Download
| Alert*
|
oval:org.secpod.oval:def:89047077
This update for libvirt fixes the following issues: - lxc: controller: Fix container launch on cgroup v1. - supportconfig: Use systemctl command "is-active" instead of "is-enabled" when checking if libvirtd is active. - qemu: Do not report error in the logs when processing monitor IO. - spec: Fix ... oval:org.secpod.oval:def:89047274 This is a security test update for SUSE:SLE-15-SP3:Update oval:org.secpod.oval:def:89047170 This update for umoci fixes the following issues: Update to v0.4.7 . - CVE-2021-29136: Fixed overwriting of host files via malicious layer . oval:org.secpod.oval:def:89047412 This update for permissions fixes the following issues: - Update to version 20181225: setuid bit for cockpit session binary . oval:org.secpod.oval:def:89047605 This update for mokutil fixes the following issues: - Adds SBAT revocation support to mokutil. New options added : - mokutil --sbat List all entries in SBAT. - mokutil --set-sbat-policy To set the SBAT acceptance policy. - mokutil --list-sbat-revocations To list the current SBAT revocations. oval:org.secpod.oval:def:89047615 This update for gnutls fixes the following issues: - CVE-2021-4209: Fixed null pointer dereference in MD_UPDATE . oval:org.secpod.oval:def:89047003 This update for clamav fixes the following issues: clamav was updated to 0.103.7 * Upgrade the vendored UnRAR library to version 6.1.7. * Fix logical signature Intermediates feature. * Relax constraints on slightly malformed zip archives that contain overlapping file entries. oval:org.secpod.oval:def:89047361 This update of fwupd fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89046148 SUSE Linux Enterprise Desktop 15 SP3 is installed oval:org.secpod.oval:def:89047268 This update for bluez fixes the following issues: - CVE-2021-3588: Fixed a missing bounds checks inside cli_feat_read_cb function in src/gatt-database.c oval:org.secpod.oval:def:89047144 This update for icu.691 fixes the following issues: - Renamed package from icu 69.1 for SUSE:SLE-15-SP3:Update. - Fix undefined behaviour in "ComplexUnitsConverter::applyRounder" - Update to release 69.1 - For Norwegian, "no" is back to being the canonical code, with "nb" treated as equivalent. Thi ... oval:org.secpod.oval:def:89048110 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.60 state of Mozilla SSL root CAs Removed CAs: - Global Chambersign Root - EC-ACC - Network Solutions Certificate Authority - Staat der Nederlanden EV Root CA - SwissSign Platinum CA - G2 Added CAs: - DIGITALSIGN GLOB ... oval:org.secpod.oval:def:89047496 This update for libsolv, libzypp, zypper fixes the following issues: Security relevant fix: - Harden package signature checks . libsolv update to 0.7.22: - reworked choice rule generation to cover more usecases - support SOLVABLE_PREREQ_IGNOREINST in the ordering code - support parsing of Debian"s ... oval:org.secpod.oval:def:89047347 This update of s390-tools fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89047462 This update for logrotate fixes the following issues: Security issues fixed: - Improved coredump handing for SUID binaries . Non-security issues fixed: - Fixed 'logrotate emits unintended warning: keyword size not properly separated, found 0x3d' . oval:org.secpod.oval:def:89047578 This update of fwupdate fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89047334 This update for rpm fixes the following issues: Security issues fixed: - PGP hardening changes Maintaince issues fixed: - Fixed zstd detection - Added ndb rofs support - Fixed deadlock when multiple rpm processes try tp acquire the database lock oval:org.secpod.oval:def:89047081 This update for OpenIPMI fixes the following issues: - Fixed an issue where OpenIPMI was creating non-position independent binaries . oval:org.secpod.oval:def:89047193 This update for gcc7 fixes the following issues: - CVE-2020-13844: Added mitigation for aarch64 Straight Line Speculation issue - Enable fortran for the nvptx offload compiler. - Update README.First-for.SuSE.packagers - avoid assembler errors with AVX512 gather and scatter instructions when using - ... oval:org.secpod.oval:def:89047074 This update for librsvg fixes the following issues: - librsvg was updated to 2.46.5: * Update dependent crates that had security vulnerabilities: smallvec to 0.6.14 - RUSTSEC-2018-0003 - CVE-2021-25900 oval:org.secpod.oval:def:89047075 This update for dtc fixes the following issues: - make all packaged binaries PIE-executables . oval:org.secpod.oval:def:89047161 This update for libesmtp fixes the following issues: - CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c . oval:org.secpod.oval:def:89047283 This update for libopenmpt fixes the following issues: Various bugfix and stability issues were fixed, some of those might have security impact. libopenmpt was updated to 0.3.28: * Fixed excessive memory consumption with malformed files in various formats. Changes in 0.3.27: * AMS: Avoid allocating ... oval:org.secpod.oval:def:89047184 This update for libass fixes the following issues: - CVE-2020-26682: Fixed a signed integer overflow in the call to outline_stroke . oval:org.secpod.oval:def:89047298 This update for permissions fixes the following issues: - etc/permissions: remove unnecessary entries oval:org.secpod.oval:def:89047300 This update for p7zip fixes the following issues:Fixed a NULL pointer dereference in NCompress:CCopyCoder:Code oval:org.secpod.oval:def:89047241 This update for permissions fixes the following issues: - Update to version 20181225: * drop ping capabilities in favor of ICMP_PROTO sockets oval:org.secpod.oval:def:89047265 This update for wireguard-tools fixes the following issues: - Removed world-readable permissions from /etc/wireguard oval:org.secpod.oval:def:89047143 This update for aaa_base fixes the following issues: - Allowed ping and ICMP commands without CAP_NET_RAW . - Add $HOME/.local/bin to PATH, if it exists . - Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform . - Support xz compressed kernel oval:org.secpod.oval:def:89047257 This update for ipvsadm fixes the following issues: - Hardening: link as position independent executable . oval:org.secpod.oval:def:89047255 This update for libass fixes the following issues: - CVE-2020-24994: Fixed a stack overflow in the parse_tag . oval:org.secpod.oval:def:89047206 This update for giflib fixes the following issues: - Enable Position Independent Code and inherit CFLAGS from the build system . oval:org.secpod.oval:def:89047327 This update for clamav fixes the following issues: - Update to 0.103.4 . - Update to 0.103.3 . oval:org.secpod.oval:def:89047320 This update for wireshark fixes the following issues: Update wireshark to 3.4.6. Including a fix for: - DVB-S2-BB dissector infinite loop . oval:org.secpod.oval:def:89047224 This update for java-11-openjdk fixes the following issues: java-11-openjdk was upgraded to include January 2021 CPU - Enable Sheandoah GC for x86_64 oval:org.secpod.oval:def:89047222 This update for fwupdate fixes the following issues: - Add SBAT section to EFI images oval:org.secpod.oval:def:89047369 This update for perl-DBD-SQLite fixes the following issues: - updated to 1.66 - Use external sqlite3 library rather than internal code oval:org.secpod.oval:def:89047202 This update for subversion fixes the following issues: - CVE-2020-17525: A null-pointer-dereference has been found in mod_authz_svn that results in a remote unauthenticated Denial-of-Service in some server configurations . oval:org.secpod.oval:def:89047267 This update for libjpeg-turbo fixes the following issues: - CVE-2020-17541: Fixed a stack-based buffer overflow in the "transform" component . oval:org.secpod.oval:def:89047425 This update for yaml-cpp fixes the following issues: - CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue . - CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap . - CVE-2019-6285: Fixed remote DOS via a cra ... oval:org.secpod.oval:def:89047174 This update for cryptctl fixes the following issues: Update to version 2.4: - CVE-2019-18906: Client side password hashing was equivalent to clear text password storage - First step to use plain text password instead of hashed password. - Move repository into the SUSE github organization - in RPC s ... oval:org.secpod.oval:def:89047500 This update for python-Flask-Security-Too fixes the following issues: - CVE-2021-21241: Fixed an issue where GET requests lacking CSRF protection to certain endpoints could return the user"s authentication token . oval:org.secpod.oval:def:89047349 This update for libarchive fixes the following issues: - CVE-2021-23177: Fixed symlink ACL extraction that modifies ACLs of the target system . oval:org.secpod.oval:def:89047419 This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths . oval:org.secpod.oval:def:89047493 This update for libjpeg-turbo fixes the following issues: - CVE-2020-35538: Fixed null pointer dereference in jcopy_sample_rows function . oval:org.secpod.oval:def:89047673 This update for jasper fixes the following issues: - CVE-2022-2963: Fixed memory leaks in function cmdopts_parse . oval:org.secpod.oval:def:89047792 This update for python-waitress fixes the following issues: - CVE-2022-24761: Fixed a bug to avoid inconsistent interpretation of HTTP requests leading to request smuggling oval:org.secpod.oval:def:89047723 This update for libmad fixes the following issues: - CVE-2017-8373: Fixed heap-based buffer overflow in mad_layer_III . - CVE-2017-8372: Fixed assertion failure in layer3.c . oval:org.secpod.oval:def:89047438 This update for jasper fixes the following issues: - CVE-2021-27845: Fixed divide-by-zery issue in cp_create . oval:org.secpod.oval:def:89047576 This update for ldns fixes the following issues: - CVE-2020-19860: Fixed heap-based out of bounds read when verifying a zone file . - CVE-2020-19861: Fixed heap-based out of bounds read in ldns_nsec3_salt_data . oval:org.secpod.oval:def:89047395 This update for python-M2Crypto fixes the following issues: - CVE-2020-25657: Fixed Bleichenbacher timing attacks in the RSA decryption API . oval:org.secpod.oval:def:89047386 This update for cryptsetup fixes the following issues: - CVE-2021-4122: Fixed possible attacks against data confidentiality through LUKS2 online reencryption extension crash recovery . oval:org.secpod.oval:def:89047290 This update for dnsmasq fixes the following issues: Update to version 2.86 - CVE-2021-3448: fixed outgoing port used when --server is used with an interface name. - CVE-2020-14312: Set --local-service by default . - Open inotify socket only when used . oval:org.secpod.oval:def:89047122 This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions . oval:org.secpod.oval:def:89047333 This update for gupnp fixes the following issues: - CVE-2021-33516: Fixed a DNS rebinding, which could trick the browser into triggering actions against local UPnP services . oval:org.secpod.oval:def:89047532 This update for udisks2 fixes the following issues: - CVE-2021-3802: Fixed insecure defaults in user-accessible mount helpers . - Fixed vulnerability that allowed mounting ext4 devices over existing entries in fstab . oval:org.secpod.oval:def:89047225 This update for cpio fixes the following issues: It was possible to trigger Remote code execution due to a integer overflow UPDATE: This update was buggy and could lead to hangs, so it has been retracted. There will be a follow up update. oval:org.secpod.oval:def:89047099 This update for arpwatch fixes the following issues: - CVE-2021-25321: Fixed local privilege escalation from runtime user to root . oval:org.secpod.oval:def:89047095 This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2021-3781: Fixed a trivial -dSAFER bypass command injection Also a hardening fix was added: - Link as position independent executable oval:org.secpod.oval:def:89047456 This update for SDL fixes the following issues: - CVE-2020-14409: Fixed an integer overflow in SDL_BlitCopy in video/SDL_blit_copy.c. - CVE-2020-14410: Fixed a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c. - CVE-2021-33657: Fixed a Heap overflow problem in ... oval:org.secpod.oval:def:89047457 This update for SDL2 fixes the following issues: - CVE-2021-33657: Fix a buffer overflow when parsing a crafted BMP image . oval:org.secpod.oval:def:89047223 This update for caribou fixes the following issues: Security issue fixed: - CVE-2021-3567: Fixed a segfault when attempting to use shifted characters . oval:org.secpod.oval:def:89047322 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.11.0 ESR * CVE-2021-29964: Out of bounds-read when parsing a `WM_COPYDATA` message * CVE-2021-29967: Memory safety bugs fixed in Firefox oval:org.secpod.oval:def:89048015 This update for busybox fixes the following issues: - CVE-2022-30065: Fixed use-after-free in the AWK applet . oval:org.secpod.oval:def:89047626 This update for systemd fixes the following issues: - CVE-2021-3997: Fixed an uncontrolled recursion in systemd"s systemd-tmpfiles . The following non-security bugs were fixed: - udev/net_id: don"t generate slot based names if multiple devices might claim the same slot - localectl: don"t omit keyma ... oval:org.secpod.oval:def:89047387 This update for systemd fixes the following issues: - CVE-2021-3997: Fixed an uncontrolled recursion in systemd"s systemd-tmpfiles which could cause a minor denial of service. Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:89047388 This update for bluez fixes the following issues: - CVE-2022-0204: Fixed a buffer overflow in the implementation of the gatt protocol . oval:org.secpod.oval:def:89047376 This update for icu fixes the following issues: - CVE-2020-21913: Fixed a memory safetey issue that could lead to use after free . oval:org.secpod.oval:def:89047761 This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser . oval:org.secpod.oval:def:89047024 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.3.0esr ESR : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed bypassing secu ... oval:org.secpod.oval:def:89047504 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220809 release : - CVE-2022-21233: Fixed an issue where stale data may have been leaked from the legacy xAPIC MMIO region, which could be used to compromise an SGX enclave . See also: https://www.intel.com/conte ... oval:org.secpod.oval:def:89047508 This update for kernel-firmware fixes the following issues: Update Intel Wireless firmware for 9xxx : CVE-2021-0161: Improper input validation in firmware for Intel PROSet/Wireless Wi-Fi and Killer Wi-Fi may allow a privileged user to potentially enable escalation of privilege via local access. CVE- ... oval:org.secpod.oval:def:89047569 This update for kernel-firmware fixes the following issues: Update AMD ucode and SEV firmware - oval:org.secpod.oval:def:89047629 This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb . - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image . - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS ... oval:org.secpod.oval:def:89047364 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:89047289 This update for libqt5-qtsvg fixes the following issues: - CVE-2021-3481: Fixed an out of bounds read in function QRadialFetchSimd from crafted svg file oval:org.secpod.oval:def:89047470 This update for fribidi fixes the following issues: - CVE-2022-25308: Fixed stack out of bounds read . - CVE-2022-25309: Fixed heap-buffer-overflow in fribidi_cap_rtl_to_unicode . - CVE-2022-25310: Fixed NULL pointer dereference in fribidi_remove_bidi_marks . oval:org.secpod.oval:def:89047397 This update for ldb fixes the following issues: - Update to version 2.4.2 - CVE-2021-3670: Fixed an issue where the LDAP server MaxQueryDuration value would not be honoured . oval:org.secpod.oval:def:89047383 This update for libsndfile fixes the following issues: - CVE-2021-4156: Fixed heap buffer overflow in flac_buffer_copy that could potentially lead to heap exploitation . oval:org.secpod.oval:def:89047595 This update for clamav fixes the following issues: - CVE-2022-20698: Fixed invalid pointer read allowing denial of service crash oval:org.secpod.oval:def:89047624 This update for openldap2 fixes the following issues: - CVE-2022-29155: Fixed SQL injection in back-sql . oval:org.secpod.oval:def:89047177 This update for djvulibre fixes the following issues: - CVE-2021-3500: Stack overflow in function DJVU:DjVuDocument:get_djvu_file via crafted djvu file oval:org.secpod.oval:def:89047315 This update for djvulibre fixes the following issues: - CVE-2021-32490 [bsc#1185895]: Out of bounds write in function DJVU:filter_bv via crafted djvu file - CVE-2021-32491 [bsc#1185900]: Integer overflow in function render in tools/ddjvu via crafted djvu file - CVE-2021-32492 [bsc#1185904]: Out of b ... oval:org.secpod.oval:def:89048085 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting . Bug fixes: - Support by-path devlink for multipath nvme block devices . - Set SYSTEMD_NSS_DYNAMIC_BYPASS=1 env var for dbus-daemon . - Restrict cpu r ... oval:org.secpod.oval:def:89047809 This update for buildah fixes the following issues: - CVE-2021-20206: Fixed an issue in libcni that could allow an attacker to execute arbitrary binaries on the host . - CVE-2020-10696: Fixed an issue that could lead to files being overwritten during the image building process . - CVE-2022-2990: Fix ... oval:org.secpod.oval:def:89047180 This update for postgresql13 fixes the following issues: - CVE-2021-3677: Fixed memory disclosure in certain queries . - Fixed build with llvm12 on s390x . - Re-enabled icu for PostgreSQL 10 . - Made the dependency of postgresqlXX-server-devel on llvm and clang optional . - llvm12 breaks PostgreSQL ... oval:org.secpod.oval:def:89047087 This update for krb5 fixes the following issues: - CVE-2021-36222: Fixed KDC null deref on bad encrypted challenge oval:org.secpod.oval:def:89047117 This update for xen fixes the following issues: Update to Xen 4.13.3 general bug fix release . Security issues fixed: - CVE-2021-28693: xen/arm: Boot modules are not scrubbed - CVE-2021-28692: xen: inappropriate x86 IOMMU timeout detection / handling - CVE-2021-0089: xen: Speculative Code Store By ... oval:org.secpod.oval:def:89047344 This update for mutt fixes the following issues: - CVE-2022-1328: Fixed an invalid memory access when reading untrusted uuencoded data. This could result in including private memory in replies . oval:org.secpod.oval:def:89047953 This update for opensc fixes the following issues: - CVE-2019-6502: Fixed memory leak in sc_context_create in ctx.c . oval:org.secpod.oval:def:89047583 This update for dwarves and elfutils fixes the following issues: elfutils was updated to version 0.177 : - elfclassify: New tool to analyze ELF objects. - readelf: Print DW_AT_data_member_location as decimal offset. Decode DW_AT_discr_list block attributes. - libdw: Add DW_AT_GNU_numerator, DW_AT_GN ... oval:org.secpod.oval:def:89048036 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ... oval:org.secpod.oval:def:89047799 This update for libtasn1 fixes the following issues: - CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der oval:org.secpod.oval:def:89047535 This update for postgresql13 fixes the following issues: - CVE-2022-1552: Confine additional operations within 'security restricted operation' sandboxes . oval:org.secpod.oval:def:89047452 This update for postgresql14 fixes the following issues: - CVE-2022-1552: Confine additional operations within 'security restricted operation' sandboxes . oval:org.secpod.oval:def:89047630 This update for gzip fixes the following issues: - CVE-2022-1271: Fix escaping of malicious filenames oval:org.secpod.oval:def:89047618 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames oval:org.secpod.oval:def:89047471 This update for open-vm-tools fixes the following issues: - Updated to version 12.1.0 : - CVE-2022-31676: Fixed an issue that could allow unprivileged users inside a virtual machine to escalate privileges . oval:org.secpod.oval:def:89047491 This update for gnutls fixes the following issues: - CVE-2022-2509: Fixed a double free issue during PKCS7 verification . oval:org.secpod.oval:def:89047549 This update for gdk-pixbuf fixes the following issues: - CVE-2021-46829: Fixed overflow when compositing or clearing frames . oval:org.secpod.oval:def:89047468 This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed denial of service vulnerability with lots of connections . oval:org.secpod.oval:def:89047340 This update for wavpack fixes the following issues: - CVE-2022-2476: Fixed a Null pointer dereference in wvunpack . oval:org.secpod.oval:def:89047524 This update for gpg2 fixes the following issues: - CVE-2022-34903: Fixed a status injection vulnerability . - Use AES as default cipher instead of 3DES when we are in FIPS mode oval:org.secpod.oval:def:89047598 This update for perl-HTTP-Daemon fixes the following issues: - CVE-2022-31081: Fixed request smuggling in HTTP::Daemon . oval:org.secpod.oval:def:89047536 This update for harfbuzz fixes the following issues: - CVE-2022-33068: Fixed a integer overflow in hb-ot-shape-fallback.cc . oval:org.secpod.oval:def:89047571 This update for python-bottle fixes the following issues: - CVE-2022-31799: Fixed an error mishandling issue that could lead to remote denial of service . oval:org.secpod.oval:def:89047447 This update for cups fixes the following issues: - CVE-2022-26691: Fixed an authentication bypass and code execution vulnerability oval:org.secpod.oval:def:89047391 This update for python-PyJWT fixes the following issues: - CVE-2022-29217: Fixed key confusion through non-blocklisted public key format . oval:org.secpod.oval:def:89047521 This update for systemd-presets-common-SUSE fixes the following issues: - CVE-2022-1706: Fixed accessible configs from unprivileged containers in VMs running on VMware products . The following non-security bugs were fixed: - Modify branding-preset-states to fix systemd-presets-common-SUSE not enabli ... oval:org.secpod.oval:def:89047389 This update for pcre fixes the following issues: - CVE-2022-1586: Fixed unicode property matching issue oval:org.secpod.oval:def:89047567 This update for pcre2 fixes the following issues: - CVE-2022-1586: Fixed out-of-bounds read via missing Unicode property matching issue in JIT compiled regular expressions . oval:org.secpod.oval:def:89047545 This update for clamav fixes the following issues: - CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM file parser . - CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the scan verdict cache check . - CVE-2022-20771: Fixed a possible infinite loop vulnerabilit ... oval:org.secpod.oval:def:89047556 This update for e2fsprogs fixes the following issues: - CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation fault and possibly arbitrary code execution oval:org.secpod.oval:def:89047614 This update for libarchive fixes the following issues: - CVE-2022-26280: Fixed out-of-bounds read via the component zipx_lzma_alone_init . oval:org.secpod.oval:def:89047301 This update for openexr fixes the following issues: - CVE-2021-3941: Fixed divide-by-zero in Imf_3_1:RGBtoXYZ . - CVE-2021-3933: Fixed integer-overflow in Imf_3_1:bytesPerDeepLineTable . oval:org.secpod.oval:def:89047631 This update for openvpn fixes the following issues: - CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in . oval:org.secpod.oval:def:89047520 This update for python-paramiko fixes the following issues: - CVE-2022-24302: Fixed a race condition between creation and chmod when writing private keys oval:org.secpod.oval:def:89047621 This update for libcaca fixes the following issues: - CVE-2022-0856: Fixed a divide by zero issue which could be exploited to cause an application crash . oval:org.secpod.oval:def:89047375 This update for wavpack fixes the following issues: - CVE-2021-44269: Fixed out of bounds read in processing .wav files . oval:org.secpod.oval:def:89047284 This update for postgresql13 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89047311 This update for postgresql14 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . - Let rpmlint ignore shlib-policy-name-error . oval:org.secpod.oval:def:89047411 This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c . The following non-security bugs were fixed: - postfix: sasl authentication with password fails . oval:org.secpod.oval:def:89047580 This update for polkit fixes the following issues: - CVE-2021-4115: Fixed a denial of service via file descriptor leak . oval:org.secpod.oval:def:89047488 - CVE-2021-44141: Information leak via symlinks of existance of files or directories outside of the exported share; ; ; - CVE-2021-44142: Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution; ; ; - CVE-2022-0336: Samba AD users with permission to write to an acco ... oval:org.secpod.oval:def:89047082 This update for polkit fixes the following issues: - CVE-2021-3560: Fixed a local privilege escalation using polkit_system_bus_name_get_creds_sync . oval:org.secpod.oval:def:89047538 This update for firewalld, golang-github-prometheus-prometheus fixes the following issues: Security fixes for golang-github-prometheus-prometheus: - CVE-2022-21698: Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods ... oval:org.secpod.oval:def:89047706 This update for golang-github-prometheus-node_exporter fixes the following issues: oval:org.secpod.oval:def:89047466 This security update for golang-github-prometheus-node_exporter provides: Update golang-github-prometheus-node_exporter from version 1.1.2 to version 1.3.0 - CVE-2022-21698: Denial of service using InstrumentHandlerCounter - Update vendor tarball with prometheus/client_golang 1.11.1 - Update to 1.3 ... oval:org.secpod.oval:def:89047439 This update for strongswan fixes the following issues: - CVE-2021-45079: Fixed authentication bypass in EAP authentication oval:org.secpod.oval:def:89047606 This update for protobuf fixes the following issues: - CVE-2021-22570: Fix incorrect parsing of nullchar in the proto symbol . oval:org.secpod.oval:def:89047502 This update for xen fixes the following issues: - CVE-2022-23033: Fixed guest_physmap_remove_page not removing the p2m mappings. - CVE-2022-23034: Fixed possible DoS by a PV guest Xen while unmapping a grant. - CVE-2022-23035: Fixed insufficient cleanup of passed-through device IRQs. Special I ... oval:org.secpod.oval:def:89047517 This update for wpa_supplicant fixes the following issues: - CVE-2022-23303: Fixed side-channel attacks in SAE . - CVE-2022-23304: Fixed side-channel attacks in EAP-pwd . oval:org.secpod.oval:def:89046994 This update for gdk-pixbuf fixes the following issues: - CVE-2021-44648: Fixed overflow vulnerability in lzw code size . oval:org.secpod.oval:def:89047601 This update for openexr fixes the following issues: - CVE-2021-45942: Fixed heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute oval:org.secpod.oval:def:89047559 This update for ghostscript fixes the following issues: - CVE-2021-45944: Fixed use-after-free in sampled_data_sample - CVE-2021-45949: Fixed heap-based buffer overflow in sampled_data_finish oval:org.secpod.oval:def:89047424 This update for lapack fixes the following issues: - CVE-2021-4048: Fixed an out of bounds read when user input was not validated properly . oval:org.secpod.oval:def:89047236 This update for strongswan fixes the following issues: A feature was added: - Add auth_els plugin to support Marvell FC-SP encryption Security issues fixed: - CVE-2021-41991: Fixed an integer overflow when replacing certificates in cache. - CVE-2021-41990: Fixed an integer Overflow in the gmp Plug ... oval:org.secpod.oval:def:89047328 This update for xen fixes the following issues: - CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling . - Upstream bug fixes oval:org.secpod.oval:def:89047160 This update for fetchmail fixes the following issues: - CVE-2021-39272: Fix failure to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH oval:org.secpod.oval:def:89047209 This update for fetchmail fixes the following issues: - CVE-2021-36386: Fixed DoS or information disclosure in some configurations . - CVE-2021-39272: Fixed STARTTLS session encryption bypassing . - Update to 6.4.22 - Remove all python2 dependencies . - De-hardcode /usr/lib path for launch executa ... oval:org.secpod.oval:def:89047102 This update for openexr fixes the following issues: - Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the rleUncompress function - Fixed CVE-2021-3598 [bsc#1187310]: Heap buffer overflow in Imf_3_1:CharPtrIO:readChars oval:org.secpod.oval:def:89047078 This update for openssl-1_1 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings . oval:org.secpod.oval:def:89047324 This update for openssl-1_1 fixes the following security issues: - CVE-2021-3711: A bug in the implementation of the SM2 decryption code could lead to buffer overflows. [bsc#1189520] - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious a ... oval:org.secpod.oval:def:89047124 This update for krb5 fixes the following issues: - CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacks a server field . oval:org.secpod.oval:def:89047079 This update for fetchmail fixes the following issues: - CVE-2021-36386: Fixed a missing variable initialization that can cause read from bad memory locations. - Change PASSWORDLEN from 64 to 256 oval:org.secpod.oval:def:89047096 This update for systemd fixes the following issues: - CVE-2021-33910: Fixed a denial of service in systemd oval:org.secpod.oval:def:89047304 This update for systemd fixes the following issues: - Updated to version 246.15 - CVE-2021-33910: Fixed a denial of service issue in systemd. - CVE-2020-13529: Fixed an issue that allows crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofin ... oval:org.secpod.oval:def:89047141 This update for aspell fixes the following issues: - CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top . oval:org.secpod.oval:def:89047336 This update for libass fixes the following issues: - CVE-2020-36430: Fixed heap-based buffer overflow in decode_chars . oval:org.secpod.oval:def:89047306 This update for djvulibre fixes the following issues: - CVE-2021-3630: out-of-bounds write in DJVU:DjVuTXT:decode in DjVuText.cpp oval:org.secpod.oval:def:89047410 This update for flac fixes the following issues: - CVE-2021-0561: Fixed out of bound write in append_to_verify_fifo_interleaved_ . oval:org.secpod.oval:def:89047385 This update for xscreensaver fixes the following issues: - CVE-2021-34557: Fixed potential crash and unlock while disconnecting video output with more than 10 monitors oval:org.secpod.oval:def:89047282 This update for libgcrypt fixes the following issues: - CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused by missing exponent blinding . oval:org.secpod.oval:def:89047090 This update for tpm2.0-tools fixes the following issues: - CVE-2021-3565: Fixed issue when no encrypted session with the TPM is used . oval:org.secpod.oval:def:89047176 This update for postgresql13 fixes the following issues: - Upgrade to version 13.3: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations . - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists . - CVE-2021-32029: Fixed possibly- ... oval:org.secpod.oval:def:89047252 This update for libX11 fixes the following issues: - Regression in the fix for CVE-2021-31535, causing segfaults for xforms applications like fdesign oval:org.secpod.oval:def:89047210 This update for libX11 fixes the following issues: - CVE-2021-31535: Fixed missing request length checks in libX11 . oval:org.secpod.oval:def:89047262 This update for dhcp fixes the following issues: - CVE-2021-25217: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient oval:org.secpod.oval:def:89047097 This update for glibc fixes the following issues: - CVE-2021-33574: Fixed use __pthread_attr_copy in mq_notify . - CVE-2021-35942: Fixed wordexp handle overflow in positional parameter number . oval:org.secpod.oval:def:89047072 This update for rpm fixes the following issues: - Changed default package verification level to "none" to be compatible to rpm-4.14.1 - Made illegal obsoletes a warning - Fixed a potential access of freed mem in ndb"s glue code - Added support for enforcing signature policy and payload verification ... oval:org.secpod.oval:def:89047436 This update for raptor fixes the following issues: - CVE-2020-25713: Fixed an out of bounds access triggered via a malformed input file . oval:org.secpod.oval:def:89047253 This update for hivex fixes the following issues: - CVE-2021-3504: hivex: missing bounds check within hivex_open oval:org.secpod.oval:def:89047296 This update for cups fixes the following issues: - CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks oval:org.secpod.oval:def:89047211 This update for binutils fixes the following issues: - For compatibility on old code stream that expect "brcl 0,label" to not be disassembled as "jgnop label" on s390x. This reverts IBM zSeries HLASM support for now. - Fixed that ppc64 optflags did not enable LTO . - Fix empty man-pages from broken ... oval:org.secpod.oval:def:89047228 This update for openssh fixes the following issues: - CVE-2021-28041: Fixed double free in ssh-agent . oval:org.secpod.oval:def:89047495 This update for jasper fixes the following issues: - CVE-2021-3467: Fixed NULL pointer deref in jp2_decode . - CVE-2021-3443: Fixed NULL pointer deref in jp2_decode . - CVE-2021-26927: Fixed NULL pointer deref in jp2_decode . - CVE-2021-26926: Fixed an out of bounds read in jp2_decode . oval:org.secpod.oval:def:89047271 This update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly fixes the following issues: gstreamer was updated to version 1.16.3 : - delay creation of threadpools - bin: Fix `deep-element-removed` log message - buffer: fix meta sequence num ... oval:org.secpod.oval:def:89047259 This update for gstreamer-plugins-bad fixes the following issues: - Update to version 1.16.3: - CVE-2021-3185: buffer overflow in gst_h264_slice_parse_dec_ref_pic_marking - amcvideodec: fix sync meta copying not taking a reference - audiobuffersplit: Perform discont tracking on running time - audio ... oval:org.secpod.oval:def:89047480 This update for SDL2 fixes the following issues: - CVE-2020-14409: Fixed Integer Overflow resulting in heap corruption in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP . - CVE-2020-14410: Fixed heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a craf ... oval:org.secpod.oval:def:89047221 This update for flac fixes the following issues: - CVE-2020-0499: Fixed an out-of-bounds access . oval:org.secpod.oval:def:89047142 This update for binutils fixes the following issues: Update to binutils 2.37: * The GNU Binutils sources now requires a C99 compiler and library to build. * Support for Realm Management Extension for AArch64 has been added. * A new linker option "-z report-relative-reloc" for x86 ELF targets has be ... oval:org.secpod.oval:def:89047273 This update for python-py fixes the following issues: - CVE-2020-29651: Fixed regular expression denial of service in svnwc.py . oval:org.secpod.oval:def:89047429 This update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures fixes the following issues: - Update in SLE-15 - Remove redundant python3 dependency from Requires - Update regular expression to fix python shebang - Style is enforce ... oval:org.secpod.oval:def:89047084 This update for spice-vdagent fixes the following issues: - Update to version 0.21.0 - CVE-2020-25650: memory DoS via arbitrary entries in `active_xfers` hash table - CVE-2020-25651: possible file transfer DoS and information leak via `active_xfers` hash map - CVE-2020-25652: possibility to exhaus ... oval:org.secpod.oval:def:89047490 This update for chrony fixes the following issues: Chrony was updated to 4.1, bringing features and bugfixes. Update to 4.1 * Add support for NTS servers specified by IP address * Add source-specific configuration of trusted certificates * Allow multiple files and directories with trusted certifica ... oval:org.secpod.oval:def:89047108 This update for lua53 fixes the following issues: Update to version 5.3.6: - CVE-2020-24371: lgc.c mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage - CVE-2020-24370: ldebug.c allows a negation overflow and segmentation fa ... oval:org.secpod.oval:def:89047281 This update for python-rsa fixes the following issues: - CVE-2020-13757: Proper handling of leading "\0" bytes during decryption of ciphertext oval:org.secpod.oval:def:89047080 This update for python-httplib2 fixes the following issues: - Update to version 0.19.0 . - CVE-2021-21240: Fixed regular expression denial of service via malicious header . - CVE-2020-11078: Fixed unescaped part of uri where an attacker could change request headers and body . oval:org.secpod.oval:def:89047172 This update for fribidi fixes the following issues: Security issues fixed: - CVE-2019-18397: Avoid buffer overflow oval:org.secpod.oval:def:89047372 This update for tcpdump fixes the following issues: - CVE-2018-16301: Fixed segfault when handling large files . oval:org.secpod.oval:def:89047276 This update for opensc fixes the following issues: - CVE-2019-15945: Fixed an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string . - CVE-2019-15946: Fixed an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry - CVE-2019-19479: Fixed an incorrect read operation during pa ... oval:org.secpod.oval:def:89047959 This update for libdb-4_8 fixes the following issues: - CVE-2019-2708: Fixed partial DoS due to data store execution . oval:org.secpod.oval:def:89047185 This update for libu2f-host fixes the following issues: This update ships the u2f-host package Version 1.1.10 - Add new devices to udev rules. - Fix a potentially uninitialized buffer Version 1.1.9 - Fix CID copying from the init response, which broke compatibility with some devices. Version 1.1 ... oval:org.secpod.oval:def:89047167 This update for libcryptopp fixes the following issues: - CVE-2016-9939: Fixed potential DoS in Crypto++ ASN.1 parser . oval:org.secpod.oval:def:89047537 This update for libinput fixes the following issues: - CVE-2022-1215: Fixed a format string vulnerability . oval:org.secpod.oval:def:89047552 This update for glibc fixes the following issues: - CVE-2021-3999: Fixed incorrect errno in getcwd - CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for 'unix' - CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create Features added: - IBM Power 10 string operation improvements oval:org.secpod.oval:def:89047263 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.13.0 ESR : - CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption - CVE-2021-29988: Memory corruption as a result of incorrect style treatment - CVE-2021-29984: Incor ... oval:org.secpod.oval:def:89047321 This update for MozillaFirefox fixes the following issues: This update contains the Firefox Extended Support Release 91.2.0 ESR. Release 91.2.0 ESR: * Fixed: Various stability, functionality, and security fixes MFSA 2021-45 : * CVE-2021-38496: Use-after-free in MessageTask * CVE-2021-38497: Validati ... oval:org.secpod.oval:def:89047131 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-afte ... oval:org.secpod.oval:def:89047449 This update for MozillaFirefox fixes the following issues: - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT . - CVE-2022-22737: Fixed race condition when playing audio files . - CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur . - CVE-2022-22739: Fixed missing throttling on exte ... oval:org.secpod.oval:def:89047510 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89047604 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:89047454 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.7.0 ESR : - CVE-2022-26383: Browser window spoof using fullscreen mode - CVE-2022-26384: iframe allow-scripts sandbox bypass - CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures ... oval:org.secpod.oval:def:89047603 This update for mozilla-nss fixes the following issues: Mozilla NSS 3.68.3 : - CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use. oval:org.secpod.oval:def:89047370 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.8.0 ESR : MFSA 2022-14 * CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use * CVE-2022-28281: Fixed an out of bounds write due to unexpected WebAut ... oval:org.secpod.oval:def:89047415 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.9.0 ESR : - CVE-2022-29914: Fullscreen notification bypass using popups - CVE-2022-29909: Bypassing permission prompt in nested browsing contexts - CVE-2022-29916: Leaking browser history with CSS variable ... oval:org.secpod.oval:def:89047554 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.9.1 ESR - MFSA 2022-19 : - CVE-2022-1802: Prototype pollution in Top-Level Await implementation - CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollution oval:org.secpod.oval:def:89047485 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.10.0 ESR - CVE-2022-31736: Cross-Origin resource"s length leaked - CVE-2022-31737: Heap buffer overflow in WebGL - CVE-2022-31738: Browser window spoof using fullscreen mode - CVE-2022-31739: Attacker-inf ... oval:org.secpod.oval:def:89047448 This update for mozilla-nss fixes the following issues: Various FIPS 140-3 related fixes were backported from SUSE Linux Enterprise 15 SP4: - Makes the PBKDF known answer test compliant with NIST SP800-132. - FIPS: Add on-demand integrity tests through sftk_FIPSRepeatIntegrityCheck . - FIPS: mark al ... oval:org.secpod.oval:def:89047445 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89047565 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.12.0 ESR : - CVE-2022-36319: Mouse Position spoofing with CSS transforms - CVE-2022-36318: Directory indexes for bundled resources reflected URL parameters oval:org.secpod.oval:def:89047518 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.13.0 ESR : - CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling. - CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent"s permissions. - CVE ... oval:org.secpod.oval:def:89047633 This update for MozillaFirefox fixes the following issues: - Updated to version 102.4.0 ESR - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.pri ... oval:org.secpod.oval:def:89047727 This update for tiff fixes the following issues: - CVE-2022-2519: Fixed a double free in rotateImage . - CVE-2022-2520: Fixed a assertion failure in rotateImage . - CVE-2022-2521: Fixed invalid free in TIFFClose . - CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c . - CVE-2022-2868: F ... oval:org.secpod.oval:def:89047434 This update for tiff fixes the following issues: - CVE-2022-2056: Fixed a division by zero denial of service . - CVE-2022-2057: Fixed a division by zero denial of service . - CVE-2022-2058: Fixed a division by zero denial of service . oval:org.secpod.oval:def:89047199 This update for grilo fixes the following issues: - CVE-2021-39365: Fixed missing TLS certificate verification . oval:org.secpod.oval:def:89048029 This update for nautilus fixes the following issues: - CVE-2022-37290: Fixed a denial of service caused by pasted ZIP archives . oval:org.secpod.oval:def:89047366 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege - CVE-2021-0127: Intel Processor Breakpoint Control Flow - CVE-2021-0145: Fa ... oval:org.secpod.oval:def:89047381 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220510 release. Updated to Intel CPU Microcode 20220419 release. - CVE-2022-21151: Processor optimization removal or modification of security-critical code for some Intel Processors may allow an authenticated ... oval:org.secpod.oval:def:89047159 This update for graphviz fixes the following issues: - CVE-2020-18032: Fixed possible remote code execution via buffer overflow . oval:org.secpod.oval:def:89047674 This update for multipath-tools fixes the following issues: - CVE-2022-41973: Fixed a symlink attack in multipathd. - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. - multipathd: add 'force_reconfigure' option The command 'multipathd -kreconfigure' changes behavior: instead of ... oval:org.secpod.oval:def:89047600 This update for cifs-utils fixes the following issues: - CVE-2022-27239: Fixed a buffer overflow in the command line ip option . oval:org.secpod.oval:def:89047342 This update for cifs-utils fixes the following issues: - CVE-2022-29869: Fixed verbose messages on option parsing causing information leak . oval:org.secpod.oval:def:89047519 This update for aide fixes the following issues: - CVE-2021-45417: Fix a bufferoverflow in base64 functions oval:org.secpod.oval:def:89047292 This update for wireshark, libvirt, sbc and libqt5-qtmultimedia fixes the following issues: Update wireshark to version 3.4.5 - New and updated support and bug fixes for multiple protocols - Asynchronous DNS resolution is always enabled - Protobuf fields can be dissected as Wireshark fields - UI im ... oval:org.secpod.oval:def:89047076 This update for wireshark fixes the following issues: - Update to Wireshark 3.4.7 - CVE-2021-22235: Fixed DNP dissector crash . oval:org.secpod.oval:def:89047272 This update for wireshark fixes the following issues: - Update to Wireshark 3.4.10: - CVE-2021-39920: IPPUSB dissector crash . - CVE-2021-39921: Modbus dissector crash . - CVE-2021-39922: C12.22 dissector crash . - CVE-2021-39924: Bluetooth DHT dissector large loop . - CVE-2021-39925: Bluetooth SDP ... oval:org.secpod.oval:def:89047394 This update for wireshark fixes the following issues: Update to version 3.6.1: - CVE-2021-4185: RTMPT dissector infinite loop - CVE-2021-4184: BitTorrent DHT dissector infinite loop - CVE-2021-4183: pcapng file parser crash - CVE-2021-4182: RFC 7468 file parser infinite loop - CVE-2021-4181: Sys ... oval:org.secpod.oval:def:89047483 This update for wireshark fixes the following issues: Update to Wireshark 3.6.2: - CVE-2022-0586: RTMPT dissector infinite loop - CVE-2022-0585: Large loops in multiple dissectors - CVE-2022-0583: PVFS dissector crash - CVE-2022-0582: CSN.1 dissector crash - CVE-2022-0581: CMS dissector crash oval:org.secpod.oval:def:89047617 This update for wireshark fixes the following issues: Updated to Wireshark 3.6.8: - CVE-2022-3190: Fixed F5 Ethernet Trailer dissector infinite loop . - CVE-2021-4186: Fixed Gryphon dissector crash . oval:org.secpod.oval:def:89048038 This update for wireshark fixes the following issues: Update to version 3.6.10: - CVE-2022-3725: OPUS dissector crash . - Multiple dissector infinite loops . - Kafka dissector memory exhaustion . oval:org.secpod.oval:def:89047486 This update for dnsmasq fixes the following issues: - CVE-2022-0934: Fixed an invalid memory access that could lead to remote denial of service via crafted packet . oval:org.secpod.oval:def:89047164 This update for python fixes the following issues: - CVE-2021-3737: Fixed http client infinite line reading after a http 100. - CVE-2021-3733: Fixed ReDoS in urllib.request oval:org.secpod.oval:def:89047286 This update for python-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references . oval:org.secpod.oval:def:89047150 This update for python-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references . oval:org.secpod.oval:def:89047548 This update for python3 fixes the following issues: - CVE-2021-3572: Fixed an improper handling of unicode characters in pip . oval:org.secpod.oval:def:89047611 This update for python39 fixes the following issues: - CVE-2021-3572: Fixed an improper handling of unicode characters in pip . - Update to 3.9.10 - Remove shebangs from from python-base libraries in _libdir. - Update to 3.9.9: * Core and Builtins + bpo-30570: Fixed a crash in issubclass from infi ... oval:org.secpod.oval:def:89047139 This update for python fixes the following issues: - python27 was upgraded to 2.7.18 - CVE-2021-23336: Fixed a potential web cache poisoning by using a semicolon in query parameters use of semicolon as a query string separator . oval:org.secpod.oval:def:89047258 This update for python39 fixes the following issues: - CVE-2021-29921: Fixed improper input validation of octal string IP addresses . - Use versioned python-Sphinx to avoid dependency on other version of Python . - Stop providing "python" symbol , which means python2 currently. oval:org.secpod.oval:def:89047313 This update for python-Babel fixes the following issues: - CVE-2021-42771: Fixed relative path traversal that may lead to arbitrary locale files loading and arbitrary code execution . oval:org.secpod.oval:def:89047339 This update for python-lxml fixes the following issues: - CVE-2022-2309: Fixed NULL pointer dereference due to state leak between parser runs . oval:org.secpod.oval:def:89047451 This update for python39-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references . oval:org.secpod.oval:def:89047528 This update for u-boot fixes the following issues: - CVE-2022-33967: Fixed heap overflow in squashfs filesystem implementation . - CVE-2022-34835: Fixed stack buffer overflow vulnerability in i2c md command . oval:org.secpod.oval:def:89047534 This update for u-boot fixes the following issues: - CVE-2022-30552: A large buffer overflow could have lead to a denial of service in the IP Packet deframentation code. - CVE-2022-30790: A Hole Descriptor Overwrite could have lead to an arbitrary out of bounds write primitive. - CVE-2022-30767: F ... oval:org.secpod.oval:def:89047623 This update for u-boot fixes the following issues: - CVE-2022-33103: Fixed a flaw in the squashfs subsystem that could lead to arbitrary code execution . oval:org.secpod.oval:def:89047427 This update for webkit2gtk3 fixes the following issues: - CVE-2022-32893: Fixed several crashes and rendering issues . - Fixed WebKitGTK not allow to be used from non-main threads . oval:org.secpod.oval:def:89047407 This update for python-libxml2-python fixes the following issues: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes . oval:org.secpod.oval:def:89047607 This update for unzip fixes the following issues: - CVE-2022-0530: Fixed SIGSEGV during the conversion of an utf-8 string to a local string . - CVE-2022-0529: Fixed heap out-of-bound writes and reads during conversion of wide string to local string oval:org.secpod.oval:def:89047608 This update for libxml2 fixes the following issues: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes . - CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c and tree.c . oval:org.secpod.oval:def:89047382 This update for rsync fixes the following issues: - CVE-2022-29154: Fixed an arbitrary file write issue that could be triggered by a malicious remote server . oval:org.secpod.oval:def:89047373 This update for zsh fixes the following issues: - CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion . - CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option . oval:org.secpod.oval:def:89047561 This update for openssl-1_1 fixes the following issues: - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode . oval:org.secpod.oval:def:89047461 This update for zlib fixes the following issues: - CVE-2018-25032: Fixed memory corruption on deflate . oval:org.secpod.oval:def:89047460 This update for rsyslog fixes the following issues: - CVE-2022-24903: Fixed potential heap buffer overflow in modules for TCP syslog reception . oval:org.secpod.oval:def:89047089 This update for python3 fixes the following issues: - CVE-2021-3426: Fixed information disclosure via pydoc . - CVE-2021-3733: Fixed infinitely reading potential HTTP headers after a 100 Continue status response from the server . - CVE-2021-3737: Fixed ReDoS in urllib.request . - We do not require p ... oval:org.secpod.oval:def:89047119 This update for python3 fixes the following issues: - CVE-2021-3426: Fixed an information disclosure via pydoc oval:org.secpod.oval:def:89047440 This update for python fixes the following issues: - CVE-2022-0391: Fixed URL sanitization containing ASCII newline and tabs in urlparse . - CVE-2021-4189: Fixed ftplib not to trust the PASV response . - CVE-2021-3572: Fixed an improper handling of unicode characters in pip . oval:org.secpod.oval:def:89047550 This update for gstreamer-plugins-good fixes the following issues: - CVE-2022-1920: Fixed integer overflow in WavPack header handling code . - CVE-2022-1921: Fixed integer overflow resulting in heap corruption in avidemux element . - CVE-2022-1922: Fixed integer overflows in mkv demuxing . - CVE-202 ... oval:org.secpod.oval:def:89047540 This update for postgresql14 fixes the following issues: - Upgrade to version 14.5: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to version 14.4 - Release notes: https://www.postgresql.org/docs/release/14.4/ - Release anno ... oval:org.secpod.oval:def:89047581 This update for postgresql13 fixes the following issues: - Update to 13.8: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . oval:org.secpod.oval:def:89048016 This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags . oval:org.secpod.oval:def:89047092 This update for xorg-x11-server fixes the following issues: - CVE-2021-4009: The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. - CVE-2021-4010: The handler for the Suspend request of the Scre ... oval:org.secpod.oval:def:89047111 This update for xorg-x11-server fixes the following issues: - CVE-2021-4008: Fixed Privilege Escalation Vulnerability via Out-Of-Bounds Access in SProcRenderCompositeGlyphs . oval:org.secpod.oval:def:89047477 This update for patch fixes the following issues: Security issues fixed: - CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches . - CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leadin ... oval:org.secpod.oval:def:89047555 This update for perl fixes the following issues: - CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition . oval:org.secpod.oval:def:89047299 This update for busybox fixes the following issues: - CVE-2021-28831: Fixed invalid free or segmentation fault via malformed gzip data . - CVE-2018-20679: Fixed out of bounds read in udhcp . - CVE-2018-1000517: Fixed buffer overflow in the retrieve_file_data . - CVE-2011-5325: Fixed a directory trav ... oval:org.secpod.oval:def:89047627 This update for busybox fixes the following issues: - CVE-2011-5325: Fixed tar directory traversal . - CVE-2015-9261: Fixed segfalts and application crashes in huft_build . - CVE-2016-2147: Fixed out of bounds write due to integer underflow in udhcpc . - CVE-2016-2148: Fixed heap-based buffer overf ... oval:org.secpod.oval:def:89047227 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.8.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-08 * CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect * CVE-202 ... oval:org.secpod.oval:def:89047165 This update for libmspack fixes the following issues: - CVE-2018-14681: Bad KWAJ file header extensions could cause a one or two byte overwrite. - CVE-2018-14682: There is an off-by-one error in the TOLOWER macro for CHM decompression. - CVE-2018-14679: There is an off-by-one error in the CHM PMGI ... oval:org.secpod.oval:def:89047770 This update for python-paramiko fixes the following issues: Updated to version 2.4.3: - CVE-2018-1000805: Fixed authentication bypass . Bugfixes: - Fixed Ed25519 key handling for certain key comment lengths . oval:org.secpod.oval:def:89047128 This update for wavpack fixes the following issues: - Update to version 5.4.0 * CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples * fixed: disable A32 asm code when building for Apple silicon * fixed: issues with Adobe-style floating-point WAV files * added: --normalize-floats opti ... oval:org.secpod.oval:def:89047599 This update for giflib fixes the following issues: - CVE-2019-15133: Fixed a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero . - CVE-2018-11490: Fixed a heap-based buffer overflow in DGifDecompressLine func ... oval:org.secpod.oval:def:89047208 This update for glib-networking fixes the following issues: Update to version 2.62.4: - CVE-2020-13645: Fixed a connection failure when the server identity is unset . oval:org.secpod.oval:def:89047568 This update for net-snmp fixes the following issues: - CVE-2020-15862: Make extended MIB read-only - CVE-2018-18065: Fix remote DoS in agent/helpers/table.c oval:org.secpod.oval:def:89047073 This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 78.7.0 ESR * CVE-2021-23953: Fixed a Cross-origin information leakage via redirected PDF requests * CVE-2021-23954: Fixed a type confusion when using logical assignment operators in JavaScript switch state ... oval:org.secpod.oval:def:89047417 This update for p11-kit fixes the following issues: - CVE-2020-29362: Fixed a 4 byte overread in p11_rpc_buffer_get_byte_array which could lead to crashes oval:org.secpod.oval:def:89047501 This update for conmon, libcontainers-common, libseccomp, podman fixes the following issues: podman was updated to 3.4.4. Security issues fixed: - fix CVE-2021-41190 [bsc#1193273], opencontainers: OCI manifest and index parsing confusion - fix CVE-2021-4024 [bsc#1193166], podman machine spawns gvpro ... oval:org.secpod.oval:def:89047247 This update for jasper fixes the following issues: - bsc#1179748 CVE-2020-27828: Fix heap overflow by checking maxrlvls - bsc#1181483 CVE-2021-3272: Fix buffer over-read in jp2_decode oval:org.secpod.oval:def:89047487 This update for libexif fixes the following issues: - CVE-2020-0181: Fixed an integer overflow that could lead to denial of service . - CVE-2020-0198: Fixed and unsigned integer overflow that could lead to denial of service . - CVE-2020-0452: Fixed a buffer overflow check that could be optimized awa ... oval:org.secpod.oval:def:89047132 This patch updates the Python AWS SDK stack in SLE 15: General: # aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all chang ... oval:org.secpod.oval:def:89047316 This update for mutt fixes the following issues: - CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections - Avoid that message with a million tiny parts can freeze MUA for several minutes oval:org.secpod.oval:def:89047216 This update for p11-kit fixes the following issues: - CVE-2020-29361: Fixed multiple integer overflows in rpc code - Add support for CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER . oval:org.secpod.oval:def:89047088 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:89047093 This update for xterm fixes the following issues: - CVE-2021-27135: Fixed buffer-overflow when clicking on selected utf8 text oval:org.secpod.oval:def:89047098 This update for screen fixes the following issues: - CVE-2021-26937: Fixed double width combining char handling that could lead to a denial of service or code execution . oval:org.secpod.oval:def:89047158 This update for git fixes the following issues: - On case-insensitive filesystems, with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters , Git could be fooled into running remote code during a clone oval:org.secpod.oval:def:89047396 This update for glib2 fixes the following issues: - CVE-2021-28153: Fixed an issue where symlink targets would be incorrectly created as empty files . oval:org.secpod.oval:def:89047186 This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. - CVE-2021-1405: Fix for mail parser NULL-dereference crash. - Fix errors when scanning files greater than or equal to ... oval:org.secpod.oval:def:89047405 This update for tar fixes the following issues: - CVE-2021-20193: Fixed a memory leak in read_header in list.c . - CVE-2019-9923: Fixed a null-pointer dereference in pax_decode_header in sparse.c . - CVE-2018-20482: Fixed infinite read loop in sparse_dump_region in sparse.c . - Update to GNU tar 1.3 ... oval:org.secpod.oval:def:89047302 This update for git fixes the following issues: Update from version 2.26.2 to version 2.31.1 Security fixes: - CVE-2021-21300: On case-insensitive file systems with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters , Git could run remote code duri ... oval:org.secpod.oval:def:89047260 This update for samba fixes the following issues: - CVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold . - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs . - Spec file fixes around systemd and req ... oval:org.secpod.oval:def:89047149 This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, result ... oval:org.secpod.oval:def:89047201 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.9.0 ESR * CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read * CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage * CVE-2021-23984: Ma ... oval:org.secpod.oval:def:89047314 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ... oval:org.secpod.oval:def:89047310 This update for python-Pygments fixes the following issues: - CVE-2021-27291: Fixed ReDoS via crafted malicious input . oval:org.secpod.oval:def:89047465 This update for libcaca fixes the following issues: - CVE-2021-3410: Fixed overflow when multiplying large ints . oval:org.secpod.oval:def:89047103 This update for spamassassin fixes the following issues: - CVE-2019-12420: memory leak via crafted messages - CVE-2020-1946: security update oval:org.secpod.oval:def:89047220 This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update which could have caused named to terminate unexpectedly . - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the ... oval:org.secpod.oval:def:89047214 This update for wpa_supplicant fixes the following issues: - CVE-2021-27803: Fixed a P2P provision discovery processing vulnerability . oval:org.secpod.oval:def:89047212 This update for xorg-x11-server fixes the following issues: - CVE-2021-3472: XChangeFeedbackControl Integer Underflow Privilege Escalation oval:org.secpod.oval:def:89047332 This update for openexr fixes the following issues: - CVE-2021-23215: Fixed an integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers . - CVE-2021-26260: Fixed an Integer-overflow in Imf_2_5:DwaCompressor:initializeBuffers . - CVE-2021-20296: Fixed a Null Pointer dereference in Imf_2_5:hufUncom ... oval:org.secpod.oval:def:89047215 This update for gstreamer-plugins-good fixes the following issues: - CVE-2021-3498: Matroskademux: initialize track context out parameter to NULL before parsing . - CVE-2021-3497: Matroskademux: Fix extraction of multichannel WavPack . oval:org.secpod.oval:def:89048048 This update for xorg-x11-server fixes the following issues: - CVE-2022-46340: Server XTestSwapFakeInput stack overflow - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access - CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free - CVE-2022-46343: Server ScreenSaverSetAttribute ... oval:org.secpod.oval:def:89047474 This update for opensc fixes the following issues: Security issues fixed: - CVE-2021-42782: Stack buffer overflow issues in various places . - CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c . - CVE-2021-42780: Fixed use after return in insert_pin . - CVE-2021-42779: Fixed ... oval:org.secpod.oval:def:89047418 This update for tiff fixes the following issues: - CVE-2022-0561: Fixed null source pointer passed as an argument to memcpy within TIFFFetchStripThing in tif_dirread.c . - CVE-2022-0562: Fixed null source pointer passed as an argument to memcpy within TIFFReadDirectory in tif_dirread.c . - CVE-2022- ... oval:org.secpod.oval:def:89047280 This update for ffmpeg fixes the following issues: - CVE-2021-3566: Fixed information leak . - CVE-2021-38093: Fixed integer overflow vulnerability in filter_robert - CVE-2021-38092: Fixed integer overflow vulnerability in filter_prewitt - CVE-2021-38094: Fixed integer overflow vulnerability in fi ... oval:org.secpod.oval:def:89047109 This update for ffmpeg fixes the following issues: - CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an m3u8 file . - CVE-2020-21041: Fixed buffer overflow vulnerability via apng_do_inverse_blend in libavcodec/pngenc.c . - CVE-2019-17539: Fixed NULL pointer dereference in avcod ... oval:org.secpod.oval:def:89048052 This update for ceph fixes the following issues: ceph was updated to the Pacific release : + rgw: check bucket shard init status in RGWRadosBILogTrimCR + ceph-volume: honour osd_dmcrypt_key_size option + Remove last vestiges of docker.io image paths + cephadm: prometheus: The generatorURL in al ... oval:org.secpod.oval:def:89047622 This update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core fixes the following issues: Security issues fixed: - CVE-2020-36518: Fixed a Java stack overflow exception and denial of service via a large depth of nested objects in jackson-databind. - CV ... oval:org.secpod.oval:def:89047413 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass PAM authentication oval:org.secpod.oval:def:89047443 This update for subversion fixes the following issues: - CVE-2022-24070: Fixed a memory corruption issue in mod_dav_svn as used by Apache HTTP server. This could be exploited by a remote attacker to cause a denial of service . - CVE-2021-28544: Fixed an information leak issue where Subversion server ... oval:org.secpod.oval:def:89047464 This update for liblouis fixes the following issues: - CVE-2022-26981: fix buffer overrun in compilePassOpcode . - CVE-2022-31783: prevent an invalid memory write in compileRule . oval:org.secpod.oval:def:89047497 This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. - CVE-2022-22936: Prevent job and fileserver replays - CVE-2022-22941: Fixed targeting bug, especially visible when using synd ... oval:org.secpod.oval:def:89047153 This update for brotli fixes the following issues: - CVE-2020-8927: Fixed integer overflow when input chunk is larger than 2GiB . oval:org.secpod.oval:def:89047423 This update for log4j12 fixes the following issues: - CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. - CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. - CVE-2022-23302: Fix remote code execution by removing src/m ... oval:org.secpod.oval:def:89047242 This update for log4j12 fixes the following issues: - CVE-2021-4104: Disable the JMSAppender class from log4j to protect against the log4jshell vulnerability. [bsc#1193662] oval:org.secpod.oval:def:89047303 This update for flatpak fixes the following issues: - Update to version 1.10.5: - CVE-2021-41133: Fixed a bug that could lead to sandbox bypass via recent VFS-manipulating syscalls oval:org.secpod.oval:def:89047277 This update for salt fixes the following issues: - CVE-2021-21996: Exclude the full path of a download URL to prevent injection of malicious code oval:org.secpod.oval:def:89047152 This update for ffmpeg fixes the following issues: - CVE-2021-38171: Fixed adts_decode_extradata in libavformat/adtsenc.c to check the init_get_bits return value . oval:org.secpod.oval:def:89047192 This update for ffmpeg fixes the following issues: - CVE-2020-22042: Fixed a denial of service vulnerability led by a memory leak in the link_filter_inouts function in libavfilter/graphparser.c oval:org.secpod.oval:def:89047121 This update for ffmpeg fixes the following issues: - CVE-2019-9721: Fix denial of service in the subtitle decoder in handle_open_brace from libavcodec/htmlsubtitles.c . - CVE-2020-22046: Fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl fu ... oval:org.secpod.oval:def:89047151 This update for salt fixes the following issues: - Check if dpkgnotify is executable - Update to Salt release version 3002.2 - Drop support for Python2. Obsoletes `python2-salt` package - Fix issue parsing errors in ansiblegate state module - Prevent command injection in the snapper module - tra ... oval:org.secpod.oval:def:89047235 This update for salt fixes the following issues: Update to Salt release version 3002.2 - Check if dpkgnotify is executable - Drop support for Python2. Obsoletes `python2-salt` package - virt module updates * network: handle missing ipv4 netmask attribute * more network support * PCI/USB host devi ... oval:org.secpod.oval:def:89047562 This update for json-c fixes the following issues: - CVE-2020-12762: Fixed integer overflow and out-of-bounds write oval:org.secpod.oval:def:89047278 This update for gmp fixes the following issues: - CVE-2021-43618: Fixed buffer overflow via crafted input in mpz/inp_raw.c . oval:org.secpod.oval:def:89047798 This update for telnet fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in telnetd . oval:org.secpod.oval:def:89047416 This update for git fixes the following issues: - Updated to version 2.35.3: - CVE-2022-24765: Fixed a potential command injection via git worktree . oval:org.secpod.oval:def:89047229 This update for dbus-1 fixes the following issues: - CVE-2020-12049: truncated messages lead to resource exhaustion. Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:89047106 This update for dbus-1 fixes the following issues: - CVE-2020-35512: Fixed a use-after-free or potential undefined behaviour caused by shared UID"s Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:89047239 This update for samba fixes the following issues: - Fix regression introduced by CVE-2020-25717 patches, winbindd does not start when "allow trusted domains" is off; ; oval:org.secpod.oval:def:89047256 This update for samba and ldb fixes the following issues: - CVE-2020-25718: Fixed that an RODC can issue administrator tickets to other servers . - CVE-2021-3738: Fixed crash in dsdb stack . - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos . - CVE-2020-2571 ... oval:org.secpod.oval:def:89048100 This update for samba fixes the following issues: Update to 4.15.13 - CVE-2022-37966 rc4-hmac Kerberos session keys issued to modern servers . - CVE-2022-37967 Kerberos constrained delegation ticket forgery possible against Samba AD DC . - CVE-2022-38023 RC4/HMAC-MD5 NetLogon Secure Channel is weak ... oval:org.secpod.oval:def:89047243 This update for avahi fixes the following issues: - CVE-2021-3468: avoid infinite loop by handling HUP event in client_work . oval:org.secpod.oval:def:89047566 This security update for libeconf, shadow and util-linux fix the following issues: libeconf: - Add libeconf to SLE-Module-Basesystem_15-SP3 because needed by "util-linux" and "shadow" to fix autoyast handling of security related parameters Issues fixed in libeconf: - Reading numbers with different ... oval:org.secpod.oval:def:89047312 This update for c-ares fixes the following issues: Version update to git snapshot 1.17.1+20200724: - CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers - If ares_getaddrinfo was terminated by an ares_destroy, it would cause crash - Crash in sortaddrinfo if the list s ... oval:org.secpod.oval:def:89047612 This update for libyajl fixes the following issues: - CVE-2022-24795: Fixed heap-based buffer overflow when handling large inputs . oval:org.secpod.oval:def:89047421 This update for git fixes the following issues: - CVE-2022-29187: Incomplete fix for CVE-2022-24765: potential command injection via git worktree . oval:org.secpod.oval:def:89048035 This update for tiff fixes the following issues: - CVE-2022-3570: Fixed heap buffer overflows in tiffcrop.c . - CVE-2022-3598: Fixed out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c [bsc#1204642] oval:org.secpod.oval:def:89048007 This update for bcel fixes the following issues: - CVE-2022-42920: Fixed producing arbitrary bytecode via out-of-bounds writing . oval:org.secpod.oval:def:89047489 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:89047444 This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior . - CVE-2021-46143: Fixed integer overflow in m_groupSize in doProlog . - CVE-2022-22822: Fixed integer overflow in addBinding in xmlparse ... oval:org.secpod.oval:def:89047546 This update for bind fixes the following issues: - CVE-2021-25220: Fixed a DNS cache poisoning vulnerability due to loose caching rules . oval:org.secpod.oval:def:89047544 This update for libqt5-qtbase fixes the following issues: - CVE-2022-23853, CVE-2022-25255: Avoid unintentionally using binaries from CWD . oval:org.secpod.oval:def:89047710 This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA a ... oval:org.secpod.oval:def:89047481 This update for bind fixes the following issues: - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance . oval:org.secpod.oval:def:89047596 This update for python-lxml fixes the following issues: - CVE-2018-19787: Fixed XSS vulnerability via unescaped URL . - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped . - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data URIs . - CVE-2020-2778 ... oval:org.secpod.oval:def:89047325 This update for python-sqlparse fixes the following issues: - CVE-2021-32839: Fixed ReDoS via regular expression in StripComments filter . oval:org.secpod.oval:def:89047113 This update for libnettle fixes the following issues: - CVE-2021-3580: Fixed a remote denial of service in the RSA decryption via manipulated ciphertext . oval:org.secpod.oval:def:89047261 This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars . oval:org.secpod.oval:def:89047105 This update for openssl-1_1 fixes the security issue: * CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension but includes a signature_algorithms_ce ... oval:org.secpod.oval:def:89047523 This update for apache2 fixes the following issues: Apache2 was updated to the current stable version 2.4.51 It fixes all CVEs and selected bugs represented by patches found between 2.4.23 and 2.4.51. See https://downloads.apache.org/httpd/CHANGES_2.4 for a complete change log. Also fixed: - CVE-20 ... oval:org.secpod.oval:def:89047110 This update for apache2 fixes the following issues: - CVE-2021-40438: Fixed a SRF via a crafted request uri-path. - CVE-2021-36160: Fixed an out-of-bounds read via a crafted request uri-path. - CVE-2021-39275: Fixed an out-of-bounds write in ap_escape_quotes via malicious input. - CVE-2021-34798: ... oval:org.secpod.oval:def:89047147 This update for apache2 fixes the following issues: - fixed CVE-2021-30641 [bsc#1187174]: MergeSlashes regression - fixed CVE-2021-31618 [bsc#1186924]: NULL pointer dereference on specially crafted HTTP/2 request - fixed CVE-2020-13950 [bsc#1187040]: mod_proxy NULL pointer dereference - fixed CVE-20 ... oval:org.secpod.oval:def:89047384 This update for apache2 fixes the following issues: - CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp - CVE-2022-28614: Fixed read beyond bounds via ap_rwrite - CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match - CVE-2022-29404: Fixed denial of service in mod_lua r:par ... oval:org.secpod.oval:def:89047104 This update for apache2 fixes the following issues: - CVE-2021-33193: Fixed request splitting via HTTP/2 method injection and mod_proxy . oval:org.secpod.oval:def:89047577 This update for apache2 fixes the following issues: - CVE-2022-23943: heap out-of-bounds write in mod_sed . - CVE-2022-22720: HTTP request smuggling due to incorrect error handling . - CVE-2022-22719: use of uninitialized value of in r:parsebody in mod_lua . - CVE-2022-22721: possible buffer overflo ... oval:org.secpod.oval:def:89047181 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20210608 release. - CVE-2020-24513: A domain bypass transient execution vulnerability was discovered on some Intel Atom processors that use a micro-architectural incident channel. See also: https://www.intel.com/ ... oval:org.secpod.oval:def:89047390 This update for ImageMagick fixes the following issues: - CVE-2022-0284: Fixed heap buffer overread in GetPixelAlpha in MagickCore/pixel-accessor.h . oval:org.secpod.oval:def:89047503 This update for ImageMagick fixes the following issues: - CVE-2021-20224: Fixed an integer overflow that could be triggered via a crafted file . - CVE-2022-2719: Fixed a reachable assertion that could lead to denial of service via a crafted file . oval:org.secpod.oval:def:89047494 This update for ImageMagick fixes the following issues: - CVE-2021-3574: Fixed memory leaks with convert command . oval:org.secpod.oval:def:89047203 This update for ImageMagick fixes the following issues: - CVE-2021-20309: Division by zero in WaveImage of MagickCore/visual-effects. - CVE-2021-20311: Division by zero in sRGBTransformImage in MagickCore/colorspace.c - CVE-2021-20312: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c ... oval:org.secpod.oval:def:89047435 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2022-28463: Fixed buffer overflow in coders/cin.c . Bugfixes: - Use png_get_eXIf_1 when available . oval:org.secpod.oval:def:89047335 This update for ImageMagick fixes the following issues: - CVE-2021-20176: Fixed division by zero caused by processing crafted file . oval:org.secpod.oval:def:89047400 This update for qemu fixes the following issues: - CVE-2021-20196: Fixed null pointer dereference that may lead to guest crash . oval:org.secpod.oval:def:89047511 This update for qemu fixes the following issues: - CVE-2022-0358: Fixed a potential privilege escalation via virtiofsd . - CVE-2021-3930: Fixed a potential denial of service in the emulated SCSI device . Non-security fixes: - Fixed a kernel data corruption via a long kernel boot cmdline . - Included ... oval:org.secpod.oval:def:89047309 This update for hivex fixes the following issues: - CVE-2021-3622: Fixed stack overflow due to recursive call of _get_children . oval:org.secpod.oval:def:89047120 This update for qemu fixes the following issues: Security issues fixed: - usbredir: free call on invalid pointer in bufp_alloc - NULL pointer dereference in ESP - NULL pointer dereference issue in megasas-gen2 host bus adapter - eepro100: stack overflow via infinite recursion - usb: unbounded ... oval:org.secpod.oval:def:89047116 This update for qemu fixes the following issues: Security issues fixed: - CVE-2021-3713: Fix out-of-bounds write in UAS device emulation - CVE-2021-3748: Fix heap use-after-free in virtio_net_receive_rcu Non-security issues fixed: - Add transfer length item in block limits page of scsi vpd - Fix ... oval:org.secpod.oval:def:89047101 This update for qemu fixes the following issues: - CVE-2021-3546: Fixed out-of-bounds write in virgl_cmd_get_capset . - CVE-2021-3544: Fixed memory leaks found in the virtio vhost-user GPU device . - CVE-2021-3545: Fixed information disclosure due to uninitialized memory read . oval:org.secpod.oval:def:89047353 This update for ruby2.5 fixes the following issues: - CVE-2021-41819: Fixed cookie prefix spoofing in CGI::Cookie.parse . oval:org.secpod.oval:def:89047085 This update for ruby2.5 fixes the following issues: - CVE-2020-25613: Fixed a potential HTTP Request Smuggling in WEBrick . - Enable optimizations also on ARM64 oval:org.secpod.oval:def:89046995 This update for qpdf fixes the following issues: - CVE-2021-36978: Fixed heap-based buffer overflow in Pl_ASCII85Decoder::write . oval:org.secpod.oval:def:89047251 This update for sudo fixes the following issues: - A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156] - It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit` [bsc#1180684,CVE- ... oval:org.secpod.oval:def:89047558 This update for xorg-x11-server fixes the following issues: - CVE-2022-2319: Fixed out-of-bounds access in _CheckSetSections . - CVE-2022-2320: Fixed out-of-bounds access in CheckSetDeviceIndicators . oval:org.secpod.oval:def:89047118 This update for libaom fixes the following issues: - CVE-2020-36129: Fixed stack buffer overflow via the component src/aom_image.c . - CVE-2020-36131: Fixed stack buffer overflow via the component stats/rate_hist.c . - CVE-2020-36135: Fixed NULL pointer dereference via the component rate_hist.c . - ... oval:org.secpod.oval:def:89047323 This update for MozillaFirefox fixes the following issues: Update to Extended Support Release 91.4.0 : - CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscreen and point ... oval:org.secpod.oval:def:89047269 This update for xen fixes the following issues: - CVE-2021-28702: Fixed PCI devices with RMRRs not deassigned correctly . - CVE-2021-28704, CVE-2021-28707, CVE-2021-28708: Fixed PoD operations on misaligned GFNs . - CVE-2021-28705, CVE-2021-28709: Fixed issues with partially successful P2M updates ... oval:org.secpod.oval:def:89047179 This update for libaom fixes the following issues: - CVE-2021-30475: Fixed buffer overflow in aom_dsp/noise_model.c . oval:org.secpod.oval:def:89047317 This update for libaom fixes the following issues: - CVE-2021-30474: Fixed use-after-free in aom_dsp/grain_table.c . oval:org.secpod.oval:def:89047476 This update for libaom fixes the following issues: - CVE-2021-30473: AOMedia in aom_image.c frees memory that is not located on the heap . oval:org.secpod.oval:def:89047288 This update for python3 fixes the following issues: Update to 3.6.12 , including: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89047233 This update for python fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89047442 This update for python-pip fixes the following issues: - Add wheel subpackage with the generated wheel for this package . - Make wheel a separate build run to avoid the setuptools/wheel build cycle. - Switch this package to use update-alternatives for all files in %{_bindir} so it doesn"t collide wi ... oval:org.secpod.oval:def:89047226 This update for python-pip fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89047213 This update for python fixes the following issues: - buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution . - Provide the newest setuptools wheel in their correct form . oval:org.secpod.oval:def:89047163 This update for mozilla-nss fixes the following issues: Update to version 3.68.1: - CVE-2021-43527: Fixed a Heap overflow in NSS when verifying DER-encoded DSA or RSA-PSS signatures . oval:org.secpod.oval:def:89047338 This update for openssh fixes the following issues: - CVE-2021-41617: Fixed privilege escalation when AuthorizedKeysCommand/AuthorizedPrincipalsCommand are configured . oval:org.secpod.oval:def:89047218 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970 : Use-after-free in accessibility features of a document * CVE-2021-30547 : Out of bounds write in ANGL ... oval:org.secpod.oval:def:89047182 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:89047620 This update for java-11-openjdk fixes the following issues: Update to upstream tag jdk-11.0.16+8 - CVE-2022-21540: Improve class compilation - CVE-2022-21541: Enhance MethodHandle invocations - CVE-2022-34169: Improve Xalan supports oval:org.secpod.oval:def:89047616 This update for java-11-openjdk fixes the following issues: - CVE-2022-21248: Fixed incomplete deserialization class filtering in ObjectInputStream. - CVE-2022-21277: Fixed incorrect reading of TIFF files in TIFFNullDecompressor. - CVE-2022-21282: Fixed Insufficient URI checks in the XSLT Transfor ... oval:org.secpod.oval:def:89047245 This update for java-11-openjdk fixes the following issues: - Update to jdk-11.0.12+7 - CVE-2021-2369: Fixed JAR file handling problem containing multiple MANIFEST.MF files. - CVE-2021-2388: Fixed a flaw inside the Hotspot component performed range check elimination. - CVE-2021-2341: Fixed a flaw ... oval:org.secpod.oval:def:89047230 This update for java-11-openjdk fixes the following issues: - Update to upstream tag jdk-11.0.11+9 * CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled algorithms * CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder - moved mozilla-nss depende ... oval:org.secpod.oval:def:89047069 This update for libxml2 fixes the following issues: - CVE-2021-3541: Fixed exponential entity expansion attack bypasses all existing protection mechanisms oval:org.secpod.oval:def:89047293 This update for libxml2 fixes the following issues: - CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInterna ... oval:org.secpod.oval:def:89047107 This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal . - CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesIntern ... oval:org.secpod.oval:def:89047173 This update for ceph fixes the following issues: - Update to 15.2.12-83-g528da226523: - fix cookie injection issue - RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name - sanitize \r in s3 CORSConfiguration's ExposeHeader oval:org.secpod.oval:def:89047254 This update for ceph fixes the following issues: - ceph was updated to 15.2.11-83-g8a15f484c2: * CVE-2021-20288: Fixed unauthorized global_id reuse . * disk gets replaced with no rocksdb/wal . * BlueStore handles huge writes from RocksDB to BlueFS poorly, potentially causing data corruption . oval:org.secpod.oval:def:89047238 This update for bluez fixes the following issues: - CVE-2021-0129,CVE-2020-26558: Check bluetooth security flags . oval:org.secpod.oval:def:89047039 This update for libostree fixes the following issues: - CVE-2014-9862: Fixed arbitrary write on heap vulnerability . oval:org.secpod.oval:def:89046983 This update for oniguruma fixes the following issues: - CVE-2019-19246: Fixed an out of bounds access during regular expression matching . - CVE-2019-19204: Fixed an out of bounds access when compiling a crafted regular expression . - CVE-2019-19203: Fixed an out of bounds access when performing a s ... oval:org.secpod.oval:def:89047115 This update for qemu fixes the following issues: - CVE-2021-3582: Fix possible mremap overflow in the pvrdma - CVE-2021-3607: Ensure correct input on ring init - CVE-2021-3608: Fix the ring init error flow - CVE-2021-3611: Fix intel-hda segmentation fault due to stack overflow oval:org.secpod.oval:def:89047329 This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Fixed a ReDOS vulnerability where urlize could have been called with untrusted user data . oval:org.secpod.oval:def:89047404 This update for java-11-openjdk fixes the following issues: - CVE-2022-21426: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multiple protocols . - CVE-2022-21434: Fixed Oracle Java SE compromission via unauthenticated attacker with network access via multipl ... oval:org.secpod.oval:def:89047570 This update for freetype2 fixes the following issues: - CVE-2022-27404 Fixed a segmentation fault via a crafted typeface . - CVE-2022-27405 Fixed a buffer overflow via a crafted typeface . - CVE-2022-27406 Fixed a segmentation fault via a crafted typeface . Non-security fixes: - Updated to version 2 ... oval:org.secpod.oval:def:89047200 This update for sssd fixes the following issues: - CVE-2021-3621: Fixed shell command injection in sssctl via the logs-fetch and cache-expire subcommands . - Add LDAPS support for the AD provider . - Improve logs to record the reason why internal watchdog terminates a process . - Fix watchdog not te ... oval:org.secpod.oval:def:89047955 This update for libarchive fixes the following issues: - CVE-2022-36227: Fixed potential NULL pointer dereference in __archive_write_allocate_filter . oval:org.secpod.oval:def:89047689 This update for curl fixes the following issues: - CVE-2022-32221: Fixed POST following PUT confusion . oval:org.secpod.oval:def:89047459 This update for curl fixes the following issues: - CVE-2022-27781: Fixed CERTINFO never-ending busy-loop - CVE-2022-27782: Fixed TLS and SSH connection too eager reuse oval:org.secpod.oval:def:89047392 This update for curl fixes the following issues: - CVE-2022-27776: Fixed auth/cookie leak on redirect - CVE-2022-27775: Fixed bad local IPv6 connection reuse - CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use oval:org.secpod.oval:def:89047527 This update for libvirt fixes the following issues: - CVE-2022-0897: Fixed a crash in nwfilter when counting number of network filters . The following non-security bugs were fixed: - qemu: Improve save operation by increasing pipe size c61d1e9b-virfile-set-pipe-size.patch, 47d6d185-virfile-fix-inden ... oval:org.secpod.oval:def:89047506 This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults oval:org.secpod.oval:def:89047197 This update for curl fixes the following issues: - CVE-2021-22947: Fixed STARTTLS protocol injection via MITM . - CVE-2021-22946: Fixed protocol downgrade required TLS bypassed . oval:org.secpod.oval:def:89047285 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2021-3631: fix SELinux label generation logic - CVE-2021-3667: Unlock object on ACL fail in storagePoolLookupByTargetPath Non-security issues fixed: - virtlockd: Don"t report error if lockspace exists - Don"t forcibl ... oval:org.secpod.oval:def:89047148 This update for curl fixes the following issues: - CVE-2021-22925: TELNET stack contents disclosure again. - CVE-2021-22924: Bad connection reuse due to flawed path name checks. - CVE-2021-22923: Insufficiently Protected Credentials. - CVE-2021-22922: Wrong content via metalink not discarded oval:org.secpod.oval:def:89047492 This update for libarchive fixes the following issues: - CVE-2021-36976: Fixed an invalid memory access that could cause data corruption . Non-security updates: - Updated references for CVE-2017-5601, which was already fixed in a previous version . oval:org.secpod.oval:def:89047337 This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure . - Allow partial chain verification [jsc#SLE-17956] * Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA certificates are ... oval:org.secpod.oval:def:89047450 This update for pcre2 fixes the following issues: - CVE-2019-20454: Fixed out-of-bounds read in JIT mode when \X is used in non-UTF mode . - CVE-2022-1587: Fixed out-of-bounds read due to bug in recursions . oval:org.secpod.oval:def:89047190 This update for gd fixes the following issues: - CVE-2021-40812: Fixed out-of-bounds read caused by the lack of certain gdGetBuf and gdPutBuf return value checks . oval:org.secpod.oval:def:89047560 This update for libcaca fixes the following issues: - CVE-2021-30498, CVE-2021-30499: If an image has a size of 0x0, when exporting, no data is written and space is allocated for the header only, not taking into account that sprintf appends a NUL byte . oval:org.secpod.oval:def:89047951 This update for net-snmp fixes the following issues: Updated to version 5.9.3 : - CVE-2022-24805: Fixed a buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB that can cause an out-of-bounds memory access. - CVE-2022-24809: Fixed a malformed OID in a GET-NEXT to the nsVacmAccessTable th ... oval:org.secpod.oval:def:89047564 This update for curl fixes the following issues: - CVE-2022-35252: Fixed a potential injection of control characters into cookies, which could be exploited by sister sites to cause a denial of service . oval:org.secpod.oval:def:89046159 A flaw was found in the way the flags member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cach ... oval:org.secpod.oval:def:89047343 This update for xen fixes the following issues: - CVE-2022-26358, CVE-2022-26359, CVE-2022-26360, CVE-2022-26361: Fixed IOMMU: RMRR and unity map handling issues - CVE-2022-26362: Fixed race condition in typeref acquisition - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-cohe ... oval:org.secpod.oval:def:89047579 This update for xen fixes the following issues: - CVE-2022-26356: Fixed potential race conditions in dirty memory tracking that could cause a denial of service in the host . - CVE-2022-26357: Fixed a potential race condition in memory cleanup for hosts using VT-d IOMMU hardware, which could lead to ... oval:org.secpod.oval:def:89047270 This update for python-urllib3 fixes the following issues: - CVE-2021-33503: Fixed a denial of service when the URL contained many @ characters in the authority component oval:org.secpod.oval:def:89047393 This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs . - CVE-2022-25235: Fixed UTF-8 character validation in a certain context . - CVE-2022-25313: Fixed stack exhaustion in build_model via uncontrolled recursi ... oval:org.secpod.oval:def:89047613 This update for expat fixes the following issues: - Fixed a regression caused by the patch for CVE-2022-25236 . oval:org.secpod.oval:def:89047426 This update for ldb, samba fixes the following issues: - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging . - CVE-2022-32745: Fixed a remote server crash with an LDAP add or modify request . - CVE-2022-2031: Fixed AD restrictions bypass associated with changing passwords . ... oval:org.secpod.oval:def:89047479 This update for openjpeg2 fixes the following issues: - CVE-2018-5727: Fixed integer overflow vulnerability in theopj_t1_encode_cblks function . - CVE-2018-5785: Fixed integer overflow caused by an out-of-bounds leftshift in the opj_j2k_setup_encoder function . - CVE-2018-6616: Fixed excessive itera ... oval:org.secpod.oval:def:89047356 This update for openjpeg fixes the following issues: - CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c . - CVE-2018-16376: Fixed heap-based buffer overflow function t2_encode_packet in lib/openmj2/t2.c . - CVE-2 ... oval:org.secpod.oval:def:89047484 This update for openssl-1_1 fixes the following issues: - CVE-2022-1292: Fixed command injection in c_rehash . - CVE-2022-2068: Fixed more shell code injection issues in c_rehash oval:org.secpod.oval:def:89047563 This update for grub2 fixes the following issues: Security fixes and hardenings for boothole 3 / boothole 2022 - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap - CVE-2021-3696: Fixed that a crafted PNG image could lead to out-of-bound write during ... oval:org.secpod.oval:def:89047399 This update for flatpak fixes the following issues: Update to flatpak 1.10.7: - CVE-2022-21682: Introduce new option --nofilesystem=host:reset to support flatpak-builder 1.2.2 . - CVE-2021-43860: A malicious repository could hav sent invalid application metadata in a way that hides some of the app p ... oval:org.secpod.oval:def:89047204 This update for ruby2.5 fixes the following issues: - CVE-2021-31799: Fixed Command injection vulnerability in RDoc . - CVE-2021-31810: Fixed trusting FTP PASV responses vulnerability in Net:FTP . - CVE-2021-32066: Fixed StartTLS stripping vulnerability in Net:IMAP . oval:org.secpod.oval:def:89047351 The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-1966: Fixed an use-after-free bug in the netfilter subsystem. This flaw allowed a local attacker with user access to cause a privilege escalation issue. - CVE-2022-1975: Fixed a sleep-in-atomic b ... oval:org.secpod.oval:def:89048074 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-3635: Fixed a use-after-free in the tst_timer of the file drivers/atm/idt77252.c . - CVE-2022 ... oval:org.secpod.oval:def:89047746 The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-40768: Fixed information leak in the scsi driver which allowed local users to obtain sensitive information from kernel memory. - CVE-2022-3169: Fixed a denial of service flaw which occurs when co ... oval:org.secpod.oval:def:89047482 The SUSE Linux Enterprise 15 SP3 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain . - CVE- ... oval:org.secpod.oval:def:89047473 The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-0168: Fixed a NULL pointer dereference in smb2_ioctl_query_info. - CVE-2022-20008: Fixed bug that allows to read kernel heap memory due to uninitialized data in mmc_blk_read_single of block.c. - ... oval:org.secpod.oval:def:89047467 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings . - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 . - CVE-2022-26362: Fixed a race condition in typeref acquisition . ... oval:org.secpod.oval:def:89047345 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-3 ... oval:org.secpod.oval:def:89047574 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information . - CVE-2022-3 ... oval:org.secpod.oval:def:89047509 This update for python39 fixes the following issues: python39 was updated to version 3.9.14: - CVE-2020-10735: Fixed DoS due to int type in PyLong_FromString not limiting amount of digits when converting text to int . - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when ... oval:org.secpod.oval:def:89047542 This update for python fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:89047409 This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:89047499 This update for python fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module . oval:org.secpod.oval:def:89047432 This update for python39 fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module . - Update to 3.9.13: - Core and Builtins - gh-92311: Fixed a bug where setting frame.f_lineno to jump over a list comprehension could misbehave or crash. - gh-92112: Fix crash trigge ... oval:org.secpod.oval:def:89047573 This update for python3 fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module . oval:org.secpod.oval:def:89047086 This update for qemu fixes the following issues: - Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to what was accepted upstream - Fix OOB access in sdhci interface - Fix potential privilege escalation in virtiofsd tool - Fix OOB access in rtl8139 NIC emulation - Fix heap ... oval:org.secpod.oval:def:89047775 This update for qemu fixes the following issues: - CVE-2022-0216: Fixed a use after free issue found in hw/scsi/lsi53c895a.c. - CVE-2022-35414: Fixed an uninitialized read during address translation that leads to a crash oval:org.secpod.oval:def:89047358 This update for qemu fixes the following issues: - CVE-2022-26354: Fixed missing virtqueue detach on error can lead to memory leak - CVE-2021-4207: Fixed double fetch in qxl_cursor can lead to heap buffer overflow - CVE-2021-4206: Fixed integer overflow in cursor_alloc can lead to heap buffer over ... oval:org.secpod.oval:def:89047529 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. The following security bugs were f ... oval:org.secpod.oval:def:89047764 This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing . - CVE-2022-33748: Fixed DoS due to race in locking . - CVE-2022-26365: Fixed issue where Linux Block and Network PV device frontends don"t zero memory regions before sharing them wi ... oval:org.secpod.oval:def:89047541 This update for polkit fixes the following issues: - CVE-2021-4034: Fixed a local privilege escalation in pkexec . oval:org.secpod.oval:def:89047414 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36516: Fixed TCP session data injection vulnerability via the mixed IPID assignment method . - CVE-2020-36557: Fixed race condition between the VT_DISALLOC ... oval:org.secpod.oval:def:89047619 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation . - CVE-2022-0322: Fixed a denial of servic ... oval:org.secpod.oval:def:89047628 The SUSE Linux Enterprise 15 SP3 kernel was updated - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl setting /proc/sys/kernel/unprivileged_bpf_disabled to 0. The following security bugs wer ... oval:org.secpod.oval:def:89047478 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input . - CVE-2022-0330: Fixed flush TLBs before releasing backin ... oval:org.secpod.oval:def:89047350 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload ... oval:org.secpod.oval:def:89047553 This update for xen fixes the following issues: Update Xen to version 4.14.4 Transient execution side-channel attacks attacking the Branch History Buffer , named 'Branch Target Injection' and 'Intra-Mode Branch History Injection' are now mitigated. Security issues fixed: - CVE-2022-0001, CVE-2022-0 ... oval:org.secpod.oval:def:89047531 This update for webkit2gtk3 fixes the following issues: Update to version 2.34.6 : - CVE-2022-22620: Processing maliciously crafted web content may have lead to arbitrary code execution. Update to version 2.34.5 : - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - ... oval:org.secpod.oval:def:89047371 This update for webkit2gtk3 fixes the following issues: Update to version 2.36.0 : - CVE-2022-22624: Fixed use after free that may lead to arbitrary code execution. - CVE-2022-22628: Fixed use after free that may lead to arbitrary code execution. - CVE-2022-22629: Fixed a buffer overflow that may le ... oval:org.secpod.oval:def:89047083 This update for speex fixes the following issues: - CVE-2020-23903: Fixed zero division error in read_samples . oval:org.secpod.oval:def:89047198 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.3: - CVE-2021-21775: Fixed a use-after-free vulnerability in the way certain events are processed for ImageLoader objects. A specially crafted web page can lead to a potential information leak and further memory corrupt ... oval:org.secpod.oval:def:89047162 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.0 : * Fix the authentication request port when URL omits the port. * Fix iframe scrolling when main frame is scrolled in async * scrolling mode. * Stop using g_memdup. * Show a warning message when overriding signal han ... oval:org.secpod.oval:def:89047183 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.4 - CVE-2021-30858: Fixed a security bug that could allow maliciously crafted web content to achieve arbitrary code execution. - CVE-2021-21806: Fixed an exploitable use-after-free vulnerability via specially crafted H ... oval:org.secpod.oval:def:89047295 This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak . oval:org.secpod.oval:def:89047408 This update for webkit2gtk3 fixes the following issues: - Update to version 2.36.5 : - Add support for PAC proxy in the WebDriver implementation. - Fix video playback when loaded through custom URIs, this fixes video playback in the Yelp documentation browser. - Fix WebKitWebView::context-menu when ... oval:org.secpod.oval:def:89047402 This update for webkit2gtk3 fixes the following issues: - Update to version 2.34.3 . - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced Content Security Policy when processing maliciously crafted web content. - CVE-2021-30890: Fixed logic issue allowing universal cross site scripti ... oval:org.secpod.oval:def:89047359 This update for webkit2gtk3 fixes the following issues: Update to version 2.36.3 - CVE-2022-30293: Fixed heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer . - CVE-2022-26700: Fixed memory corruption issue that may lead to code execution when processing maliciously crafted ... oval:org.secpod.oval:def:89047357 This update for webkit2gtk3 fixes the following issues: Update to version 2.36.4 : - CVE-2022-22662: Processing maliciously crafted web content may disclose sensitive user information. - CVE-2022-22677: The video in a webRTC call may be interrupted if the audio capture gets interrupted. - CVE-2022-2 ... oval:org.secpod.oval:def:89047234 This update for webkit2gtk3 fixes the following issues: - CVE-2021-30846: Fixed memory corruption issue that could lead to arbitrary code execution when processing maliciously crafted web content . - CVE-2021-30851: Fixed memory corruption vulnerability that could lead to arbitrary code execution wh ... oval:org.secpod.oval:def:89048025 This update for samba fixes the following issues: Version update to 4.15.12. Security issues fixed: - CVE-2022-2031: Fixed AD users that could have bypassed certain restrictions associated with changing passwords . - CVE-2022-32742: Fixed SMB1 code that does not correctly verify SMB1write, SMB1write ... oval:org.secpod.oval:def:89047406 This update for sqlite3 fixes the following issues: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API . - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence . - Package the Tcl bindings ... oval:org.secpod.oval:def:89047403 This update for vim fixes the following issues: - CVE-2017-17087: Fixed information leak via .swp files . - CVE-2021-3875: Fixed heap-based buffer overflow . - CVE-2021-3903: Fixed heap-based buffer overflow . - CVE-2021-3968: Fixed heap-based buffer overflow . - CVE-2021-3973: Fixed heap-based buff ... oval:org.secpod.oval:def:89047530 This update for ncurses fixes the following issues: - CVE-2022-29458: Fixed segfaulting out-of-bounds read in convert_strings in tinfo/read_entry.c . oval:org.secpod.oval:def:89046992 This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 : - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution. oval:org.secpod.oval:def:89047123 This update for ncurses fixes the following issues: - CVE-2021-39537: Fixed an heap-based buffer overflow in _nc_captoinfo oval:org.secpod.oval:def:89047475 This update for ruby2.5 fixes the following issues: - CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion . - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods . - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP . - CVE-2021-31 ... oval:org.secpod.oval:def:89047026 This update for vim fixes the following issues: Updated to version 9.0 with patch level 0313: - CVE-2022-2183: Fixed out-of-bounds read through get_lisp_indent . - CVE-2022-2182: Fixed heap-based buffer overflow through parse_cmd_address . - CVE-2022-2175: Fixed buffer over-read through cmdline_inse ... oval:org.secpod.oval:def:89047498 This update for curl fixes the following issues: - CVE-2022-32206: HTTP compression denial of service - CVE-2022-32208: FTP-KRB bad message verification oval:org.secpod.oval:def:89047582 This update for vim fixes the following issues: - CVE-2022-0318: Fixed heap-based buffer overflow . - CVE-2021-3796: Fixed use-after-free in nv_replace in normal.c . - CVE-2021-3872: Fixed heap-based buffer overflow in win_redr_status drawscreen.c . - CVE-2021-3927: Fixed heap-based buffer overflow ... oval:org.secpod.oval:def:89047453 This update for zlib fixes the following issues: - CVE-2022-37434: Fixed heap-based buffer over-read or buffer overflow via large gzip header extra field . oval:org.secpod.oval:def:89047094 The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2020-3702: Fixed a bug which could be triggered with specifically timed and handcrafted traffic and cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a conseque ... oval:org.secpod.oval:def:89047091 This update for util-linux fixes the following issues: - CVE-2021-37600: Fixed an integer overflow which could lead to a buffer overflow in get_sem_elements in sys-utils/ipcutils.c oval:org.secpod.oval:def:89047171 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3573: Fixed an UAF vulnerability in function that can allow attackers to corrupt kernel heaps and adopt further exploitations. - CVE-2021-0605: Fixed an o ... oval:org.secpod.oval:def:89047175 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-26558: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 may permit a nearby man-in-the-middle attacker to identify the Passkey us ... oval:org.secpod.oval:def:89047308 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel ... oval:org.secpod.oval:def:89047305 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - Unprivileged BPF has been disabled by default to reduce attack surface as too many security issues have happened in the past You can reenable via systemctl setting ... oval:org.secpod.oval:def:89047129 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Security issues fixed: - CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c . - CVE-2021-33909: Extremely large seq buffer allocations in seq_file could lead to buffer und ... oval:org.secpod.oval:def:89047127 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg in the bluetooth stack . - CVE-2021-3653: Missing validation of the `int_ctl` VMCB ... oval:org.secpod.oval:def:89047248 The following security bugs were fixed: - CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory . - CVE-2021-3715: Fixed a use-after-free in route4_change in net/sched/cls_route.c . - CVE-2021-3760: Fixed a use-after-f ... oval:org.secpod.oval:def:89047207 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. NOTE: This update was retracted due to a NFS regression. The following security bugs were fixed: - CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb . - CVE-2021-3655: Fixed a missing size validations on ... oval:org.secpod.oval:def:89047557 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-29156: Fixed a double free related to rtrs_clt_dev_release . - CVE-2022-28893: Ensuring that sockets are in the intended state inside the SUNRPC subsystem ... oval:org.secpod.oval:def:89047294 This update for pcre fixes the following issues: Update pcre to version 8.45: - CVE-2020-14155: Fixed integer overflow via a large number after a " oval:org.secpod.oval:def:89047246 This update for sqlite3 fixes the following issues: - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization - CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizat ... oval:org.secpod.oval:def:89047217 This update for glib2 fixes the following issues: - CVE-2021-27218: g_byte_array_new_take takes a gsize as length but stores in a guint, this patch will refuse if the length is larger than guint. - CVE-2021-27219: g_memdup takes a guint as parameter and sometimes leads into an integer overflow, so ... oval:org.secpod.oval:def:89047231 This update for spectre-meltdown-checker fixes the following issues: spectre-meltdown-checker was updated to version 0.44 - feat: add support for SRBDS related vulnerabilities - feat: add zstd kernel decompression - enh: arm: add experimental support for binary arm images - enh: rsb filling: no lo ... oval:org.secpod.oval:def:89047398 This update for libmspack fixes the following issues: - CVE-2018-18586: Fixed directory traversal in chmextract by adding anti '../' and leading slash protection . oval:org.secpod.oval:def:89047125 This update for libsndfile fixes the following issues: - CVE-2018-13139: Fixed a stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28allows remote attackers to cause a denial of service or possibly have unspecified other impact. - CVE-2018-19432: Fixed a NULL pointer derefere ... oval:org.secpod.oval:def:89047244 This update for openvpn fixes the following issues: - CVE-2020-15078: Fixed authentication bypass with deferred authentication . - CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key . - CVE-2018-7544: Fixed cross-protocol scripting issue that was discov ... oval:org.secpod.oval:def:89047169 This update for python3 fixes the following issues: - Fixed CVE-2020-27619 , where Lib/test/multibytecodec_support calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and SLE12 - ad ... oval:org.secpod.oval:def:89047237 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc in net/mac802154/llsec.c . - CVE-2021-21781: Fixed a information disclosure vulnerability in the ... oval:org.secpod.oval:def:89047346 This update for ImageMagick fixes the following issues: - CVE-2019-17540: Fixed heap-based buffer overflow in ReadPSInfo in coders/ps.c. - CVE-2022-32545: Fixed an outside the range of representable values of type. - CVE-2022-32546: Fixed an outside the range of representable values of type. - CV ... oval:org.secpod.oval:def:89047455 This update for python-numpy fixes the following issues: - CVE-2021-33430: Fixed buffer overflow that could lead to DoS in PyArray_NewFromDescr_int function of ctors.c . - CVE-2021-41496: Fixed buffer overflow that could lead to DoS in array_from_pyobj function of fortranobject.c . oval:org.secpod.oval:def:89047547 The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space. - CVE-2022-1016: Fixed a vulnerability in ... oval:org.secpod.oval:def:89047291 This update for lz4 fixes the following issues: - CVE-2021-3520: Fixed memory corruption due to an integer overflow bug caused by memmove argument . oval:org.secpod.oval:def:89047597 This update for unbound fixes the following issues: - CVE-2019-25031: Fixed configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack . - CVE-2019-25032: Fixed integer overflow in the regional allocator via regional_alloc . - CVE-2019-25033: Fixed integer ove ... |
