Download
| Alert*
oval:org.secpod.oval:def:89047081
This update for OpenIPMI fixes the following issues: - Fixed an issue where OpenIPMI was creating non-position independent binaries . oval:org.secpod.oval:def:89047193 This update for gcc7 fixes the following issues: - CVE-2020-13844: Added mitigation for aarch64 Straight Line Speculation issue - Enable fortran for the nvptx offload compiler. - Update README.First-for.SuSE.packagers - avoid assembler errors with AVX512 gather and scatter instructions when using - ... oval:org.secpod.oval:def:89047070 SUSE Linux Enterprise Desktop 15 SP2 is installed oval:org.secpod.oval:def:89047074 This update for librsvg fixes the following issues: - librsvg was updated to 2.46.5: * Update dependent crates that had security vulnerabilities: smallvec to 0.6.14 - RUSTSEC-2018-0003 - CVE-2021-25900 oval:org.secpod.oval:def:89047075 This update for dtc fixes the following issues: - make all packaged binaries PIE-executables . oval:org.secpod.oval:def:89047300 This update for p7zip fixes the following issues:Fixed a NULL pointer dereference in NCompress:CCopyCoder:Code oval:org.secpod.oval:def:89047161 This update for libesmtp fixes the following issues: - CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c . oval:org.secpod.oval:def:89047283 This update for libopenmpt fixes the following issues: Various bugfix and stability issues were fixed, some of those might have security impact. libopenmpt was updated to 0.3.28: * Fixed excessive memory consumption with malformed files in various formats. Changes in 0.3.27: * AMS: Avoid allocating ... oval:org.secpod.oval:def:89047184 This update for libass fixes the following issues: - CVE-2020-26682: Fixed a signed integer overflow in the call to outline_stroke . oval:org.secpod.oval:def:89047298 This update for permissions fixes the following issues: - etc/permissions: remove unnecessary entries oval:org.secpod.oval:def:89047241 This update for permissions fixes the following issues: - Update to version 20181225: * drop ping capabilities in favor of ICMP_PROTO sockets oval:org.secpod.oval:def:89047265 This update for wireguard-tools fixes the following issues: - Removed world-readable permissions from /etc/wireguard oval:org.secpod.oval:def:89047143 This update for aaa_base fixes the following issues: - Allowed ping and ICMP commands without CAP_NET_RAW . - Add $HOME/.local/bin to PATH, if it exists . - Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform . - Support xz compressed kernel oval:org.secpod.oval:def:89047257 This update for ipvsadm fixes the following issues: - Hardening: link as position independent executable . oval:org.secpod.oval:def:89047255 This update for libass fixes the following issues: - CVE-2020-24994: Fixed a stack overflow in the parse_tag . oval:org.secpod.oval:def:89047206 This update for giflib fixes the following issues: - Enable Position Independent Code and inherit CFLAGS from the build system . oval:org.secpod.oval:def:89047327 This update for clamav fixes the following issues: - Update to 0.103.4 . - Update to 0.103.3 . oval:org.secpod.oval:def:89047320 This update for wireshark fixes the following issues: Update wireshark to 3.4.6. Including a fix for: - DVB-S2-BB dissector infinite loop . oval:org.secpod.oval:def:89047224 This update for java-11-openjdk fixes the following issues: java-11-openjdk was upgraded to include January 2021 CPU - Enable Sheandoah GC for x86_64 oval:org.secpod.oval:def:89047222 This update for fwupdate fixes the following issues: - Add SBAT section to EFI images oval:org.secpod.oval:def:89047202 This update for subversion fixes the following issues: - CVE-2020-17525: A null-pointer-dereference has been found in mod_authz_svn that results in a remote unauthenticated Denial-of-Service in some server configurations . oval:org.secpod.oval:def:89047267 This update for libjpeg-turbo fixes the following issues: - CVE-2020-17541: Fixed a stack-based buffer overflow in the "transform" component . oval:org.secpod.oval:def:89047174 This update for cryptctl fixes the following issues: Update to version 2.4: - CVE-2019-18906: Client side password hashing was equivalent to clear text password storage - First step to use plain text password instead of hashed password. - Move repository into the SUSE github organization - in RPC s ... oval:org.secpod.oval:def:89047290 This update for dnsmasq fixes the following issues: Update to version 2.86 - CVE-2021-3448: fixed outgoing port used when --server is used with an interface name. - CVE-2020-14312: Set --local-service by default . - Open inotify socket only when used . oval:org.secpod.oval:def:89047122 This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions . oval:org.secpod.oval:def:89047333 This update for gupnp fixes the following issues: - CVE-2021-33516: Fixed a DNS rebinding, which could trick the browser into triggering actions against local UPnP services . oval:org.secpod.oval:def:89047225 This update for cpio fixes the following issues: It was possible to trigger Remote code execution due to a integer overflow UPDATE: This update was buggy and could lead to hangs, so it has been retracted. There will be a follow up update. oval:org.secpod.oval:def:89047099 This update for arpwatch fixes the following issues: - CVE-2021-25321: Fixed local privilege escalation from runtime user to root . oval:org.secpod.oval:def:89047095 This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection Also a hardening fix was added: - Link as position independent executable oval:org.secpod.oval:def:89047223 This update for caribou fixes the following issues: Security issue fixed: - CVE-2021-3567: Fixed a segfault when attempting to use shifted characters . oval:org.secpod.oval:def:89047322 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.11.0 ESR * CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message * CVE-2021-29967: Memory safety bugs fixed in Firefox oval:org.secpod.oval:def:89047289 This update for libqt5-qtsvg fixes the following issues: - CVE-2021-3481: Fixed an out of bounds read in function QRadialFetchSimd from crafted svg file oval:org.secpod.oval:def:89050453 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to 68.6.0 ESR - CVE-2020-6805: Fixed a use-after-free when removing data about origins - CVE-2020-6806: Fixed improper protections against state confusion - CVE-2020-6807: Fixed a use-after-free in cubeb during st ... oval:org.secpod.oval:def:89050290 This is a security test update for SUSE:SLE-15-SP2:Update oval:org.secpod.oval:def:89050471 This update for libvpx fixes the following issues: - CVE-2020-0034: Fixed an out-of-bounds read on truncated key frames . oval:org.secpod.oval:def:89050487 This update for jasper fixes the following issues: - CVE-2018-9154: Fixed a potential denial of service in jpc_dec_process_sot . oval:org.secpod.oval:def:89050319 This update for libexif to 0.6.22 fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file . - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c ... oval:org.secpod.oval:def:89050385 This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to version 68.9.0 Extended Support Release . - CVE-2020-12405: Fixed a use-after-free in SharedWorkerService. - CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes. - CVE-2020-12410: Fixed multiple ... oval:org.secpod.oval:def:89050500 This update for unbound fixes the following issues: - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target . - CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers could ... oval:org.secpod.oval:def:89050380 This update for MozillaFirefox to version 78.0.1 ESR fixes the following issues: Security issues fixed: - CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing . - CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster . - CVE-2020-12417: Memory corruption due to mis ... oval:org.secpod.oval:def:89050479 This update for openexr fixes the following issues: - CVE-2020-15304: Fixed a NULL pointer dereference in TiledInputFile:TiledInputFile . - CVE-2020-15305: Fixed a use-after-free in DeepScanLineInputFile:DeepScanLineInputFile . - CVE-2020-15306: Fixed a heap buffer overflow in getChunkOffsetTableSiz ... oval:org.secpod.oval:def:89050271 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 78.0.2 MFSA 2020-28 * MFSA-2020-0003 X-Frame-Options bypass using object or embed tags - Firefox Extended Support Release 78.0.2esr ESR * Fixed: Security fix * Fixed: Fixed an accessibility regression in reader mode * Fi ... oval:org.secpod.oval:def:89050230 This update for qemu to version 4.2.1 fixes the following issues: - CVE-2020-10761: Fixed a denial of service in Network Block Device support infrastructure . - CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation . - CVE-2020-13659: Fixed a null pointer dereference possibilit ... oval:org.secpod.oval:def:89050476 This update for targetcli-fb fixes the following issues: - CVE-2020-13867: Fixed the permissions in /etc/target oval:org.secpod.oval:def:89050226 This update for python-rtslib-fb fixes the following issues: - Update to version v2.1.73 : * version 2.1.73 * save_to_file: fix fd open mode * saveconfig: copy temp configfile with permissions * saveconfig: open the temp configfile with modes set * Fix "is not" with a literal SyntaxWarning * Fix an ... oval:org.secpod.oval:def:89050234 This update for xrdp fixes the following issues: - Update to version 0.9.13.1 + This is a security fix release that includes fixes for the following local buffer overflow vulnerability : CVE-2020-4044 oval:org.secpod.oval:def:89050334 This update for xen fixes the following issues: - bsc#1174543 - secure boot related fixes - bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to attach on next reboot while it should be live attached oval:org.secpod.oval:def:89050280 This update for perl-XML-Twig fixes the following issues: - Security fix [bsc#1008644, CVE-2016-9180] * Setting expand_external_ents to 0 or -1 currently doesn"t work as expected; To completely turn off expanding external entities use no_xxe. * Update documentation for XML::Twig to mention problems ... oval:org.secpod.oval:def:89050424 This update for xorg-x11-server fixes the following issues: - CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation . - CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability . - CVE-2020-14345: XKB out-of-bounds access pr ... oval:org.secpod.oval:def:89050268 This update of fwupd fixes the following issue: - rebuild with new UEFI signing key oval:org.secpod.oval:def:89050386 This update for postgresql12 fixes the following issues: - update to 12.4: * CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules" installation scripts more secure. * https://www.postgresql.org/d ... oval:org.secpod.oval:def:89050440 This update for libvirt fixes the following issues: - CVE-2020-14339: Don"t leak /dev/mapper/control into QEMU. Use ioctl"s to obtain the dependency tree of disks and drop use of libdevmapper. bsc#1161883, bsc#1174458 oval:org.secpod.oval:def:89050303 This update for python fixes the following issues: - CVE-2019-20907: Avoid a possible infinite loop caused by specifically crafted tarballs . oval:org.secpod.oval:def:89050431 This update for python3 fixes the following issues: - bsc#1174091, CVE-2019-20907: avoiding possible infinite loop in specifically crafted tarball. oval:org.secpod.oval:def:89050496 This update for gettext-runtime fixes the following issues: - Fix boo941629-unnessary-rpath-on-standard-path.patch - Added msgfmt-double-free.patch to fix a double free error - Add patch msgfmt-reset-msg-length-after-remove.patch which does reset the length of message string after a line has been ... oval:org.secpod.oval:def:89050514 This update for grub2 fixes the following issue: - CVE-2020-15705: Fail kernel validation without shim protocol . - Add fibre channel device"s ofpath support to grub-ofpathname and search hint to speed up root device discovery . oval:org.secpod.oval:def:89050311 This update for postgresql10 fixes the following issues: - update to 10.14: * CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules" installation scripts more secure. * https://www.postgresql.org/ ... oval:org.secpod.oval:def:89050236 This update for xorg-x11-server fixes the following issues: - CVE-2020-14361: Fix XkbSelectEvents integer underflow . - CVE-2020-14362: Fix XRecordRegisterClients Integer underflow . oval:org.secpod.oval:def:89050371 This update for libX11 fixes the following issues: - CVE-2020-14363: Fix an integer overflow in init_om . oval:org.secpod.oval:def:89050235 This update for libjpeg-turbo fixes the following issues: - CVE-2020-13790: Fixed a heap-based buffer over-read via a malformed PPM input file . oval:org.secpod.oval:def:89050459 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption . Special Instructions and Notes: Please reboot the system after installing this up ... oval:org.secpod.oval:def:89050515 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption . Special Instructions and Notes: Please reboot the system after installing this up ... oval:org.secpod.oval:def:89050490 This update for openldap2 fixes the following issues: - bsc#1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN"s falling back to CN validation in violation of rfc6125. oval:org.secpod.oval:def:89050341 This update for perl-DBI fixes the following issues: Security issues fixed: - CVE-2020-14392: Memory corruption in XS functions when Perl stack is reallocated . - CVE-2020-14393: Fixed a buffer overflow on an overlong DBD class name . oval:org.secpod.oval:def:89050401 This update for jasper fixes the following issues: - CVE-2016-9398: Improved patch for already fixed issue . - CVE-2016-9399: Fix assert in calcstepsizes . - CVE-2017-5499: Validate component depth bit . - CVE-2017-5503: Check bounds in jas_seq2d_bindsub . - CVE-2017-5504: Check bounds in jas_seq2d_ ... oval:org.secpod.oval:def:89050413 This update for openldap2 fixes the following issues: - CVE-2020-8027: openldap_update_modules_path.sh starts daemons unconditionally and uses fixed paths in /tmp . oval:org.secpod.oval:def:89050486 This update for cifs-utils fixes the following issues: - CVE-2020-14342: Fixed a shell command injection vulnerability in mount.cifs . - Fixed an invalid free in mount.cifs; . oval:org.secpod.oval:def:89050420 This update for conmon, fuse-overlayfs, libcontainers-common, podman fixes the following issues: podman was updated to v2.0.6 - install missing systemd units for the new Rest API and a few man-pages that where missing before - Drop varlink API related bits - fix install location for zsh completio ... oval:org.secpod.oval:def:89050229 This update for bcm43xx-firmware fixes the following issues: - Update bluetooth firmware to address Sweyntooth and Spectra issues : - brcmfmac driver loads file depending on compatible. Rename files correspondingly oval:org.secpod.oval:def:89050388 This update for tiff fixes the following issues: - CVE-2019-14973: Fixed an improper check which was depended on the compiler which could have led to integer overflow . oval:org.secpod.oval:def:89050425 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.3.0 ESR - CVE-2020-15677: Download origin spoofing via redirect - CVE-2020-15676: Fixed an XSS when pasting attacker-controlled data into a contenteditable element - CVE-2020-15678: When recursing through layers ... oval:org.secpod.oval:def:89050392 This update for xen fixes the following issues: - CVE-2020-25602: Fixed an issue where there was a crash when handling guest access to MSR_MISC_ENABLE was thrown - CVE-2020-25598: Added a missing unlock in XENMEM_acquire_resource error path - CVE-2020-25604: Fixed a race condition when migrating t ... oval:org.secpod.oval:def:89050253 This update for perl-DBI fixes the following issues: - CVE-2019-20919: Fixed a NULL profile dereference in dbi_profile . oval:org.secpod.oval:def:89050233 This update for qemu fixes the following issues: - CVE-2020-14364: Fixed an OOB access while processing USB packets . - CVE-2020-16092: Fixed a denial of service in packet processing of various emulated NICs . - CVE-2020-15863: Fixed a buffer overflow in the XGMAC device . - CVE-2020-24352: Fixed an ... oval:org.secpod.oval:def:89050403 This update for hunspell fixes the following issues: - CVE-2019-16707: Fixed an invalid read in SuggestMgr:leftcommonsubstring . oval:org.secpod.oval:def:89050472 This update for bluez fixes the following issues: - CVE-2020-27153: Fixed crash on disconnect . - CVE-2020-0556: Fixed potential escalation of privilege and denial of service via adjacent access, caused by improper access control . oval:org.secpod.oval:def:89050256 This update for binutils fixes the following issues: binutils was updated to version 2.35. Update to binutils 2.35: * The assembler can now produce DWARF-5 format line number tables. * Readelf now has a "lint" mode to enable extra checks of the files it is processing. * Readelf will now display "[. ... oval:org.secpod.oval:def:89050404 This update for sane-backends fixes the following issues: sane-backends was updated to 1.0.31 to further improve hardware enablement for scanner devices and also fix various security issues: - CVE-2020-12861,CVE-2020-12865: Fixed an out of bounds write - CVE-2020-12862,CVE-2020-12863,CVE-2020-1286 ... oval:org.secpod.oval:def:89050310 This update for python fixes the following issues: - bsc#1177211 no longer allowing special characters in the method parameter of HTTPConnection.putrequest in httplib, stopping injection of headers. oval:org.secpod.oval:def:89050249 This update for gnome-settings-daemon, gnome-shell fixes the following issues: gnome-settings-daemon: - Add support for recent UCM related changes in ALSA and PulseAudio. - Don"t warn when a default source or sink is missing and the PulseAudio daemon is restarting. - Don"t warn about starting/stop ... oval:org.secpod.oval:def:89050238 This update for u-boot fixes the following issues: - CVE-2020-8432: Fixed a double free in the cmd/gpt.c do_rename_gpt_parts function, which allowed an attacker to execute arbitrary code - CVE-2020-10648: Fixed improper signature verification during verified boot . oval:org.secpod.oval:def:89050321 This update for SDL fixes the following issues: Security issue fixed: - CVE-2019-13616: Fixed heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit . oval:org.secpod.oval:def:89050504 This update for spice-vdagent fixes the following issues: Security issues fixed: - CVE-2020-25650: Fixed a memory DoS via arbitrary entries in `active_xfers` hash table . - CVE-2020-25651: Fixed a possible file transfer DoS and information leak via `active_xfers` hash map . - CVE-2020-25652: Fixed a ... oval:org.secpod.oval:def:89050397 This update for ucode-intel fixes the following issues: - Intel CPU Microcode updated to 20201027 pre-release - CVE-2020-8695: Fixed Intel RAPL sidechannel attack - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 # New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New ... oval:org.secpod.oval:def:89050301 This update for kernel-firmware fixes the following issue: - CVE-2020-12321: Updated the Intel Bluetooth firmware for buffer overflow security bugs . oval:org.secpod.oval:def:89050377 This update for raptor fixes the following issues: - Fixed a heap overflow vulnerability . oval:org.secpod.oval:def:89050417 This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201110 official release. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 - CVE-2020-8696: Vector Register Sampling Active INTEL-SA-003 ... oval:org.secpod.oval:def:89050362 This update for wireshark fixes the following issues: - wireshark was updated to 3.2.8: - CVE-2020-26575: Fixed an issue where FBZERO dissector was entering in infinite loop - CVE-2020-28030: Fixed an issue where GQUIC dissector was crashing * Infinite memory allocation while parsing this tcp pack ... oval:org.secpod.oval:def:89050455 This update for krb5 fixes the following security issue: - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message . oval:org.secpod.oval:def:89050219 This update for perl-DBI fixes the following issues: - DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name . [bsc#1176492, CVE-2014-10401, CVE-2014-10402] oval:org.secpod.oval:def:89050390 This update for xen fixes the following issues: Security issue fixed: - CVE-2020-28368: Fixed the Intel RAPL sidechannel attack, aka PLATYPUS attack, aka XSA-351 . Non-security issues fixed: - Updated to Xen 4.13.2 bug fix release . - Fixed a panic during MSI cleanup on AMD hardware . - Adjusted hel ... oval:org.secpod.oval:def:89050215 This update for postgresql12 fixes the following issues: - Upgrade to version 12.5: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89050482 This update for postgresql10 fixes the following issues: - Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89050378 This update for xorg-x11-server fixes the following issues: - CVE-2020-25712: Fixed a heap-based buffer overflow which could have led to privilege escalation . - CVE-2020-14360: Fixed an out of bounds memory accesses on too short request which could lead to denial of service . oval:org.secpod.oval:def:89050349 This update for xen fixes the following issues: - bsc#1178963 - VUL-0: xen: stack corruption from XSA-346 change oval:org.secpod.oval:def:89050317 This update for openssl-1_1 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:89050351 This update for openssh fixes the following issues: - CVE-2020-14145: Fixed a potential information leak during host key exchange . oval:org.secpod.oval:def:89050336 This update for xen fixes the following issues: - CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests . - CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions . - CVE-2020-29483: Fixed an iss ... oval:org.secpod.oval:def:89050511 This update for openexr fixes the following issues: Security issues fixed: - CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp . - CVE-2020-16588: Fixed a null pointer deference in generatePreview . - CVE-2020-16589: Fixed a heap-based buffe ... oval:org.secpod.oval:def:89050245 This update for ldb, samba fixes the following issues: Changes in samba: - Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; ; oval:org.secpod.oval:def:89050278 This update for gnutls fixes the following issues: - Fix heap buffer overflow in handshake with no_renegotiation alert sent - FIPS: Implement DH requirements from SP800-56Arev3 - FIPS: Use 2048 bit prime in DH selftest - FIPS: Add TLS KDF selftest oval:org.secpod.oval:def:89050291 This update for libxml2 fixes the following issues: - CVE-2019-19956: Reverted the upstream fix for this memory leak because it introduced other, more severe vulnerabilities . oval:org.secpod.oval:def:89050312 This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHX_V2 authorizer challenges . - Added --container-init feature - Made journald as the logdriver again - Fixes a condition check for copy_tree, copy_files, and move_files in cephadm - Fixed a bug where device_health_m ... oval:org.secpod.oval:def:89050318 This update for ImageMagick fixes the following issues: - CVE-2020-27560: Fixed potential denial of service in OptimizeLayerFrames function in MagickCore/layer.c . - Fixed greyish image produced by incorrect colorspace . oval:org.secpod.oval:def:89050354 This update for texlive-filesystem fixes the following issues: Security issues fixed: - CVE-2020-8016: Fixed a race condition in the spec file . - CVE-2020-8017: Fixed a race condition on a cron job . oval:org.secpod.oval:def:89050427 This update for PackageKit fixes the following issue: - CVE-2020-16121: Fixed an Information disclosure in InstallFiles, GetFilesLocal and GetDetailsLocal . - Update summary and description of gstreamer-plugin and gtk3-module oval:org.secpod.oval:def:89050457 This update for libqt5-qtbase fixes the following issues: - Fixed a possible crash in certificate parsing. - Fixed a DoS in QSslSocket . - Added support for PostgreSQL 12 . oval:org.secpod.oval:def:89050498 This update for libqt5-qtbase fixes the following issues: - CVE-2020-17507: Fixed a buffer overflow in XBM parser - Fixed various issues discovered by fuzzing: - Made handling of XDG_RUNTIME_DIR more secure : oval:org.secpod.oval:def:89050505 This update for libxml2 fixes the following issues: - CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal . oval:org.secpod.oval:def:89050497 This update for python-urllib3 fixes the following issues: - CVE-2020-26137: Fixed a CRLF injection via HTTP request method . oval:org.secpod.oval:def:89047177 This update for djvulibre fixes the following issues: - CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file via crafted djvu file oval:org.secpod.oval:def:89047315 This update for djvulibre fixes the following issues: - CVE-2021-32490 [bsc#1185895]: Out of bounds write in function DJVU:filter_bv via crafted djvu file - CVE-2021-32491 [bsc#1185900]: Integer overflow in function render in tools/ddjvu via crafted djvu file - CVE-2021-32492 [bsc#1185904]: Out of b ... oval:org.secpod.oval:def:89047180 This update for postgresql13 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries . - Fixed build with llvm12 on s390x . - Re-enabled icu for PostgreSQL 10 . - Made the dependency of postgresqlXX-server-devel on llvm and clang optional . - llvm12 breaks PostgreSQL ... oval:org.secpod.oval:def:89047087 This update for krb5 fixes the following issues: - CVE-2021-36222: Fixed KDC null deref on bad encrypted challenge oval:org.secpod.oval:def:89047301 This update for openexr fixes the following issues: - CVE-2021-3941: Fixed divide-by-zero in Imf_3_1:RGBtoXYZ . - CVE-2021-3933: Fixed integer-overflow in Imf_3_1:bytesPerDeepLineTable . oval:org.secpod.oval:def:89047284 This update for postgresql13 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89047311 This update for postgresql14 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . - Let rpmlint ignore shlib-policy-name-error . oval:org.secpod.oval:def:89047082 This update for polkit fixes the following issues: - CVE-2021-3560: Fixed a local privilege escalation using polkit_system_bus_name_get_creds_sync . oval:org.secpod.oval:def:89047236 This update for strongswan fixes the following issues: A feature was added: - Add auth_els plugin to support Marvell FC-SP encryption Security issues fixed: - CVE-2021-41991: Fixed an integer overflow when replacing certificates in cache. - CVE-2021-41990: Fixed an integer Overflow in the gmp Plug ... oval:org.secpod.oval:def:89047160 This update for fetchmail fixes the following issues: - CVE-2021-39272: Fix failure to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH oval:org.secpod.oval:def:89047209 This update for fetchmail fixes the following issues: - CVE-2021-36386: Fixed DoS or information disclosure in some configurations . - CVE-2021-39272: Fixed STARTTLS session encryption bypassing . - Update to 6.4.22 - Remove all python2 dependencies . - De-hardcode /usr/lib path for launch executa ... oval:org.secpod.oval:def:89047102 This update for openexr fixes the following issues: - Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 [bsc#1187310]: Heap buffer overflow in Imf_3_1:CharPtrIO:readChars oval:org.secpod.oval:def:89047078 This update for openssl-1_1 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:89047324 This update for openssl-1_1 fixes the following security issues: - CVE-2021-3711: A bug in the implementation of the SM2 decryption code could lead to buffer overflows. [bsc#1189520] - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious a ... oval:org.secpod.oval:def:89047124 This update for krb5 fixes the following issues: - CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field . oval:org.secpod.oval:def:89047079 This update for fetchmail fixes the following issues: - CVE-2021-36386: Fixed a missing variable initialization that can cause read from bad memory locations. - Change PASSWORDLEN from 64 to 256 oval:org.secpod.oval:def:89047141 This update for aspell fixes the following issues: - CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top . oval:org.secpod.oval:def:89047336 This update for libass fixes the following issues: - CVE-2020-36430: Fixed heap-based buffer overflow in decode_chars . oval:org.secpod.oval:def:89047306 This update for djvulibre fixes the following issues: - CVE-2021-3630: out-of-bounds write in DJVU:DjVuTXT:decode in DjVuText.cpp oval:org.secpod.oval:def:89047282 This update for libgcrypt fixes the following issues: - CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding . oval:org.secpod.oval:def:89047176 This update for postgresql13 fixes the following issues: - Upgrade to version 13.3: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - CVE-2021-32029: Fixed possibly- ... oval:org.secpod.oval:def:89047252 This update for libX11 fixes the following issues: - Regression in the fix for CVE-2021-31535, causing segfaults for xforms applications like fdesign oval:org.secpod.oval:def:89047210 This update for libX11 fixes the following issues: - CVE-2021-31535: Fixed missing request length checks in libX11 . oval:org.secpod.oval:def:89047262 This update for dhcp fixes the following issues: - CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient oval:org.secpod.oval:def:89047253 This update for hivex fixes the following issues: - CVE-2021-3504: hivex: missing bounds check within hivex_open oval:org.secpod.oval:def:89047296 This update for cups fixes the following issues: - CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks oval:org.secpod.oval:def:89047211 This update for binutils fixes the following issues: - For compatibility on old code stream that expect "brcl 0,label" to not be disassembled as "jgnop label" on s390x. This reverts IBM zSeries HLASM support for now. - Fixed that ppc64 optflags did not enable LTO . - Fix empty man-pages from broken ... oval:org.secpod.oval:def:89047271 This update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly fixes the following issues: gstreamer was updated to version 1.16.3 : - delay creation of threadpools - bin: Fix `deep-element-removed` log message - buffer: fix meta sequence num ... oval:org.secpod.oval:def:89047221 This update for flac fixes the following issues: - CVE-2020-0499: Fixed an out-of-bounds access . oval:org.secpod.oval:def:89047142 This update for binutils fixes the following issues: Update to binutils 2.37: * The GNU Binutils sources now requires a C99 compiler and library to build. * Support for Realm Management Extension for AArch64 has been added. * A new linker option "-z report-relative-reloc" for x86 ELF targets has be ... oval:org.secpod.oval:def:89047273 This update for python-py fixes the following issues: - CVE-2020-29651: Fixed regular expression denial of service in svnwc.py . oval:org.secpod.oval:def:89047108 This update for lua53 fixes the following issues: Update to version 5.3.6: - CVE-2020-24371: lgc.c mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage - CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fa ... oval:org.secpod.oval:def:89047281 This update for python-rsa fixes the following issues: - CVE-2020-13757: Proper handling of leading "\0" bytes during decryption of ciphertext oval:org.secpod.oval:def:89047080 This update for python-httplib2 fixes the following issues: - Update to version 0.19.0 . - CVE-2021-21240: Fixed regular expression denial of service via malicious header . - CVE-2020-11078: Fixed unescaped part of uri where an attacker could change request headers and body . oval:org.secpod.oval:def:89047172 This update for fribidi fixes the following issues: Security issues fixed: - CVE-2019-18397: Avoid buffer overflow oval:org.secpod.oval:def:89047276 This update for opensc fixes the following issues: - CVE-2019-15945: Fixed an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string . - CVE-2019-15946: Fixed an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry - CVE-2019-19479: Fixed an incorrect read operation during pa ... oval:org.secpod.oval:def:89047185 This update for libu2f-host fixes the following issues: This update ships the u2f-host package Version 1.1.10 - Add new devices to udev rules. - Fix a potentially uninitialized buffer Version 1.1.9 - Fix CID copying from the init response, which broke compatibility with some devices. Version 1.1 ... oval:org.secpod.oval:def:89047167 This update for libcryptopp fixes the following issues: - CVE-2016-9939: Fixed potential DoS in Crypto++ ASN.1 parser . oval:org.secpod.oval:def:89050338 This update for spice-gtk fixes the following issues: - CVE-2020-14355: Fixed multiple buffer overflow vulnerabilities in QUIC image decoding . oval:org.secpod.oval:def:89047263 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.13.0 ESR : - CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption - CVE-2021-29988: Memory corruption as a result of incorrect style treatment - CVE-2021-29984: Incor ... oval:org.secpod.oval:def:89047321 This update for MozillaFirefox fixes the following issues: This update contains the Firefox Extended Support Release 91.2.0 ESR. Release 91.2.0 ESR: * Fixed: Various stability, functionality, and security fixes MFSA 2021-45 : * CVE-2021-38496: Use-after-free in MessageTask * CVE-2021-38497: Validati ... oval:org.secpod.oval:def:89047131 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-afte ... oval:org.secpod.oval:def:89047199 This update for grilo fixes the following issues: - CVE-2021-39365: Fixed missing TLS certificate verification . oval:org.secpod.oval:def:89050484 This update for wireshark fixes the following issues: - Update to wireshark 3.2.7: * CVE-2020-25863: MIME Multipart dissector crash * CVE-2020-25862: TCP dissector crash * CVE-2020-25866: BLIP dissector crash * CVE-2020-17498: Kafka dissector crash oval:org.secpod.oval:def:89050216 This update for wireshark fixes the following issues: - Wireshark to 3.2.5: * CVE-2020-15466: GVCP dissector infinite loop * CVE-2020-13164: NFS dissector crash * CVE-2020-11647: The BACapp dissector could crash - Further features, bug fixes and updated protocol support as listed in: https://www. ... oval:org.secpod.oval:def:89050435 This update for tigervnc fixes the following issues: - CVE-2020-26117: Server certificates were stored as certiticate authorities, allowing malicious owners of these certificates to impersonate any server after a client had added an exception oval:org.secpod.oval:def:89047159 This update for graphviz fixes the following issues: - CVE-2020-18032: Fixed possible remote code execution via buffer overflow . oval:org.secpod.oval:def:89047292 This update for wireshark, libvirt, sbc and libqt5-qtmultimedia fixes the following issues: Update wireshark to version 3.4.5 - New and updated support and bug fixes for multiple protocols - Asynchronous DNS resolution is always enabled - Protobuf fields can be dissected as Wireshark fields - UI im ... oval:org.secpod.oval:def:89047076 This update for wireshark fixes the following issues: - Update to Wireshark 3.4.7 - CVE-2021-22235: Fixed DNP dissector crash . oval:org.secpod.oval:def:89047272 This update for wireshark fixes the following issues: - Update to Wireshark 3.4.10: - CVE-2021-39920: IPPUSB dissector crash . - CVE-2021-39921: Modbus dissector crash . - CVE-2021-39922: C12.22 dissector crash . - CVE-2021-39924: Bluetooth DHT dissector large loop . - CVE-2021-39925: Bluetooth SDP ... oval:org.secpod.oval:def:89047164 This update for python fixes the following issues: - CVE-2021-3737: Fixed http client infinite line reading after a http 100. - CVE-2021-3733: Fixed ReDoS in urllib.request oval:org.secpod.oval:def:89047150 This update for python-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references . oval:org.secpod.oval:def:89047139 This update for python fixes the following issues: - python27 was upgraded to 2.7.18 - CVE-2021-23336: Fixed a potential web cache poisoning by using a semicolon in query parameters use of semicolon as a query string separator . oval:org.secpod.oval:def:89047313 This update for python-Babel fixes the following issues: - CVE-2021-42771: Fixed relative path traversal that may lead to arbitrary locale files loading and arbitrary code execution . oval:org.secpod.oval:def:89050284 This update for apache-commons-httpclient fixes the following issues: - http/conn/ssl/SSLConnectionSocketFactory.java ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service via unspecified vectors. [bsc#945190, CVE-2 ... oval:org.secpod.oval:def:89047119 This update for python3 fixes the following issues: - CVE-2021-3426: Fixed an information disclosure via pydoc oval:org.secpod.oval:def:89047111 This update for xorg-x11-server fixes the following issues: - CVE-2021-4008: Fixed Privilege Escalation Vulnerability via Out-Of-Bounds Access in SProcRenderCompositeGlyphs . oval:org.secpod.oval:def:89047299 This update for busybox fixes the following issues: - CVE-2021-28831: Fixed invalid free or segmentation fault via malformed gzip data . - CVE-2018-20679: Fixed out of bounds read in udhcp . - CVE-2018-1000517: Fixed buffer overflow in the retrieve_file_data . - CVE-2011-5325: Fixed a directory trav ... oval:org.secpod.oval:def:89047227 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.8.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-08 * CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect * CVE-202 ... oval:org.secpod.oval:def:89047165 This update for libmspack fixes the following issues: - CVE-2018-14681: Bad KWAJ file header extensions could cause a one or two byte overwrite. - CVE-2018-14682: There is an off-by-one error in the TOLOWER macro for CHM decompression. - CVE-2018-14679: There is an off-by-one error in the CHM PMGI ... oval:org.secpod.oval:def:89047128 This update for wavpack fixes the following issues: - Update to version 5.4.0 * CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples * fixed: disable A32 asm code when building for Apple silicon * fixed: issues with Adobe-style floating-point WAV files * added: --normalize-floats opti ... oval:org.secpod.oval:def:89047208 This update for glib-networking fixes the following issues: Update to version 2.62.4: - CVE-2020-13645: Fixed a connection failure when the server identity is unset . oval:org.secpod.oval:def:89049080 This update for shim fixes the following issues: This update addresses the "BootHole" security issue , by disallowing binaries signed by the previous SUSE UEFI signing key from booting. This update should only be installed after updates of grub2, the Linux kernel and Xen from July / August 2020 are ... oval:org.secpod.oval:def:89047073 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.7.0 ESR * CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests * CVE-2021-23954: Fixed a type confusion when using logical assignment operators in JavaScript switch state ... oval:org.secpod.oval:def:89047247 This update for jasper fixes the following issues: - bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls - bsc#1181483 CVE-2021-3272: Fix buffer over-read in jp2_decode oval:org.secpod.oval:def:89047132 This patch updates the Python AWS SDK stack in SLE 15: General: # aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all chang ... oval:org.secpod.oval:def:89047316 This update for mutt fixes the following issues: - CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections - Avoid that message with a million tiny parts can freeze MUA for several minutes oval:org.secpod.oval:def:89047216 This update for p11-kit fixes the following issues: - CVE-2020-29361: Fixed multiple integer overflows in rpc code - Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER . oval:org.secpod.oval:def:89047088 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:89047093 This update for xterm fixes the following issues: - CVE-2021-27135: Fixed buffer-overflow when clicking on selected utf8 text oval:org.secpod.oval:def:89047098 This update for screen fixes the following issues: - CVE-2021-26937: Fixed double width combining char handling that could lead to a denial of service or code execution . oval:org.secpod.oval:def:89047158 This update for git fixes the following issues: - On case-insensitive filesystems, with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters , Git could be fooled into running remote code during a clone oval:org.secpod.oval:def:89047186 This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. - CVE-2021-1405: Fix for mail parser NULL-dereference crash. - Fix errors when scanning files greater than or equal to ... oval:org.secpod.oval:def:89047149 This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, result ... oval:org.secpod.oval:def:89047201 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.9.0 ESR * CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read * CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage * CVE-2021-23984: Ma ... oval:org.secpod.oval:def:89047314 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ... oval:org.secpod.oval:def:89047103 This update for spamassassin fixes the following issues: - CVE-2019-12420: memory leak via crafted messages - CVE-2020-1946: security update oval:org.secpod.oval:def:89047214 This update for wpa_supplicant fixes the following issues: - CVE-2021-27803: Fixed a P2P provision discovery processing vulnerability . oval:org.secpod.oval:def:89047212 This update for xorg-x11-server fixes the following issues: - CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege Escalation oval:org.secpod.oval:def:89047332 This update for openexr fixes the following issues: - CVE-2021-23215: Fixed an integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers . - CVE-2021-26260: Fixed an Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers . - CVE-2021-20296: Fixed a Null Pointer dereference in Imf_2_5:hufUncom ... oval:org.secpod.oval:def:89047215 This update for gstreamer-plugins-good fixes the following issues: - CVE-2021-3498: Matroskademux: initialize track context out parameter to NULL before parsing . - CVE-2021-3497: Matroskademux: Fix extraction of multichannel WavPack . oval:org.secpod.oval:def:89047280 This update for ffmpeg fixes the following issues: - CVE-2021-3566: Fixed information leak . - CVE-2021-38093: Fixed integer overflow vulnerability in filter_robert - CVE-2021-38092: Fixed integer overflow vulnerability in filter_prewitt - CVE-2021-38094: Fixed integer overflow vulnerability in fi ... oval:org.secpod.oval:def:89047109 This update for ffmpeg fixes the following issues: - CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an m3u8 file . - CVE-2020-21041: Fixed buffer overflow vulnerability via apng_do_inverse_blend in libavcodec/pngenc.c . - CVE-2019-17539: Fixed NULL pointer dereference in avcod ... oval:org.secpod.oval:def:89047153 This update for brotli fixes the following issues: - CVE-2020-8927: Fixed integer overflow when input chunk is larger than 2GiB . oval:org.secpod.oval:def:89047242 This update for log4j12 fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. [bsc#1193662] oval:org.secpod.oval:def:89047303 This update for flatpak fixes the following issues: - Update to version 1.10.5: - CVE-2021-41133: Fixed a bug that could lead to sandbox bypass via recent VFS-manipulating syscalls oval:org.secpod.oval:def:89047152 This update for ffmpeg fixes the following issues: - CVE-2021-38171: Fixed adts_decode_extradata in libavformat/adtsenc.c to check the init_get_bits return value . oval:org.secpod.oval:def:89047192 This update for ffmpeg fixes the following issues: - CVE-2020-22042: Fixed a denial of service vulnerability led by a memory leak in the link_filter_inouts function in libavfilter/graphparser.c oval:org.secpod.oval:def:89047121 This update for ffmpeg fixes the following issues: - CVE-2019-9721: Fix denial of service in the subtitle decoder in handle_open_brace from libavcodec/htmlsubtitles.c . - CVE-2020-22046: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl fu ... oval:org.secpod.oval:def:89050461 This update for salt fixes the following issues: - Properly validate eauth credentials and tokens on SSH calls made by Salt API - Fix disk.blkid to avoid unexpected keyword argument "__pub_user". - Ensure virt.update stop_on_reboot is updated with its default value. - Do not break package building ... oval:org.secpod.oval:def:89047235 This update for salt fixes the following issues: Update to Salt release version 3002.2 - Check if dpkgnotify is executable - Drop support for Python2. Obsoletes `python2-salt` package - virt module updates * network: handle missing ipv4 netmask attribute * more network support * PCI/USB host devi ... oval:org.secpod.oval:def:89047278 This update for gmp fixes the following issues: - CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inp_raw.c . oval:org.secpod.oval:def:89047229 This update for dbus-1 fixes the following issues: - CVE-2020-12049: truncated messages lead to resource exhaustion. Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:89047106 This update for dbus-1 fixes the following issues: - CVE-2020-35512: Fixed a use-after-free or potential undefined behaviour caused by shared UID"s Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:89047243 This update for avahi fixes the following issues: - CVE-2021-3468: avoid infinite loop by handling HUP event in client_work . oval:org.secpod.oval:def:89047312 This update for c-ares fixes the following issues: Version update to git snapshot 1.17.1+20200724: - CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers - If ares_getaddrinfo was terminated by an ares_destroy, it would cause crash - Crash in sortaddrinfo if the list s ... oval:org.secpod.oval:def:89049078 This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 - Fix for CVE-2020-15706 - Fix for CVE-2020-15707 - Use overflow checking primitives where the arithmetic expression for buffer - Use grub_calloc for ... oval:org.secpod.oval:def:89047113 This update for libnettle fixes the following issues: - CVE-2021-3580: Fixed a remote denial of service in the RSA decryption via manipulated ciphertext . oval:org.secpod.oval:def:89047261 This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars . oval:org.secpod.oval:def:89047105 This update for openssl-1_1 fixes the security issue: * CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension but includes a signature_algorithms_ce ... oval:org.secpod.oval:def:89047523 This update for apache2 fixes the following issues: Apache2 was updated to the current stable version 2.4.51 It fixes all CVEs and selected bugs represented by patches found between 2.4.23 and 2.4.51. See https://downloads.apache.org/httpd/CHANGES_2.4 for a complete change log. Also fixed: - CVE-20 ... oval:org.secpod.oval:def:89047110 This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes via malicious input. - CVE-2021-34798: ... oval:org.secpod.oval:def:89047147 This update for apache2 fixes the following issues: - fixed CVE-2021-30641 [bsc#1187174]: MergeSlashes regression - fixed CVE-2021-31618 [bsc#1186924]: NULL pointer dereference on specially crafted HTTP/2 request - fixed CVE-2020-13950 [bsc#1187040]: mod_proxy NULL pointer dereference - fixed CVE-20 ... oval:org.secpod.oval:def:89047104 This update for apache2 fixes the following issues: - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy . oval:org.secpod.oval:def:89050473 This update for python-cryptography fixes the following issues: - CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption . oval:org.secpod.oval:def:89047181 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20210608 release. - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. See also: https://www.intel.com/ ... oval:org.secpod.oval:def:89047203 This update for ImageMagick fixes the following issues: - CVE-2021-20309: Division by zero in WaveImage of MagickCore/visual-effects. - CVE-2021-20311: Division by zero in sRGBTransformImage in MagickCore/colorspace.c - CVE-2021-20312: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c ... oval:org.secpod.oval:def:89047335 This update for ImageMagick fixes the following issues: - CVE-2021-20176: Fixed division by zero caused by processing crafted file . oval:org.secpod.oval:def:89047309 This update for hivex fixes the following issues: - CVE-2021-3622: Fixed stack overflow due to recursive call of _get_children . oval:org.secpod.oval:def:89047085 This update for ruby2.5 fixes the following issues: - CVE-2020-25613: Fixed a potential HTTP Request Smuggling in WEBrick . - Enable optimizations also on ARM64 oval:org.secpod.oval:def:89050469 This update for rubygem-bundler fixes the following issue: - CVE-2019-3881: Fixed insecure permissions on a directory in /tmp/ that allowed malicious code execution . oval:org.secpod.oval:def:89047251 This update for sudo fixes the following issues: - A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156] - It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit` [bsc#1180684,CVE- ... oval:org.secpod.oval:def:89047118 This update for libaom fixes the following issues: - CVE-2020-36129: Fixed stack buffer overflow via the component src/aom_image.c . - CVE-2020-36131: Fixed stack buffer overflow via the component stats/rate_hist.c . - CVE-2020-36135: Fixed NULL pointer dereference via the component rate_hist.c . - ... oval:org.secpod.oval:def:89047323 This update for MozillaFirefox fixes the following issues: Update to Extended Support Release 91.4.0 : - CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscreen and point ... oval:org.secpod.oval:def:89047179 This update for libaom fixes the following issues: - CVE-2021-30475: Fixed buffer overflow in aom_dsp/noise_model.c . oval:org.secpod.oval:def:89047317 This update for libaom fixes the following issues: - CVE-2021-30474: Fixed use-after-free in aom_dsp/grain_table.c . oval:org.secpod.oval:def:89050259 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 68.6.1esr MFSA 2020-11 * CVE-2020-6819 Use-after-free while running the nsDocShell destructor * CVE-2020-6820 Use-after-free when handling a ReadableStream oval:org.secpod.oval:def:89050373 This update for python-pip, python-scripttest fixes the following issues: - Update in SLE-15 python-pip was updated to 20.0.2: * Fix a regression in generation of compatibility tags * Rename an internal module, to avoid ImportErrors due to improper uninstallation * Switch to a dedicated CLI tool fo ... oval:org.secpod.oval:def:89050274 This update for python-setuptools fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89047288 This update for python3 fixes the following issues: Update to 3.6.12 , including: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89047233 This update for python fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89047226 This update for python-pip fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89047213 This update for python fixes the following issues: - buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution . - Provide the newest setuptools wheel in their correct form . oval:org.secpod.oval:def:89047163 This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures . oval:org.secpod.oval:def:89047218 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970 : Use-after-free in accessibility features of a document * CVE-2021-30547 : Out of bounds write in ANGL ... oval:org.secpod.oval:def:89047182 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:89047245 This update for java-11-openjdk fixes the following issues: - Update to jdk-11.0.12+7 - CVE-2021-2369: Fixed JAR file handling problem containing multiple MANIFEST.MF files. - CVE-2021-2388: Fixed a flaw inside the Hotspot component performed range check elimination. - CVE-2021-2341: Fixed a flaw ... oval:org.secpod.oval:def:89047230 This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.11+9 * CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled algorithms * CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder - moved mozilla-nss depende ... oval:org.secpod.oval:def:89050432 This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.9-11 * New features + JDK-8250784: Shenandoah: A Low-Pause-Time Garbage Collector * Security fixes + JDK-8233624: Enhance JNI linkage + JDK-8236196: Improve string pooling + JDK-8236862, CVE-2020-14779: En ... oval:org.secpod.oval:def:89047069 This update for libxml2 fixes the following issues: - CVE-2021-3541: Fixed exponential entity expansion attack bypasses all existing protection mechanisms oval:org.secpod.oval:def:89047293 This update for libxml2 fixes the following issues: - CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInterna ... oval:org.secpod.oval:def:89047107 This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal . - CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesIntern ... oval:org.secpod.oval:def:89047173 This update for ceph fixes the following issues: - Update to 15.2.12-83-g528da226523: - fix cookie injection issue - RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name - sanitize \r in s3 CORSConfiguration's ExposeHeader oval:org.secpod.oval:def:89050428 This update for ceph fixes the following issues: Security issue fixed: - CVE-2020-27781: Fixed a privilege escalation via the ceph_volume_client Python interface . Non-security issues fixed: - Update to 15.2.8-80-g1f4b6229ca: + Rebase on tip of upstream "octopus" branch, SHA1 bdf3eebcd22d7d0b3dd4d55 ... oval:org.secpod.oval:def:89047254 This update for ceph fixes the following issues: - ceph was updated to 15.2.11-83-g8a15f484c2: * CVE-2021-20288: Fixed unauthorized global_id reuse . * disk gets replaced with no rocksdb/wal . * BlueStore handles huge writes from RocksDB to BlueFS poorly, potentially causing data corruption . oval:org.secpod.oval:def:89050442 This update for MozillaThunderbird and mozilla-nspr fixes the following issues: - Mozilla Thunderbird 78.4 * new: MailExtensions: browser.tabs.sendMessage API added * new: MailExtensions: messageDisplayScripts API added * changed: Yahoo and AOL mail users using password authentication will be migrat ... oval:org.secpod.oval:def:89050224 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.6.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-55 * CVE-2020-16042 Operations on a BigInt could have caused uninitialized memory to be exposed * CVE-2020-26971 Heap bu ... oval:org.secpod.oval:def:89050465 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.5.0 ESR * CVE-2020-26951: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code * CVE-2020-16012: Variable time processing of cross-origin images during drawImage cal ... oval:org.secpod.oval:def:89050402 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.4.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2020-46 * CVE-2020-15969 Use-after-free in usersctp * CVE-2020-15683 Memory safety bugs fixed in Firefox 82 and Firefox ESR 78. ... oval:org.secpod.oval:def:89050304 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.4.1 ESR * Fixed: Security fix MFSA 2020-49 * CVE-2020-26950 Write side effects in MCallGetProperty opcode not accounted for oval:org.secpod.oval:def:89050289 This update for MozillaFirefox fixes the following issues: This update for MozillaFirefox and pipewire fixes the following issues: MozillaFirefox Extended Support Release 78.1.0 ESR * Fixed: Various stability, functionality, and security fixes * CVE-2020-15652: Potential leak of redirect targets wh ... oval:org.secpod.oval:def:89047329 This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Fixed a ReDOS vulnerability where urlize could have been called with untrusted user data . oval:org.secpod.oval:def:89047197 This update for curl fixes the following issues: - CVE-2021-22947: Fixed STARTTLS protocol injection via MITM . - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed . oval:org.secpod.oval:def:89047148 This update for curl fixes the following issues: - CVE-2021-22925: TELNET stack contents disclosure again. - CVE-2021-22924: Bad connection reuse due to flawed path name checks. - CVE-2021-22923: Insufficiently Protected Credentials. - CVE-2021-22922: Wrong content via metalink not discarded oval:org.secpod.oval:def:89047337 This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure . - Allow partial chain verification [jsc#SLE-17956] * Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA certificates are ... oval:org.secpod.oval:def:89050246 This update for curl fixes the following issues: - An application that performs multiple requests with libcurl"s multi API and sets the "CURLOPT_CONNECT_ONLY" option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the wr ... oval:org.secpod.oval:def:89050437 This update for curl fixes the following issues: - CVE-2020-8177: Fixed an issue where curl could have been tricked by a malicious server to overwrite a local file when using the -J option . - CVE-2020-8169: Fixed an issue where could have led to partial password leak over DNS on HTTP redirect . oval:org.secpod.oval:def:89050308 This update for libvirt fixes the following issues: - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros . - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces . - qemu: Avoid stale capabilities cache host CPU or kernel command line changes . - virdevmapper: H ... oval:org.secpod.oval:def:89047190 This update for gd fixes the following issues: - CVE-2021-40812: Fixed out-of-bounds read caused by the lack of certain gdGetBuf and gdPutBuf return value checks . oval:org.secpod.oval:def:89050252 This update for samba fixes the following issues: Update to samba 4.11.14 - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records . - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . - l ... oval:org.secpod.oval:def:89050265 This update for clamav fixes the following issues: clamav was updated to the new major release 0.103.0. Note that libclamav was changed incompatible, if you have a 3rd party application that uses libclamav, it needs to be rebuilt. Update to 0.103.0 * clamd can now reload the signature database with ... oval:org.secpod.oval:def:89050369 This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the "Cache-Digest" header in a HTTP/2 request . - CVE-2020-11984: Fixed an information disclosure bug in mod_proxy_uwsgi . - CVE-2020-11993: When trace/debug was enabled for the ... oval:org.secpod.oval:def:89047204 This update for ruby2.5 fixes the following issues: - CVE-2021-31799: Fixed Command injection vulnerability in RDoc . - CVE-2021-31810: Fixed trusting FTP PASV responses vulnerability in Net:FTP . - CVE-2021-32066: Fixed StartTLS stripping vulnerability in Net:IMAP . oval:org.secpod.oval:def:89047083 This update for speex fixes the following issues: - CVE-2020-23903: Fixed zero division error in read_samples . oval:org.secpod.oval:def:89047198 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corrupt ... oval:org.secpod.oval:def:89050495 This update for gdm fixes the following issues: - Exit with failure if loading existing users fails . oval:org.secpod.oval:def:89050254 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.4 : + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925. oval:org.secpod.oval:def:89050478 This update for webkit2gtk3 fixes the following issues: -webkit2gtk3 was updated to version 2.30.3 : - CVE-2021-13543: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-13584: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-9948: ... oval:org.secpod.oval:def:89050239 This update for curl fixes the following issues: - CVE-2020-8286: Fixed improper OSCP verification in the client side . - CVE-2020-8285: Fixed a stack overflow due to FTP wildcard . - CVE-2020-8284: Fixed an issue where a malicius FTP server could make curl connect to a different IP . oval:org.secpod.oval:def:89047162 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.0 : * Fix the authentication request port when URL omits the port. * Fix iframe scrolling when main frame is scrolled in async * scrolling mode. * Stop using g_memdup. * Show a warning message when overriding signal han ... oval:org.secpod.oval:def:89047183 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.4 - CVE-2021-30858: Fixed a security bug that could allow maliciously crafted web content to achieve arbitrary code execution. - CVE-2021-21806: Fixed an exploitable use-after-free vulnerability via specially crafted H ... oval:org.secpod.oval:def:89050477 This update for tcpdump fixes the following issues: - CVE-2020-8037: Fixed an issue where PPP decapsulator did not allocate the right buffer size . oval:org.secpod.oval:def:89050344 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.3 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several ... oval:org.secpod.oval:def:89047295 This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak . oval:org.secpod.oval:def:89047234 This update for webkit2gtk3 fixes the following issues: - CVE-2021-30846: Fixed memory corruption issue that could lead to arbitrary code execution when processing maliciously crafted web content . - CVE-2021-30851: Fixed memory corruption vulnerability that could lead to arbitrary code execution wh ... oval:org.secpod.oval:def:89047123 This update for ncurses fixes the following issues: - CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo oval:org.secpod.oval:def:89050243 The SUSE Linux Enterprise 15 SP2 kernel was updated to 3.12.31 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of servi ... oval:org.secpod.oval:def:89047294 This update for pcre fixes the following issues: Update pcre to version 8.45: - CVE-2020-14155: Fixed integer overflow via a large number after a " oval:org.secpod.oval:def:89047246 This update for sqlite3 fixes the following issues: - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization - CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizat ... oval:org.secpod.oval:def:89050358 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka "BleedingTooth" aka "BadKarma" . - CVE-2020-24490: Fixed a heap buffer overflow when process ... oval:org.secpod.oval:def:89050270 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechani ... oval:org.secpod.oval:def:89050523 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-25285: A race condition between hugetlb sysctl handlers in mm/hugetlb.c could be used by local attackers to corrupt memory, cause a NULL pointer dereferenc ... oval:org.secpod.oval:def:89050516 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka "BleedingTooth" aka "BadKarma" . - CVE-2020-24490: Fixed a heap buffer overflow when process ... oval:org.secpod.oval:def:89050414 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-25285: A race condition between hugetlb sysctl handlers in mm/hugetlb.c could be used by local attackers to corrupt memory, cause a NULL pointer dereferenc ... oval:org.secpod.oval:def:89047217 This update for glib2 fixes the following issues: - CVE-2021-27218: g_byte_array_new_take takes a gsize as length but stores in a guint, this patch will refuse if the length is larger than guint. - CVE-2021-27219: g_memdup takes a guint as parameter and sometimes leads into an integer overflow, so ... oval:org.secpod.oval:def:89050222 This update for xen fixes the following issues: - CVE-2020-15563: Fixed inverted code paths in x86 dirty VRAM tracking . - CVE-2020-15565: Fixed insufficient cache write-back under VT-d . - CVE-2020-15566: Fixed incorrect error handling in event channel port allocation . - CVE-2020-15567: Fixed non- ... oval:org.secpod.oval:def:89050491 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19462: relay_open in kernel/relay.c in the Linux kernel allowed local users to cause a denial of service by triggering a NULL alloc_percpu result . - CVE- ... oval:org.secpod.oval:def:89050517 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19462: relay_open in kernel/relay.c in the Linux kernel allowed local users to cause a denial of service by triggering a NULL alloc_percpu result . - CVE- ... oval:org.secpod.oval:def:89050360 This update for xen fixes the following issues: - bsc#1177409 - VUL-0: CVE-2020-27673: xen: x86 PV guest INVLPG-like flushes may leave stale TLB entries - bsc#1177412 - VUL-0: CVE-2020-27672: xen: Race condition in Xen mapping code - bsc#1177413 - VUL-0: CVE-2020-27671: xen: undue deferral of IOMM ... oval:org.secpod.oval:def:89050217 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bug fixes. The following security bugs were fixed: - CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl . - CVE-2020-8694: Restricted energy meter to root access . The following non-security bugs ... oval:org.secpod.oval:def:89050458 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-14314: Fixed a potential negative array index in ext4 . - CVE-2020-14331: Fixed a missing check in scrollback handling . - CVE-2020-14356: Fixed a NULL poi ... oval:org.secpod.oval:def:89047231 This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression - enh: arm: add experimental support for binary arm images - enh: rsb filling: no lo ... oval:org.secpod.oval:def:89047125 This update for libsndfile fixes the following issues: - CVE-2018-13139: Fixed a stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28allows remote attackers to cause a denial of service or possibly have unspecified other impact. - CVE-2018-19432: Fixed a NULL pointer derefere ... oval:org.secpod.oval:def:89047244 This update for openvpn fixes the following issues: - CVE-2020-15078: Fixed authentication bypass with deferred authentication . - CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key . - CVE-2018-7544: Fixed cross-protocol scripting issue that was discov ... oval:org.secpod.oval:def:89047169 This update for python3 fixes the following issues: - Fixed CVE-2020-27619 , where Lib/test/multibytecodec_support calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and SLE12 - ad ... oval:org.secpod.oval:def:89050374 This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some non default configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . - Update to samba 4.11 ... |