Download
| Alert*
oval:org.secpod.oval:def:89002572
This update for yast2-smt to 3.0.14 and smt to 3.0.37 fixes the following issues: These security issues were fixed in SMT: - CVE-2018-12471: Xml External Entity processing in the RegistrationSharing modules allowed to read arbitrary file read . - CVE-2018-12470: SQL injection in RegistrationSharing ... oval:org.secpod.oval:def:89002412 This update for yast2-smt to 3.0.14 and smt to 3.0.37 fixes the following issues: These security issues were fixed in SMT: - CVE-2018-12471: Xml External Entity processing in the RegistrationSharing modules allowed to read arbitrary file read . - CVE-2018-12470: SQL injection in RegistrationSharing ... oval:org.secpod.oval:def:89043491 SMT was updated to version 3.0.38. Following security issue was fixed: - CVE-2018-12472: Harden hostname check during sibling check by forcing double reverse lookup Following non security issues were fixed: - Add migration path check when registration sharing is enabled - Fix sibling sync errors : ... |