Download
| Alert*
oval:org.secpod.oval:def:89000006
SUSE Linux Enterprise Server 12 SP4 is installed oval:org.secpod.oval:def:89043983 This update for NetworkManager fixes the following issues: Security issue fixed: - Fixed that passwords are not echoed on terminal when asking for them . oval:org.secpod.oval:def:89043982 This is a security test-update for SLE-12-SP4. oval:org.secpod.oval:def:89045542 This update for unrar to version 5.6.1 fixes several issues. These security issues were fixed: - CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file . - CVE ... oval:org.secpod.oval:def:89000529 This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND=quot;ldapquot; was used . - Changed DB_CONFIG to root:ldap permissions . - Fixed an issue where slapd becomes unresponsive after many fai ... oval:org.secpod.oval:def:89046427 This update of oracleasm fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89046735 This update of dpdk fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89003265 This update for cups fixes the following issues: - CVE-2019-8675: Fixed a stack buffer overflow in libcups"s asn1_get_type function. - CVE-2019-8696: Fixed a stack buffer overflow in libcups"s asn1_get_packed function . oval:org.secpod.oval:def:89003386 This update for dbus-1 fixes the following issues: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication . oval:org.secpod.oval:def:89003024 This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201118 official release. - Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack INTEL-SA-00389 - CVE-2020-8698: Fixed Fast Store For ... oval:org.secpod.oval:def:89003388 This update for cronie fixes the following issues: Security issues fixed: - CVE-2019-9704: Fixed an insufficient check in the return value of calloc which could allow a local user to create Denial of Service by crashing the deamon . - CVE-2019-9705: Fixed an implementation vulnerability which could ... oval:org.secpod.oval:def:89003268 This update for LibVNCServer fixes the following issues: Security issues fixed: - CVE-2018-15126: Fixed use-after-free in file transfer extension - CVE-2018-6307: Fixed use-after-free in file transfer extension server code - CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC cli ... oval:org.secpod.oval:def:89003385 This update for avahi fixes the following issues: Security issue fixed: - CVE-2017-6519: Fixed DNS amplification and reflection to spoofed addresses oval:org.secpod.oval:def:89003148 This update for openssl-1_0_0 fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher"s CAT: Cache Attacks on TLS Implementations - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differentl ... oval:org.secpod.oval:def:89003149 This update for openssl-1_1 fixes the following issues: - The 9 Lives of Bleichenbacher"s CAT: Cache ATtacks on TLS Implementations oval:org.secpod.oval:def:89003380 This update for libcaca fixes the following issues: Security issues fixed: - CVE-2018-20544: Fixed a floating point exception at caca/dither.c - CVE-2018-20545: Fixed a WRITE memory access in the load_image function at common-image.c for 4bpp - CVE-2018-20546: Fixed a READ memory access in the get ... oval:org.secpod.oval:def:89003012 This update for ovmf fixes the following issues: - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler . - Use openSUSE CA for the opensuse flavor oval:org.secpod.oval:def:89003375 This update for djvulibre fixes the following issues: Security issues fixed: - CVE-2019-15142: Fixed heap-based buffer over-read . - CVE-2019-15143: Fixed resource exhaustion caused by corrupted image files . - CVE-2019-15144: Fixed denial-of-service caused by crafted PBM image files . - CVE-2019-15 ... oval:org.secpod.oval:def:89003134 This update for webkit2gtk3 to version 2.22.6 fixes the following issues: Security issues fixed: - CVE-2019-6212: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content. - CVE-2019-6215: Fixed a type confusion ... oval:org.secpod.oval:def:89003255 This update for file fixes the following issues: The following security vulnerabilities were addressed: - Fixed an out-of-bounds read in the function do_core_note in readelf.c, which allowed remote attackers to cause a denial of service via a crafted ELF file . - CVE-2019-8905: Fixed a stack-based ... oval:org.secpod.oval:def:89003371 This update for ghostscript fixes the following issue: Security issue fixed: - CVE-2019-3838: Fixed a vulnerability which made forceput operator in DefineResource to be still accessible which could allow access to file system outside of the constraints of -dSAFER . oval:org.secpod.oval:def:89003130 This update for aspell fixes the following issues: - CVE-2019-17544: Fixed a stack-based buffer over-read in acommon:unescape in common/getdata.cpp via an isolated backslash . oval:org.secpod.oval:def:89003493 This update for bind fixes the following issues: Security issues fixed: - CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones . - CVE-2019-6471: Fixed a reachable assert in dispatch.c. - CVE-2018-5745: Fixed a denial of service v ... oval:org.secpod.oval:def:89003131 This update for ghostscript fixes the following issue: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code . oval:org.secpod.oval:def:89003252 This update for spice fixes the following issues: Security issue fixed: - CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution . oval:org.secpod.oval:def:89003018 This update for bluez fixes the following issues: - CVE-2020-0556: Fixed improper access control which may lead to escalation of privilege and denial of service by an unauthenticated user . oval:org.secpod.oval:def:89003139 This update for wireshark to version 2.4.13 fixes the following issues: Security issues fixed: - CVE-2019-9214: Avoided a dereference of a null coversation which could make RPCAP dissector crash . - CVE-2019-9209: Fixed a buffer overflow in time values which could make ASN.1 BER and related dissecto ... oval:org.secpod.oval:def:89002396 This update for libarchive fixes the following issues: - CVE-2016-10209: The archive_wstring_append_from_mbs function in archive_string.c allowed remote attackers to cause a denial of service via a crafted archive file. - CVE-2016-10349: The archive_le32dec function in archive_endian.h allowed rem ... oval:org.secpod.oval:def:89002034 This update for MozillaFirefox to ESR 60.2.2 fixes several issues. These general changes are part of the version 60 release. - New browser engine with speed improvements - Redesigned graphical user interface elements - Unified address and search bar for new installations - New tab page listing top v ... oval:org.secpod.oval:def:89003487 This update for audit fixes the following issues: Audit on SUSE Linux Enterprise 12 SP4 was updated to 2.8.1 to bring new features and bugfixes oval:org.secpod.oval:def:89003125 This update for libssh2_org fixes the following issues: - Incorrect upstream fix for CVE-2019-3859 broke public key authentication [bsc#1133528, bsc#1130103] oval:org.secpod.oval:def:89003362 This update for sysstat fixes the following issues: Security issues fixed: - CVE-2018-19416: Fixed out-of-bounds read during a memmove call inside the remap_struct function . - CVE-2018-19517: Fixed out-of-bounds read during a memset call inside the remap_struct function . oval:org.secpod.oval:def:89002274 This update for tcpdump fixes the following issues: Security issues fixed: - CVE-2018-19519: Fixed a stack-based buffer over-read in the print_prefix function oval:org.secpod.oval:def:89003242 This update for wireshark to version 2.4.15 fixes the following issues: Security issue fixed: - Fixed a denial of service in the dissection engine . oval:org.secpod.oval:def:89002038 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf . - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c . - CVE-2018-18557: Fixed JBIG decode can lead ... oval:org.secpod.oval:def:89003127 This update for webkit2gtk3 fixes the following issues: Security issue fixed: - CVE-2019-8375: Fixed an issue in UIProcess subsystem which could allow the script dialog size to exceed the web view size leading to Buffer Overflow or other unspecified impact . oval:org.secpod.oval:def:89003233 This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigated ECDSA timing attack oval:org.secpod.oval:def:89003114 This update for gstreamer-plugins-base fixes the following issue: Security issue fixed: - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser . oval:org.secpod.oval:def:89003477 This update for ucode-intel fixes the following issues: Updated to the 20190312 bundle release New Platforms: - AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile - CFL-S P0 6-9e-c/22 000000a2 Core Gen9 Deskto ... oval:org.secpod.oval:def:89003230 This update for xrdp fixes the following issues: These security issues were fixed: - CVE-2013-1430: When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd was created. Its content was the equivalent of the user"s cleartext password, DES encrypted with ... oval:org.secpod.oval:def:89003115 This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 . - CVE-2018-20506: Fixed an integer overflow when FTS3 extension is enabled . oval:org.secpod.oval:def:89003116 This update for sudo fixes the following issues: Security issue fixed: - CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers . oval:org.secpod.oval:def:89003239 This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file . oval:org.secpod.oval:def:89003189 This update for vim fixes the following issue: Security issue fixed: - CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c . oval:org.secpod.oval:def:89003184 This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder . - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder . - CVE-2019-1000019: Fixed an Out-Of-Bounds Read vulnerability in 7zip decompr ... oval:org.secpod.oval:def:89003065 This update for libpcap fixes the following issues: - CVE-2019-15165: Added sanity checks for PHB header length before allocating memory . - CVE-2018-16301: Fixed a buffer overflow . oval:org.secpod.oval:def:89003181 This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs oval:org.secpod.oval:def:89003182 This update for postgresql10 to version 10.9 fixes the following issue: Security issue fixed: - CVE-2019-10164: Fixed buffer-overflow vulnerabilities in SCRAM verifier parsing . More information at https://www.postgresql.org/docs/10/release-10-9.html oval:org.secpod.oval:def:89003056 This update for dhcp fixes the following issues: Secuirty issue fixed: - CVE-2019-6470: Fixed DHCPv6 server crashes . Bug fixes: - Add compile option --enable-secs-byteorder to avoid duplicate lease warnings . - Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6 . oval:org.secpod.oval:def:89003299 This update for webkit2gtk3 to version 2.22.5 fixes the following issues: Security issues fixed: - CVE-2018-4438: Fixed a logic issue which lead to memory corruption - CVE-2018-4437, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464: Fixed multiple memory corruption issues with improved me ... oval:org.secpod.oval:def:89003179 This update for libseccomp fixes the following issues: Update to new upstream release 2.4.1: * Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 : * Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS ... oval:org.secpod.oval:def:89003052 This update for libssh2_org fixes the following issues: Security issues fixed: - CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets . - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet . - CVE-2019-3860: Fixed Out-of- ... oval:org.secpod.oval:def:89003054 This update for PackageKit fixes the following issues: - Fixed displaying the license agreement pop up window during package update . oval:org.secpod.oval:def:89003290 This update for elfutils fixes the following issues: Security issues fixed: - CVE-2018-16403: Fixed a heap-based buffer over-read that could have led to Denial of Service . - CVE-2016-10254: Fixed a memory allocation failure in alloxate_elf . - CVE-2019-7665: NT_PLATFORM core file note should be a z ... oval:org.secpod.oval:def:89003171 This update for dovecot22 fixes the following issues: - CVE-2019-11500: Fixed a potential remote code execution in the IMAP and ManageSieve protocol parsers . oval:org.secpod.oval:def:89003045 This update for jasper fixes the following issues: Security issues fixed: - CVE-2018-19540: Fixed a heap based overflow in jas_icctxtdesc_input . - CVE-2018-19541: Fix heap based overread in jas_image_depalettize . - CVE-2018-19542: Fixed a denial of service in jp2_decode . - CVE-2018-19539: Fixed a ... oval:org.secpod.oval:def:89002078 This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. - CVE-2018-15686: A vulnerability in unit_deserialize of systemd ... oval:org.secpod.oval:def:89003288 This update for bash fixes the following issues: Security issue fixed: - CVE-2019-9924: Fixed a vulnerability in which shell did not prevent user BASH_CMDS allowing the user to execute any command with the permissions of the shell . oval:org.secpod.oval:def:89003047 This update for webkit2gtk3 to version 2.22.4 fixes the following issues: Security issues fixed: CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018 ... oval:org.secpod.oval:def:89003041 This update for dnsmasq fixes the following issues: Security issue fixed: - CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcard synthesized NSEC records may result improper validation for non-existance. Non-security issue fixed: - Reload system dbus to pick up pol ... oval:org.secpod.oval:def:89003163 This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2019-10130: Prevent row-level security policies from being bypassed via selectivity estimators . Bug fixes: - For a complete list of fixes check the release notes. * https://www.postgresql.org/docs/10/release-10-8.h ... oval:org.secpod.oval:def:89003164 This update for bluez fixes the following issues: Security vulnerability addressed: - CVE-2016-9797: Fixed a buffer over-read in l2cap_dump . - CVE-2016-9798: Fixed a use-after-free in conf_opt . - CVE-2016-9917: Fixed a heap-based buffer overflow in read_n . - CVE-2016-9802: Fixed a buffer over-rea ... oval:org.secpod.oval:def:89003044 This update for perl fixes the following issues: Security issue fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment . oval:org.secpod.oval:def:89003040 This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-6954: Fixed a vulnerability in the symlink handling of systemd-tmpfiles which allowed a local user to obtain ownership of arbitrary files . - CVE-2019-3842: Fixed a vulnerability in pam_systemd which allowed a loca ... oval:org.secpod.oval:def:89003397 This update for freeradius-server fixes the following issues: Security issues fixed: - CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points . - CVE-2019-11234: Fixed an authentication bypass caused by reflecting privou ... oval:org.secpod.oval:def:89003277 This update for systemd fixes the following issues: Security vulnerability fixed: - CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS message on the system bus by an unprivileged user Other bug fixes and changes: - journal-remote: set a limit on the number of fields in a messa ... oval:org.secpod.oval:def:89003398 This update for gd fixes the following issues: Security issues fixed: - CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function . - CVE-2019-6978: Fixed a double free in the gdImage*Ptr functions . oval:org.secpod.oval:def:89003399 This update for wireshark to version 2.4.12 fixes the following issues: Security issues fixed: - CVE-2019-5717: Fixed a denial of service in the P_MUL dissector - CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors - CVE-2019-5719: Fixed a denial of service in the I ... oval:org.secpod.oval:def:89003158 This update for expat fixes the following issues: Security issue fixed: - CVE-2018-20843: Fixed a denial of service triggered by high resource consumption in the XML parser when XML names contain a large amount of colons . oval:org.secpod.oval:def:89003394 This update for openssl-1_1 to version 1.1.1b fixes the following issues: - Changed the info callback signals for the start and end of a post-handshake message exchange in TLSv1.3. - Fixed a bug in DTLS over SCTP. This breaks interoperability with older versions of OpenSSL like OpenSSL 1.1.0 and Ope ... oval:org.secpod.oval:def:89003033 This update for mariadb-100 to version 10.0.38 fixes the following issues: - CVE-2019-2537: Fixed a denial of service vulnerability which can lead to MySQL compromise . - CVE-2019-2529: Fixed a denial of service vulnerability by an privileged attacker via a protocol compromise . oval:org.secpod.oval:def:89003039 This update for permissions fixes the following issues: Security issues fixed: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary . - CVE-2019-3690: Fixed a privilege escalation through untrusted ... oval:org.secpod.oval:def:89003090 This update for ovmf fixes the following issues: Security issue fixed: - CVE-2019-0161: Fixed a stack overflow in UsbBusDxe and UsbBusPei, which could potentially be triggered by a local unauthenticated user . oval:org.secpod.oval:def:89003082 This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-19788: Fixed handling of UIDs over MAX_UINT oval:org.secpod.oval:def:89003075 This update for accountsservice fixes the following issues: Security issue fixed: - CVE-2018-14036: Prevent directory traversal caused by an insufficient path check in user_change_icon_file_authorized_cb . Non-security issue fixed: - Improved wtmp io performance . oval:org.secpod.oval:def:89044302 This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - Avoid free"ing our own pointer in memcache when memcache_trim attempts to reduce cache size . - Adjust smbcacls "--propagate-inheritance" feature to align with upstream . oval:org.secpod.oval:def:89003193 This update for dovecot22 fixes the following issues: Security issues fixed: - CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation . - CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication . Other issue fi ... oval:org.secpod.oval:def:89003073 This update for LibVNCServer fixes the following issues: Security issues fixed: - CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c - CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c - CVE-2018-20748: Fixed multiple heap out-of-bound writes ... oval:org.secpod.oval:def:89003194 This update for libjpeg-turbo fixes the following issues: - CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. [bsc#1156402] oval:org.secpod.oval:def:89003190 This update for soundtouch fixes the following issues: Security issues fixed: - CVE-2018-17098: Fixed a heap corruption from size inconsistency, which allowed remote attackers to cause a denial of service or possibly have other unspecified impact - CVE-2018-17097: Fixed a double free, which allowed ... oval:org.secpod.oval:def:89002933 This update for systemd fixes the following issues: - CVE-2019-20386: Fixed a memory leak when executing the udevadm trigger command . - Renamed the persistent link for ATA devices - shared/install: try harder to find enablement symlinks when disabling a unit - tmpfiles: removed unnecessary assert ... oval:org.secpod.oval:def:89002923 This update for gcc10 fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with quot;-10quot; suffix, you can specify ... oval:org.secpod.oval:def:89002918 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation . - CVE-2019-14553: Fixed the TLS certification verification in HTTPS-over-IPv6 boot sequences . - CVE-2019-14559: Fixed a remotely exploitabl ... oval:org.secpod.oval:def:89002974 This update for LibVNCServer fixes the following issues: - CVE-2019-15690: Fixed a heap buffer overflow . - CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory . - CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large h ... oval:org.secpod.oval:def:89002956 This update for cyrus-sasl fixes the following issues: - CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet . oval:org.secpod.oval:def:89002946 This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters . oval:org.secpod.oval:def:89002892 This update for ucode-intel fixes the following issues: - Intel CPU Microcode updated to 20201027 prerelease - CVE-2020-8695: Fixed Intel RAPL sidechannel attack - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 # New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New V ... oval:org.secpod.oval:def:89002894 This update for vim fixes the following issues: - CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces . oval:org.secpod.oval:def:89044211 This update for gdm fixes the following issues: - Avoid the signal SIGTRAP when gdm exits . oval:org.secpod.oval:def:89044210 This update for permissions fixes the following issues: - Update to version 20170707: * make btmp root:utmp oval:org.secpod.oval:def:89002990 This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:89044235 This update for java-1_7_0-openjdk fixes the following issues: - Update to 2.6.25 - OpenJDK 7u291 * Security fixes + JDK-8247619: Improve Direct Buffering of Characters * Import of OpenJDK 7 u291 build 1 + JDK-8254177: Upgrade time-zone data to tzdata2020b + JDK-8254982: Upgrade time-zone data to ... oval:org.secpod.oval:def:89002989 This update for bind fixes the following issues: Security issues fixed: - CVE-2020-8616: Fixed the insufficient limit on the number of fetches performed when processing referrals . - CVE-2020-8617: Fixed a logic error in code which checks TSIG validity . Non-security issue fixed: - Fixed an invalid ... oval:org.secpod.oval:def:89003422 This update for mariadb to version 10.2.22 fixes the following issues: Security issues fixed : - CVE-2019-2510: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service. - CVE-2019-2537: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Serv ... oval:org.secpod.oval:def:89003303 This update for openssl-1_1 fixes the following issues: Security issue fixed: - CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes . oval:org.secpod.oval:def:89003305 This update for screen fixes the following issues: Security issue fixed: - CVE-2015-6806: Fixed a stack overflow due to deep recursion . Non-security issue fixed: - Fixed segmentation faults related to altscreen and resizing screen . oval:org.secpod.oval:def:89003416 This update for wpa_supplicant fixes the following issues: This security issue was fixed: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the vul ... oval:org.secpod.oval:def:89003417 This update for gpg2 fixes the following issues: Security issue fixed: - CVE-2019-13050: Fixed denial-of-service attacks via big keys. Non-security issue fixed: - Allow coredumps in X11 desktop sessions . oval:org.secpod.oval:def:89002445 This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling . - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets . Non-security issues fixed: - Create runtime directories needed whe ... oval:org.secpod.oval:def:89003414 This update for openssl-1_0_0 fixes the following issues: OpenSSL Security Advisory [10 September 2019] * CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. * CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key In addition fixed invalid c ... oval:org.secpod.oval:def:89003409 This update for mariadb-100 fixes the following issues: Security issue fixed: - CVE-2019-2974: Fixed Server Optimizer . oval:org.secpod.oval:def:89003402 This update for wget fixes the following issues: Security issue fixed: - CVE-2019-5953: Fixed a buffer overflow vulnerability which might cause code execution . oval:org.secpod.oval:def:89002436 This update for opensc fixes the following issues: - CVE-2018-16391: Fixed a denial of service when handling responses from a Muscle Card - CVE-2018-16392: Fixed a denial of service when handling responses from a TCOS Card - CVE-2018-16393: Fixed buffer overflows when handling responses from Gemsa ... oval:org.secpod.oval:def:89002306 This update for ncurses fixes the following issue: Security issue fixed: - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry . oval:org.secpod.oval:def:89002303 This update for audiofile fixes the following issues: - CVE-2018-17095: A heap-based buffer overflow in Expand3To4Module::run could occurred when running sfconvert leading to crashes or code execution when handling untrusted soundfiles . oval:org.secpod.oval:def:89003463 This update for xmltooling fixes the following issue: Security issue fixed: - CVE-2019-9628: Fixed an improper handling of exception in XMLTooling library which could result in denial of service against the application using XMLTooling . oval:org.secpod.oval:def:89003101 This update for openexr fixes the following issues: Security issue fixed: - CVE-2017-9111: Fixed an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h . - CVE-2017-9113: Fixed an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp . - CVE-2017-9 ... oval:org.secpod.oval:def:89002497 This update for soundtouch fixes the following issues: - CVE-2018-17098: The WavFileBase class allowed remote attackers to cause a denial of service or possibly have unspecified other impact, as demonstrated by SoundStretch. - CVE-2018-17097: The WavFileBase class allowed remote attackers to cause ... oval:org.secpod.oval:def:89003103 This update for bluez fixes the following issue: - CVE-2016-9798: Fixed a use-after-free in conf_opt . oval:org.secpod.oval:def:89003224 This update for ibus fixes the following issues: Security issue fixed: - CVE-2019-14822: Fixed a misconfiguration of the DBus server that allowed an unprivileged user to monitor and send method calls to the ibus bus of another user oval:org.secpod.oval:def:89002250 This update for libqt5-qtbase fixes the following issues: Security issues fixed: - CVE-2018-15518: Fixed double free in QXmlStreamReader - CVE-2018-19873: Fixed Denial of Service on malformed BMP file in QBmpHandler oval:org.secpod.oval:def:89003461 This update for gdb fixes the following issues: Update to gdb 8.3.1: Security issues fixed: - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version gt; librpm.so.3 [bsc#1145692]: * Allow a ... oval:org.secpod.oval:def:89002131 This update for libgcrypt fixes the following issues: The following security vulnerability was addressed: - CVE-2018-0495: Mitigate a novel side-channel attack by enabling blinding for ECDSA signatures . The following other issues were fixed: - Extended the fipsdrv dsa-sign and dsa-verify commands w ... oval:org.secpod.oval:def:89003462 This update for lftp fixes the following issues: Security issue fixed: - CVE-2018-10916: Fixed an improper file name sanitization which could lead to loss of integrity of the local system . Other issue addressed: - The SSH login handling code detects password prompts more reliably . oval:org.secpod.oval:def:89003226 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . Non-security issues fixed: - Fix vfs_ceph ftruncate and fallocate handling . - Abide by l ... oval:org.secpod.oval:def:89003227 This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2019-8457: Fixed a Heap out-of-bound read in rtreenode when handling invalid rtree tables . oval:org.secpod.oval:def:89002139 This update for cups fixes the following issues: Security issue fixed: - CVE-2018-4300: Fixed extremely predictable cookie generation that is effectively breaking the CSRF protection of the CUPS web interface . oval:org.secpod.oval:def:89002362 This update for openldap2 fixes the following issues: Security issue fixed: - CVE-2017-17740: When both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service via a member MODDN oper ... oval:org.secpod.oval:def:89003218 This update for nmap fixes the following issues: Security issue fixed: - CVE-2018-15173: Fixed a remote denial of service attack via a crafted TCP-based service . oval:org.secpod.oval:def:89003214 This update for sqlite3 fixes the following issues: - CVE-2017-2518: Fixed a use-after-free vulnerability which could have led to buffer overflow via a crafted SQL statement . oval:org.secpod.oval:def:89003335 This update for netpbm fixes the following issues: Security issues fixed: - CVE-2018-8975: The pm_mallocarray2 function allowed remote attackers to cause a denial of service via a crafted image file . - CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack . - CVE-2017-2580: Fixed out-of-b ... oval:org.secpod.oval:def:89003338 This update for wireshark to version 2.4.16 fixes the following issues: Security issue fixed: - CVE-2019-13619: ASN.1 BER and related dissectors crash . oval:org.secpod.oval:def:89003459 This update for gnome-shell fixes the following issues: Security issue fixed: - CVE-2019-3820: Fixed a partial lock screen bypass . Fixed bugs: - Remove sessionList of endSessionDialog for security reasons . oval:org.secpod.oval:def:89044284 This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update which could have caused named to terminate unexpectedly . - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the ... oval:org.secpod.oval:def:89002351 This update for bluez fixes the following issues: Security issues fixed: - CVE-2016-9800: Fixed a buffer overflow in the pin_code_reply_dump function - CVE-2016-9801: Fixed a buffer overflow in the set_ext_ctrl function oval:org.secpod.oval:def:89003328 This update for xen fixes the following issues: Security issues fixed: - Fixed an issue which could allow malicious PV guests may cause a host crash or gain access to data pertaining to other guests.Additionally, vulnerable configurations are likely to be unstable even in the absence of an attack . ... oval:org.secpod.oval:def:89003449 This update for libu2f-host and pam_u2f to version 1.0.8 fixes the following issues: Security issues fixed for libu2f-host: - CVE-2019-9578: Fixed a memory leak due to a wrong parse of init"s response . - CVE-2018-20340: Fixed an unchecked buffer, which could allow a buffer overflow with a custom ma ... oval:org.secpod.oval:def:89003325 This update for curl fixes the following issues: Security issues fixed: - CVE-2019-3822: Fixed a NTLMv2 type-3 header stack buffer overflow . - CVE-2019-3823: Fixed an out-of-bounds read in the SMTP end-of-response . - CVE-2018-16890: Fixed an out-of-bounds buffer read in NTLM type2 . - CVE-2018-168 ... oval:org.secpod.oval:def:89003446 This update for nmap fixes the following issues: - Fixed a regression in the version scanner, caused by the fix for CVE-2018-15173 oval:org.secpod.oval:def:89003312 This update for atftp fixes the following issues: Security issues fixed: - CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because thread_list_mutex was not locked . - CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by an insecu ... oval:org.secpod.oval:def:89003438 This update for libssh2_org fixes the following issues: - Fix the previous fix for CVE-2019-3860 oval:org.secpod.oval:def:89003434 This update for libjpeg-turbo fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-14498: Fixed a heap-based buffer over read in get_8bit_row function which could allow to an attacker to cause denial of service . - CVE-2018-11813: Fixed the end-of-file mishan ... oval:org.secpod.oval:def:89003316 This update for tcpdump fixes the following issues: Security issues fixed: - CVE-2019-1010220: Fixed a buffer over-read in print_prefix which may expose data . - CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem . oval:org.secpod.oval:def:89003212 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input . - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources . - CVE-2019-13164: Security fix for qemu-bridge-help ... oval:org.secpod.oval:def:89003084 This update for ghostscript to 9.27 fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. - CVE-2019 ... oval:org.secpod.oval:def:89045547 This update for aspell fixes the following issues: - CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top . oval:org.secpod.oval:def:89003003 This update for postgresql10 fixes the following issues: Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89003273 This update for clamav fixes the following issues: - CVE-2019-15961: Fixed a denial of service which might occur when scanning a specially crafted email file as . oval:org.secpod.oval:def:89002972 This update for LibVNCServer fixes the following issues: - CVE-2020-25708 [bsc#1178682], libvncserver/rfbserver.c has a divide by zero which could result in DoS oval:org.secpod.oval:def:89003383 This update for java-1_7_0-openjdk fixes the following issues: Security issues fixed : - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes - CVE-2019-2964: Better support for patt ... oval:org.secpod.oval:def:89003128 This update for dpdk to version 17.11.7 fixes the following issues: - CVE-2019-14818: Fixed a memory leak vulnerability caused by a malicious container may lead to to denial of service . oval:org.secpod.oval:def:89002995 This update for dpdk to 17.11.7 fixes the following issues: Security issues fixed: - CVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base . - CVE-2020-10723: Fixed an integer truncation in vhost_user_check_and_alloc_queue_pair . oval:org.secpod.oval:def:89003474 This update for mailman fixes the following issues: - CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root . oval:org.secpod.oval:def:89045554 This update for openssl-1_0_0 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89003240 This update for mariadb to version 10.2.29 fixes the following issues: MariaDB was updated to 10.2.29 Security issues fixed: - CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service - CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause deni ... oval:org.secpod.oval:def:89003241 This update for sysstat fixes the following issue: - CVE-2019-16167: Fixed a memory corruption due to an integer overflow oval:org.secpod.oval:def:89003144 This update for mariadb-100 fixes the following issues: Updated to MariaDB 10.0.40-1. Security issues fixed: - CVE-2019-2805, CVE-2019-2740, CVE-2019-2739, CVE-2019-2737, CVE-2019-2614, CVE-2019-2627. . oval:org.secpod.oval:def:89003247 This update for mariadb and mariadb-connector-c fixes the following issues: mariadb: - Update to version 10.2.25 - CVE-2019-2628: Fixed a remote denial of service by an privileged attacker . - CVE-2019-2627: Fixed another remote denial of service by an privileged attacker . - CVE-2019-2614: Fixed a ... oval:org.secpod.oval:def:89048082 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.60 state of Mozilla SSL root CAs Removed CAs: - Global Chambersign Root - EC-ACC - Network Solutions Certificate Authority - Staat der Nederlanden EV Root CA - SwissSign Platinum CA - G2 Added CAs: - DIGITALSIGN GLOB ... oval:org.secpod.oval:def:89003021 This update for tigervnc fixes the following issues: - CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder . - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode . - CVE-2019-15693: Fixed a heap-based buffer overflow in TightDecoder::Filte ... oval:org.secpod.oval:def:89002163 This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2018-16850: Fixed improper quoting of transition table names when pg_dump emits CREATE TRIGGER could have caused privilege escalation . Non-security issues fixed: - Update to release 10.6: * https://www.postgresql.o ... oval:org.secpod.oval:def:89003005 This update for postgresql12 fixes the following issues: Upgrade to version 12.5: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89045796 This update for postgresql10 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045567 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:89003023 This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU . oval:org.secpod.oval:def:89003353 This update for libtasn1 fixes the following issues: Security issues fixed: - CVE-2018-1000654: Fixed a denial of service in the asn1 parser . - CVE-2017-6891: Fixed a stack overflow in asn1_find_node . oval:org.secpod.oval:def:89000695 This update for ghostscript to version 9.52 fixes the following issues: - CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2_image_compose . oval:org.secpod.oval:def:89045778 This update for postgresql, postgresql13 and postgresql14 fixes the following issues: Security issues fixed: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshak ... oval:org.secpod.oval:def:89045576 This update for libesmtp fixes the following issues: - CVE-2019-19977: Fix stack-based buffer over-read in ntlm/ntlmstruct.c . oval:org.secpod.oval:def:89045106 This update for linuxptp fixes the following issues: - CVE-2021-3570: Validate the messageLength field of incoming messages oval:org.secpod.oval:def:89045568 This update for file fixes the following issues: - CVE-2019-18218: Fixed heap-based buffer overflow in cdf_read_property_info in cdf.c . oval:org.secpod.oval:def:89002953 This update for python-PyYAML fixes the following issues: - CVE-2020-1747: Fixed an arbitrary code execution when YAML files are parsed by FullLoader . oval:org.secpod.oval:def:89045110 This update for systemd fixes the following issues: Security issues fixed: - CVE-2021-33910: Fixed a denial of service in systemd Other fixes: - mount-util: shorten the loop a bit - mount-util: do not use the official MAX_HANDLE_SZ - mount-util: tape over name_to_handle_at flakiness - mount-u ... oval:org.secpod.oval:def:89003361 This update for MozillaFirefox fixes the following issues: Security issues fixed: CVE-2018-18500: Fixed a use-after-free parsing HTML5 stream . CVE-2018-18501: Fixed multiple memory safety bugs . CVE-2018-18505: Fixed a privilege escalation through IPC channel messages . oval:org.secpod.oval:def:89003120 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 68.3esr Security issues fixed: - CVE-2019-17008: Fixed a use-after-free in worker destruction - CVE-2019-13722: Fixed a stack corruption due to incorrect number of arguments in WebRTC code - CVE-2019-11745: ... oval:org.secpod.oval:def:89003390 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 - CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sa ... oval:org.secpod.oval:def:89002418 This update for MozillaFirefox fixes the following issues: Security issues fixed: - Update to Mozilla Firefox 60.3.0esr: MFSA 2018-27 - CVE-2018-12392: Crash with nested event loops. - CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript. - CVE-2018-12395: WebExtensio ... oval:org.secpod.oval:def:89045793 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-afte ... oval:org.secpod.oval:def:89045553 This update for openssl-1_1 fixes the following security issues: - CVE-2021-3711: A bug in the implementation of the SM2 decryption code could lead to buffer overflows. [bsc#1189520] - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious a ... oval:org.secpod.oval:def:89003050 This update for libvirt fixes the following issues: Security issue fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent . - CVE-2019-3886: Fixed an information leak whic ... oval:org.secpod.oval:def:89003315 This update for openwsman fixes the following issues: Security issues fixed: - CVE-2019-3816: Fixed a vulnerability in openwsmand deamon which could lead to arbitary file disclosure . - CVE-2019-3833: Fixed a vulnerability in process_connection which could allow an attacker to trigger an infinite lo ... oval:org.secpod.oval:def:89003176 This update for ceph to version 12.2.12-594-g02236657ca fixes the following issues: Security issues fixed: - CVE-2018-16889: Fixed missing sanitation of customer encryption keys from log output in v4 auth oval:org.secpod.oval:def:89003392 This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas - CVE-2018-16866: Fixed an information leak in journald - Fixed an issue during system startup in relation to encrypted sw ... oval:org.secpod.oval:def:89003088 This update for ceph fixes the following issues: Security issues fixed: - CVE-2018-14662: mon: limit caps allowed to access the config store - CVE-2018-16846: rgw: enforce bounds on max-keys/max-uploads/max-parts - CVE-2018-16889: rgw: sanitize customer encryption keys from log output in v4 auth ... oval:org.secpod.oval:def:89003191 This update for glibc fixes the following issues: Security issue fixed: - CVE-2015-5180: Fixed a NULL pointer dereference with internal QTYPE . Feature work: - IBM zSeries arch13 hardware support in glibc added Other issue addressed: - Fixed a concurrency issue with ldconfig . oval:org.secpod.oval:def:89003085 This update for libunwind fixes the following issues: Security issues fixed: - CVE-2015-3239: Fixed a off-by-one in the dwarf_to_unw_regnum function Non-security issues fixed: - Fixed a dependency issue with libzmq5 - Fixed build on armv7 oval:org.secpod.oval:def:89003260 This update for wireshark to version 2.4.14 fixes the following issues: Security issues fixed: - CVE-2019-10895: NetScaler file parser crash. - CVE-2019-10899: SRVLOC dissector crash. - CVE-2019-10894: GSS-API dissector crash. - CVE-2019-10896: DOF dissector crash. - CVE-2019-10901: LDSS dissector c ... oval:org.secpod.oval:def:89002876 This update for gcc9 fixes the following issues: The GNU Compiler Collection is shipped in version 9. A detailed changelog on what changed in GCC 9 is available at https://gcc.gnu.org/gcc-9/changes.html The compilers have been added to the SUSE Linux Enterprise Toolchain Module. To use these compile ... oval:org.secpod.oval:def:89003083 This update for clamav to version 0.100.3 fixes the following issues: Security issues fixed : - CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. - CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files . ... oval:org.secpod.oval:def:89003318 This update for ghostscript to version 9.26a fixes the following issues: Security issue fixed: - CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators oval:org.secpod.oval:def:89003263 This update for tiff fixes the following issues: Security issues fixed: - CVE-2019-14973: Fixed an improper check which was depended on the compiler which could have led to integer overflow . - CVE-2016-5102: Fixed a buffer overflow in readgifimage - CVE-2018-17000: Fixed a NULL pointer dereference ... oval:org.secpod.oval:def:89003293 This update for binutils fixes the following issues: binutils was updated to current 2.32 branch @7b468db3 [jsc#ECO-368]: Includes the following security fixes:. oval:org.secpod.oval:def:89003177 This update for MozillaFirefox fixes the following issues: Security issuess addressed: - update to Firefox ESR 60.6.1 : - CVE-2019-9813: Fixed Ionmonkey type confusion with __proto__ mutations - CVE-2019-9810: Fixed IonMonkey MArraySlice incorrect alias information - Update to Firefox ESR 60.6 : - C ... oval:org.secpod.oval:def:89003117 This update for glib2 provides the following fix: Security issues fixed: - CVE-2019-12450: Fixed an improper file permission when copy operation takes place . - CVE-2018-16428: Avoid a null pointer dereference that could crash glib2 users in markup processing . - CVE-2018-16429: Fixed out-of-bounds ... oval:org.secpod.oval:def:89003468 This update for libxslt fixes the following issues: - CVE-2019-11068: Fixed a protection mechanism bypass where callers of xsltCheckRead and xsltCheckWrite would permit access upon receiving an error . oval:org.secpod.oval:def:89003343 This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers . - CVE-2019-6111: Properly ... oval:org.secpod.oval:def:89003346 This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate te ... oval:org.secpod.oval:def:89003055 This update for xen fixes the following issues: - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm . - CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 . - CVE-2019-19583: Fixed improper checks which could have allowed HVM ... oval:org.secpod.oval:def:89003126 This update for curl fixes the following issues: Security issues fixed: - CVE-2019-5481: Fixed a double-free during kerberos FTP data transfer. - CVE-2019-5482: Fixed a TFTP small block size heap buffer overflow . oval:org.secpod.oval:def:89048546 This update of grub2 fixes the following issues: * rebuild the package with the new secure boot key . oval:org.secpod.oval:def:89048582 This update of oracleasm fixes the following issues: * rebuild the package with the new secure boot key . oval:org.secpod.oval:def:89048528 This update of dpdk fixes the following issues: * rebuild the package with the new secure boot key . oval:org.secpod.oval:def:89003142 This update for libxslt fixes the following issues: Security issues fixed: - CVE-2019-13118: Fixed a read of uninitialized stack data . - CVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters . oval:org.secpod.oval:def:89044234 This update for cups fixes the following issues: - CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks oval:org.secpod.oval:def:89003215 This update for SDL fixes the following issues: Security issues fixed: - CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.. - CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c . - CVE-2019-7576: Fixed heap-based buffer over-read in ... oval:org.secpod.oval:def:89003267 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation . - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp . - CVE-2018-19489: Fixed a denial of ser ... oval:org.secpod.oval:def:89003476 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2019-14857: Fixed an open redirect issue that exists in URLs with trailing slashes . oval:org.secpod.oval:def:89046056 This update for virglrenderer fixes the following issues: - CVE-2022-0135: Fixed out-of-bonds write in read_transfer_data . oval:org.secpod.oval:def:89003413 This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an arbitrary command execution . oval:org.secpod.oval:def:89003030 This update for sssd fixes the following issues: Security issue fixed: - CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation Non-security issues fixed: - Missing GPOs directory could have led to login problems - Fix a crash by adding a netgroup counter ... oval:org.secpod.oval:def:89003292 This update for sssd fixes the following issues: Security vulnerabilities addressed: - Fix fallback_homedir returning "/" for empty home directories - Create sockets with right permissions Other bug fixes and changes: - Install logrotate configuration - Strip whitespaces in netgroup triples - A ... oval:org.secpod.oval:def:89045540 This update for cpio fixes the following issues: - A patch previously applied to remedy CVE-2021-38185 introduced a regression that had the potential to cause a segmentation fault in cpio. [bsc#1189465] oval:org.secpod.oval:def:89003276 This update for cpio fixes the following issues: - CVE-2019-14866: Fixed an improper validation of the values written in the header of a TAR file through the to_oct function which could have led to unexpected TAR generation . oval:org.secpod.oval:def:89048179 This update for bluez fixes the following issues: - CVE-2022-39176: Fixed a memory safety issue that could allow physically proximate attackers to obtain sensitive information . - CVE-2022-39177: Fixed a memory safety issue that could allow physically proximate attackers to cause a denial of service ... oval:org.secpod.oval:def:89003278 This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of ... oval:org.secpod.oval:def:89045563 This update for python-PyYAML fixes the following issues: - Update to 5.3.1. - CVE-2020-14343: A vulnerability was discovered in the PyYAML library, where it was susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. ... oval:org.secpod.oval:def:89003366 This update for ncurses fixes the following issues: Security issue fixed: - - CVE-2019-17594: Fixed a heap-based buffer over-read in _nc_find_entry function in tinfo/comp_hash.c . - CVE-2019-17595: Fixed a heap-based buffer over-read in fmt_entry function in tinfo/comp_hash.c . Bug fixes: - Fixed pp ... oval:org.secpod.oval:def:89048150 This update for freeradius-server fixes the following issues: - CVE-2022-41859: Fixed an issue in EAP-PWD that could leak information about the password, which could facilitate dictionary attacks . - CVE-2022-41860: Fixed a crash in servers with EAP_SIM manually configured, which could be triggered ... oval:org.secpod.oval:def:89047681 This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser . oval:org.secpod.oval:def:89048894 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230512 release. * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL-N | A0 | 06-be-00/01 | | 0000 ... oval:org.secpod.oval:def:89047044 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:89046080 This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb . - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image . - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS ... oval:org.secpod.oval:def:89046090 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:89049103 This update for java-1_8_0-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 6 : * Fixed issue in Java Virtual Machine where outofmemory killer terminates the jvm due to failure in control groups detection. oval:org.secpod.oval:def:89049237 This update for tomcat fixes the following issues: * Remove the log4j dependency as it is not used by the tomcat package Security hardening, related to Spring Framework vulnerabilities: \- Deprecate getResources and always return null . oval:org.secpod.oval:def:89049095 This update of installation-images fixes the following issues: * rebuild the package with the new secure boot key . oval:org.secpod.oval:def:89048043 This update for zabbix fixes the following issues: - CVE-2022-43515: X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode . oval:org.secpod.oval:def:89003113 This update for krb5 fixes the following issues: Security issue fixed: - CVE-2018-20217: Fixed an assertion issue with older encryption types oval:org.secpod.oval:def:89003199 This update for libssh2_org fixes the following issue: - CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service . oval:org.secpod.oval:def:89002996 This update for samba fixes the following issues: - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing . oval:org.secpod.oval:def:89003428 This update for samba fixes the following issues: - CVE-2019-10218: Client code can return filenames containing path separators . oval:org.secpod.oval:def:89003228 This update for spamassassin to version 3.4.2 fixes the following issues: Security issues fixed: - CVE-2017-15705: Fixed denial of service via unclosed tags in crafted emails . - CVE-2018-11781: Fixed a code injection in the meta rule syntax by local users . - CVE-2018-11780: Fixed a potential remot ... oval:org.secpod.oval:def:89000376 This update for xen fixes the following issues: Security issues fixed: - CVE-2020-11742: Bad continuation handling in GNTTABOP_copy . - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues . - CVE-2020-11739: Missing memory barriers in read-write unlock paths . - CVE-2020-11743: Bad ... oval:org.secpod.oval:def:89000470 This update for wicked fixes the following issues: - CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options . - CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IA_PD option . - CVE-2020-7216: Fixed a potential denial of service via a memory leak when p ... oval:org.secpod.oval:def:89000157 This update for mariadb fixes the following issues: MariaDB was updated to version 10.2.31 GA . Security issues fixed: - CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client . - CVE-2019-18901: Fixed an unsafe path handling behavior in mysql-systemd- ... oval:org.secpod.oval:def:89000138 This update for mgetty fixes the following issues: - CVE-2019-1010190: Fixed a denial of service which could be caused by a local attacker in putwhitespan . oval:org.secpod.oval:def:89000363 This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues: - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method . - CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images . - CVE-2020-6825: Fixed Memory ... oval:org.secpod.oval:def:89000538 This update for Mesa fixes the following issues: Security issue fixed: - CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability . oval:org.secpod.oval:def:89044266 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ... oval:org.secpod.oval:def:89048195 This update for sssd fixes the following issues: - CVE-2022-4254: Fixed a bug in libsss_certmap which could allow an attacker to gain control of the admin account and perform a full domain takeover oval:org.secpod.oval:def:89002960 This is a version update for ceph to version 12.2.13: Security issue fixed: - CVE-2020-10753: Fixed an HTTP header injection via CORS ExposeHeader tag . - Notable changes in this update for ceph: * mgr: telemetry: backported and now available on SES5.5. Please consider enabling via quot;ceph telemet ... oval:org.secpod.oval:def:89002962 This update for ceph fixes the following issues: - CVE-2020-12059: Fixed a denial of service caused by a specially crafted XML payload on POST requests . oval:org.secpod.oval:def:89002949 This update for ceph fixes the following issues: - CVE-2020-1760: Fixed XSS due to RGW GetObject header-splitting . oval:org.secpod.oval:def:89046099 This update for tomcat fixes the following issues: Security issues fixed: - CVE-2022-23181: Fixed time of check, time of use vulnerability that allowed local privilege escalation. - Remove log4j dependency, which is currently directly in use - Make the package RPM conflict even more specific to co ... oval:org.secpod.oval:def:89048152 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure channel . - CVE- ... oval:org.secpod.oval:def:89003245 This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: regex: fix read overrun - CVE-2016-10739: Fully parse IPv4 address strings - CVE-2009-5155: ERE "0|0|\1|0" causes regexec undefined behavior Non-security issues fixed: - Enable TLE only if GLIBC_ELISION_ENAB ... oval:org.secpod.oval:def:89048005 This update for glibc fixes the following issues: - CVE-2015-8985: Fixed assertion failure in pop_fail_stack when executing a malformed regexp - x86: fix stack alignment in pthread_cond_[timed]wait - Recognize ppc64p7 arch to build for power7 oval:org.secpod.oval:def:89003420 This update for apache2-mod_perl fixes the following issues: Security issue fixed: - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account . Other issue addressed: - Restore process name after sv_setpv_mg call oval:org.secpod.oval:def:89048166 This update for libXpm fixes the following issues: - CVE-2022-46285: Fixed an infinite loop that could be triggered when reading a XPM image with a C-style comment that is never closed . - CVE-2022-44617: Fixed an excessive resource consumption that could be triggered when reading small crafted XPM ... oval:org.secpod.oval:def:89048018 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:89047008 This update for squid fixes the following issues: - CVE-2022-41317: Fixed exposure of sensitive information in cache manager . - CVE-2022-41318: Fixed buffer overread in SSPI and SMB Authentication . oval:org.secpod.oval:def:89048032 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ... oval:org.secpod.oval:def:89048778 This update for shadow fixes the following issues: * CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn . oval:org.secpod.oval:def:89048671 This update for systemd fixes the following issues: * CVE-2023-26604: Fixed a privilege escalation via the less pager. * CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting . * CVE-2022-3821: Fixed buffer overrun in format_timespan function . Bug fixes: * ... oval:org.secpod.oval:def:89048591 This update for poppler fixes the following issues: * CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder . * CVE-2019-13283: Fixed heap-based buffer over-read that could be triggered by sending a crafted PDF document to the pdftotext tool . oval:org.secpod.oval:def:89047042 This update for postgresql-jdbc fixes the following issues: - CVE-2022-31197: Fixed SQL injection vulnerability . oval:org.secpod.oval:def:89047634 This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed denial of service vulnerability with lots of connections . - Exclude ipv6 addresses in client protocol version 2 code oval:org.secpod.oval:def:89046065 This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c . oval:org.secpod.oval:def:89047765 This update fixes the following issues: golang-github-lusitaniae-apache_exporter: - Update to upstream release 0.11.0 * Add TLS support * Switch to logger, please check --log.level and --log.format flags - Update to version 0.10.1 * Bugfix: Reset ProxyBalancer metrics on each scrape to remove stale ... oval:org.secpod.oval:def:89000341 This update for mariadb and mariadb-connector-c fixes the following issues: - Update mariadb to 10.2.36 GA [bsc#1177472, bsc#1178428] fixing for the following security vulnerabilities: CVE-2020-14812, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 CVE-2020-15180 - Update mariadb-connector-c to 3.1.1 ... oval:org.secpod.oval:def:89000062 This update for mariadb-connector-c fixes the following issues: Security issue fixed: - CVE-2020-13249: Fixed an improper validation of OK packets received from clients . Non-security issues fixed: - Update to release 3.1.8 * CONC-304: Rename the static library to libmariadb.a and other libmariadb ... oval:org.secpod.oval:def:89000083 This update for openssl-1_1 fixes the following issues: - CVE-2020-1967: Fixed a denial of service via NULL pointer dereference in SSL_check_chain . oval:org.secpod.oval:def:89000021 This update for mariadb-100 fixes the following issues: mariadb-100 was updated to version 10.0.44 - CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-2812: Fixed an issue which could have resulted in unauthorized ability to cause ... oval:org.secpod.oval:def:89000372 This update for mariadb fixes the following issues: mariadb was updated to version 10.2.32 - CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-2812: Fixed an issue which could have resulted in unauthorized ability to cause denial ... oval:org.secpod.oval:def:89000272 This update for krb5-appl fixes the following issues: - CVE-2020-10188: Fixed a remote root execution . oval:org.secpod.oval:def:89000360 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2019-20479: Fixed an open redirect issue in URLs with slash and backslash . oval:org.secpod.oval:def:89046088 This update for tcpdump fixes the following issues: - CVE-2018-16301: Fixed segfault when handling large files . oval:org.secpod.oval:def:89000406 This update for libpng12 fixes the following issues: Security issue fixed: - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks . oval:org.secpod.oval:def:89046013 glibc was updated to fix the following issues: Security issues fixed: - CVE-2021-3999: Fixed incorrect errno in getcwd - CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for unix - CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create Bugs fixed: - Make endian-conversion macro ... oval:org.secpod.oval:def:89002941 This update for spice-gtk fixes the following issues: - CVE-2020-14355: Fixed multiple buffer overflow vulnerabilities in QUIC image decoding . oval:org.secpod.oval:def:89046062 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89046101 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:89046745 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89047050 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ... oval:org.secpod.oval:def:89047795 This update for MozillaFirefox fixes the following issues: Updated to version 102.4.0 ESR : - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.prin ... oval:org.secpod.oval:def:89047708 This update for tiff fixes the following issues: - CVE-2022-2519: Fixed a double free in rotateImage . - CVE-2022-2520: Fixed a assertion failure in rotateImage . - CVE-2022-2521: Fixed invalid free in TIFFClose . - CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c . - CVE-2022-2868: F ... oval:org.secpod.oval:def:89046911 This update for bluez fixes the following issues: - CVE-2019-8922: Fixed a buffer overflow in the implementation of the Service Discovery Protocol . oval:org.secpod.oval:def:89047647 This update for bluez fixes the following issues: - CVE-2019-8921: Fixed heap-based buffer overflow via crafted request . - CVE-2016-9803: Fixed memory leak . oval:org.secpod.oval:def:89046071 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege - CVE-2021-0127: Intel Processor Breakpoint Control Flow - CVE-2021-0145: Fa ... oval:org.secpod.oval:def:89002905 This update for tigervnc fixes the following issues: - CVE-2020-26117: Server certificates were stored as certiticate authorities, allowing malicious owners of these certificates to impersonate any server after a client had added an exception oval:org.secpod.oval:def:89047699 This update for multipath-tools fixes the following issues: - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. - Avoid linking to libreadline to avoid licensing issue oval:org.secpod.oval:def:89048932 This update for openvswitch fixes the following issues: * CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV . * CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV . * CVE-2022-32166: Fixed a out of bounds read in minimask_equal . * CVE-2021-36980: Fixed a use-afte ... oval:org.secpod.oval:def:89046739 This update for openssl-1_1 fixes the following issues: - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode. oval:org.secpod.oval:def:89046899 This update for rsync fixes the following issues: - CVE-2022-29154: Fixed an arbitrary file write issue that could be triggered by a malicious remote server . oval:org.secpod.oval:def:89047023 This update for postgresql14 fixes the following issues: - Upgrade to version 14.5: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to version 14.4 - Release notes: https://www.postgresql.org/docs/release/14.4/ - Release anno ... oval:org.secpod.oval:def:89048010 This update for tomcat fixes the following issues: - CVE-2022-42252: Fixed a request smuggling . oval:org.secpod.oval:def:89048013 This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags . oval:org.secpod.oval:def:89048479 This update for xorg-x11-server fixes the following issues: * Fixed a regression introduced with security update for CVE-2022-46340 . oval:org.secpod.oval:def:89000479 This update for audiofile fixes the following issues: Security issue fixed: - CVE-2018-13440: Return AF_FAIL instead of causing NULL pointer dereferences later . oval:org.secpod.oval:def:89000318 This update for xerces-c fixes the following issues: - CVE-2017-12627: Processing of external DTD paths could have resulted in a null pointer dereference under certain conditions oval:org.secpod.oval:def:89000427 This update for librsvg to version 2.40.21 fixes the following issues: librsvg was updated to version 2.40.21 fixing the following issues: - CVE-2019-20446: Fixed an issue where a crafted SVG file with nested patterns can cause denial of service . NOTE: Librsvg now has limits on the number of loaded ... oval:org.secpod.oval:def:89000410 This update for libexif fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file . - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c . - CVE-2 ... oval:org.secpod.oval:def:89046050 This update for zsh fixes the following issues: - CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion . - CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option . - ... oval:org.secpod.oval:def:89000582 This update for libqt4 fixes the following issues: - CVE-2018-15518: Fixed a double free in QXmlStreamReader - CVE-2018-19873: Fixed a segmantation fault via a malformed BMP file . - CVE-2018-19869: Fixed an improper checking which might lead to a crach via a malformed url reference . - Added stric ... oval:org.secpod.oval:def:89000310 This update for file-roller fixes the following issues: - CVE-2019-16680: Fixed a path traversal vulnerability which could have allowed an overwriting of a file during extraction . oval:org.secpod.oval:def:89000534 This update for memcached fixes the following issues: Security issue fixed: - CVE-2019-11596: Fixed a NULL pointer dereference in process_lru_command . - CVE-2019-15026: Fixed a stack-based buffer over-read . oval:org.secpod.oval:def:89000054 This update for libxslt fixes the following issue: - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure . oval:org.secpod.oval:def:89000608 This update for git fixes the following issues: Security issue fixed: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host . Non-security issue fixed: git was updated to 2.26.0 for SHA256 supp ... oval:org.secpod.oval:def:89000554 This update for file-roller fixes the following issues: Security issue fixed: - CVE-2020-11736: Fixed a directory traversal vulnerability due to improper checking whether a file"s parent is an external symlink . oval:org.secpod.oval:def:89000307 This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised . - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expre ... oval:org.secpod.oval:def:89000544 This update for djvulibre fixes the following issues: - CVE-2019-18804: Fixed a null pointer dereference . oval:org.secpod.oval:def:89000651 This update for icu fixes the following issues: - CVE-2020-10531: Fixed integer overflow in UnicodeString:doAppend . oval:org.secpod.oval:def:89000402 This update for git to 2.26.2 fixes the following issues: Security issue fixed: - CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted . Non-security issue fixed: - ... oval:org.secpod.oval:def:89000477 This update for ovmf fixes the following issues: - CVE-2019-14559: Fixed a memory leak in ArpOnFrameRcvdDpc . oval:org.secpod.oval:def:89000573 This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug . - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion . Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives . - Don"t defaul ... oval:org.secpod.oval:def:89000440 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53.1 - CVE-2020-12402: Fixed a potential side channel attack during RSA key generation . - CVE-2020-12399: Fixed a timing attack on DSA signature generation . - CVE-2019-17006: Added length che ... oval:org.secpod.oval:def:89000494 This update for mariadb-100 fixes the following issues: MariaDB was updated to version 10.0.40-3 . Security issue fixed: - CVE-2020-2574: Fixed a difficult to exploit vulnerability that allowed an attacker to crash the client . oval:org.secpod.oval:def:89000075 This update for python to version 2.7.17 fixes the following issues: Syncing with lots of upstream bug fixes and security fixes. Bug fixes: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed t ... oval:org.secpod.oval:def:89000170 This update for openexr provides the following fix: Security issues fixed: - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp . - CVE-2020-11763: Fixed an out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp . - CVE-2020-11758: Fixed an out-of-bounds ... oval:org.secpod.oval:def:89000044 This update for pam_radius fixes the following issues: - CVE-2015-9542: Fixed a buffer overflow in password field . - On s390x didn"t decrypt passwords correctly . oval:org.secpod.oval:def:89000314 This update for dovecot22 fixes the following issues: - CVE-2020-12673: improper implementation of NTLM does not check message buffer size . - CVE-2020-12674: improper implementation of RPA mechanism . oval:org.secpod.oval:def:89000667 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows oval:org.secpod.oval:def:89000233 This update for libX11 fixes the following issues: - CVE-2020-14363: Fix an integer overflow in init_om . oval:org.secpod.oval:def:89000452 This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol . - Add fibre channel device"s ofpath support to grub-ofpathname and search hint to speed up root device discovery . oval:org.secpod.oval:def:89000572 This update for openssl-1_1 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . - CVE-2019-1563: Fixed bleichenbacher attack against cms/pkcs7 encryptioon transported key . - ... oval:org.secpod.oval:def:89000382 This update for openssl-1_0_0 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . oval:org.secpod.oval:def:89000242 This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to version 68.9.0 Extended Support Release . - CVE-2020-12405: Fixed a use-after-free in SharedWorkerService. - CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes. - CVE-2020-12410: Fixed multiple ... oval:org.secpod.oval:def:89000069 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:89000052 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows . oval:org.secpod.oval:def:89000094 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . - CVE-2019-20382: Fixed a potential DoS due to a memory leak in VNC disconnect . - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code ... oval:org.secpod.oval:def:89000670 This update for spice fixes the following issues: - CVE-2020-14355: Fixed multiple buffer overflow vulnerabilities in QUIC image decoding . oval:org.secpod.oval:def:89000403 This update for openldap2 fixes the following issues: - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules . oval:org.secpod.oval:def:89000449 This update for openssl-1_0_0 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:89000260 This update for squid fixes the following issues: - CVE-2020-15049.patch: fixes a Cache Poisoning and Request Smuggling attack oval:org.secpod.oval:def:89000012 This update for vino fixes the following issues: - CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory . oval:org.secpod.oval:def:89000298 This update for openssl-1_1 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:89048006 This update for glib2 fixes the following issues: - CVE-2021-28153: Fixed a dangling symlink when g_file_replace is used with G_FILE_CREATE_REPLACE_DESTINATION . oval:org.secpod.oval:def:89048041 This update for xorg-x11-server fixes the following issues: - CVE-2022-46340: Server XTestSwapFakeInput stack overflow - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access - CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free - CVE-2022-46343: Server ScreenSaverSetAttribute ... oval:org.secpod.oval:def:89049108 This update for ghostscript fixes the following issues: * CVE-2023-36664: Fixed permission validation mishandling for pipe devices with the %pipe% prefix or the | pipe character prefix . oval:org.secpod.oval:def:89002068 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function . - CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function . - CVE-2016-10094: Fixed heap-based buffer overflow ... oval:org.secpod.oval:def:89048791 This update for liblouis fixes the following issues: * CVE-2023-26767: Fixed buffer overflow vulnerability in lou_logFile function . * CVE-2023-26768: Fixed buffer overflow in lou_logFile . * CVE-2023-26769: Fixed buffer Overflow vulnerability in resolveSubtable function . oval:org.secpod.oval:def:89047043 This update for krb5-appl fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in krb5-appl telnetd . oval:org.secpod.oval:def:89047684 This update for telnet fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in telnetd . oval:org.secpod.oval:def:89048148 This update for git fixes the following issues: - CVE-2022-41903: Fixed a heap overflow in the "git archive" and "git log --format" commands . - CVE-2022-23521: Fixed an integer overflow that could be triggered when parsing a gitattributes file . oval:org.secpod.oval:def:89003300 This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice . - CVE-2019-19604: Fixed a recursive clone followed by a su ... oval:org.secpod.oval:def:89045791 This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos . - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members . oval:org.secpod.oval:def:89003440 This update for w3m fixes several issues. These security issues were fixed: - CVE-2018-6196: Prevent infinite recursion in HTMLlineproc0 caused by the feed_table_block_tag function which did not prevent a negative indent value - CVE-2018-6197: Prevent NULL pointer dereference in formUpdateBuffer - ... oval:org.secpod.oval:def:89003207 This update for openjpeg2 fixes the following issues: Security issue fixed: - CVE-2016-1923: Fixed anout of bounds read int opj_j2k_update_image_data and opj_tgt_reset . oval:org.secpod.oval:def:89048606 This update for emacs fixes the following issues: * CVE-2022-48337: Fixed etags local command injection vulnerability . * CVE-2022-48339: Fixed htmlfontify.el command injection vulnerability . oval:org.secpod.oval:def:89048643 This update for xorg-x11-server fixes the following issues: * CVE-2023-1393: Fixed use-after-free overlay window . oval:org.secpod.oval:def:89048796 This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url using tab character . * CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied . oval:org.secpod.oval:def:89048967 This update for libX11 fixes the following issues: * CVE-2023-3138: Fixed buffer overflows in InitExt.c . oval:org.secpod.oval:def:89048061 This update for java-1_7_1-ibm fixes the following issues: IBM Security Update November 2022: - CVE-2022-3676: A security vulnerability was fixed in version 7.1.5.15, adding the reference here. oval:org.secpod.oval:def:89048069 This update for java-1_8_0-ibm fixes the following issues: IBM Security Update November 2022: - CVE-2022-3676: A security vulnerability was fixed in version 8.0.7.20, adding the reference here. oval:org.secpod.oval:def:89048187 This update for tiff fixes the following issues: - CVE-2022-48281: Fixed a buffer overflow that could be triggered via a crafted image . oval:org.secpod.oval:def:89000649 This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 - Fix for CVE-2020-15706 - Fix for CVE-2020-15707 - Use overflow checking primitives where the arithmetic expression for buffer allocations may inclu ... oval:org.secpod.oval:def:89048789 This update for shim fixes the following issues: * Update only adds the CVE reference to the previously released update oval:org.secpod.oval:def:89047036 This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c . oval:org.secpod.oval:def:89046084 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:89047045 This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA a ... oval:org.secpod.oval:def:89044205 This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars . oval:org.secpod.oval:def:89048194 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp ... oval:org.secpod.oval:def:89003068 This update for apache2-mod_jk fixes the following issue: Security issue fixed: - CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd . oval:org.secpod.oval:def:89003166 This update for apache2 fixes the following issues: * CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for URL normalization throughout all of its components. In particular, consecutive slashes were not always collapsed. Attackers could potentially abuse these inconsistencies ... oval:org.secpod.oval:def:89046428 This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash oval:org.secpod.oval:def:89048746 This update for ovmf fixes the following issues: * CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 . * CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd . oval:org.secpod.oval:def:89002024 This update for mariadb fixes the following issues: Update to MariaDB 10.0.37 GA . Security issues fixed: - CVE-2018-3282: Server Storage Engines unspecified vulnerability - CVE-2018-3251: InnoDB unspecified vulnerability - CVE-2018-3174: Client programs unspecified vulnerability - CVE-2018-31 ... oval:org.secpod.oval:def:89003472 This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2018-8740: Fixed a NULL pointer dereference related to corrupted databases schemas . - CVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize . oval:org.secpod.oval:def:89003198 This update for mariadb to version 10.2.19 fixes the following issues: Security issues fixed: - CVE-2016-9843: Big-endian out-of-bounds pointer - CVE-2018-3282, CVE-2018-3174, CVE-2018-3143, CVE-2018-3156, CVE-2018-3251, CVE-2018-3185, CVE-2018-3277, CVE-2018-3162, CVE-2018-3173, CVE-2018-3200, CV ... oval:org.secpod.oval:def:89002052 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 conne ... oval:org.secpod.oval:def:89003262 This update for java-1_7_1-ibm to version 7.1.4.40 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl . - CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c . More information: https://developer.ibm.com/javasdk/support/s ... oval:org.secpod.oval:def:89003136 This update for xen fixes the following issues: - Update to Xen 4.11.1 bug fix release - CVE-2018-17963: Fixed an integer overflow issue in the QEMU emulator, which could occur when a packet with large packet size is processed. A user inside a guest could have used this flaw to crash the qemu proce ... oval:org.secpod.oval:def:89003374 This update for java-1_8_0-ibm to version 8.0.5.30 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl . - CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c . - CVE-2018-1890: Fixed a local privilege escalation via RPATH ... oval:org.secpod.oval:def:89002039 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE . - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c . - CVE-2017-5732: Fixed privilege escalation via pro ... oval:org.secpod.oval:def:89003355 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun . - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet . - CVE-2018-3630: Fixed a logic error i ... oval:org.secpod.oval:def:89003110 This update for openldap2 fixes the following issues: Security issues fixed: - CVE-2019-13565: Fixed ssf memory reuse that leads to incorrect authorization of another connection, granting excess connection rights . - CVE-2019-13057: Fixed rootDN of a backend that may proxyauth incorrectly to anothe ... oval:org.secpod.oval:def:89003236 This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend . oval:org.secpod.oval:def:89003031 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd . - CVE-20 ... oval:org.secpod.oval:def:89003097 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 45. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes . - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component . - CVE-2019-2697: Fixed fla ... oval:org.secpod.oval:def:89003302 This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2019-16168: Fixed improper validation of sqlite_stat1 field that could lead to denial of service . oval:org.secpod.oval:def:89002316 This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use thi ... oval:org.secpod.oval:def:89002307 This update for wireshark fixes the following issues: Update to Wireshark 2.4.11 . Security issues fixed: - CVE-2018-19625: The Wireshark dissection engine could crash - CVE-2018-19626: The DCOM dissector could crash - CVE-2018-19623: The LBMPDM dissector could crash - CVE-2018-19622: The MMSE di ... oval:org.secpod.oval:def:89002132 This update for wireshark fixes the following issues: Wireshark was updated to 2.4.10 . Following security issues were fixed: - CVE-2018-18227: MS-WSP dissector crash - CVE-2018-12086: OpcUA dissector crash Further bug fixes and updated protocol support that were done are listed in: https://www.wi ... oval:org.secpod.oval:def:89003340 This update for java-1_7_0-openjdk fixes the following issues: Update to 2.6.18 - OpenJDK 7u221 Security issues fixed: - CVE-2019-2602: Fixed flaw inside BigDecimal implementation . - CVE-2019-2684: Fixed flaw inside the RMI registry implementation . - CVE-2019-2698: Fixed out of bounds access fla ... oval:org.secpod.oval:def:89003339 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 35. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes . - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component . - CVE-2019-2697: Fixed fla ... oval:org.secpod.oval:def:89003320 This update for java-1_8_0-openjdk to version 8u191 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ... oval:org.secpod.oval:def:89003443 This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd . Other isses addressed: - Fixed an issue which caused openSSL mismatch - Fixed several bugs in the BA ... oval:org.secpod.oval:def:89003437 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe . - CVE-2018-12181: Fixed a stack buffer overflow in the HII database ... oval:org.secpod.oval:def:89048593 This update for vim fixes the following issues: * CVE-2023-0512: Fixed a divide By Zero . * CVE-2023-1175: vim: an incorrect calculation of buffer size . * CVE-2023-1170: Fixed a heap-based Buffer Overflow . * CVE-2023-1127: Fixed divide by zero in scrolldown . Updated to version 9.0 with patch leve ... oval:org.secpod.oval:def:89002091 This update for openssl-1_0_0 fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation . - CVE-2018-5407: Fixed elliptic curve scalar multiplication timing attack defenses . - Add missing timing side channel patch for DSA signature ge ... oval:org.secpod.oval:def:89048292 This update for clamav fixes the following issues: - CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser . - CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser . oval:org.secpod.oval:def:89048137 This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions . oval:org.secpod.oval:def:89048766 This update for dmidecode fixes the following issues: * CVE-2023-30630: Fixed potential privilege escalation vulnerability via file overwrite . oval:org.secpod.oval:def:89049092 This update for libqt5-qtbase fixes the following issues: * CVE-2020-24741: Fixed a bug that allow QLibrary to load libraries relative to CWD which could result in arbitrary code execution . * CVE-2023-32763: Fixed buffer overflow in QTextLayout . oval:org.secpod.oval:def:89048647 This update for xen fixes the following issues: * CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode . * CVE-2022-42333,CVE-2022-42334: Fixed x86/HVM pinned cache attributes mis- handling . * CVE-2022-42331: Fixed speculative vulnerability in 32bit SYSCALL path on x86 . ## Specia ... oval:org.secpod.oval:def:89048992 This update for openssl-1_0_0 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . oval:org.secpod.oval:def:89048991 This update for openssl-1_1 fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . * Update further expiring certificates t ... oval:org.secpod.oval:def:89048158 This update for xen fixes the following issues: - CVE-2022-23824: Fixed multiple speculative execution issues . Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:89000232 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 68.6.1esr MFSA 2020-11 * CVE-2020-6819 Use-after-free while running the nsDocShell destructor * CVE-2020-6820 Use-after-free when handling a ReadableStream oval:org.secpod.oval:def:89000691 This update for squid fixes the following issues: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply . - CVE-2020-15811: Improve Transfer-Encoding handling . - CVE-2020-15810: Enforce token characters for field-name . oval:org.secpod.oval:def:89003341 This update for evince fixes the following issues: Security issues fixed: - CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory . - CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c . oval:org.secpod.oval:def:89048777 This update for git fixes the following issues: * CVE-2023-25652: Fixed partial overwrite of paths outside the working tree . * CVE-2023-25815: Fixed malicious placemtn of crafted message . * CVE-2023-29007: Fixed arbitrary configuration injection . oval:org.secpod.oval:def:89000578 This update for python3 fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000624 This update for squid fixes the following issues: - CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake . - CVE-2019-18860: Fixed handling of invalid domain names in cachemgr.cgi . oval:org.secpod.oval:def:89000336 This update for squid fixes the following issues: - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing . - CVE ... oval:org.secpod.oval:def:89003331 This update for squid fixes the following issues: Security issue fixed: - CVE-2019-12529: Fixed a potential denial of service associated with HTTP Basic Authentication credentials . - CVE-2019-12525: Fixed a denial of service during processing of HTTP Digest Authentication credentials . - CVE-2019-1 ... oval:org.secpod.oval:def:89048502 This update for nrpe fixes the following issues: * CVE-2015-4000: Fixed Logjam Attack by increasing the standard size of 512 bit dh parameters to 2048 . oval:org.secpod.oval:def:89049142 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.0.2 ESR Security fixes: * CVE-2023-3600: Fixed use-after-free in workers Other fixes: * Fixed a startup crash experienced by some Windows users by blocking instances of a malicious injected DLL * Fixed ... oval:org.secpod.oval:def:89049110 This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox and MozillaFirefox-branding-SLE: This update provides Firefox Extended Support Release 115.0 ESR * New: * Required fields are now highlighted in PDF forms. * Improved performance on high ... oval:org.secpod.oval:def:89048927 This update for cups fixes the following issues: * CVE-2023-32324: Fixed a buffer overflow in format_log_line which could cause a denial-of-service . oval:org.secpod.oval:def:89049403 This update for cups fixes the following issues: * CVE-2023-4504: Fixed heap overflow in OpenPrinting CUPS Postscript Parsing . * CVE-2023-34241: Fixed a use-after-free problem in cupsdAcceptClient . * CVE-2023-32360: Fixed information leak through Cups-Get-Document operation . oval:org.secpod.oval:def:89048858 This update for java-1_8_0-openjdk fixes the following issues: * Updated to version jdk8u372 : * CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker to access critical data without authorization . * CVE-2023-21937: Fixed an issue in the Networking component that could a ... oval:org.secpod.oval:def:89048944 This update for java-1_8_0-ibm fixes the following issues: * CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS . * CVE-2023-21937: Fixed vulnerability inside the networking component . * CVE-2023-21938: Fixed vulnerability inside the library componen ... oval:org.secpod.oval:def:89048799 This update for harfbuzz fixes the following issues: * CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O growth via consecutive marks . oval:org.secpod.oval:def:89048197 This update for vim fixes the following issues: - Updated to version 9.0.1234: - CVE-2023-0433: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0288: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0054: Fixed an out of bounds memory write that c ... oval:org.secpod.oval:def:89045113 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970: Use-after-free in accessibility features of a document * CVE-2021-30547: Out of bounds write in ANGLE ... oval:org.secpod.oval:def:89048022 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u352 : - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows unauthenticated attacker with network access and can cause unauthorized update, insert or delete access via multiple protocols ... oval:org.secpod.oval:def:89046909 This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 11 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead to ... oval:org.secpod.oval:def:89046914 This update for java-1_7_1-ibm fixes the following issues: - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead t ... oval:org.secpod.oval:def:89045774 This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ... oval:org.secpod.oval:def:89045792 This update for java-1_7_0-openjdk fixes the following issues: Update to OpenJDK 7u321 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFReader . - ... oval:org.secpod.oval:def:89045551 This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u302 - CVE-2021-2341: Improve file transfers. - CVE-2021-2369: Better jar file validation. - CVE-2021-2388: Enhance compiler validation. - CVE-2021-2161: Less ambiguous processing oval:org.secpod.oval:def:89000563 This update for exiv2 fixes the following issues: - CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory which might have led to denial of service . - CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which might have le ... oval:org.secpod.oval:def:89002208 This update for exiv2 fixes the following issues: - CVE-2017-11591: A floating point exception in the Exiv2::ValueType function could lead to a remote denial of service attack via crafted input. - CVE-2017-14864: An invalid memory address dereference was discovered in Exiv2::getULong in types.cpp. ... oval:org.secpod.oval:def:89002926 This update for freetype2 fixes the following issues: - CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps . oval:org.secpod.oval:def:89000213 This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server . - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect . - CVE-2020-1938: mod_proxy_ajp: Add quot;secretquot; parameter to proxy ... oval:org.secpod.oval:def:89003444 This update for git fixes the following issue: - CVE-2018-17456: Git allowed remote code execution during processing of a recursive quot;git clonequot; of a superproject if a .gitmodules file has a URL field beginning with a "-" character. . oval:org.secpod.oval:def:89002928 This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command . - CVE-2016-7798: Fixed an IV Reuse in GCM Mode . - CVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf ... oval:org.secpod.oval:def:89048834 This update fixes the following issues: golang-github-prometheus-alertmanager: * Security issues fixed: * CVE-2022-46146: Fix authentication bypass via cache poisoning prometheus-blackbox_exporter: * Security issues fixed: * CVE-2022-46146: Fix authentication bypass via cache poisoning * Other non ... oval:org.secpod.oval:def:89048694 This update for ghostscript fixes the following issues: * CVE-2023-28879: Fixed buffer Overflow in s_xBCPE_process . oval:org.secpod.oval:def:89048794 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 : * Security fixes: * CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . * CVE-2023-21843: Fixed soundbank URL ... oval:org.secpod.oval:def:89048841 This update for postgresql15 fixes the following issues: Updated to version 15.3: \- CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script . \- CVE-2023-2455: Fixed an issue that could allow a us ... oval:org.secpod.oval:def:89048146 This update for MozillaFirefox fixes the following issues: - Updated to version 102.7.0 ESR : - CVE-2022-46871: Updated an out of date library which contained several vulnerabilities. - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and drop on Linux. - CVE-2023-23601: Fixed a potential ... oval:org.secpod.oval:def:89048584 This update for mozilla-nss fixes the following issues: Updated to NSS 3.79.4 : * CVE-2023-0767: Fixed handling of unknown PKCS#12 safe bag types. oval:org.secpod.oval:def:89048641 This update for MozillaFirefox fixes the following issues: Updated to version 102.8.0 ESR : * CVE-2023-25728: Fixed content security policy leak in violation reports using iframes. * CVE-2023-25730: Fixed screen hijack via browser fullscreen mode. * CVE-2023-25743: Fixed Fullscreen notification not ... oval:org.secpod.oval:def:89048839 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR : * CVE-2023-32205: Browser prompts could have been obscured by popups * CVE-2023-32206: Crash in RLBox Expat driver * CVE-2023-32207: Potential permissions request bypass via clickjacking * CVE-2023-322 ... oval:org.secpod.oval:def:89048969 This update for libwebp fixes the following issues: * CVE-2023-1999: Fixed double free . oval:org.secpod.oval:def:89048632 This update for MozillaFirefox fixes the following issues: Update to version 102.9.0 ESR : * CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android * CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android * CVE-2023-25749: Fi ... oval:org.secpod.oval:def:89048936 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.12.0 ESR : * CVE-2023-34414: Click-jacking certificate exceptions through rendering lag * CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 oval:org.secpod.oval:def:89048702 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 102.10.0 ESR * CVE-2023-29531: Out-of-bound memory access in WebGL on macOS * CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533: Fullscreen notification obscured * MFSA-TMP-202 ... oval:org.secpod.oval:def:89048859 This update for curl fixes the following issues: * CVE-2023-28320: Fixed siglongjmp race condition . * CVE-2023-28321: Fixed IDN wildcard matching . * CVE-2023-28322: Fixed POST-after-PUT confusion . * CVE-2023-27533: Fixed TELNET option IAC injection . * CVE-2023-27534: Fixed SFTP path ~ resolving ... oval:org.secpod.oval:def:89045103 This update for curl fixes the following issues: - CVE-2021-22925: TELNET stack contents disclosure again. - CVE-2021-22924: Bad connection reuse due to flawed path name checks. - CVE-2021-22923: Insufficiently Protected Credentials. - CVE-2021-22922: Wrong content via metalink not discarded oval:org.secpod.oval:def:89000090 This update for libvirt fixes the following issues: Security issue fixed: - CVE-2020-10703: Fixed a daemon crash caused by pools without target paths . Non-security issues fixed: - apparmor: avoid copying empty profile name . - logging: ensure virtlogd rollover takes priority over logrotate . - qemu ... oval:org.secpod.oval:def:89000064 This update for gd fixes the following issues: - CVE-2017-7890: Fixed a buffer over-read into uninitialized memory . - CVE-2018-14553: Fixed a null pointer dereference in gdImageClone . - CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm . oval:org.secpod.oval:def:89047773 This update for curl fixes the following issues: - CVE-2022-35252: Fixed a potential injection of control characters into cookies . - CVE-2022-32221: Fixed POST following PUT confusion . oval:org.secpod.oval:def:89048998 This update for sqlite3 fixes the following issues: * CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, when relying on --safe for execution of an untrusted CLI script . oval:org.secpod.oval:def:89047730 This update for libxml2 fixes the following issues: - CVE-2016-3709: Fixed possible XSS vulnerability . - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE . - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles . oval:org.secpod.oval:def:89046159 A flaw was found in the way the flags member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cach ... oval:org.secpod.oval:def:89000229 This update for glibc fixes the following issues: - CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution . - CVE-2020-1751: Fixed an ... oval:org.secpod.oval:def:89048540 This update for libxslt fixes the following issues: * CVE-2021-30560: Fixing a use after free vulnerability in Blink XSLT . oval:org.secpod.oval:def:89049073 This update for bind fixes the following issues: * CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm . oval:org.secpod.oval:def:89046009 This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs . - CVE-2022-25235: Fixed UTF-8 character validation in a certain context . - CVE-2022-25313: Fixed stack exhaustion in build_model via uncontrolled recursi ... oval:org.secpod.oval:def:89048607 This update for sudo fixes the following issues: * CVE-2023-28486: Fixed missing control characters escaping in log messages . * CVE-2023-28487: Fixed missing control characters escaping in sudoreplay output . oval:org.secpod.oval:def:89051561 This update for shim fixes the following issues: * Updated shim signature after shim 15.7 be signed back: signature- sles.x86_64.asc, signature-sles.aarch64.asc * Add POST_PROCESS_PE_FLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe because g ... oval:org.secpod.oval:def:89049127 This update for samba fixes the following issues: * CVE-2022-2127: Fixed issue where lm_resp_len was not checked properly in winbindd_pam_auth_crap_send . Bugfixes: * Fixed trust relationship failure . oval:org.secpod.oval:def:89002966 This update for samba fixes the following issues: - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records . - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . oval:org.secpod.oval:def:89048149 This update for mozilla-nss fixes the following issues: - CVE-2022-3479: Fixed a potential crash that could be triggered when a server requested a client authentication certificate, but the client had no certificates stored . - Updated to version 3.79.3 : - CVE-2022-23491: Removed trust for 3 root c ... oval:org.secpod.oval:def:89003297 This update for bzip2 fixes the following issues: - Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors . oval:org.secpod.oval:def:89003284 This update for bzip2 fixes the following issues: Security issue fixed: - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . - CVE-2016-3189: Fixed a use-after-free in bzip2recover . oval:org.secpod.oval:def:89003281 This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files . - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . Non-security issues fixed: - Add ... oval:org.secpod.oval:def:89003258 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2018-17189: Fixed a denial of service in mod_http2, via slow and unneeded request bodies - CVE-2018-17199: Fixed that mod_session_cookie did not respect expiry time Non-security issue fixed: - sysconfig.d is not creat ... oval:org.secpod.oval:def:89000274 This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the "Cache-Digest" header in a HTTP/2 request . - CVE-2020-11985: IP address spoofing when proxying using mod_remoteip and mod_rewrite . - CVE-2020-11993: When trace/debug was e ... oval:org.secpod.oval:def:89046425 This update for openssl-1_1 fixes the following issues: - CVE-2022-1292: Fixed command injection in c_rehash . - CVE-2022-2068: Fixed more shell code injection issues in c_rehash oval:org.secpod.oval:def:89048009 This update for grub2 fixes the following issues: Security Fixes: - CVE-2022-2601: Fixed buffer overflow in grub_font_construct_glyph . - CVE-2022-3775: Fixed integer underflow in blit_comb . Other: - Bump upstream SBAT generation to 3 - Fix unreadable filesystem with xfs v4 superblock . - Remove zf ... oval:org.secpod.oval:def:89000275 This update for squid fixes the following issues: - CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses . - CVE-2020-11945: fixes a potential remote execution vulnerability w ... oval:org.secpod.oval:def:89048921 This update for tomcat fixes the following issues: * CVE-2023-28709: Mended an incomplete fix for CVE-2023-24998 . oval:org.secpod.oval:def:89048651 This update for jakarta-commons-fileupload fixes the following issues: * CVE-2016-3092: Fixed a usage of vulnerable FileUpload package can result in denial of service . * CVE-2023-24998: Fixed a FileUpload deny of service with excessive parts . oval:org.secpod.oval:def:89048552 This update for tomcat fixes the following issues: * CVE-2023-24998: Fixed FileUpload DoS with excessive parts . oval:org.secpod.oval:def:89048673 This update for tomcat fixes the following issues: * CVE-2023-28708: Fixed information disclosure by not including the secure attribute . oval:org.secpod.oval:def:89048073 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-42328: Guests could trigger denial of service via the netback driver . - CVE-2022-42329: Gues ... oval:org.secpod.oval:def:89048625 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol . A missing lock when clearing sk_user_data can lead to a race condition and NULL point ... oval:org.secpod.oval:def:89048863 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-2483: Fixed a use after free bug in emac_remove due caused by a race condition . * CVE-2023-2124: Fixed an out of bound access in the XFS subsystem that co ... oval:org.secpod.oval:def:89047018 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-36946: Fixed a denial of service inside nfqnl_mangle in net/netfilter/nfnetlink_queue.c . - CVE-2022-36879: Fixed an issue in xfrm_expand_policies in ... oval:org.secpod.oval:def:89049101 This update for python fixes the following issues: * CVE-2023-24329: Fixed urllib.parse bypass when supplying a URL that starts with blank characters . oval:org.secpod.oval:def:89046724 This update for python fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module . oval:org.secpod.oval:def:89047767 This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:89048505 This update for python3 fixes the following issues: * CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters . * CVE-2022-40899: Fixed REDoS in http.cookiejar . oval:org.secpod.oval:def:89049200 This update for mariadb fixes the following issues: * CVE-2022-32084: Fixed segmentation fault via the component sub_select . oval:org.secpod.oval:def:89046106 This update for mariadb fixes the following issues: - Update to 10.2.43 : * 10.2.43: CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668 CVE-2021-46663 * 10.2.42: CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048 CVE-2021-46659, bsc#1195339 - The following issues have already been ... oval:org.secpod.oval:def:89046005 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:89046003 This update for webkit2gtk3 fixes the following issues: Update to version 2.34.5 : - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - CVE-2022-22590: A use after free issue was addressed with improved memory management. - CVE-2022-22592: A logic issue was addresse ... oval:org.secpod.oval:def:89003389 This update for webkit2gtk3 to version 2.24.2 fixes the following issues: Security issues fixed: - CVE-2019-6237, CVE-2019-8571, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607, CVE-2019-8608, CVE-20 ... oval:org.secpod.oval:def:89003020 This update for webkit2gtk3 fixes the following issues: Security issue fixed: - CVE-2020-3899: Fixed a memory consumption issue that could have led to remote code execution . Non-security issues fixed: - Update to version 2.28.2 : + Fix excessive CPU usage due to GdkFrameClock not being stopped. + F ... oval:org.secpod.oval:def:89003028 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.3 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several ... oval:org.secpod.oval:def:89048973 This update for webkit2gtk3 fixes the following issues: Add security patches : * CVE-2023-28204: Fixed processing of web content that may disclose sensitive information . * CVE-2023-32373: Fixed processing of maliciously crafted web content that may lead to arbitrary code execution . oval:org.secpod.oval:def:89002964 This update for gdm fixes the following issues: - CVE-2020-16125: Fixed a privilege escalation . oval:org.secpod.oval:def:89002888 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.4 : + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925. oval:org.secpod.oval:def:89000457 This update for webkit2gtk3 to version 2.28.1 fixes the following issues: Security issues fixed: - CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled . - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free ... oval:org.secpod.oval:def:89045790 This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak . oval:org.secpod.oval:def:89048113 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.3 : - CVE-2022-42852: Fixed disclosure of process memory by improved memory handling. - CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content . - CVE-2022-42863: Fixed ... oval:org.secpod.oval:def:89003344 This update for webkit2gtk3 fixes the following issues: Updated to version 2.24.4 . Security issues fixed: - CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, CVE-2019-8684, CVE-2019-8688, CVE-2019-8595, CVE-2019-8607, CVE-2019-8615, CVE-2019-86 ... oval:org.secpod.oval:def:89003460 This update for webkit2gtk3 to version 2.24.1 fixes the following issues: Security issues fixed: - CVE-2019-6201, CVE-2019-6251, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8506, CVE-2019-8515, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-20 ... oval:org.secpod.oval:def:89003442 This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-13012: Fixed improper restriction of file permissions when creating directories . Non-security issue fixed: - Added explicit requires between libglib2 and libgio2 . oval:org.secpod.oval:def:89047030 This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API . - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence . - Pa ... oval:org.secpod.oval:def:89048081 This update for vim fixes the following issues: Updated to version 9.0.0814: * Fixing bsc#1192478 VUL-1: CVE-2021-3928: vim: vim is vulnerable to Stack-based Buffer Overflow * Fixing bsc#1203508 VUL-0: CVE-2022-3234: vim: Heap-based Buffer Overflow prior to 9.0.0483. * Fixing bsc#1203509 VUL-1: CVE- ... oval:org.secpod.oval:def:89046991 This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 : - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution. oval:org.secpod.oval:def:89048774 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.6 : * CVE-2022-0108: Fixed information leak. * CVE-2022-32885: Fixed arbitrary code execution. * CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer. * CVE-2023-27932: Fixed Same Origin Policy bypas ... oval:org.secpod.oval:def:89045119 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c . - CVE-2021-33909: Extremely large seq buffer allocations in seq_file co ... oval:org.secpod.oval:def:89002982 This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 [bsc#1173876], unaligned acces ... oval:org.secpod.oval:def:89000092 This update for xen to version 4.11.4 fixes the following issues: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling or ... oval:org.secpod.oval:def:89002922 This update for ucode-intel fixes the following issues: Updated Intel CPU Microcode to 20200602 This update contains security mitigations for: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one whic ... oval:org.secpod.oval:def:89000108 This update for cups fixes the following issues: - CVE-2020-3898: Fixed a heap buffer overflow in ppdFindOption . oval:org.secpod.oval:def:89000508 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a ... oval:org.secpod.oval:def:89003254 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception du ... oval:org.secpod.oval:def:89003377 This update for ucode-intel fixes the following issues: - Updated to 20191112 official security release - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues oval:org.secpod.oval:def:89003358 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003053 This update for qemu fixes the following issues: - Remove a backslash (\) escape character from 80-qemu-ga.rules Unlike sles 15 or newer guests, The udev rule file of qemu guest agent in sles 12 sp4 or newer guest only needs one escape character. - Fix use-after-free in slirp - Fix potential DOS i ... oval:org.secpod.oval:def:89003283 This update for xen fixes the following issues: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. - CVE-2019-11135: ... oval:org.secpod.oval:def:89003274 The SUSE Linux Enterprise 12 SP4 for Azure kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003348 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003329 This update for ucode-intel fixes the following issues: - Updated to 20191112 security release - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-gt;New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile - CNL-U D0 6-6 ... oval:org.secpod.oval:def:89003381 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003183 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003387 The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003147 The SUSE Linux Enterprise 12 SP4 kernel was updated to 4.12.14 to receive various security and bugfixes. oval:org.secpod.oval:def:89003378 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. oval:org.secpod.oval:def:89003138 This update for ucode-intel fixes the following issues: ucode-intel was updated to official QSR 2019.1 microcode release ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx VLV D0 6-37-9/0F 000009 ... oval:org.secpod.oval:def:89003232 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003098 The SUSE Linux Enterprise 12 SP4 Azure kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. oval:org.secpod.oval:def:89003099 This update for qemu fixes the following issues: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue - CVE-2019-3812: Fixed OOB memory access and information l ... oval:org.secpod.oval:def:89003081 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003467 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-20669: Missing access control checks in ioctl of gpu/drm/i915 driver were fixed which might have lead to information leaks. oval:org.secpod.oval:def:89003334 This update for xen to version 4.11.2 fixes the following issues: Security issues fixed: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite lo ... oval:org.secpod.oval:def:89003205 This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarch ... oval:org.secpod.oval:def:89000686 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . - Fixed an issue in TLS-EAP where the OCSP verification, when an intermediate client certif ... oval:org.secpod.oval:def:89003038 This update for python-numpy fixes the following issue: Security issue fixed: - CVE-2019-6446: Set allow_pickle to false by default to restrict loading untrusted content . With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing numpy.load. A wa ... oval:org.secpod.oval:def:89003246 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 40. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11772: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM ... oval:org.secpod.oval:def:89003187 This update for java-1_8_0-openjdk to version 8u222 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation . - CVE-2019-2762: Exceptional throw cases . - CVE-2019-2766: Improve file protocol handling . - CVE-2019-2769: Better copies of CopiesList . - CVE-2019 ... oval:org.secpod.oval:def:89003092 This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_str2de ... oval:org.secpod.oval:def:89003072 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks . oval:org.secpod.oval:def:89002991 This update for libsolv fixes the following issues: This is a reissue of an existing libsolv update that also included libsolv-devel for LTSS products. libsolv was updated to version 0.6.36 fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testc ... oval:org.secpod.oval:def:89003427 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 50. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM Security Update July 2019 - CVE-2019-7317: Fixed ... oval:org.secpod.oval:def:89003100 This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 and fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_st ... oval:org.secpod.oval:def:89003105 This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Unin ... oval:org.secpod.oval:def:89003057 This update for java-1_8_0-openjdk to version 8u212 fixes the following issues: Security issues fixed: - CVE-2019-2602: Better String parsing . - CVE-2019-2684: More dynamic RMI interactions . - CVE-2019-2698: Fuzzing TrueType fonts - setCurrGlyphID . - CVE-2019-2422: Better FileChannel . - CVE-2018 ... oval:org.secpod.oval:def:89003058 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.. oval:org.secpod.oval:def:89003429 This update for java-1_7_0-openjdk to version 7u231 fixes the following issues: Security issues fixed: - CVE_2019-2426: Improve web server connections . - CVE-2019-2745: Improved ECC Implementation . - CVE-2019-2762: Exceptional throw cases . - CVE-2019-2766: Improve file protocol handling . - CVE-2 ... oval:org.secpod.oval:def:89003406 This update for java-1_7_0-openjdk to version 7u201 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ... oval:org.secpod.oval:def:89002153 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device that is mishandled in usb_audio_probe in s ... oval:org.secpod.oval:def:89002221 The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a c ... oval:org.secpod.oval:def:89003257 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization . oval:org.secpod.oval:def:89003137 This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document . - CVE-2018-1000802: Fixed a command injection in th ... oval:org.secpod.oval:def:89003470 This update for python fixes the following issues: Security issues fixed: - CVE-2019-9948: Fixed a "file:" blacklist bypass in URIs by using the "local-file:" scheme instead . - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization ... oval:org.secpod.oval:def:89003067 This update for python fixes the following issues: Security issue fixed: - CVE-2019-16056: Fixed a parser issue in the email module . - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py . oval:org.secpod.oval:def:89003064 This update for python fixes the following issues: Security issues fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser . - CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat . Non-security issue fixed: - Fixed a bug where PyWeakReference struc ... oval:org.secpod.oval:def:89003294 This update for MozillaFirefox fixes the following issues: Updated to new ESR version 68.1 . In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750 ... oval:org.secpod.oval:def:89003079 This update for python fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation . oval:org.secpod.oval:def:89003071 This update for python3 fixes the following issues: - CVE-2019-16056: Fixed a parser issue in the email module. - CVE-2018-20852: Fixed an incorrect domain validation that could lead to cookies being sent to the wrong server oval:org.secpod.oval:def:89000565 This update for python3 fixes the following issues: Update to 3.4.10 from 3.4.6: Security issues fixed: - Update expat copy from 2.1.1 to 2.2.0 to fix the following issues: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2017-9233, CVE-2016-9063 - CVE-2017-1000158: Fix an integer overflow in thePy ... oval:org.secpod.oval:def:89000146 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to NSS 3.47.1: Security issues fixed: - CVE-2019-17006: Added length checks for cryptographic primitives . - CVE-2019-11745: EncryptUpdate should use maxout, not block size . - CVE-2019-11727: Fixed vulnera ... oval:org.secpod.oval:def:89003349 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering . - CVE-2019-10081: Fixed mod_http2 that is vulnerable to memory corruption on early pushes . - CVE-2019-10082: Fixed m ... oval:org.secpod.oval:def:89003210 This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack . - CVE-2019-11711: Script injection within domain through inner window reuse . - CVE-2019-11712: Cross-origin POST ... oval:org.secpod.oval:def:89003333 This update for MozillaFirefox to ESR 60.9 fixes the following issues: Security issues fixed: - CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. - CVE-2019-11746: Fixed a use-after-free while manipulating video. - CVE-2019-11744: F ... oval:org.secpod.oval:def:89000180 This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball . - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service ... oval:org.secpod.oval:def:89003323 This update for MozillaFirefox to 68.2.0 ESR fixes the following issues: Mozilla Firefox was updated to version 68.2.0 ESR . Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library . - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB . - CVE ... oval:org.secpod.oval:def:89003208 This update for expat fixes the following issues: Security issue fixed: - CVE-2019-15903: Fixed a heap-based buffer over-read caused by crafted XML documents oval:org.secpod.oval:def:89003431 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser - CVE-2018-20406: Fixed a integer overflow via a large LONG_BINPUT oval:org.secpod.oval:def:89002340 This update for python, python-base fixes the following issues: Security issues fixed: - CVE-2018-1000802: Prevent command injection in shutil module via passage of unfiltered user input . - CVE-2018-1061: Fixed DoS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib . - C ... oval:org.secpod.oval:def:89003419 This update for openexr fixes the following issues: - CVE-2017-14988: Fixed a denial of service in Header::readfrom . oval:org.secpod.oval:def:89003145 This update for libxml2 fixes the following issues: Issue fixed: - Fixed a bug related to the fix for CVE-2016-9318 which allowed xsltproc to access the internet even when --nonet was given and also was making docbook-xsl-stylesheets to have incomplete xml catalog file . oval:org.secpod.oval:def:89002371 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2018-18544: Fixed memory leak in the function WriteMSLImage . Non-security issues fixed: - Improve import documentation . - Allow override system security policy . - asan_build: build ASAN included - debug_build: bu ... oval:org.secpod.oval:def:89002994 This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . - Fixed an issue where multiple ho ... oval:org.secpod.oval:def:89048960 The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE-2022-45886: Fixed a .disconnect versus dvb_device_open race condition in dvb_net.c that lead to ... oval:org.secpod.oval:def:89003478 The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003036 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89048976 This update for bluez fixes the following issues: * CVE-2023-27349: Fixed crash while handling unsupported events . oval:org.secpod.oval:def:89003237 This update for libcroco fixes the following issues: Security issues fixed: - CVE-2017-7960: Fixed heap overflow . - CVE-2017-7961: Fixed undefined behavior . - CVE-2017-8834: Fixed denial of service via a crafted CSS file . - CVE-2017-8871: Fixed denial of service via a crafted CSS file . oval:org.secpod.oval:def:89048510 This update for apache2 fixes the following issues: * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy . The following non-security bugs were fixed: * Fixed passing health check does not recover worker from its error state . oval:org.secpod.oval:def:89048913 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . oval:org.secpod.oval:def:89048611 This update for openssl-1_0_0 fixes the following issues: Security fixes: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . Other fixes: * Fix DH key generation in FIPS mode, add support for constant BN for DH parameters oval:org.secpod.oval:def:89048809 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled . oval:org.secpod.oval:def:89048920 This update for openssl-1_1 fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . oval:org.secpod.oval:def:89048946 This update for libcares2 fixes the following issues: * CVE-2023-32067: Fixed a denial of service that could be triggered by a 0-byte UDP payload . * CVE-2023-31147: Fixed an insufficient randomness in generation of DNS query IDs . * CVE-2023-31130: Fixed a buffer underflow when configuring specific ... oval:org.secpod.oval:def:89048692 This update for openssl-1_1 fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled . oval:org.secpod.oval:def:89048523 This update for openssl-1_1 fixes the following issues: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . oval:org.secpod.oval:def:89048543 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.5 : * CVE-2023-23529: Fixed possible arbitrary code execution via maliciously crafted web content. * CVE-2023-23518: Processing maliciously crafted web content may lead to Previously fixed inside update to version 2.38.4 ... oval:org.secpod.oval:def:89048657 This update for xterm fixes the following issues: * CVE-2022-45063: Fixed command injection in ESC 50 fontoperation by disabling the change font functionality . oval:org.secpod.oval:def:89003337 The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. |