . - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet . - CVE-2019-3860: Fixed Out-of- ... oval:org.secpod.oval:def:89003054 This update for PackageKit fixes the following issues: - Fixed displaying the license agreement pop up window during package update . oval:org.secpod.oval:def:89003290 This update for elfutils fixes the following issues: Security issues fixed: - CVE-2018-16403: Fixed a heap-based buffer over-read that could have led to Denial of Service . - CVE-2016-10254: Fixed a memory allocation failure in alloxate_elf . - CVE-2019-7665: NT_PLATFORM core file note should be a z ... oval:org.secpod.oval:def:89003291 This update for openssl fixes the following issues: - Reject invalid EC point coordinates This helps openssl using services that do not do this verification on their own. oval:org.secpod.oval:def:89002082 This update for rzsz fixes the following issues: - Update to 0.12.21~rc to fix bsc#1086416 and bsc#1090051 - CVE-2018-10195: segmentation fault in zsdata function could lead to denial of service oval:org.secpod.oval:def:89003171 This update for dovecot22 fixes the following issues: - CVE-2019-11500: Fixed a potential remote code execution in the IMAP and ManageSieve protocol parsers . oval:org.secpod.oval:def:89002083 This update for rsyslog fixes the following issues: The following security vulnerability was addressed: CVE-2015-3243: Make sure that log files are not created world-readable oval:org.secpod.oval:def:89003167 This update for openssl fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher"s CAT: Cache Attacks on TLS Implementations - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differently to a ... oval:org.secpod.oval:def:89003288 This update for bash fixes the following issues: Security issue fixed: - CVE-2019-9924: Fixed a vulnerability in which shell did not prevent user BASH_CMDS allowing the user to execute any command with the permissions of the shell . oval:org.secpod.oval:def:89003047 This update for webkit2gtk3 to version 2.22.4 fixes the following issues: Security issues fixed: CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018 ... oval:org.secpod.oval:def:89003168 This update for postgresql96 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner . oval:org.secpod.oval:def:89002073 This update for ceph fixes the following issues: - Update to version 12.2.7-420-gc0ef85b854: * https://ceph.com/releases/12-2-7-luminous-released/ * luminous: osd: eternal stuck PG in "unfound_recovery" * bluestore: db.slow used when db is not full * CVE-2018-10861: Ensure that ceph-mon does perfo ... oval:org.secpod.oval:def:89002194 This update for memcached fixes the following issues: - CVE-2018-1000115: Insufficient Control of Network Message Volume vulnerability in the UDP support of the memcached server could result in denial of service via network flood . - Home directory shouldn"t be world readable bsc#1077718 oval:org.secpod.oval:def:89003041 This update for dnsmasq fixes the following issues: Security issue fixed: - CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance. Non-security issue fixed: - Reload system dbus to pick up pol ... oval:org.secpod.oval:def:89003163 This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2019-10130: Prevent row-level security policies from being bypassed via selectivity estimators . Bug fixes: - For a complete list of fixes check the release notes. * https://www.postgresql.org/docs/10/release-10-8.h ... oval:org.secpod.oval:def:89003164 This update for bluez fixes the following issues: Security vulnerability addressed: - CVE-2016-9797: Fixed a buffer over-read in l2cap_dump . - CVE-2016-9798: Fixed a use-after-free in conf_opt . - CVE-2016-9917: Fixed a heap-based buffer overflow in read_n . - CVE-2016-9802: Fixed a buffer over-rea ... oval:org.secpod.oval:def:89003044 This update for perl fixes the following issues: Security issue fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment . oval:org.secpod.oval:def:89002070 This update for soundtouch fixes the following issues: - CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service or possibly have unspecified other impact, as demonstrated by SoundStretch. - CVE-2018-17097: The WavFileBase class allowed remote attackers to cause ... oval:org.secpod.oval:def:89003040 This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-6954: Fixed a vulnerability in the symlink handling of systemd-tmpfiles which allowed a local user to obtain ownership of arbitrary files . - CVE-2019-3842: Fixed a vulnerability in pam_systemd which allowed a loca ... oval:org.secpod.oval:def:89003397 This update for freeradius-server fixes the following issues: Security issues fixed: - CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points . - CVE-2019-11234: Fixed an authentication bypass caused by reflecting privou ... oval:org.secpod.oval:def:89002188 This update for ImageMagick fixes the following issues: - CVE-2017-14997: GraphicsMagick allowed remote attackers to cause a denial of service because of an integer underflow in ReadPICTImage in coders/pict.c. [bsc#1112399] - CVE-2018-16644: An regression in the security fix for the pict coder was ... oval:org.secpod.oval:def:89003156 This update for curl fixes the following issues: Security issue fixed: - CVE-2019-5482: Fixed TFTP small blocksize heap buffer overflow . oval:org.secpod.oval:def:89003277 This update for systemd fixes the following issues: Security vulnerability fixed: - CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS message on the system bus by an unprivileged user Other bug fixes and changes: - journal-remote: set a limit on the number of fields in a messa ... oval:org.secpod.oval:def:89003398 This update for gd fixes the following issues: Security issues fixed: - CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function . - CVE-2019-6978: Fixed a double free in the gdImage*Ptr functions . oval:org.secpod.oval:def:89002189 This update for wireshark fixes the following issues: - Update to wireshark 2.2.14, fix such issues: * bsc#1088200 VUL-0: wireshark: multiple vulnerabilities fixed in 2.2.14, 2.4.6 * CVE-2018-9256: LWAPP dissector crash * CVE-2018-9260: IEEE 802.15.4 dissector crash * CVE-2018-9261: NBAP dissector c ... oval:org.secpod.oval:def:89003399 This update for wireshark to version 2.4.12 fixes the following issues: Security issues fixed: - CVE-2019-5717: Fixed a denial of service in the P_MUL dissector - CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors - CVE-2019-5719: Fixed a denial of service in the I ... oval:org.secpod.oval:def:89044769 This update for wireshark fixes the following issues: - CVE-2017-17083: NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. - CVE-2017-17084: IWARP_MPA dissector could crash. This was addre ... oval:org.secpod.oval:def:89044898 GNU binutil was updated to the 2.29.1 release, bringing various new features, fixing a lot of bugs and security issues. Following security issues are being addressed by this release: * 18750 bsc#1030296 CVE-2014-9939 * 20891 bsc#1030585 CVE-2017-7225 * 20892 bsc#1030588 CVE-2017-7224 * 20898 bsc#103 ... oval:org.secpod.oval:def:89044779 This update for libzip fixes one issues. This security issue was fixed: - CVE-2017-14107: The _zip_read_eocd64 function mishandled EOCD records, which allowed remote attackers to cause a denial of service via a crafted ZIP archive . oval:org.secpod.oval:def:89044899 This update for systemd provides several fixes and enhancements. Security issues fixed: - CVE-2017-9217: Null pointer dereferencing that could lead to resolved aborting. - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. The update also fi ... oval:org.secpod.oval:def:89044772 This update for evince fixes the following issues: Security issue fixed: - CVE-2017-1000083: Remove support for tar and tar-like commands in comics backend . oval:org.secpod.oval:def:89044895 This update provides Quagga 1.1.1, which brings several fixes and enhancements. Security issues fixed: - CVE-2017-5495: Telnet "vty" interface DoS due to unbounded memory allocation. - CVE-2016-1245: Stack overrun in IPv6 RA receive code. Bug fixes: - Do not enable zebra"s TCP interface to use de ... oval:org.secpod.oval:def:89044892 This update for opensaml fixes the following issues: Security issue fixed: - CVE-2017-16853: Fix the DynamicMetadataProvider class to properly configure itself with the MetadataFilter plugins, to avoid possible MITM attacks . oval:org.secpod.oval:def:89044637 This update for wget fixes the following security issues: - CVE-2017-13089,CVE-2017-13090: Missing checks for negative remaining_chunk_size in skip_short_body and fd_read_body could cause stack buffer overflows, which could have been exploited by malicious servers oval:org.secpod.oval:def:89044766 This update for wireshark to version 2.2.9 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation . - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of ... oval:org.secpod.oval:def:89044643 This update for libvirt fixes several issues. This security issue was fixed: - bsc#1053600: Escape ssh commed line to prevent interpreting malicious hostname as arguments, allowing for command execution These non-security issues were fixed: - bsc#1049505, bsc#1051017: Security manager: Don"t autogen ... oval:org.secpod.oval:def:89044678 xerces-j2 was updated to fix several issues. This security issue was fixed: - bsc#814241: Prevent possible DoS through very long attribute names This non-security issue was fixed: - Prevent StackOverflowError when applying a pattern restriction on long strings while trying to validate an XML file ag ... oval:org.secpod.oval:def:89044674 This wireshark update to version 2.2.8 fixes the following issues: Security issues fixed: - CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing length validation. - CVE-2017-11410: The WBXML dissector could go into an infinite loop. - CVE-2017-11408: The ... oval:org.secpod.oval:def:89044797 This update for git fixes the following issues: This security issue was fixed: - CVE-2017-14867: Git used unsafe Perl scripts to support subcommands such as cvsserver, which allowed attackers to execute arbitrary OS commands via shell metacharacters in a module name . oval:org.secpod.oval:def:89003082 This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-19788: Fixed handling of UIDs over MAX_UINT oval:org.secpod.oval:def:89044672 This update for openvpn fixes the following issues: - CVE-2017-12166: Lack of bound check in read_key in old legacy key handling before using values could be used for a remote buffer overflow . oval:org.secpod.oval:def:89044793 This update for liblouis fixes several issues. These security issues were fixed: - CVE-2017-13738: Prevent illegal address access in the _lou_getALine function that allowed to cause remote DoS . - CVE-2017-13739: Prevent heap-based buffer overflow in the function resolveSubtable that could have caus ... oval:org.secpod.oval:def:89044671 This update for dnsmasq fixes the following security issues: - CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354] - CVE-2017-14492: heap based overflow. [bsc#1060355] - CVE-2017-14493: stack based overflow. [bsc#1060360] - CVE-2017-14494: DHCP - info leak. [bsc#1060361] - CVE-2017-14495: DNS ... oval:org.secpod.oval:def:89003197 This update for permissions fixes the following issues: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary . - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links . - Fix ... oval:org.secpod.oval:def:89044302 This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - Avoid free"ing our own pointer in memcache when memcache_trim attempts to reduce cache size . - Adjust smbcacls "--propagate-inheritance" feature to align with upstream . oval:org.secpod.oval:def:89003192 This update for postgresql96 fixes the following issues: Security issue fixed: - CVE-2019-10130: Prevent row-level security policies from being bypassed via selectivity estimators . oval:org.secpod.oval:def:89003193 This update for dovecot22 fixes the following issues: Security issues fixed: - CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation . - CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication . Other issue fi ... oval:org.secpod.oval:def:89044661 This update for perl fixes the following issues: Security issues fixed: - CVE-2017-12837: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a regular expression with a " ... oval:org.secpod.oval:def:89003073 This update for LibVNCServer fixes the following issues: Security issues fixed: - CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c - CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c - CVE-2018-20748: Fixed multiple heap out-of-bound writes ... oval:org.secpod.oval:def:89003194 This update for libjpeg-turbo fixes the following issues: - CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. [bsc#1156402] oval:org.secpod.oval:def:89003190 This update for soundtouch fixes the following issues: Security issues fixed: - CVE-2018-17098: Fixed a heap corruption from size inconsistency, which allowed remote attackers to cause a denial of service or possibly have other unspecified impact - CVE-2018-17097: Fixed a double free, which allowed ... oval:org.secpod.oval:def:89044967 This update for sssd provides the following fixes: Security issues fixed: - CVE-2017-12173: Fixed unsanitized input when searching in local cache database . Non security issues fixed: - Fixed a segfault issue in ldap_rfc_2307_fallback_to_local_users. - Install /var/lib/sss/mc directory to correct s ... oval:org.secpod.oval:def:89044969 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-11112: Illegal address access in append_acs. - CVE-2017-11113: Dereferencing NULL pointer in _nc_parse_entry. - CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken termcap f ... oval:org.secpod.oval:def:89044734 This update for tboot fixes the following issues: Security issue fixed: - CVE-2017-16837: Certain function pointers in Trusted Boot through 1.9.6 are notvalidated and can cause arbitrary code execution, which allows local users tooverwrite dynamic PCRs of Trusted Platform Module by h Bug fixes: - ... oval:org.secpod.oval:def:89044731 This update for xen fixes several issues. These security issues were fixed: - CVE-2017-14316: Missing bound check in function `alloc_heap_pages` for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen - CVE-2017-14318: The function __gnttab_cache_flush ... oval:org.secpod.oval:def:89002923 This update for gcc10 fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with quot;-10quot; suffix, you can specify ... oval:org.secpod.oval:def:89044964 This update for openvswitch fixes the following issues: Security issue fixed: - CVE-2017-14970: Add upstream patches to fix memory leaks . Bug fixes: - Fix rpmlint warnings . - Add missing post/postun scriptlets for the ovn-common sub-package . oval:org.secpod.oval:def:89002919 This update for openssl fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . Non-security issue fixed: - Fixed a crash in BN_copy . oval:org.secpod.oval:def:89044629 This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information . - CVE-2017-12137: Incorrectly-aligned updates to pagetables allowed ... oval:org.secpod.oval:def:89044630 This update for libXcursor fixes the following issues: Security issue fixed: - CVE-2017-16612: Fix integeroverflow while parsing images and a signedness issue while parsing comments . oval:org.secpod.oval:def:89044992 This update for git fixes the following issues: - CVE-2017-1000117: A client side code execution via shell injection when receiving special submodule strings from a malicious server was fixed oval:org.secpod.oval:def:89044874 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2017-9439: A memory leak was found in the function ReadPDBImage incoders/pdb.c - CVE-2017-9440: A memory leak was found in the function ReadPSDChannelin coders/psd.c - CVE-2017-9501: An assertion failure could cau ... oval:org.secpod.oval:def:89044985 This update for libical fixes the following issues: Security issues fixed: - CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service via a crafted ics file. - CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial ... oval:org.secpod.oval:def:89044746 This update for postgresql96 fixes the following issues: Security issues fixed: - CVE-2017-15098: Fix crash due to rowtype mismatch in json{b}_populate_recordset . - CVE-2017-15099: Ensure that INSERT ... ON CONFLICT DO UPDATE checks table permissions and RLS policies in all cases . Bug fixes: - Upd ... oval:org.secpod.oval:def:89044988 This update for apache2 fixes the following issues: Security issue fixed: - CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest. Bug fixes: - Include individual sysconfig.d files instead of the whole sysconfig.d directory. - Include sysconfig.d/include.conf after httpd.conf is process ... oval:org.secpod.oval:def:89044624 This update for libquicktime fixes the following issues: Security issue fixed: - CVE-2016-2399: Adjust patch to prevent endless loop when there are less than 256 bytes to read oval:org.secpod.oval:def:89044981 This update for poppler fixes the following issues: Security issues fixed: - CVE-2017-9775: DoS stack buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document - CVE-2017-9776: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF document - CVE-201 ... oval:org.secpod.oval:def:89002974 This update for LibVNCServer fixes the following issues: - CVE-2019-15690: Fixed a heap buffer overflow . - CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory . - CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large h ... oval:org.secpod.oval:def:89002956 This update for cyrus-sasl fixes the following issues: - CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet . oval:org.secpod.oval:def:89002946 This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters . oval:org.secpod.oval:def:89002892 This update for ucode-intel fixes the following issues: - Intel CPU Microcode updated to 20201027 prerelease - CVE-2020-8695: Fixed Intel RAPL sidechannel attack - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 # New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New V ... oval:org.secpod.oval:def:89002410 This update for audiofile fixes the following issues: - CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles . oval:org.secpod.oval:def:89002894 This update for vim fixes the following issues: - CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces . oval:org.secpod.oval:def:89002539 This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-1116: Fix uid comparison lacking in polkit_backend_interactive_authority_check_authorization . oval:org.secpod.oval:def:89002532 This update for libcgroup fixes the following issues: Security issue fixed: - CVE-2018-14348: Fix daemon that creates /var/log/cgred with mode 0666 . oval:org.secpod.oval:def:89044211 This update for gdm fixes the following issues: - Avoid the signal SIGTRAP when gdm exits . oval:org.secpod.oval:def:89002521 This update for rpm fixes the following issues: These security issues were fixed: - CVE-2017-7500: rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being plac ... oval:org.secpod.oval:def:89002886 This update for mariadb fixes the following issues: Security issue fixed: - CVE-2019-2974: Fixed Server Optimizer . oval:org.secpod.oval:def:89044681 This update for libplist fixes the following issues: Security issues fixed: - CVE-2017-6439: Heap-based buffer overflow in the parse_string_node function. - CVE-2017-6438: Heap-based buffer overflow in the parse_unicode_node function. - CVE-2017-6437: The base64encode function in base64.c allows l ... oval:org.secpod.oval:def:89044683 This update for ImageMagick fixes the following issues: * CVE-2017-14989: use-after-free in RenderFreetype in MagickCore/annotate.c could lead to denial of service [bsc#1061254] * CVE-2017-14682: GetNextToken in MagickCore/token.c heap buffer overflow could lead to denial of service [bsc#1060176] * ... oval:org.secpod.oval:def:89002990 This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:89002872 This update for openssl fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:89002516 This update for librsvg fixes the following issues: - CVE-2018-1000041: Input validation issue could lead to credentials leak. Update to version 2.40.20: + Except for emergencies, this will be the LAST RELEASE of the librsvg-2.40.x series. We are moving to 2.41, which is vastly improved over the 2. ... oval:org.secpod.oval:def:89002507 This update for perl-DBD-mysql fixes the following issues: - CVE-2017-10789: The DBD::mysql module when with mysql_ssl=1 setting enabled, means that SSL is optional , which could lead man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152. - ... oval:org.secpod.oval:def:89002508 This update for nautilus fixes the following issues: Security issue fixed: - CVE-2017-14604: Add a metadata::trusted metadata to the file once the user acknowledges the file as trusted, and also remove the quot;trustedquot; content in the desktop file . oval:org.secpod.oval:def:89044235 This update for java-1_7_0-openjdk fixes the following issues: - Update to 2.6.25 - OpenJDK 7u291 * Security fixes + JDK-8247619: Improve Direct Buffering of Characters * Import of OpenJDK 7 u291 build 1 + JDK-8254177: Upgrade time-zone data to tzdata2020b + JDK-8254982: Upgrade time-zone data to ... oval:org.secpod.oval:def:89002504 This update for dovecot22 fixes the following issues: - CVE-2017-14461: dovecot22: rfc822_parse_domain Information Leak Vulnerability oval:org.secpod.oval:def:89002333 This update for wget fixes the following issues: - CVE-2018-0494: Fixed a cookie injection vulnerability by checking for and joining continuation lines oval:org.secpod.oval:def:89002571 This update for libgcrypt fixes the following issues: The following security vulnerability was addressed: - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures . The following other issues were fixed: - Extended the fipsdrv dsa-sign and dsa-verify commands w ... oval:org.secpod.oval:def:89002218 This update for libmodplug fixes the following issues: - Update to version 0.8.9.0+git20170610.f6dd59a bsc#1022032: * PSM: add missing line to commit * ABC: prevent possible increment of p past end * ABC: ensure read pointer is valid before incrementing * ABC: terminate early when things don"t work ... oval:org.secpod.oval:def:89002339 This update for opensc fixes the following issues: - CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card - CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card - CVE-2018-16393: Fixed buffer overflows when handling responses from Gemsa ... oval:org.secpod.oval:def:89003305 This update for screen fixes the following issues: Security issue fixed: - CVE-2015-6806: Fixed a stack overflow due to deep recursion . Non-security issue fixed: - Fixed segmentation faults related to altscreen and resizing screen . oval:org.secpod.oval:def:89002561 This update for curl fixes the following issues: - CVE-2018-16840: A use after free in closing SASL handles was fixed - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes oval:org.secpod.oval:def:89002327 This update for apache2 fixes the following issues: The following security vulnerability were fixed: - Fixed a worker exhaustion that could have lead to a denial of service via specially crafted HTTP/2 requests . oval:org.secpod.oval:def:89003416 This update for wpa_supplicant fixes the following issues: This security issue was fixed: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the vul ... oval:org.secpod.oval:def:89003401 This update for curl fixes the following issues: Security issue fixed: - CVE-2019-5436: Fixed a heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server . oval:org.secpod.oval:def:89002434 This update for texlive fixes the following issue: - CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex oval:org.secpod.oval:def:89003402 This update for wget fixes the following issues: Security issue fixed: - CVE-2019-5953: Fixed a buffer overflow vulnerability which might cause code execution . oval:org.secpod.oval:def:89002556 Samba was updated to 4.6.15, bringing bug and security fixes. Following security issues were fixed: - CVE-2018-10919: Fix unauthorized attribute access via searches. ; Non-security bugs fixed: - Fix ctdb_mutex_ceph_rados_helper deadlock . - Allow idmap_rid to have primary group other than quot;Doma ... oval:org.secpod.oval:def:89002557 This update for libcgroup fixes the following issues: Security issue fixed: - CVE-2018-14348: Fix daemon that creates /var/log/cgred with mode 0666 . This updates also sets the permissions of already existing log files to proper values. oval:org.secpod.oval:def:89002547 This update for openvswitch to version 2.7.6 fixes the following issues: These security issues were fixed: - CVE-2018-17205: Prevent OVS crash when reverting old flows in bundle commit . - CVE-2018-17206: Avoid buffer overread in BUNDLE action decoding . - CVE-2018-17204:When decoding a group mod, i ... oval:org.secpod.oval:def:89002306 This update for ncurses fixes the following issue: Security issue fixed: - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry . oval:org.secpod.oval:def:89002304 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf . - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c . - CVE-2018-18557: Fixed JBIG decode can lead ... oval:org.secpod.oval:def:89003463 This update for xmltooling fixes the following issue: Security issue fixed: - CVE-2019-9628: Fixed an improper handling of exception in XMLTooling library which could result in denial of service against the application using XMLTooling . oval:org.secpod.oval:def:89003224 This update for ibus fixes the following issues: Security issue fixed: - CVE-2019-14822: Fixed a misconfiguration of the DBus server that allowed an unprivileged user to monitor and send method calls to the ibus bus of another user oval:org.secpod.oval:def:89002250 This update for libqt5-qtbase fixes the following issues: Security issues fixed: - CVE-2018-15518: Fixed double free in QXmlStreamReader - CVE-2018-19873: Fixed Denial of Service on malformed BMP file in QBmpHandler oval:org.secpod.oval:def:89003461 This update for gdb fixes the following issues: Update to gdb 8.3.1: Security issues fixed: - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version gt; librpm.so.3 [bsc#1145692]: * Allow a ... oval:org.secpod.oval:def:89002131 This update for libgcrypt fixes the following issues: The following security vulnerability was addressed: - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures . The following other issues were fixed: - Extended the fipsdrv dsa-sign and dsa-verify commands w ... oval:org.secpod.oval:def:89002494 This update for mutt fixes the following issues: Security issues fixed: - bsc#1101428: Mutt 1.10.1 security release update. - CVE-2018-14351: Fix imap/command.c that mishandles long IMAP status mailbox literal count size . - CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer un ... oval:org.secpod.oval:def:89003462 This update for lftp fixes the following issues: Security issue fixed: - CVE-2018-10916: Fixed an improper file name sanitization which could lead to loss of integrity of the local system . Other issue addressed: - The SSH login handling code detects password prompts more reliably . oval:org.secpod.oval:def:89003108 This update for curl fixes the following issues: Security issue fixed: - CVE-2018-16839: Fixed a buffer overflow in the SASL authentication code . oval:org.secpod.oval:def:89002136 This update for unixODBC to version 2.3.6 fixes the following issues: - CVE-2018-7409: Buffer overflow in unicode_to_ansi_copy was fixed in 2.3.5 - CVE-2018-7485: Swapped arguments in SQLWriteFileDSN in odbcinst/SQLWriteFileDSN.c Other fixes: - Enabled --enable-fastvalidate option in configure oval:org.secpod.oval:def:89002258 Also libQtWebkit4 was updated to 2.3.4 to match libqt4. Also following bugs were fixed: - Enable libqt4-devel-32bit - Fixed bolder font in Qt4 apps oval:org.secpod.oval:def:89003226 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . Non-security issues fixed: - Fix vfs_ceph ftruncate and fallocate handling . - Abide by l ... oval:org.secpod.oval:def:89003227 This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2019-8457: Fixed a Heap out-of-bound read in rtreenode when handling invalid rtree tables . oval:org.secpod.oval:def:89002139 This update for cups fixes the following issues: Security issue fixed: - CVE-2018-4300: Fixed extremely predictable cookie generation that is effectively breaking the CSRF protection of the CUPS web interface . oval:org.secpod.oval:def:89044295 This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update which could have caused named to terminate unexpectedly . - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the ... oval:org.secpod.oval:def:89002123 This update for curl fixes the following issues: This security issue was fixed: - CVE-2018-14618: Prevent integer overflow in the NTLM authentication code This non-security issue was fixed: - Fixed erroneous debug message when paired with OpenSSL oval:org.secpod.oval:def:89003455 This update for mutt fixes the following issues: Security issues fixed: - bsc#1101428: Mutt 1.10.1 security release update. - CVE-2018-14351: Fix imap/command.c that mishandles long IMAP status mailbox literal count size . - CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer un ... oval:org.secpod.oval:def:89002360 This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-9262: Multiple integer overflows in the jas_realloc function in base/jas_malloc.c and mem_resize function in base/jas_stream.c allow remote attackers to cause a denial of service via a crafted image, which triggers ... oval:org.secpod.oval:def:89002241 Samba was updated to version 4.6.13 to fix several bugs. Security issue fixed: - CVE-2018-1050: DOS vulnerability when SPOOLSS is run externally . The library talloc was updated to version 2.1.10: - build, documentation and python3 improvements The library tevent was updated to version 0.9.34 ; - R ... oval:org.secpod.oval:def:89002362 This update for openldap2 fixes the following issues: Security issue fixed: - CVE-2017-17740: When both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service via a member MODDN oper ... oval:org.secpod.oval:def:89003218 This update for nmap fixes the following issues: Security issue fixed: - CVE-2018-15173: Fixed a remote denial of service attack via a crafted TCP-based service . oval:org.secpod.oval:def:89003214 This update for sqlite3 fixes the following issues: - CVE-2017-2518: Fixed a use-after-free vulnerability which could have led to buffer overflow via a crafted SQL statement . oval:org.secpod.oval:def:89003335 This update for netpbm fixes the following issues: Security issues fixed: - CVE-2018-8975: The pm_mallocarray2 function allowed remote attackers to cause a denial of service via a crafted image file . - CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack . - CVE-2017-2580: Fixed out-of-b ... oval:org.secpod.oval:def:89002126 This update for ghostscript fixes the following issues: - CVE-2018-10194: A stack-based buffer overflow was fixed in gdevpdts.c oval:org.secpod.oval:def:89002368 This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling . - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets . Non-security issues fixed: - Create runtime directories needed whe ... oval:org.secpod.oval:def:89003459 This update for gnome-shell fixes the following issues: Security issue fixed: - CVE-2019-3820: Fixed a partial lock screen bypass . Fixed bugs: - Remove sessionList of endSessionDialog for security reasons . oval:org.secpod.oval:def:89002110 Samba was updated to 4.6.14, fixing bugs and security issues: Version update to 4.6.14 : + vfs_ceph: add fake async pwrite/pread send/recv hooks; . + Fix memory leak in vfs_ceph; . + winbind: avoid using fstrcpy in _dual_init_connection; . + s3:smb2_server: correctly maintain request counters for co ... oval:org.secpod.oval:def:89002231 This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-7262: rgw: malformed http headers can crash rgw . - CVE-2017-16818: User reachable asserts allow for DoS . Bug fixes: - bsc#1061461: OSDs keep generating coredumps after adding new OSD node to cluster. - bsc#1079076: ... oval:org.secpod.oval:def:89002474 This update for soundtouch fixes the following security issue: - CVE-2018-1000223: Prevent buffer overflow in WavInFile::readHeaderBlock that could have resulted in arbitrary code execution when opening maliocius file in soundstretch utility oval:org.secpod.oval:def:89002590 This update for pam_pkcs11 provides the following fixes: Security issues fixed : - Fixed a logic bug in pampkcs11.c, leading to an authentication replay vulnerability - Fixed a stack-based buffer overflow in opensshmapper.c - Make sure memory is properly cleaned before invoking free Other changes: - ... oval:org.secpod.oval:def:89002591 This update for ovmf provide the following fix: Security issues fixed: - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth . Bug fixes: - Only use SLES-UEFI-CA-Certificate-2048.crt for the SUSE flavor to provide the better compatibility oval:org.secpod.oval:def:89002351 This update for bluez fixes the following issues: Security issues fixed: - CVE-2016-9800: Fixed a buffer overflow in the pin_code_reply_dump function - CVE-2016-9801: Fixed a buffer overflow in the set_ext_ctrl function oval:org.secpod.oval:def:89002477 This update for patch fixes the following issues: Security issues fixed: - CVE-2018-1000156: Malicious patch files cause ed to execute arbitrary commands . - CVE-2018-6951: Fixed NULL pointer dereference in the intuit_diff_type function in pch.c . - CVE-2016-10713: Fixed out-of-bounds access within ... oval:org.secpod.oval:def:89002116 This update for libzypp, zypper fixes the following issues: Update libzypp to version 16.17.20: Security issues fixed: - PackageProvider: Validate deta rpms before caching - PackageProvider: Validate downloaded rpm package signatures before caching Other bugs fixed: - lsof: use "-K i" if lsof supp ... oval:org.secpod.oval:def:89002358 This update for cups fixes the following issues: The following security vulnerabilities were fixed: - CVE-2017-18248: Handle invalid characters properly in printing jobs. This fixes a problem that was causing the DBUS library to abort the calling process. - Fixed a local privilege escalation to roo ... oval:org.secpod.oval:def:89002342 This update for libtirpc fixes the following issues: Security issue fixed: - bsc#968175: Fix remote crash of RPC services. Bug fixes: - bsc#1072183: Send RPC getport call as specified via parameter. oval:org.secpod.oval:def:89003312 This update for atftp fixes the following issues: Security issues fixed: - CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because thread_list_mutex was not locked . - CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by an insecu ... oval:org.secpod.oval:def:89003438 This update for libssh2_org fixes the following issues: - Fix the previous fix for CVE-2019-3860 oval:org.secpod.oval:def:89003439 This update for libssh2_org fixes the following issues: - Fix the previous fix for CVE-2019-3860 oval:org.secpod.oval:def:89003434 This update for libjpeg-turbo fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-14498: Fixed a heap-based buffer over read in get_8bit_row function which could allow to an attacker to cause denial of service . - CVE-2018-11813: Fixed the end-of-file mishan ... oval:org.secpod.oval:def:89003084 This update for ghostscript to 9.27 fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. - CVE-2019 ... oval:org.secpod.oval:def:89043976 This update for spice-vdagent provides the following fixes: This security issue was fixed: - CVE-2017-15108: Properly escape save directory that is passed to the shell to prevent local attacker with access to the session the agent runs from injecting arbitrary commands to be executed . This non-secu ... oval:org.secpod.oval:def:89045547 This update for aspell fixes the following issues: - CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top . oval:org.secpod.oval:def:89003003 This update for postgresql10 fixes the following issues: Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89003273 This update for clamav fixes the following issues: - CVE-2019-15961: Fixed a denial of service which might occur when scanning a specially crafted email file as . oval:org.secpod.oval:def:89044203 This update for tomcat fixes the following issues: - CVE-2021-25329: Complete fix for CVE-2020-9484 oval:org.secpod.oval:def:89002972 This update for LibVNCServer fixes the following issues: - CVE-2020-25708 [bsc#1178682], libvncserver/rfbserver.c has a divide by zero which could result in DoS oval:org.secpod.oval:def:89043964 LibreOffice was updated to version 6.0.3. Following new features were added: - The Notebookbar, although still an experimental feature, has been enriched with two new variants: Grouped Bar Full for Writer, Calc and Impress, and Tabbed Compact for Writer. The Special Characters dialog has been rework ... oval:org.secpod.oval:def:89003383 This update for java-1_7_0-openjdk fixes the following issues: Security issues fixed : - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes - CVE-2019-2964: Better support for patt ... oval:org.secpod.oval:def:89003474 This update for mailman fixes the following issues: - CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root . oval:org.secpod.oval:def:89045539 This update for openssl fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89044926 This update for openssh fixes the following issues: Security issue fixed: - CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server . Bug fixes: - FIPS: Startup selfchecks . - FIPS: Silent complaints about unsupported key exchange methods . - Refine handling of sockets for X ... oval:org.secpod.oval:def:89003000 This update for tigervnc fixes the following issues: - CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder . - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode . - CVE-2019-15693: Fixed a heap-based buffer overflow in TightDecoder::Filte ... oval:org.secpod.oval:def:89002499 This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2018-16850: Fixed improper quoting of transition table names when pg_dump emits CREATE TRIGGER could have caused privilege escalation . Non-security issues fixed: - Update to release 10.6: * https://www.postgresql.o ... oval:org.secpod.oval:def:89003005 This update for postgresql12 fixes the following issues: Upgrade to version 12.5: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89045770 This update for postgresql96 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045796 This update for postgresql10 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045567 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:89003023 This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU . oval:org.secpod.oval:def:89003353 This update for libtasn1 fixes the following issues: Security issues fixed: - CVE-2018-1000654: Fixed a denial of service in the asn1 parser . - CVE-2017-6891: Fixed a stack overflow in asn1_find_node . oval:org.secpod.oval:def:89000695 This update for ghostscript to version 9.52 fixes the following issues: - CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2_image_compose . oval:org.secpod.oval:def:89044626 This update for gdk-pixbuf provides the following fixes: - Add overflow checks when creating pixbuf structures in general - Fix arithmetic overflow in the BMP loader - Adds support for BMPv3 with bitmasks oval:org.secpod.oval:def:89044989 This update for gdk-pixbuf fixes the following issues: - CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability - CVE-2017-2870: tiff_image_parse Code Execution Vulnerability - CVE-2017-6313: A dangerous integer underflow in io-icns.c - CVE-2017-6314: Infinite loop ... oval:org.secpod.oval:def:89045778 This update for postgresql, postgresql13 and postgresql14 fixes the following issues: Security issues fixed: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshak ... oval:org.secpod.oval:def:89045576 This update for libesmtp fixes the following issues: - CVE-2019-19977: Fix stack-based buffer over-read in ntlm/ntlmstruct.c . oval:org.secpod.oval:def:89044818 This update librsvg to version 2.40.18 fixes the following issues: Security issue fixed: - CVE-2017-11464: A SIGFPE is raised in the function box_blur_line of rsvg-filter.c oval:org.secpod.oval:def:89045106 This update for linuxptp fixes the following issues: - CVE-2021-3570: Validate the messageLength field of incoming messages oval:org.secpod.oval:def:89045568 This update for file fixes the following issues: - CVE-2019-18218: Fixed heap-based buffer overflow in cdf_read_property_info in cdf.c . oval:org.secpod.oval:def:89002953 This update for python-PyYAML fixes the following issues: - CVE-2020-1747: Fixed an arbitrary code execution when YAML files are parsed by FullLoader . oval:org.secpod.oval:def:89045110 This update for systemd fixes the following issues: Security issues fixed: - CVE-2021-33910: Fixed a denial of service in systemd Other fixes: - mount-util: shorten the loop a bit - mount-util: do not use the official MAX_HANDLE_SZ - mount-util: tape over name_to_handle_at flakiness - mount-u ... oval:org.secpod.oval:def:89044645 This update for tiff to version 4.0.8 fixes a several bugs and security issues: These security issues were fixed: - CVE-2017-7595: The JPEGSetupEncode function allowed remote attackers to cause a denial of service via a crafted image . - CVE-2016-10371: The TIFFWriteDirectoryTagCheckedRational func ... oval:org.secpod.oval:def:89003361 This update for MozillaFirefox fixes the following issues: Security issues fixed: CVE-2018-18500: Fixed a use-after-free parsing HTML5 stream . CVE-2018-18501: Fixed multiple memory safety bugs . CVE-2018-18505: Fixed a privilege escalation through IPC channel messages . oval:org.secpod.oval:def:89003120 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 68.3esr Security issues fixed: - CVE-2019-17008: Fixed a use-after-free in worker destruction - CVE-2019-13722: Fixed a stack corruption due to incorrect number of arguments in WebRTC code - CVE-2019-11745: ... oval:org.secpod.oval:def:89003390 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 - CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sa ... oval:org.secpod.oval:def:89044885 This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the following issues: This security issue was fixed for mozilla-nss: - CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating handshake hashes These security issues were fixed for Firefox - CVE-2017-7825: Fixed some Tibetan and ... oval:org.secpod.oval:def:89044613 This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts - CVE-2017-7792 Buffer overflow viewing certificates ... oval:org.secpod.oval:def:89044741 This update for MozillaFirefox ESR 52.5 fixes the following issues: Security issues fixed: - CVE-2017-7826: Memory safety bugs fixed . - CVE-2017-7828: Use-after-free of PressShell while restyling layout . - CVE-2017-7830: Cross-origin URL information leak through Resource Timing API . Mozilla Found ... oval:org.secpod.oval:def:89045793 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-afte ... oval:org.secpod.oval:def:89003154 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent . - CVE-2019-3886: Fixed an information leak whi ... oval:org.secpod.oval:def:89003315 This update for openwsman fixes the following issues: Security issues fixed: - CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure . - CVE-2019-3833: Fixed a vulnerability in process_connection which could allow an attacker to trigger an infinite lo ... oval:org.secpod.oval:def:89003392 This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas - CVE-2018-16866: Fixed an information leak in journald - Fixed an issue during system startup in relation to encrypted sw ... oval:org.secpod.oval:def:89003088 This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-14662: mon: limit caps allowed to access the config store - CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts - CVE-2018-16889: rgw: sanitize customer encryption keys from log output in v4 auth ... oval:org.secpod.oval:def:89002492 This update for gnutls fixes the following issues: Security issues fixed: - Improved mitigations against Lucky 13 class of attacks - quot;Just in Timequot; PRIME + PROBE cache-based side channel attack can lead to plaintext recovery - HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of w ... oval:org.secpod.oval:def:89002222 This update for libICE fixes the following issues: - CVE-2017-2626: Creation of the ICE auth session cookies used insufficient randomness, making these cookies predictable. A more random generation method has been implemented oval:org.secpod.oval:def:89002531 This update for libXdmcp fixes the following issues: - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable oval:org.secpod.oval:def:89044748 This update for samba fixes several issues. These security issues were fixed: - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client - CVE-2017-12150: Always enforce smb signing when it is configured - CVE-2017-12151: ... oval:org.secpod.oval:def:89002108 This update for zsh fixes the following issues: - CVE-2014-10070: environment variable injection could lead to local privilege escalation - CVE-2014-10071: buffer overflow in exec.c could lead to denial of service. - CVE-2014-10072: buffer overflow In utils.c when scanning very long directory path ... oval:org.secpod.oval:def:89044972 This update for xen fixes several issues: These security issues were fixed: - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host - bsc#1061 ... oval:org.secpod.oval:def:89003085 This update for libunwind fixes the following issues: Security issues fixed: - CVE-2015-3239: Fixed a off-by-one in the dwarf_to_unw_regnum function Non-security issues fixed: - Fixed a dependency issue with libzmq5 - Fixed build on armv7 oval:org.secpod.oval:def:89003260 This update for wireshark to version 2.4.14 fixes the following issues: Security issues fixed: - CVE-2019-10895: NetScaler file parser crash. - CVE-2019-10899: SRVLOC dissector crash. - CVE-2019-10894: GSS-API dissector crash. - CVE-2019-10896: DOF dissector crash. - CVE-2019-10901: LDSS dissector c ... oval:org.secpod.oval:def:89002876 This update for gcc9 fixes the following issues: The GNU Compiler Collection is shipped in version 9. A detailed changelog on what changed in GCC 9 is available at https://gcc.gnu.org/gcc-9/changes.html The compilers have been added to the SUSE Linux Enterprise Toolchain Module. To use these compile ... oval:org.secpod.oval:def:89003083 This update for clamav to version 0.100.3 fixes the following issues: Security issues fixed : - CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. - CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files . ... oval:org.secpod.oval:def:89003318 This update for ghostscript to version 9.26a fixes the following issues: Security issue fixed: - CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators oval:org.secpod.oval:def:89003293 This update for binutils fixes the following issues: binutils was updated to current 2.32 branch @7b468db3 [jsc#ECO-368]: Includes the following security fixes:. oval:org.secpod.oval:def:89002308 This update for libX11 and libxcb fixes the following issue: libX11: These security issues were fixed: - CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact . - CVE-2018-14600: Th ... oval:org.secpod.oval:def:89003177 This update for MozillaFirefox fixes the following issues: Security issuess addressed: - update to Firefox ESR 60.6.1 : - CVE-2019-9813: Fixed Ionmonkey type confusion with __proto__ mutations - CVE-2019-9810: Fixed IonMonkey MArraySlice incorrect alias information - Update to Firefox ESR 60.6 : - C ... oval:org.secpod.oval:def:89003117 This update for glib2 provides the following fix: Security issues fixed: - CVE-2019-12450: Fixed an improper file permission when copy operation takes place . - CVE-2018-16428: Avoid a null pointer dereference that could crash glib2 users in markup processing . - CVE-2018-16429: Fixed out-of-bounds ... oval:org.secpod.oval:def:89003468 This update for libxslt fixes the following issues: - CVE-2019-11068: Fixed a protection mechanism bypass where callers of xsltCheckRead and xsltCheckWrite would permit access upon receiving an error . oval:org.secpod.oval:def:89003343 This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers . - CVE-2019-6111: Properly ... oval:org.secpod.oval:def:89003346 This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate te ... oval:org.secpod.oval:def:89044234 This update for cups fixes the following issues: - CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks oval:org.secpod.oval:def:89003215 This update for SDL fixes the following issues: Security issues fixed: - CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.. - CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c . - CVE-2019-7576: Fixed heap-based buffer over-read in ... oval:org.secpod.oval:def:89044850 This update for postgresql96 fixes the following issues: * CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. * CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. * CVE-2017-7548: lo_put ... oval:org.secpod.oval:def:89046056 This update for virglrenderer fixes the following issues: - CVE-2022-0135: Fixed out-of-bonds write in read_transfer_data . oval:org.secpod.oval:def:89003435 This update for sssd fixes the following issues: Security issue fixed: - CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation . Non-security issue fixed: - Create directory to download and cache GPOs oval:org.secpod.oval:def:89044005 This update for adcli and sssd provides the following improvement: Security vulnerability fixed: - CVE-2019-3811: Fix fallback_homedir returning "/" for empty home directories Other fixes: - Add an option to disable checking for trusted domains in the subdomains provider - Clear pid file in corner ... oval:org.secpod.oval:def:89045540 This update for cpio fixes the following issues: - A patch previously applied to remedy CVE-2021-38185 introduced a regression that had the potential to cause a segmentation fault in cpio. [bsc#1189465] oval:org.secpod.oval:def:89003278 This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of ... oval:org.secpod.oval:def:89002354 This update for librelp fixes the following issues: CVE-2018-1000140 : librelp contained a stack-based buffer overflow in the checking of x509 certificates. A remote attacker with an access to the rsyslog logging facility could have exploited it by sending a specially crafted x509 certificate. oval:org.secpod.oval:def:89045563 This update for python-PyYAML fixes the following issues: - Update to 5.3.1. - CVE-2020-14343: A vulnerability was discovered in the PyYAML library, where it was susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. ... oval:org.secpod.oval:def:89047681 This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser . oval:org.secpod.oval:def:89047044 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:89046080 This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb . - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image . - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS ... oval:org.secpod.oval:def:89046090 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:89048043 This update for zabbix fixes the following issues: - CVE-2022-43515: X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode . oval:org.secpod.oval:def:89044953 This update for krb5 fixes several issues. This security issue was fixed: - CVE-2017-11462: Prevent automatic security context deletion to prevent double-free These non-security issues were fixed: - Set rdns and dns_canonicalize_hostname to false in krb5.conf in order to improve client security in ... oval:org.secpod.oval:def:89003113 This update for krb5 fixes the following issues: Security issue fixed: - CVE-2018-20217: Fixed an assertion issue with older encryption types oval:org.secpod.oval:def:89044641 This update for krb5 fixes the following issues: Security issues fixed: - CVE-2017-15088: A buffer overflow in get_matching_data was fixed that could under specific circumstances be used to execute code oval:org.secpod.oval:def:89003199 This update for libssh2_org fixes the following issue: - CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service . oval:org.secpod.oval:def:89002996 This update for samba fixes the following issues: - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing . oval:org.secpod.oval:def:89003428 This update for samba fixes the following issues: - CVE-2019-10218: Client code can return filenames containing path separators . oval:org.secpod.oval:def:89000634 This update for wicked fixes the following issues: - CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options . - CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IA_PD option . - CVE-2020-7216: Fixed a potential denial of service via a memory leak when p ... oval:org.secpod.oval:def:89000363 This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues: - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method . - CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images . - CVE-2020-6825: Fixed Memory ... oval:org.secpod.oval:def:89044266 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ... oval:org.secpod.oval:def:89002960 This is a version update for ceph to version 12.2.13: Security issue fixed: - CVE-2020-10753: Fixed an HTTP header injection via CORS ExposeHeader tag . - Notable changes in this update for ceph: * mgr: telemetry: backported and now available on SES5.5. Please consider enabling via quot;ceph telemet ... oval:org.secpod.oval:def:89002962 This update for ceph fixes the following issues: - CVE-2020-12059: Fixed a denial of service caused by a specially crafted XML payload on POST requests . oval:org.secpod.oval:def:89003415 This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match . - CVE-2009-5155: Fixed a denial of service in parse_reg_exp . Non-security issues fixed: - Added cfi information ... oval:org.secpod.oval:def:89003322 This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match . - CVE-2009-5155: Fixed a denial of service in parse_reg_exp . Non-security issues fixed: - Added cfi information ... oval:org.secpod.oval:def:89048018 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:89047008 This update for squid fixes the following issues: - CVE-2022-41317: Fixed exposure of sensitive information in cache manager . - CVE-2022-41318: Fixed buffer overread in SSPI and SMB Authentication . oval:org.secpod.oval:def:89000322 This update for bind fixes the following issues: - Amended documentation referring to rule types quot;krb5-subdomainquot; and quot;ms-subdomainquot;. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. [ ... oval:org.secpod.oval:def:89048032 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ... oval:org.secpod.oval:def:89047042 This update for postgresql-jdbc fixes the following issues: - CVE-2022-31197: Fixed SQL injection vulnerability . oval:org.secpod.oval:def:89047634 This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed denial of service vulnerability with lots of connections . - Exclude ipv6 addresses in client protocol version 2 code oval:org.secpod.oval:def:89046069 This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c . oval:org.secpod.oval:def:89047765 This update fixes the following issues: golang-github-lusitaniae-apache_exporter: - Update to upstream release 0.11.0 * Add TLS support * Switch to logger, please check --log.level and --log.format flags - Update to version 0.10.1 * Bugfix: Reset ProxyBalancer metrics on each scrape to remove stale ... oval:org.secpod.oval:def:89000614 This update for postgresql96 fixes the following issues: PostgreSQL was updated to version 9.6.17. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:89000272 This update for krb5-appl fixes the following issues: - CVE-2020-10188: Fixed a remote root execution . oval:org.secpod.oval:def:89046088 This update for tcpdump fixes the following issues: - CVE-2018-16301: Fixed segfault when handling large files . oval:org.secpod.oval:def:89002941 This update for spice-gtk fixes the following issues: - CVE-2020-14355: Fixed multiple buffer overflow vulnerabilities in QUIC image decoding . oval:org.secpod.oval:def:89046062 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89046101 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:89046745 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89047050 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ... oval:org.secpod.oval:def:89047795 This update for MozillaFirefox fixes the following issues: Updated to version 102.4.0 ESR : - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.prin ... oval:org.secpod.oval:def:89047708 This update for tiff fixes the following issues: - CVE-2022-2519: Fixed a double free in rotateImage . - CVE-2022-2520: Fixed a assertion failure in rotateImage . - CVE-2022-2521: Fixed invalid free in TIFFClose . - CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c . - CVE-2022-2868: F ... oval:org.secpod.oval:def:89046911 This update for bluez fixes the following issues: - CVE-2019-8922: Fixed a buffer overflow in the implementation of the Service Discovery Protocol . oval:org.secpod.oval:def:89047647 This update for bluez fixes the following issues: - CVE-2019-8921: Fixed heap-based buffer overflow via crafted request . - CVE-2016-9803: Fixed memory leak . oval:org.secpod.oval:def:89046071 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege - CVE-2021-0127: Intel Processor Breakpoint Control Flow - CVE-2021-0145: Fa ... oval:org.secpod.oval:def:89002897 This update for tigervnc fixes the following issues: - CVE-2020-26117: Server certificates were stored as certiticate authorities, allowing malicious owners of these certificates to impersonate any server after a client had added an exception . oval:org.secpod.oval:def:89047640 This update for multipath-tools fixes the following issues: - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. - Avoid linking to libreadline to avoid licensing issue - Avoid device IO in 'multipath -u' - mpathpersist: optimize for setups with many LUNs - mpathpersist: add opti ... oval:org.secpod.oval:def:89046899 This update for rsync fixes the following issues: - CVE-2022-29154: Fixed an arbitrary file write issue that could be triggered by a malicious remote server . oval:org.secpod.oval:def:89047023 This update for postgresql14 fixes the following issues: - Upgrade to version 14.5: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to version 14.4 - Release notes: https://www.postgresql.org/docs/release/14.4/ - Release anno ... oval:org.secpod.oval:def:89047947 This update for tomcat fixes the following issues: - CVE-2022-42252: Fixed a request smuggling . oval:org.secpod.oval:def:89048013 This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags . oval:org.secpod.oval:def:89044662 This update for tomcat fixes the following issues: Security issues fixed: - CVE-2017-5664: A problem in handling error pages was fixed, to avoid potential file overwrites during error page handling. - CVE-2017-7674: A CORS Filter issue could lead to client and server side cache poisoning - CVE-2017 ... oval:org.secpod.oval:def:89000318 This update for xerces-c fixes the following issues: - CVE-2017-12627: Processing of external DTD paths could have resulted in a null pointer dereference under certain conditions oval:org.secpod.oval:def:89048095 This update for glibc fixes the following issues: - CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings oval:org.secpod.oval:def:89002053 This update for spice fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling - CVE-2018-10893: Avoid buffer overflow on image lz checks oval:org.secpod.oval:def:89002198 This update for spice-gtk fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling - CVE-2018-10893: Avoid buffer overflow on image lz checks oval:org.secpod.oval:def:89046726 This update for sysstat fixes the following issues: Security issue fixed: - CVE-2019-19725: Fixed double free in check_file_actlst in sa_common.c . Bug fixes: - Enable log information of starting/stoping services oval:org.secpod.oval:def:89000410 This update for libexif fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file . - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c . - CVE-2 ... oval:org.secpod.oval:def:89046050 This update for zsh fixes the following issues: - CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion . - CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option . - ... oval:org.secpod.oval:def:89000662 This update for libxslt fixes the following issue: - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure . oval:org.secpod.oval:def:89000608 This update for git fixes the following issues: Security issue fixed: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host . Non-security issue fixed: git was updated to 2.26.0 for SHA256 supp ... oval:org.secpod.oval:def:89000307 This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised . - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expre ... oval:org.secpod.oval:def:89000651 This update for icu fixes the following issues: - CVE-2020-10531: Fixed integer overflow in UnicodeString:doAppend . oval:org.secpod.oval:def:89000402 This update for git to 2.26.2 fixes the following issues: Security issue fixed: - CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted . Non-security issue fixed: - ... oval:org.secpod.oval:def:89000573 This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug . - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion . Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives . - Don"t defaul ... oval:org.secpod.oval:def:89000440 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53.1 - CVE-2020-12402: Fixed a potential side channel attack during RSA key generation . - CVE-2020-12399: Fixed a timing attack on DSA signature generation . - CVE-2019-17006: Added length che ... oval:org.secpod.oval:def:89000321 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code . - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . ... oval:org.secpod.oval:def:89000075 This update for python to version 2.7.17 fixes the following issues: Syncing with lots of upstream bug fixes and security fixes. Bug fixes: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed t ... oval:org.secpod.oval:def:89000044 This update for pam_radius fixes the following issues: - CVE-2015-9542: Fixed a buffer overflow in password field . - On s390x didn"t decrypt passwords correctly . oval:org.secpod.oval:def:89000314 This update for dovecot22 fixes the following issues: - CVE-2020-12673: improper implementation of NTLM does not check message buffer size . - CVE-2020-12674: improper implementation of RPA mechanism . oval:org.secpod.oval:def:89000667 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows oval:org.secpod.oval:def:89000233 This update for libX11 fixes the following issues: - CVE-2020-14363: Fix an integer overflow in init_om . oval:org.secpod.oval:def:89000259 This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol . - Add fibre channel device"s ofpath support to grub-ofpathname and search hint to speed up root device discovery . oval:org.secpod.oval:def:89000242 This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to version 68.9.0 Extended Support Release . - CVE-2020-12405: Fixed a use-after-free in SharedWorkerService. - CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes. - CVE-2020-12410: Fixed multiple ... oval:org.secpod.oval:def:89000069 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:89000052 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows . oval:org.secpod.oval:def:89000670 This update for spice fixes the following issues: - CVE-2020-14355: Fixed multiple buffer overflow vulnerabilities in QUIC image decoding . oval:org.secpod.oval:def:89000403 This update for openldap2 fixes the following issues: - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules . oval:org.secpod.oval:def:89000153 This update for postgresql96 fixes the following issues: Upgrade to version 9.6.20: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89000260 This update for squid fixes the following issues: - CVE-2020-15049.patch: fixes a Cache Poisoning and Request Smuggling attack oval:org.secpod.oval:def:89048044 This update for xorg-x11-server fixes the following issues: - CVE-2022-46340: Server XTestSwapFakeInput stack overflow - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access - CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free - CVE-2022-46343: Server ScreenSaverSetAttribute ... oval:org.secpod.oval:def:89044901 This update for java-1_8_0-ibm fixes the following issues: - Version update to 8.0-4.10 [bsc#1053431] CVE-2017-10111, CVE-2017-10110, CVE-2017-10107, CVE-2017-10101, CVE-2017-10096, CVE-2017-10090, CVE-2017-10089, CVE-2017-10087, CVE-2017-10102, CVE-2017-10116, CVE-2017-10074, CVE-2017-10078, CVE-20 ... oval:org.secpod.oval:def:89002275 This update for tiff fixes the following issues: These security issues were fixed: - CVE-2017-18013: There was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. - CVE-2018-10963: The TIFFWriteDirectorySec function in tif_dirwrite.c allow ... oval:org.secpod.oval:def:89002068 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function . - CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function . - CVE-2016-10094: Fixed heap-based buffer overflow ... oval:org.secpod.oval:def:89002568 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-10779: Fixed a heap-based buffer overflow in TIFFWriteScanline in tif_write.c - CVE-2017-17942: Fixed a heap-based buffer overflow in the function PackBitsEncode in tif_packbits.c. - CVE-2016-5319: Fixed a beap-base ... oval:org.secpod.oval:def:89047043 This update for krb5-appl fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in krb5-appl telnetd . oval:org.secpod.oval:def:89047684 This update for telnet fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in telnetd . oval:org.secpod.oval:def:89003300 This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice . - CVE-2019-19604: Fixed a recursive clone followed by a su ... oval:org.secpod.oval:def:89045791 This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos . - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members . oval:org.secpod.oval:def:89003440 This update for w3m fixes several issues. These security issues were fixed: - CVE-2018-6196: Prevent infinite recursion in HTMLlineproc0 caused by the feed_table_block_tag function which did not prevent a negative indent value - CVE-2018-6197: Prevent NULL pointer dereference in formUpdateBuffer - ... oval:org.secpod.oval:def:89044998 This update for openjpeg2 fixes several issues. These security issues were fixed: - CVE-2016-10507: Integer overflow vulnerability in the bmp24toimage function allowed remote attackers to cause a denial of service via a crafted bmp file . - CVE-2017-14039: A heap-based buffer overflow was discovere ... oval:org.secpod.oval:def:89002279 This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user . These non-secu ... oval:org.secpod.oval:def:89002255 This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user . These non-secu ... oval:org.secpod.oval:def:89045566 This update for bind fixes the following issues: - CVE-2020-8622: A truncated TSIG response can lead to an assertion failure . oval:org.secpod.oval:def:89000223 This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 - Fix for CVE-2020-15706 - Fix for CVE-2020-15707 - Use overflow checking primitives where the arithmetic expression for buffer allocations may inclu ... oval:org.secpod.oval:def:89047036 This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c . oval:org.secpod.oval:def:89046084 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:89046743 This update for the Linux Kernel 4.4.180-94_150 fixes one issue. The following security issue was fixed: - CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine oval:org.secpod.oval:def:89047011 This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA a ... oval:org.secpod.oval:def:89044205 This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars . oval:org.secpod.oval:def:89003166 This update for apache2 fixes the following issues: * CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for URL normalization throughout all of its components. In particular, consecutive slashes were not always collapsed. Attackers could potentially abuse these inconsistencies ... oval:org.secpod.oval:def:89002185 This update for perl fixes the following issues: Security issues fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c . - CVE-2018-6798: Fixed heap buffer overflow in regexec.c . - CVE-2018-6797: Fixed sharp-s regexp overflow . oval:org.secpod.oval:def:89046431 This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash oval:org.secpod.oval:def:89002458 This update for apache2-mod_jk fixes the following issue: Security issue fixed: - CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd . oval:org.secpod.oval:def:89002454 This update for ntp fixes the following issues: - Update to 4.2.8p11 : * CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. * CVE-2018-7182: ctl_getitem: buffer read overrun leads to u ... oval:org.secpod.oval:def:89002105 This update for gdk-pixbuf fixes the following issues: Security issue fixed: - CVE-2015-4491: Fix integer multiplication overflow that allows for DoS or potentially RCE . oval:org.secpod.oval:def:89003472 This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2018-8740: Fixed a NULL pointer dereference related to corrupted databases schemas . - CVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize . oval:org.secpod.oval:def:89044791 This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u151 Security issues fixed: - CVE-2017-10274: Handle smartcard clean up better - CVE-2017-10281: Better queuing priorities - CVE-2017-10285: Unreferenced references - CVE-2017-10295: Better URL connections - ... oval:org.secpod.oval:def:89044854 This update for expat fixes the following issues: - CVE-2016-9063: Possible integer overflow to fix inside XML_Parse leading to unexpected behaviour - CVE-2017-9233: External Entity Vulnerability could lead to denial of service oval:org.secpod.oval:def:89044999 This update provides Samba 4.6.7, which fixes the following issues: - CVE-2017-11103: Metadata were being taken from the unauthenticated plaintext rather than the authenticated and encrypted KDC response. - Fix cephwrap_chdir. - Fix ctdb logs to /var/log/log.ctdb instead of /var/log/ctdb. - Fix ... oval:org.secpod.oval:def:89045011 This update for java-1_7_1-ibm fixes the following issues: - Security update to version 7.1.4.15 [bsc#1070162] * CVE-2017-10349: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE . Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE ... oval:org.secpod.oval:def:89003262 This update for java-1_7_1-ibm to version 7.1.4.40 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl . - CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c . More information: https://developer.ibm.com/javasdk/support/s ... oval:org.secpod.oval:def:89044809 This update for qemu fixes the following issues: Security issues fixed: * CVE-2017-10664: Fix DOS vulnerability in qemu-nbd * CVE-2017-10806: Fix DOS from stack overflow in debug messages of usb redirection support * CVE-2017-11334: Fix OOB access during DMA operation * CVE-2017-11434: Fix OOB ac ... oval:org.secpod.oval:def:89002165 This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use thi ... oval:org.secpod.oval:def:89003374 This update for java-1_8_0-ibm to version 8.0.5.30 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl . - CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c . - CVE-2018-1890: Fixed a local privilege escalation via RPATH ... oval:org.secpod.oval:def:89003236 This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend . oval:org.secpod.oval:def:89003061 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd . - CVE-20 ... oval:org.secpod.oval:def:89002074 This update for libvirt provides several fixes. This security issue was fixed: - CVE-2018-5748: Prevent resource exhaustion via qemuMonitorIORead method which allowed to cause DoS . These security issues were fixed: - Add a qemu hook script providing functionality similar to Xen"s block-dmmd script. ... oval:org.secpod.oval:def:89044654 This update for xen to version 4.9.1 fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc#1068187: Failure to recognize errors in the Populate on Demand code allowed for DoS - bsc#1068191: Missing p2m error c ... oval:org.secpod.oval:def:89003097 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 45. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes . - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component . - CVE-2019-2697: Fixed fla ... oval:org.secpod.oval:def:89044659 This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in SLE 15 . These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, ... oval:org.secpod.oval:def:89002542 This update for webkit2gtk3 to version 2.20.3 fixes the issues: The following security vulnerabilities were addressed: - CVE-2018-12911: Fixed an off-by-one error in xdg_mime_get_simple_globs - CVE-2017-13884: An unspecified issue allowed remote attackers to execute arbitrary code or cause a denial ... oval:org.secpod.oval:def:89002307 This update for wireshark fixes the following issues: Update to Wireshark 2.4.11 . Security issues fixed: - CVE-2018-19625: The Wireshark dissection engine could crash - CVE-2018-19626: The DCOM dissector could crash - CVE-2018-19623: The LBMPDM dissector could crash - CVE-2018-19622: The MMSE di ... oval:org.secpod.oval:def:89003340 This update for java-1_7_0-openjdk fixes the following issues: Update to 2.6.18 - OpenJDK 7u221 Security issues fixed: - CVE-2019-2602: Fixed flaw inside BigDecimal implementation . - CVE-2019-2684: Fixed flaw inside the RMI registry implementation . - CVE-2019-2698: Fixed out of bounds access fla ... oval:org.secpod.oval:def:89003104 This update for qemu fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6778: Fixed an out-of-bounds access in slirp - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp - CVE-2018-19489: Fixed a Denial-of-Service in virtfs - CVE-20 ... oval:org.secpod.oval:def:89003452 This update for ovmf fixes the following issue: Security issue fixed: - CVE-2018-12181: Fixed a stack buffer overflow in the HII database when a corrupted Bitmap was used . oval:org.secpod.oval:def:89003330 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd . - CVE-20 ... oval:org.secpod.oval:def:89003339 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 35. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes . - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component . - CVE-2019-2697: Fixed fla ... oval:org.secpod.oval:def:89045010 This update for libvirt fixes the following issues: Security issue fixed: - CVE-2017-1000256: Ensure TLS clients always verify the server certificate in the serial/TLS support. Non security issue fixed: - libvirt-daemon-qemu requires libvirt-daemon-driver-storage oval:org.secpod.oval:def:89003320 This update for java-1_8_0-openjdk to version 8u191 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ... oval:org.secpod.oval:def:89003443 This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd . Other isses addressed: - Fixed an issue which caused openSSL mismatch - Fixed several bugs in the BA ... oval:org.secpod.oval:def:89002355 This update for xen fixes the following issues: Security issues fixed: - CVE-2018-18849: Fixed an out of bounds memory access issue was found in the LSI53C895A SCSI Host Bus Adapter emulation while writing a message in lsi_do_msgin . - CVE-2018-18883: Fixed a NULL pointer dereference that could have ... oval:org.secpod.oval:def:89003448 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun . - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet . - CVE-2018-3630: Fixed a logic error i ... oval:org.secpod.oval:def:89002586 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE . - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c . - CVE-2017-5732: Fixed privilege escalation via pro ... oval:org.secpod.oval:def:89000232 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 68.6.1esr MFSA 2020-11 * CVE-2020-6819 Use-after-free while running the nsDocShell destructor * CVE-2020-6820 Use-after-free when handling a ReadableStream oval:org.secpod.oval:def:89000691 This update for squid fixes the following issues: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply . - CVE-2020-15811: Improve Transfer-Encoding handling . - CVE-2020-15810: Enforce token characters for field-name . oval:org.secpod.oval:def:89003341 This update for evince fixes the following issues: Security issues fixed: - CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory . - CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c . oval:org.secpod.oval:def:89000578 This update for python3 fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000624 This update for squid fixes the following issues: - CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake . - CVE-2019-18860: Fixed handling of invalid domain names in cachemgr.cgi . oval:org.secpod.oval:def:89000336 This update for squid fixes the following issues: - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing . - CVE ... oval:org.secpod.oval:def:89003331 This update for squid fixes the following issues: Security issue fixed: - CVE-2019-12529: Fixed a potential denial of service associated with HTTP Basic Authentication credentials . - CVE-2019-12525: Fixed a denial of service during processing of HTTP Digest Authentication credentials . - CVE-2019-1 ... oval:org.secpod.oval:def:89000430 This update for tomcat fixes the following issues: CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence If an attacker was able to control the contents and name of a file on a server configured to use the PersistenceManager, then the attacker could have triggered a remote code ... oval:org.secpod.oval:def:89045113 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970: Use-after-free in accessibility features of a document * CVE-2021-30547: Out of bounds write in ANGLE ... oval:org.secpod.oval:def:89048022 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u352 : - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows unauthenticated attacker with network access and can cause unauthorized update, insert or delete access via multiple protocols ... oval:org.secpod.oval:def:89046909 This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 11 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead to ... oval:org.secpod.oval:def:89046914 This update for java-1_7_1-ibm fixes the following issues: - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead t ... oval:org.secpod.oval:def:89045774 This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ... oval:org.secpod.oval:def:89045792 This update for java-1_7_0-openjdk fixes the following issues: Update to OpenJDK 7u321 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFReader . - ... oval:org.secpod.oval:def:89045551 This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u302 - CVE-2021-2341: Improve file transfers. - CVE-2021-2369: Better jar file validation. - CVE-2021-2388: Enhance compiler validation. - CVE-2021-2161: Less ambiguous processing oval:org.secpod.oval:def:89002075 This update for exiv2 fixes the following issues: - CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. - CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong in types.cpp. ... oval:org.secpod.oval:def:89002926 This update for freetype2 fixes the following issues: - CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps . oval:org.secpod.oval:def:89003279 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.176 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL point ... oval:org.secpod.oval:def:89000213 This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server . - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect . - CVE-2020-1938: mod_proxy_ajp: Add quot;secretquot; parameter to proxy ... oval:org.secpod.oval:def:89044796 icu was updated to fix two security issues. These security issues were fixed: - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode used an integer data type that is inconsistent w ... oval:org.secpod.oval:def:89002928 This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command . - CVE-2016-7798: Fixed an IV Reuse in GCM Mode . - CVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf ... oval:org.secpod.oval:def:89044755 This update for apache2 fixes the following security issue: - CVE-2017-9798: Prevent use-after-free use of memory that allowed for an information leak via OPTIONS . oval:org.secpod.oval:def:89047750 This update for curl fixes the following issues: - CVE-2022-32221: Fixed POST following PUT confusion . oval:org.secpod.oval:def:89047730 This update for libxml2 fixes the following issues: - CVE-2016-3709: Fixed possible XSS vulnerability . - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE . - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles . oval:org.secpod.oval:def:89046740 This update for the Linux Kernel 4.4.180-94_164 fixes one issue. The following security issue was fixed: - CVE-2021-39713: Fixed a race condition in the network scheduling subsystem which could lead to a use-after-free oval:org.secpod.oval:def:89046031 This update for the Linux Kernel 4.4.180-94_150 fixes several issues. The following security issues were fixed: - CVE-2021-4202: Fixed NFC race condition by adding NCI_UNREG flag . - CVE-2021-4083: Fixed a read-after-free memory flaw inside the garbage collection for Unix domain socket file handlers ... oval:org.secpod.oval:def:89002980 This update for glibc fixes the following issues: - CVE-2020-10029: Fixed a stack corruption from range reduction of pseudo-zero - Use posix_spawn on popen - Correct locking and cancellation cleanup in syslog functions - Fixed concurrent changes on nscd aware files oval:org.secpod.oval:def:89046009 This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs . - CVE-2022-25235: Fixed UTF-8 character validation in a certain context . - CVE-2022-25313: Fixed stack exhaustion in build_model via uncontrolled recursi ... oval:org.secpod.oval:def:89002966 This update for samba fixes the following issues: - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records . - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . oval:org.secpod.oval:def:89003297 This update for bzip2 fixes the following issues: - Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors . oval:org.secpod.oval:def:89003284 This update for bzip2 fixes the following issues: Security issue fixed: - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . - CVE-2016-3189: Fixed a use-after-free in bzip2recover . oval:org.secpod.oval:def:89003281 This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files . - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . Non-security issues fixed: - Add ... oval:org.secpod.oval:def:89003258 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2018-17189: Fixed a denial of service in mod_http2, via slow and unneeded request bodies - CVE-2018-17199: Fixed that mod_session_cookie did not respect expiry time Non-security issue fixed: - sysconfig.d is not creat ... oval:org.secpod.oval:def:89000274 This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the "Cache-Digest" header in a HTTP/2 request . - CVE-2020-11985: IP address spoofing when proxying using mod_remoteip and mod_rewrite . - CVE-2020-11993: When trace/debug was e ... oval:org.secpod.oval:def:89000275 This update for squid fixes the following issues: - CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses . - CVE-2020-11945: fixes a potential remote execution vulnerability w ... oval:org.secpod.oval:def:89048075 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3635: Fixed a use-after-free in the tst_timer of the file drivers/atm/idt77252.c . - CVE-2022-3424: Fixed use-after-free in gru_set_context_option, gru_fau ... oval:org.secpod.oval:def:89047022 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries . - CVE-2022-36879: Fix ... oval:org.secpod.oval:def:89046723 This update for python fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module . oval:org.secpod.oval:def:89047767 This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:89044245 This update for the Linux Kernel 4.4.180-94_135 fixes one issue. The following security issues were fixed: - CVE-2021-28688: Fixed an issue introduced by XSA-365 . - CVE-2021-26930: Fixed an improper error handling in blkback"s grant mapping . - CVE-2021-26931: Fixed an issue where Linux kernel was ... oval:org.secpod.oval:def:89044209 This update for the Linux Kernel 4.4.180-94_141 fixes one issue. The following security issue was fixed: - CVE-2021-28688: Fixed an issue introduced by XSA-365 . oval:org.secpod.oval:def:89046032 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:89046012 This update for the Linux Kernel 4.4.180-94_144 fixes one issue. The following security issue was fixed: - CVE-2021-0920: Fixed a local privilege escalation due to an use after free bug in unix_gc . oval:org.secpod.oval:def:89046006 This update for the Linux Kernel 4.4.180-94_153 fixes several issues. The following security issues were fixed: - CVE-2021-0920: Fixed a local privilege escalation due to an use after free bug in unix_gc . - CVE-2021-28688: Fixed XSA-365 that includes initialization of pointers such that subsequent ... oval:org.secpod.oval:def:89046003 This update for webkit2gtk3 fixes the following issues: Update to version 2.34.5 : - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - CVE-2022-22590: A use after free issue was addressed with improved memory management. - CVE-2022-22592: A logic issue was addresse ... oval:org.secpod.oval:def:89046907 This update for glibc fixes the following issues: Security issues fixed: - CVE-2015-5180: Fix crash with internal QTYPE in resolv - CVE-2016-10228: Rewrite iconv option parsing - CVE-2019-25013: Fix buffer overrun in EUC-KR conversion module - CVE-2020-27618: Accept redundant shift sequences in I ... oval:org.secpod.oval:def:89003020 This update for webkit2gtk3 fixes the following issues: Security issue fixed: - CVE-2020-3899: Fixed a memory consumption issue that could have led to remote code execution . Non-security issues fixed: - Update to version 2.28.2 : + Fix excessive CPU usage due to GdkFrameClock not being stopped. + F ... oval:org.secpod.oval:def:89003028 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.3 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several ... oval:org.secpod.oval:def:89003298 This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-13012: Fixed improper restriction of file permissions when creating directories . Non-security issue fixed: - Added explicit requires between libglib2 and libgio2 . oval:org.secpod.oval:def:89003165 This update for webkit2gtk3 fixes the following issues: Updated to version 2.24.4 . Security issues fixed: - CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, CVE-2019-8684, CVE-2019-8688, CVE-2019-8595, CVE-2019-8607, CVE-2019-8615, CVE-2019-86 ... oval:org.secpod.oval:def:89002964 This update for gdm fixes the following issues: - CVE-2020-16125: Fixed a privilege escalation . oval:org.secpod.oval:def:89002888 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.4 : + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925. oval:org.secpod.oval:def:89000457 This update for webkit2gtk3 to version 2.28.1 fixes the following issues: Security issues fixed: - CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled . - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free ... oval:org.secpod.oval:def:89045790 This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak . oval:org.secpod.oval:def:89003460 This update for webkit2gtk3 to version 2.24.1 fixes the following issues: Security issues fixed: - CVE-2019-6201, CVE-2019-6251, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8506, CVE-2019-8515, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-20 ... oval:org.secpod.oval:def:89003442 This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-13012: Fixed improper restriction of file permissions when creating directories . Non-security issue fixed: - Added explicit requires between libglib2 and libgio2 . oval:org.secpod.oval:def:89047030 This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API . - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence . - Pa ... oval:org.secpod.oval:def:89048081 This update for vim fixes the following issues: Updated to version 9.0.0814: * Fixing bsc#1192478 VUL-1: CVE-2021-3928: vim: vim is vulnerable to Stack-based Buffer Overflow * Fixing bsc#1203508 VUL-0: CVE-2022-3234: vim: Heap-based Buffer Overflow prior to 9.0.0483. * Fixing bsc#1203509 VUL-1: CVE- ... oval:org.secpod.oval:def:89046991 This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 : - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution. oval:org.secpod.oval:def:89045098 This update for the Linux Kernel 4.4.180-94_130 fixes several issues. The following security issues were fixed: - CVE-2021-0605: Fixed an out-of-bounds read which could lead to local information disclosure in the kernel with System execution privileges needed. - CVE-2021-0512: Fixed a possible out- ... oval:org.secpod.oval:def:89002902 This update for the Linux Kernel 4.4.180-94_135 fixes several issues. The following security issues were fixed: - CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunn ... oval:org.secpod.oval:def:89002959 This update for the Linux Kernel 4.4.180-94_107 fixes several issues. The following security issues were fixed: - CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege ... oval:org.secpod.oval:def:89045116 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. - CVE-2021-33909: Fixed an out-of-bounds ... oval:org.secpod.oval:def:89002939 This update for the Linux Kernel 4.4.180-94_130 fixes several issues. The following security issues were fixed: - CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege ... oval:org.secpod.oval:def:89045545 This update for the Linux Kernel 4.4.180-94_135 fixes several issues. The following security issues were fixed: - CVE-2021-37576: On the powerpc platform KVM guest OS users could cause host OS memory corruption via rtas_args.nargs . - CVE-2021-3609: Fixed a local privilege escalation via a race cond ... oval:org.secpod.oval:def:89045544 This update for the Linux Kernel 4.4.180-94_147 fixes several issues. The following security issues were fixed: - CVE-2021-37576: On the powerpc platform KVM guest OS users could cause host OS memory corruption via rtas_args.nargs . - CVE-2021-28688: The fix for XSA-365 includes initialization of po ... oval:org.secpod.oval:def:89045775 This update for the Linux Kernel 4.4.180-94_141 fixes several issues. The following security issues were fixed: - CVE-2021-0935: Fixed use after free that could lead to local escalation of privilege in ip6_xmit of ip6_output.c . - CVE-2021-3752: Fixed vulnerability in the linux kernel Bluetooth uaf ... oval:org.secpod.oval:def:89002983 This update for the Linux Kernel 4.4.180-94_113 fixes one issue. The following security issue was fixed: - CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted . oval:org.secpod.oval:def:89002982 This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 [bsc#1173876], unaligned acces ... oval:org.secpod.oval:def:89003029 This update for the Linux Kernel 3.12.74-60_64_115 fixes several issues. The following security issues were fixed: - CVE-2020-12653: Fixed a buffer overflow in mwifiex_cmd_append_vsie_tlv which could have allowed local users to gain privileges or cause a denial of service . - CVE-2020-12654: Fixed a ... oval:org.secpod.oval:def:89002148 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.131 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3639: Information leaks using quot;Memory Disambiguationquot; feature in modern CPUs were mitigated, aka quot;Spectre Variant 4quot; . A new boo ... oval:org.secpod.oval:def:89002922 This update for ucode-intel fixes the following issues: Updated Intel CPU Microcode to 20200602 This update contains security mitigations for: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one whic ... oval:org.secpod.oval:def:89002970 This update for the Linux Kernel 4.4.180-94_116 fixes several issues. The following security issues were fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access . - CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed l ... oval:org.secpod.oval:def:89002987 This update for the Linux Kernel 4.4.180-94_107 fixes one issue. The following security issue was fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access . oval:org.secpod.oval:def:89002984 This update for the Linux Kernel 4.4.180-94_100 fixes several issues. The following security issues were fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access . - CVE-2019-15666: Fixed an out of bounds read __xfrm_policy_unlink, which coul ... oval:org.secpod.oval:def:89003001 This update for the Linux Kernel 3.12.74-60_64_124 fixes several issues. The following security issues were fixed: - CVE-2020-1749: Fixed an issue in the networking protocols in encrypted IPsec tunnel - CVE-2019-5108: Fixed an issue where by triggering AP to send IAPP location updates for stations ... oval:org.secpod.oval:def:89002907 This update for the Linux Kernel 3.12.74-60_64_110 fixes several issues. The following security issues were fixed: - CVE-2019-14896: A heap-based buffer overflow vulnerability was found in the Marvell WiFi chip driver. A remote attacker could cause a denial of service or, possibly execute arbitrary ... oval:org.secpod.oval:def:89000108 This update for cups fixes the following issues: - CVE-2020-3898: Fixed a heap buffer overflow in ppdFindOption . oval:org.secpod.oval:def:89002885 This update for the Linux Kernel 4.4.180-94_121 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op . - CVE-2020-8694: Fixed an insufficient access control in the Linux kernel driver for some Intel Processors which might ... oval:org.secpod.oval:def:89003377 This update for ucode-intel fixes the following issues: - Updated to 20191112 official security release - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues oval:org.secpod.oval:def:89003373 This update for the Linux Kernel 4.4.180-94_100 fixes several issues. The following security issues were fixed: - CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged g ... oval:org.secpod.oval:def:89003066 This update for the Linux Kernel 3.12.74-60_64_118 fixes several issues. The following security issues were fixed: - CVE-2019-10220: Fixed a relative path escape in the Samba client module . - CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by ... oval:org.secpod.oval:def:89002920 This update for the Linux Kernel 4.4.180-94_107 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-0155: Fixed a privilege escalation in the i915 graphics driver . - CVE-2019-16746: Fixed a buffer overflow in net/ ... oval:org.secpod.oval:def:89002908 This update for the Linux Kernel 4.4.180-94_116 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c . - CVE-2020-11668: Fixed a memory corruption issue in th ... oval:org.secpod.oval:def:89002893 This update for the Linux Kernel 4.4.180-94_113 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c . - CVE-2019-9458: Fixed a use-after-free in media/v4l . ... oval:org.secpod.oval:def:89002997 This update for the Linux Kernel 4.4.121-92_120 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-0155: Fixed a privilege escalation in the i915 graphics driver . - CVE-2019-16746: Fixed a buffer overflow in net/ ... oval:org.secpod.oval:def:89002867 This update for the Linux Kernel 4.4.180-94_127 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c . - CVE-2020-11668: Fixed a memory corruption issue in th ... oval:org.secpod.oval:def:89003220 This update for the Linux Kernel 4.4.178-94_91 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in block/blk-core.c due to improper error handling . - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of cr ... oval:org.secpod.oval:def:89000063 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing ... oval:org.secpod.oval:def:89003200 This update for xen fixes the following issues: - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm . - CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 . - CVE-2019-19583: Fixed improper checks which could have allowed HVM ... oval:org.secpod.oval:def:89003329 This update for ucode-intel fixes the following issues: - Updated to 20191112 security release - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-gt;New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile - CNL-U D0 6-6 ... oval:org.secpod.oval:def:89003317 This update for the Linux Kernel 4.4.180-94_103 fixes several issues. The following security issues were fixed: - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship . - CVE-20 ... oval:org.secpod.oval:def:89003319 This update for the Linux Kernel 4.4.180-94_100 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue due to an improper error handling . - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling ... oval:org.secpod.oval:def:89003286 This update for the Linux Kernel 4.4.121-92_104 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB-gt;tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments . A remote attacker co ... oval:org.secpod.oval:def:89003393 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.180 to receive various security and bugfixes. oval:org.secpod.oval:def:89003086 This update for the Linux Kernel 3.12.74-60_64_115 fixes one issue. The following security issue was fixed: This update contains a regression fix for CVE-2019-11478 . oval:org.secpod.oval:def:89003217 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003138 This update for ucode-intel fixes the following issues: ucode-intel was updated to official QSR 2019.1 microcode release ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx VLV D0 6-37-9/0F 000009 ... oval:org.secpod.oval:def:89003232 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003173 This update for qemu fixes the following issues: - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature quot;md-clearquot; oval:org.secpod.oval:def:89003081 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003195 This update for xen fixes the following issues: Security issues fixed: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of s ... oval:org.secpod.oval:def:89002312 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory . - CVE-2017-5753 / quot;SpectreAttackquot;: Local attackers on s ... oval:org.secpod.oval:def:89003453 This update for libvirt fixes the following issues: Four new speculative execution information leak issu Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarchitectural Load Port Data Sampling - CVE-2019-11091: Microarchitectural Data ... oval:org.secpod.oval:def:89003327 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.178 to receive various security and bugfixes. Four new speculative execution issues have been identified in Intel CPUs. oval:org.secpod.oval:def:89000686 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . - Fixed an issue in TLS-EAP where the OCSP verification, when an intermediate client certif ... oval:org.secpod.oval:def:89002046 This update for gd fixes the following issues: Security issue fixed: - CVE-2018-1000222: Fixed a double free vulnerability in gdImageBmpPtr that could result in remote code execution. This could have been exploited via a specially crafted JPEG image files oval:org.secpod.oval:def:89003038 This update for python-numpy fixes the following issue: Security issue fixed: - CVE-2019-6446: Set allow_pickle to false by default to restrict loading untrusted content . With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing numpy.load. A wa ... oval:org.secpod.oval:def:89003246 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 40. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11772: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM ... oval:org.secpod.oval:def:89003187 This update for java-1_8_0-openjdk to version 8u222 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation . - CVE-2019-2762: Exceptional throw cases . - CVE-2019-2766: Improve file protocol handling . - CVE-2019-2769: Better copies of CopiesList . - CVE-2019 ... oval:org.secpod.oval:def:89003092 This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_str2de ... oval:org.secpod.oval:def:89002991 This update for libsolv fixes the following issues: This is a reissue of an existing libsolv update that also included libsolv-devel for LTSS products. libsolv was updated to version 0.6.36 fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testc ... oval:org.secpod.oval:def:89003427 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 50. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM Security Update July 2019 - CVE-2019-7317: Fixed ... oval:org.secpod.oval:def:89000388 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks . oval:org.secpod.oval:def:89003100 This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 and fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_st ... oval:org.secpod.oval:def:89003105 This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Unin ... oval:org.secpod.oval:def:89002282 This update for libsndfile fixes the following issues: Security issues fixed: - CVE-2018-13139: Fix a stack-based buffer overflow in psf_memset in common.c that allows remote attackers to cause a denial of service . - CVE-2017-14245: Prevent segmentation fault in the function d2alaw_array that may h ... oval:org.secpod.oval:def:89002176 This update for xen fixes the following issues: XEN was updated to the Xen 4.9.3 bug fix only release - CVE-2018-17963: qemu_deliver_packet_iov accepted packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. - CVE-2018-1547 ... oval:org.secpod.oval:def:89002178 This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3639: Spectre V4 #226;#128;#147; Speculative Store Bypass aka quot;Memory Disambiguationquot; This feature can be controlled by the quot;ssbd=on/offquot; commandline flag for the XEN hypervisor. - CVE-2018-10982: x86 ... oval:org.secpod.oval:def:89002154 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.140 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13053: The alarm_timer_nsleep function had an integer overflow via a large relative timeout because ktime_add_safe was not used - CVE-2018-9385 ... oval:org.secpod.oval:def:89002157 This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3665: Fix Lazy FP Save/Restore issue . - CVE-2018-12891: Fix possible Denial of Service via certain PV MMU operations that affect the entire host . - CVE-2018-12892: Fix libxl to honour the readonly flag on HVM emul ... oval:org.secpod.oval:def:89003363 The SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.176 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. oval:org.secpod.oval:def:89002270 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.120 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-13166: An elevation of privilege vulnerability in the v4l2 video driver. - CVE-2017-15951: The KEYS subsystem did not correctly synchronize the ... oval:org.secpod.oval:def:89002145 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.136 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5848: In the function wmi_set_ie, the length validation code did not handle unsigned integer overflow properly. As a result, a large value of th ... oval:org.secpod.oval:def:89003057 This update for java-1_8_0-openjdk to version 8u212 fixes the following issues: Security issues fixed: - CVE-2019-2602: Better String parsing . - CVE-2019-2684: More dynamic RMI interactions . - CVE-2019-2698: Fuzzing TrueType fonts - setCurrGlyphID . - CVE-2019-2422: Better FileChannel . - CVE-2018 ... oval:org.secpod.oval:def:89044015 The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 . More information on: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-D ata-File Following chipsets are fixed in th ... oval:org.secpod.oval:def:89002408 This update for qemu fixes the following issues: These security issues were fixed: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS . - CVE-2018-11806: Prevent heap-based b ... oval:org.secpod.oval:def:89002451 This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl featur ... oval:org.secpod.oval:def:89003423 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.175 to receive various security and bugfixes. oval:org.secpod.oval:def:89002207 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.143 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5390 aka quot;SegmentSmackquot;: Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for ... oval:org.secpod.oval:def:89002437 This update for qemu fixes the following issues: A new feature was added: - Support EPYC vCPU type Also a mitigation for a security problem has been applied: - CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to allow enabling/disabling b ... oval:org.secpod.oval:def:89003406 This update for java-1_7_0-openjdk to version 7u201 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ... oval:org.secpod.oval:def:89002130 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.114 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5715: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of informati ... oval:org.secpod.oval:def:89002245 This update for libvirt fixes the following issues: Security issue fixed: - CVE-2018-3639: Add support for "ssbd" and "virt-ssbd" CPUID feature bits to address V4 Speculative Store Bypass aka quot;Memory Disambiguationquot; . Bug fixes: - bsc#1094325: Enable virsh blockresize for XEN guests . - bsc# ... oval:org.secpod.oval:def:89002120 This update for libvirt and virt-manager fixes the following issues: Security issues fixed: - CVE-2017-5715: Fixes for speculative side channel attacks aka quot;SpectreAttackquot; . - CVE-2018-6764: Fixed guest executable code injection via libnss_dns.so loaded by libvirt_lxc before init . - CVE-20 ... oval:org.secpod.oval:def:89002353 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.155 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow on a NULL inode-gt;i_ops pointer when doing pathwalks on a corrupted xfs image. ... oval:org.secpod.oval:def:89002465 The SUSE Linux Enterprise 12 SP3 azure kernel was updated to 4.4.155 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow on a NULL inode-gt;i_ops pointer when doing pathwalks on a corrupted xfs ... oval:org.secpod.oval:def:89044847 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.103 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000410: The Linux kernel was affected by an information lea that lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigR ... oval:org.secpod.oval:def:89044730 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.92 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000252: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service via an out-of bounds guest_irq value, related ... oval:org.secpod.oval:def:89002472 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.126 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-1091: In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from unprivileged userspace ... oval:org.secpod.oval:def:89003196 The SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.162 to receive various security and bugfixes. oval:org.secpod.oval:def:89044732 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive the following security fixes: - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was vulnerable to a stack overflow while processing L2CAP configuration responses, resulting in a potential remote denial-of-service vulnera ... oval:org.secpod.oval:def:89044740 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000405: A bug in the THP CoW support could be used by local attackers to corrupt memory of other processes and cause them to crash . - CVE-2017-16939: The ... oval:org.secpod.oval:def:89002509 The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.162 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5 function in the ISCSI target code in a way an authentication request from an ISC ... oval:org.secpod.oval:def:89002548 This update for xen to version 4.9.2 fixes several issues. This feature was added: - Added script, udev rule and systemd service to watch for vcpu online/offline events in a HVM domU. They are triggered via "xl vcpu-set domU N" These security issues were fixed: - CVE-2018-8897: Prevent mishandling o ... oval:org.secpod.oval:def:89044808 This update for openssl fixes the following issues: - OpenSSL Security Advisory [07 Dec 2017] * CVE-2017-3737: OpenSSL 1.0.2 introduced an \error state\ mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fai ... oval:org.secpod.oval:def:89003257 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization . oval:org.secpod.oval:def:89003137 This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document . - CVE-2018-1000802: Fixed a command injection in th ... oval:org.secpod.oval:def:89002025 This update for python, python-base fixes the following issues: Security issues fixed: - CVE-2018-1000802: Prevent command injection in shutil module via passage of unfiltered user input . - CVE-2018-1061: Fixed DoS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib . - C ... oval:org.secpod.oval:def:89003470 This update for python fixes the following issues: Security issues fixed: - CVE-2019-9948: Fixed a "file:" blacklist bypass in URIs by using the "local-file:" scheme instead . - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization ... oval:org.secpod.oval:def:89003064 This update for python fixes the following issues: Security issues fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser . - CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat . Non-security issue fixed: - Fixed a bug where PyWeakReference struc ... oval:org.secpod.oval:def:89003294 This update for MozillaFirefox fixes the following issues: Updated to new ESR version 68.1 . In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750 ... oval:org.secpod.oval:def:89002180 This update for python3 provides the following fixes: These security issues were fixed: - CVE-2018-1061: Prevent catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could have used this flaw to cause denial of service . - CVE-2018-1060: Prevent catastrophic backtracking in pop3 ... oval:org.secpod.oval:def:89044657 This update for openssl fixes the following issues: Security issues fixed: - CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read - CVE-2017-3736: openssl: bn_sqrx8x_internal carry bug on x86_64 - Out of bounds read+crash in DES_fcrypt - openssl DEFAULT_SUSE cipher ... oval:org.secpod.oval:def:89003079 This update for python fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation . oval:org.secpod.oval:def:89002512 This update for python fixes the following issues: The following security vulnerabilities were addressed: - Add a check to Lib/wave.py that verifies that at least one channel is provided. Prior to this, attackers could cause a denial of service via a crafted wav format audio file. [bsc#1083507, CVE- ... oval:org.secpod.oval:def:89000565 This update for python3 fixes the following issues: Update to 3.4.10 from 3.4.6: Security issues fixed: - Update expat copy from 2.1.1 to 2.2.0 to fix the following issues: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2017-9233, CVE-2016-9063 - CVE-2017-1000158: Fix an integer overflow in thePy ... oval:org.secpod.oval:def:89002453 This update for python fixes the following issues: Security issues fixed: - CVE-2017-1000158: Fixed integer overflows in PyString_DecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution . - CVE-2018-1000030: Fixed crash inside the Python inte ... oval:org.secpod.oval:def:89000146 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to NSS 3.47.1: Security issues fixed: - CVE-2019-17006: Added length checks for cryptographic primitives . - CVE-2019-11745: EncryptUpdate should use maxout, not block size . - CVE-2019-11727: Fixed vulnera ... oval:org.secpod.oval:def:89002310 This update for python3 fixes the following issues: Security issue fixed: - CVE-2017-18207: Fixed possible denial of service vulnerability by adding a check to Lib/wave.py that verifies that at least one channel is provided . Bug fixes: - Require python-Sphinx-latex for building on Leap 42.3 or newe ... oval:org.secpod.oval:def:89003342 This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document . - CVE-2018-1000802: Fixed a command injection in th ... oval:org.secpod.oval:def:89003210 This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack . - CVE-2019-11711: Script injection within domain through inner window reuse . - CVE-2019-11712: Cross-origin POST ... oval:org.secpod.oval:def:89003333 This update for MozillaFirefox to ESR 60.9 fixes the following issues: Security issues fixed: - CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. - CVE-2019-11746: Fixed a use-after-free while manipulating video. - CVE-2019-11744: F ... oval:org.secpod.oval:def:89000180 This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball . - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service ... oval:org.secpod.oval:def:89003323 This update for MozillaFirefox to 68.2.0 ESR fixes the following issues: Mozilla Firefox was updated to version 68.2.0 ESR . Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library . - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB . - CVE ... oval:org.secpod.oval:def:89003431 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser - CVE-2018-20406: Fixed a integer overflow via a large LONG_BINPUT oval:org.secpod.oval:def:89002359 This update for tiff fixes the following issues: - CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service or possibly have unspecified other impact via a crafted image file. - CVE-2018-17101: There are two out-of-bounds writes in cpTags in ... oval:org.secpod.oval:def:89002414 This update for ImageMagick fixes the following issues: These security issues were fixed: - CVE-2017-13758: Prevent heap-based buffer overflow in the TracePoint function . - CVE-2017-10928: Prevent heap-based buffer over-read in the GetNextToken function that allowed remote attackers to obtain sensi ... oval:org.secpod.oval:def:89002518 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18024: Fixed an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. - CVE-2018-18016: Fi ... oval:org.secpod.oval:def:89002371 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18544: Fixed memory leak in the function WriteMSLImage . Non-security issues fixed: - Improve import documentation . - Allow override system security policy . - asan_build: build ASAN included - debug_build: bu ... oval:org.secpod.oval:def:89002473 This update for ImageMagick fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-16329: Prevent NULL pointer dereference in the GetMagickProperty function leading to DoS - CVE-2018-16323: ReadXBMImage left data uninitialized when processing an XBM file that has ... oval:org.secpod.oval:def:89002239 This update for ImageMagick fixes the following issues: - CVE-2017-14325: In ImageMagick, a memory leak vulnerability was found in the function PersistPixelCache in magick/cache.c, which allowed attackers to cause a denial of service via a crafted file. [bsc#1058635] - CVE-2017-17887: In ImageMagic ... oval:org.secpod.oval:def:89002994 This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . - Fixed an issue where multiple ho ... oval:org.secpod.oval:def:89003432 The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-1125: Enable Spectre v1 swapgs mitigations . - CVE-2018-20855: An issue was discovered in create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_crea ... oval:org.secpod.oval:def:89002317 This update for tiff fixes the following issues: - CVE-2017-9935: There was a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an in ... oval:org.secpod.oval:def:89003237 This update for libcroco fixes the following issues: Security issues fixed: - CVE-2017-7960: Fixed heap overflow . - CVE-2017-7961: Fixed undefined behavior . - CVE-2017-8834: Fixed denial of service via a crafted CSS file . - CVE-2017-8871: Fixed denial of service via a crafted CSS file . oval:org.secpod.oval:def:89003400 The SUSE Linux Enterprise 12 SP 3 LTSS kernel was updated to receive various security and bugfixes. |
