Download
| Alert*
|
oval:org.secpod.oval:def:89049672
This update for ncurses fixes the following issues: Security issue fixed: - CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry . Non-security issue fixed: - Remove scree.xterm from terminfo data base as with this screen uses fal ... oval:org.secpod.oval:def:89049764 This update for bluez fixes the following issues: Security issues fixed: - CVE-2016-9800: Fixed a buffer overflow in pin_code_reply_dump function - CVE-2016-9801: Fixed a buffer overflow in set_ext_ctrl function oval:org.secpod.oval:def:89000509 This update for zstd fixes the following issues: - Fix for build error caused by wrong static libraries. - Correction in spec file marking the license as documentation. - Add new package for SLE-15 oval:org.secpod.oval:def:89000140 This update for rpmlint fixes the following issues: - whitelist certmonger oval:org.secpod.oval:def:89000003 SUSE Linux Enterprise Server 15 is installed oval:org.secpod.oval:def:89000379 This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND=quot;ldapquot; was used . - Changed DB_CONFIG to root:ldap permissions . oval:org.secpod.oval:def:89046731 This update of dpdk fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89046738 This update of fwupdate fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues oval:org.secpod.oval:def:89049666 This update for mutt fixes the following issues: Security issues fixed: - bsc#1101428: Mutt 1.10.1 security release update. - CVE-2018-14351: Fix imap/command.c that mishandles long IMAP status mailbox literal count size . - CVE-2018-14353: Fix imap_quote_string in imap/util.c that has an integer un ... oval:org.secpod.oval:def:89049663 This update for rsyslog fixes the following security issue: - CVE-2015-3243: Prevent weak permissions for generated log files, which allowed local users to obtain sensitive information . oval:org.secpod.oval:def:89049662 This update for rsyslog fixes the following security issue: - CVE-2015-3243: Prevent weak permissions for generated log files, which allowed local users to obtain sensitive information . oval:org.secpod.oval:def:89003026 This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:89044305 This update for python-Pygments fixes the following issues: - CVE-2021-20270: Fixed an infinite loop in SML lexer which may lead to DoS oval:org.secpod.oval:def:89002909 This update for gcc7 fixes the following issues: - CVE-2020-13844: Added mitigation for aarch64 Straight Line Speculation issue - Enable fortran for the nvptx offload compiler. - Update README.First-for.SuSE.packagers - avoid assembler errors with AVX512 gather and scatter instructions when using - ... oval:org.secpod.oval:def:89002903 This update for gcc10, nvptx-tools fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with quot;-10quot; suffix, yo ... oval:org.secpod.oval:def:89002900 This update for pcp fixes the following issues: Security issue fixed: - CVE-2019-3696: Fixed a local privilege escalation in migrate_tempdirs . - CVE-2019-3695: Fixed a local privilege escalation of the pcp user during package update . Non-security issue fixed: - Fixed an dependency issue with pcp2c ... oval:org.secpod.oval:def:89002968 This update for kernel-firmware fixes the following issue: - CVE-2020-12321: Updated the Intel Bluetooth firmware for buffer overflow security bugs . oval:org.secpod.oval:def:89044246 This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - Avoid free"ing our own pointer in memcache when memcache_trim attempts to reduce cache size . - Adjust smbcacls "--propagate-inheritance" feature to align with upstream . oval:org.secpod.oval:def:89002955 This update for dpdk fixes the following issues: Security issues fixed: - CVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base . - CVE-2020-10723: Fixed an integer truncation in vhost_user_check_and_alloc_queue_pair . - CVE-2020-10724: Fixed a missing inputs validation in Vhost-crypt ... oval:org.secpod.oval:def:89002948 This update for gmp, gnutls, libnettle fixes the following issues: Security issue fixed: - CVE-2020-11501: Fixed zero random value in DTLS client hello FIPS related bugfixes: - FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode - FIPS: Fixed a cf ... oval:org.secpod.oval:def:89002943 This update for avahi fixes the following issues: - When changing ownership of /var/lib/autoipd, only change ownership of files owned by avahi, to mitigate against possible exploits . oval:org.secpod.oval:def:89002998 This update for ovmf fixes the following issues: - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler . - Use openSUSE CA for the opensuse flavor oval:org.secpod.oval:def:89002999 This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters . oval:org.secpod.oval:def:89002861 This update for xrdp fixes the following issues: - Security fixes : + Add patches: * xrdp-cve-2020-4044-fix-0.patch * xrdp-cve-2020-4044-fix-1.patch + Rebase SLE patch: * xrdp-fate318398-change-expired-password.patch oval:org.secpod.oval:def:89002866 This update for postgresql10 and postgresql12 fixes the following issues: postgresql10 was updated to 10.13 . https://www.postgresql.org/about/news/2038/ https://www.postgresql.org/docs/10/release-10-13.html postgresql10 was updated to 10.12 - https://www.postgresql.org/about/news/2011/ - https://w ... oval:org.secpod.oval:def:89044293 This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update which could have caused named to terminate unexpectedly . - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the ... oval:org.secpod.oval:def:89044282 This update for stunnel fixes the following issues: - Security fix: [bsc#1177580, bsc#1182529, CVE-2021-20230] * redirect option does not properly handle verifyChain = yes oval:org.secpod.oval:def:89045527 This update for spice-vdagent fixes the following issues: - CVE-2020-25650: memory DoS via arbitrary entries in `active_xfers` hash table - CVE-2020-25651: possible file transfer DoS and information leak via `active_xfers` hash map - CVE-2020-25652: possibility to exhaust file descriptors in `vdag ... oval:org.secpod.oval:def:89045606 This update for dovecot23 fixes the following issues: Update dovecot to version 2.3.15 : Security issues fixed: - CVE-2021-29157: Dovecot does not correctly escape kid and azp fields in JWT tokens. This may be used to supply attacker controlled keys to validate tokens, if attacker has local access. ... oval:org.secpod.oval:def:89002860 This update for postgresql10 fixes the following issues: - Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89045550 This update for fetchmail fixes the following issues: - CVE-2021-36386: Fixed a missing variable initialization that can cause read from bad memory locations. - Change PASSWORDLEN from 64 to 256 oval:org.secpod.oval:def:89045797 This update for tomcat fixes the following issues: - CVE-2021-30640: Escape parameters in JNDI Realm queries . - CVE-2021-33037: Process T-E header from both HTTP 1.0 and HTTP 1.1. clients . - CVE-2021-41079: Fixed a denial of service caused by an unexpected TLS packet . oval:org.secpod.oval:def:89049711 This update for python-cryptography fixes the following issues: - CVE-2018-10903: The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag such ... oval:org.secpod.oval:def:89044212 This update for cifs-utils fixes the following security issues: - CVE-2021-20208: Fixed a potential kerberos auth leak escaping from container. - CVE-2020-14342: Fixed a shell command injection vulnerability in mount.cifs. This update for cifs-utils fixes the following issues: - Solve invalid dire ... oval:org.secpod.oval:def:89003015 This update for samba fixes the following issues: - CVE-2020-10704: Fixed a stack overflow in the AD DC LDAP server . oval:org.secpod.oval:def:89002931 This update for systemd fixes the following issues: - CVE-2020-1712 Fix a heap use-after-free vulnerability, when asynchronous Polkit queries were performed while handling Dbus messages. A local unprivileged attacker could have abused this flaw to crash systemd services or potentially execute code ... oval:org.secpod.oval:def:89045556 This update for openssl-1_0_0 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89045546 This update for libass fixes the following issues: - CVE-2020-36430: Fixed heap-based buffer overflow in decode_chars . oval:org.secpod.oval:def:89045560 This update for djvulibre fixes the following issues: - CVE-2021-3630: out-of-bounds write in DJVU:DjVuTXT:decode in DjVuText.cpp oval:org.secpod.oval:def:89048096 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.60 state of Mozilla SSL root CAs Removed CAs: - Global Chambersign Root - EC-ACC - Network Solutions Certificate Authority - Staat der Nederlanden EV Root CA - SwissSign Platinum CA - G2 Added CAs: - DIGITALSIGN GLOB ... oval:org.secpod.oval:def:89002981 This update for postgresql10 fixes the following issues: - update to 10.14: * CVE-2020-14349, bsc#1175193: Set a secure search_path in logical replication walsenders and apply workers * CVE-2020-14350, bsc#1175194: Make contrib modules" installation scripts more secure. * https://www.postgresql.org/ ... oval:org.secpod.oval:def:89002917 This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU . oval:org.secpod.oval:def:89000278 This update for ghostscript to version 9.52 fixes the following issues: - CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2_image_compose . oval:org.secpod.oval:def:89045541 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:89048060 This update for supportutils fixes the following issues: Security issues fixed: - Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt Bug fixes: - Added lifecycle information - Fixed KVM virtualization detection on bare metal - Added logging using journalctl - Get current sar ... oval:org.secpod.oval:def:89047003 This update for clamav fixes the following issues: clamav was updated to 0.103.7 * Upgrade the vendored UnRAR library to version 6.1.7. * Fix logical signature Intermediates feature. * Relax constraints on slightly malformed zip archives that contain overlapping file entries. oval:org.secpod.oval:def:89045557 This update for openssl-1_1 fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89002929 This update for gnutls fixes the following issues: - Fix heap buffer overflow in handshake with no_renegotiation alert sent - FIPS: Implement DH requirements from SP800-56Arev3 - FIPS: Use 2048 bit prime in DH selftest - FIPS: Add TLS KDF selftest oval:org.secpod.oval:def:89003006 This update for gnutls fixes the following issues: - CVE-2020-13777: Fixed an insecure session ticket key construction which could have made the TLS server to not bind the session ticket encryption key with a value supplied by the application until the initial key rotation, allowing an attacker to b ... oval:org.secpod.oval:def:89000334 This update for squid fixes the following issues: squid was updated to version 4.12 Security issue fixed: - CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake . Other issues addressed: - Reverted to slow search for new SMP shm pages due ... oval:org.secpod.oval:def:89044238 This update for cups fixes the following issues: - CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks oval:org.secpod.oval:def:89049625 This update for pango fixes the following issues: Security issue fixed: - CVE-2018-15120: Fixed a denial of service when parsing emoji oval:org.secpod.oval:def:89047792 This update for python-waitress fixes the following issues: - CVE-2022-24761: Fixed a bug to avoid inconsistent interpretation of HTTP requests leading to request smuggling oval:org.secpod.oval:def:89047723 This update for libmad fixes the following issues: - CVE-2017-8373: Fixed heap-based buffer overflow in mad_layer_III . - CVE-2017-8372: Fixed assertion failure in layer3.c . oval:org.secpod.oval:def:89046048 This update for virglrenderer fixes the following issues: - CVE-2022-0135: Fixed out-of-bonds write in read_transfer_data . oval:org.secpod.oval:def:89049654 This update for curl fixes the following issues: Security issue fixed: - CVE-2018-0500: Fix a SMTP send heap buffer overflow . oval:org.secpod.oval:def:89049665 This update for udisks2 fixes the following issues: Following security issues was fixed: - CVE-2018-17336: A format string vulnerability in udisks_log Following non-security issues were fixed: - strip trailing newline from sysfs raid level information - Fix watcher error for non-redundant raid dev ... oval:org.secpod.oval:def:89047006 This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions . oval:org.secpod.oval:def:89049769 This update for cups fixes the following issues: The following security vulnerabilities were fixed: - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend - CVE-2018-4181: Limited local file rea ... oval:org.secpod.oval:def:89048076 This update for freeradius-server fixes the following issues: - CVE-2022-41859: Fixes an information leakage in EAP-PWD . - CVE-2022-41860: Fixes a crash on unknown option in EAP-SIM . - CVE-2022-41861: Fixes a crash on invalid abinary data . - move logrotate options into specific parts for each log ... oval:org.secpod.oval:def:89049768 This update for git fixes the following issues: Security issue fixed: - CVE-2018-19486: Fixed git that executed commands from the current working directory in certain cases involving the run_command API and run-command.c, because there was . oval:org.secpod.oval:def:89049651 This update for mgetty fixes the following issues: - CVE-2018-16741: The function do_activate did not properly sanitize shell metacharacters to prevent command injection . - CVE-2018-16745: The mail_to parameter was not sanitized, leading to a buffer overflow if long untrusted input reached it . - C ... oval:org.secpod.oval:def:89047761 This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser . oval:org.secpod.oval:def:89047021 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:89046046 This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb . - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image . - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS ... oval:org.secpod.oval:def:89046078 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:89002921 This update for binutils fixes the following issues: binutils was updated to version 2.35.1 Additional branch fixes applied on top of 2.35.1: * Fixes PR26520, aka [bsc#1179036], a problem in addr2line with certain DWARF variable descriptions. * Also fixes PR26711, PR26656, PR26655, PR26929, PR26808 ... oval:org.secpod.oval:def:89002988 This update for samba fixes the following issues: - CVE-2019-14902: Fixed an issue where automatic replication of ACLs down subtree on AD Directory is not working . - CVE-2019-14907: Fixed a Server-side crash after charset conversion failure during NTLMSSP processing . oval:org.secpod.oval:def:89049754 This update is the initial delivery of the Azure flavor of the Linux Kernel, which contains enhancements and optimizations for running the SUSE Linux Enterprise kernel in the Azure cloud. oval:org.secpod.oval:def:89049731 This update for yast2-ftp-server fixes the following issues: Feature update: fate#321043: Added additional searchkeys to desktop file. Security issues fixed: - bsc#921303: Drop SSLv2 and SSLv3 as it is dropped for security reason for vsftpd. Bug fixes: - bsc#1041829: Do not modify value when Browse ... oval:org.secpod.oval:def:89049684 This update for shadow fixes the following security issue: - Prevent useradd from creating intermediate directories with mode 0777 oval:org.secpod.oval:def:89049696 This update for pam_pkcs11 fixes the following security issues: - It was possible to replay an authentication by using a specially prepared smartcard or token - Prevent buffer overflow if a user has a home directory with a length of more than 512 bytes - Memory not cleaned properly before free Th ... oval:org.secpod.oval:def:89049733 This update for openssh fixes the following issues: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration as ... oval:org.secpod.oval:def:89049687 This update for openvpn fixes the following issues: - CVE-2018-9336: Fix potential double-free in Interactive Service could lead to denial of service . oval:org.secpod.oval:def:89049650 This update for e2fsprogs fixes the following issues: Security issues fixed: - CVE-2015-0247: Fixed couple of heap overflows in e2fsprogs . - CVE-2015-1572: Fixed potential buffer overflow in closefs . Bug fixes: - bsc#1038194: generic/405 test fails with /dev/mapper/thin-vol is inconsistent on ext ... oval:org.secpod.oval:def:89046091 This update for clamav fixes the following issues: - CVE-2022-20698: Fixed invalid pointer read allowing denial of service crash oval:org.secpod.oval:def:89050357 This update for openssl-1_1 fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . Various FIPS related improvements were done: - FIPS: Backport SSH KDF to openssl . - Port FIPS ... oval:org.secpod.oval:def:89050451 This update for virglrenderer fixes the following issues: - CVE-2019-18388: Fixed a null pointer dereference which could have led to denial of service . - CVE-2019-18390: Fixed an out of bound read which could have led to denial of service . - CVE-2019-18389: Fixed a heap buffer overflow which could ... oval:org.secpod.oval:def:89050260 This update for libsolv, libzypp, zypper fixes the following issues: Security issue fixed: - CVE-2019-18900: Fixed assert cookie file that was world readable . Bug fixes - Fixed removing orphaned packages dropped by to-be-installed products . - Adds libzypp API to mark all obsolete kernels according ... oval:org.secpod.oval:def:89050396 This update for tigervnc fixes the following issues: - CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder . - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode . - CVE-2019-15693: Fixed a heap-based buffer overflow in TightDecoder::Filte ... oval:org.secpod.oval:def:89050342 This update for glibc fixes the following issues: Security issue fixed: - CVE-2019-19126: Fixed to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition . Bug fixes: - Fixed z15 strstr implementation that can return incorrect results if search ... oval:org.secpod.oval:def:89000276 This update for wicked fixes the following issues: - CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options . - CVE-2020-7216: Fixed a potential denial of service via a memory leak when processing packets with missing message type option in DHCP4 . oval:org.secpod.oval:def:89000619 This update for rmt-server to version 2.5.7 fixes the following issues: Security issues fixed: - CVE-2019-18904: Fixed offline migrations . - Fixed a local denial of service . Non-security issues fixed: - Align supported subscription types with SCC . - Fix migrations in case adding migration_extra c ... oval:org.secpod.oval:def:89000596 This update for rmt-server to version 2.5.2 fixes the following issues: Security issue fixed: - CVE-2019-18904: Fixed a denial of service in the offline migration . Non-security issue fixed: - Relaxed systemd units dependencies - Added more verbose error reporting for SCC API errors - Fixed system ... oval:org.secpod.oval:def:89000039 This update for wicked fixes the following issues: - CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IA_PD option . - CVE-2020-7217: Fixed a memory leak in DHCP4 fsm when processing packets for other client ids . oval:org.secpod.oval:def:89000196 This update for permissions fixes the following issues: Security issue fixed: - CVE-2020-8013: Fixed a local privilege escalation with mrsh and wodim . Non-security issues fixed: - Fixed regression where chkstat breaks without /proc available - Fixed capability handling when doing multiple permissi ... oval:org.secpod.oval:def:89000317 This update for openldap2 fixes the following issues: - CVE-2020-8027: openldap_update_modules_path.sh starts daemons unconditionally and uses fixed paths in /tmp . oval:org.secpod.oval:def:89050307 This update for e2fsprogs fixes the following issues: - CVE-2019-5188: Fixed a code execution vulnerability in the directory rehashing functionality . oval:org.secpod.oval:def:89050331 This update for Mesa fixes the following issues: Security issue fixed: - CVE-2019-5068: Fixed exploitable shared memory permissions vulnerability . oval:org.secpod.oval:def:89050723 This update for squid fixes the following issues: Security issue fixed: - CVE-2019-13345: Fixed a cross site scripting vulnerability via user_name or auth parameter in cachemgr.cgi . oval:org.secpod.oval:def:89050591 This update for 389-ds to version 1.4.0.26 fixes the following issues: Security issues fixed: - CVE-2016-5416: Fixed an information disclosure where a anonymous user could read the default ACI . - CVE-2018-1054: Fixed a denial of service via search filters in SetUnicodeStringFromUTF_8 . - CVE-2018-1 ... oval:org.secpod.oval:def:89050752 This update for wavpack fixes the following issues: Security issues fixed: - CVE-2019-1010319: Fixed use of uninitialized variable in ParseWave64HeaderConfig that can result in unexpected control flow, crashes, and segfaults . - CVE-2019-11498: Fixed possible denial of service in WavpackSetConfigur ... oval:org.secpod.oval:def:89050837 This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner . oval:org.secpod.oval:def:89050788 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input . - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources . - CVE-2019-13164: Security fix for qemu-bridge-help ... oval:org.secpod.oval:def:89050881 This update for python-Werkzeug fixes the following issues: Security issue fixed: - CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container . oval:org.secpod.oval:def:89050630 This update for skopeo fixes the following issues: Security issues fixed: - CVE-2019-10214: Fixed missing enforcement of TLS connections . oval:org.secpod.oval:def:89050572 This update for ghostscript fixes the following issues: Security issue fixed: - CVE-2019-10216: Fix privilege escalation via specially crafted PostScript file . oval:org.secpod.oval:def:89050777 This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigated ECDSA timing attack oval:org.secpod.oval:def:89050705 This update for curl fixes the following issues: Security issues fixed: - CVE-2019-5481: Fixed FTP-KRB double-free during kerberos FTP data transfer . - CVE-2019-5482: Fixed TFTP small blocksize heap buffer overflow . oval:org.secpod.oval:def:89050750 This update for openssl-1_1 fixes the following issues: OpenSSL Security Advisory [10 September 2019] * CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance. * CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key oval:org.secpod.oval:def:89050659 This update for nmap fixes the following issues: Security issue fixed: - CVE-2017-18594: Fixed a denial of service condition due to a double free when an SSH connection fails. Non-security issue fixed: - Fixed a regression in the version scanner caused, by the fix for CVE-2018-15173 oval:org.secpod.oval:def:89050779 This update for ghostscript fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. - CVE-2019-12973: ... oval:org.secpod.oval:def:89050724 This update for u-boot fixes the following issues: Security issues fixed: - CVE-2019-13106: Fixed stack buffer overflow via a crafted ext4 filesystem that may lead to code execution . - CVE-2019-13104: Fixed an underflow that could cause memcpy to overwrite a very large amount of data via a crafted ... oval:org.secpod.oval:def:89050730 This update for jasper fixes the following issues: Security issues fixed: - CVE-2018-19540: Fixed a heap based overflow in jas_icctxtdesc_input . - CVE-2018-19541: Fix heap based overread in jas_image_depalettize . oval:org.secpod.oval:def:89050587 This update for libseccomp fixes the following issues: Security issues fixed: - CVE-2019-9893: An incorrect generation of syscall filters in libseccomp was fixed libseccomp was updated to new upstream release 2.4.1: - Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF ... oval:org.secpod.oval:def:89050641 This update for sudo fixes the following issue: - CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers . oval:org.secpod.oval:def:89050631 This update for dhcp fixes the following issues: Secuirty issue fixed: - CVE-2019-6470: Fixed DHCPv6 server crashes . Bug fixes: - Add compile option --enable-secs-byteorder to avoid duplicate lease warnings . - Use IPv6 when called as dhclient6, dhcpd6, and dhcrelay6 . oval:org.secpod.oval:def:89050851 This update for libpcap fixes the following issues: - CVE-2019-15165: Added sanity checks for PHB header length before allocating memory . - CVE-2018-16301: Fixed a buffer overflow . oval:org.secpod.oval:def:89050542 This update for tcpdump fixes the following issues: - CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem . - CVE-2018-10103: Fixed a mishandling of the printing of SMB data . - CVE-2018-10105: Fixed a mishandling of the printing of SMB data . - CVE-2018-14461: F ... oval:org.secpod.oval:def:89050651 This update for procps fixes the following issues: procps was updated to 3.3.15. Following security issues were fixed: - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escala ... oval:org.secpod.oval:def:89050670 This update for sysstat fixes the following issue: - CVE-2019-16167: Fixed a memory corruption due to an integer overflow oval:org.secpod.oval:def:89050778 This update for zziplib fixes the following issues: Security issue fixed: - CVE-2018-16548: Prevented memory leak from __zzip_parse_root_directory. Free allocated structure if its address is not passed back. Other issue addressed: - Prevented a division by zero . oval:org.secpod.oval:def:89050909 This update for lz4 fixes the following issues: - CVE-2019-17543: Fixed a heap-based buffer overflow in LZ4_write32 . oval:org.secpod.oval:def:89050547 This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs oval:org.secpod.oval:def:89050606 This update for binutils fixes the following issues: binutils was updated to current 2.32 branch [jsc#ECO-368]. Includes following security fixes: - CVE-2018-17358: Fixed invalid memory access in _bfd_stab_section_find_nearest_line in syms.c - CVE-2018-17359: Fixed invalid memory access exists in b ... oval:org.secpod.oval:def:89050655 This update for libssh2_org fixes the following issue: - CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service . oval:org.secpod.oval:def:89050578 This update for rsyslog fixes the following issues: Security issues fixed: - CVE-2019-17041: Fixed a heap overflow in the parser for AIX log messages . - CVE-2019-17042: Fixed a heap overflow in the parser for Cisco log messages . Other issue addressed: - Fixed an issue where rsyslog was SEGFAULT du ... oval:org.secpod.oval:def:89050703 This update for libjpeg-turbo fixes the following issues: - CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. [bsc#1156402] oval:org.secpod.oval:def:89050688 This update for ghostscript fixes the following issues: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code . oval:org.secpod.oval:def:89050653 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2019-17594: Fixed a heap-based buffer over-read in the _nc_find_entry function . - CVE-2019-17595: Fixed a heap-based buffer over-read in the fmt_entry function . Non-security issue fixed: - Removed screen.xterm from te ... oval:org.secpod.oval:def:89050880 This update for java-11-openjdk to version jdk-11.0.5-10 fixes the following issues: Security issues fixed : - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes - CVE-2019-2964: B ... oval:org.secpod.oval:def:89050533 This update for cups fixes the following issues: - CVE-2019-8675: Fixed a stack buffer overflow in libcups"s asn1_get_type function. - CVE-2019-8696: Fixed a stack buffer overflow in libcups"s asn1_get_packed function . oval:org.secpod.oval:def:89050720 This update for bluez fixes the following issues: - CVE-2016-9798: Fixed a use-after-free in conf_opt . oval:org.secpod.oval:def:89050895 This update for strongswan fixes the following issues: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of se ... oval:org.secpod.oval:def:89050544 This update for cpio fixes the following issues: - CVE-2019-14866: Fixed an improper validation of the values written in the header of a TAR file through the to_oct function which could have led to unexpected TAR generation . oval:org.secpod.oval:def:89050867 This update for libidn2 to version 2.2.0 fixes the following issues: - CVE-2019-12290: Fixed an improper round-trip check when converting A-labels to U-labels . - CVE-2019-18224: Fixed a heap-based buffer overflow that was caused by long domain strings . oval:org.secpod.oval:def:89050826 This update for ucode-intel fixes the following issues: - Updated to 20191115 official security release oval:org.secpod.oval:def:89050841 This update for libarchive fixes the following issues: Security issues fixed: - CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder . - CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder . - CVE-2019-1000019: Fixed an Out-Of-Bounds Read vulnerability in 7zip decompr ... oval:org.secpod.oval:def:89050532 This update for clamav fixes the following issues: - CVE-2019-15961: Fixed a denial of service which might occur when scanning a specially crafted email file as . oval:org.secpod.oval:def:89050537 This update of dpdk to version 18.11.3 provides the following fixes: dpdk was updated to 18.11.3 Security issue fixed: - CVE-2019-14818: Fixed a memory leak vulnerability caused by a malicius container may lead to to denial of service . Other issues addressed: - Fixed a regression by inserting vers ... oval:org.secpod.oval:def:89050927 This update for permissions fixes the following issues: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary . - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links . - Fix ... oval:org.secpod.oval:def:89050832 This update for dnsmasq fixes the following issues: Security issues fixed: - CVE-2019-14834: Fixed a memory leak which could have allowed to remote attackers to cause denial of service via DHCP response creation - CVE-2017-15107: Fixed a vulnerability in DNSSEC implementation. Processing of wildcar ... oval:org.secpod.oval:def:89050894 This update for postgresql fixes the following issues: - Changed permissions, so that the directory can only be used by users in the postgres group . - Moved bash profile out of /var/lib to allow transactional updates . oval:org.secpod.oval:def:89050640 This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an arbitrary command execution . oval:org.secpod.oval:def:89050825 This update for mariadb to version 10.2.29 fixes the following issues: MariaDB was updated to 10.2.29 Security issues fixed: - CVE-2019-2737: Fixed an issue where could lead a remote attacker to cause denial of service - CVE-2019-2938: Fixed an issue where could lead a remote attacker to cause deni ... oval:org.secpod.oval:def:89050692 This update for xen fixes the following issues: - CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm . - CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 . - CVE-2019-19583: Fixed improper checks which could have allowed HVM ... oval:org.secpod.oval:def:89050877 This update for shibboleth-sp fixes the following issues: Security issue fixed: - CVE-2019-19191: Fixed escalation to root by fixing ownership of log files . oval:org.secpod.oval:def:89050538 This update for elfutils fixes the following issues: Security issues fixed: - CVE-2017-7607: Fixed a heap-based buffer overflow in handle_gnu_hash - CVE-2017-7608: Fixed a heap-based buffer overflow in ebl_object_note_type_name - CVE-2017-7609: Fixed a memory allocation failure in __libelf_decompr ... oval:org.secpod.oval:def:89050557 This update for gnutls fixes the following issues: Security issue fixed: - CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification . Non-security issue fixed: - Explicitly require libnettle 3.4.1 to prevent missing symbol errors . oval:org.secpod.oval:def:89050565 This update for mariadb and mariadb-connector-c fixes the following issues: mariadb: - Update to version 10.2.25 - CVE-2019-2628: Fixed a remote denial of service by an privileged attacker . - CVE-2019-2627: Fixed another remote denial of service by an privileged attacker . - CVE-2019-2614: Fixed a ... oval:org.secpod.oval:def:89050585 This update for gnutls fixes to version 3.6.7 the following issues: Security issued fixed: - CVE-2019-3836: Fixed an invalid pointer access via malformed TLS1.3 async messages . - CVE-2019-3829: Fixed a double free vulnerability in the certificate verification API . - CVE-2018-16868: Fixed Bleichenb ... oval:org.secpod.oval:def:89050592 This update for sssd fixes the following issues: Security vulnerability addresed: - CVE-2019-3811: Fix fallback_homedir returning "/" for empty home directories Other bug fixes and changes: - Install logrotate configuration - Align systemd service file with upstream, run interactive and change ser ... oval:org.secpod.oval:def:89050607 This update for gcc7 to r275405 fixes the following issues: Security issues fixed: - CVE-2019-14250: Fixed an integer overflow in binutils . - CVE-2019-15847: Fixed an optimization in the POWER9 backend of gcc that could reduce the entropy of the random number generator . Non-security issue fixed: - ... oval:org.secpod.oval:def:89050632 This update for NetworkManager fixes the following issues: Following security issue was fixed: - CVE-2018-1000135: A potential leak of private DNS queries to other DNS servers could happen while on VPN . oval:org.secpod.oval:def:89050645 This update for wireshark to version 2.4.12 fixes the following issues: Security issues fixed: - CVE-2019-5717: Fixed a denial of service in the P_MUL dissector - CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors - CVE-2019-5719: Fixed a denial of service in the I ... oval:org.secpod.oval:def:89050647 This update for libqt5-qtbase provides the following fixes: Security issues fixed: - CVE-2018-15518: Fixed double free in QXmlStreamReader - CVE-2018-19873: Fixed Denial of Service on malformed BMP file in QBmpHandler Non-security issues fixed: - Fix dynamic loading of libGL. - Make sure printer ... oval:org.secpod.oval:def:89050648 This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-12450: Fixed an improper file permission when copy operation takes place . Other issue addressed: - glib2 was handling an UNKNOWN connectivity state from NetworkManager as if there was a connection thus giving false p ... oval:org.secpod.oval:def:89050669 This update for avahi fixes the following issues: Security issue fixed: - CVE-2018-1000845: Fixed DNS amplification and reflection to spoofed addresses oval:org.secpod.oval:def:89050676 This update for bind fixes the following issues: Security issues fixed: - CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones . - CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupporte ... oval:org.secpod.oval:def:89050689 This update for wireshark to version 2.4.15 fixes the following issues: Security issue fixed: - Fixed a denial of service in the dissection engine . oval:org.secpod.oval:def:89050690 This update for wireshark to version 2.4.13 fixes the following issues: Security issues fixed: - CVE-2019-9214: Avoided a dereference of a null coversation which could make RPCAP dissector crash . - CVE-2019-9209: Fixed a buffer overflow in time values which could make ASN.1 BER and related dissecto ... oval:org.secpod.oval:def:89050691 This update for samba fixes the following issues: - CVE-2019-14861: Fixed a DNSServer RPC server crash, that allowed an authenticated user to crash the DCE/RPC DNS management server by creating records with matching the zone name . - CVE-2019-14870: Fixed a DelegationNotAllowed not being enforced . oval:org.secpod.oval:def:89050695 This update for webkit2gtk3 to version 2.22.5 fixes the following issues: Security issues fixed: - CVE-2018-4372, CVE-2018-4345, CVE-2018-4386, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382, CVE-2018-4392, CVE-2018-4416, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-20 ... oval:org.secpod.oval:def:89050702 This update for ghostscript version 9.26a fixes the following issues: Security issue fixed: - CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators oval:org.secpod.oval:def:89050704 This update for webkit2gtk3 to version 2.24.0 fixes the following issue: Security issue fixed: - CVE-2019-8375: Fixed an issue in UIProcess subsystem which could allow the script dialog size to exceed the web view size leading to Buffer Overflow or other unspecified impact . oval:org.secpod.oval:def:89050714 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . ldb was updated to version 1.2.4 : - Out of bound read in ldb_wildcard_compare - Hold at ... oval:org.secpod.oval:def:89050721 This update for util-linux and shadow fixes the following issues: util-linux: - Fixed an issue where PATH settings in /etc/default/su being ignored - Prevent outdated pam files . - Do not trim read-only volumes . - Integrate pam_keyinit pam module to login . - Perform one-time reset of /etc/default ... oval:org.secpod.oval:def:89050744 This update for libxml2 doesn"t fix any additional security issues, but correct its rpm changelog to reflect all CVEs that have been fixed over the past. oval:org.secpod.oval:def:89050749 This update for samba fixes the following issues: Security issues fixed: - CVE-2019-14847: User with "get changes" permission can crash AD DC LDAP server via dirsync . - CVE-2019-10218: Client code can return filenames containing path separators . - CVE-2019-14833: Fixed Accent with "check script pa ... oval:org.secpod.oval:def:89050759 This update for ceph version 13.2.4 fixes the following issues: Security issues fixed: - CVE-2018-14662: Fixed an issue with LUKS "config-key" safety - CVE-2018-10861: Fixed an authorization bypass on OSD pool ops in ceph-mon - CVE-2018-1128: Fixed signature check bypass in cephx - CVE-2018-1129: ... oval:org.secpod.oval:def:89050783 This update for bind fixes the following issues: Security issue fixed: - CVE-2019-6471: Fixed a reachable assert in dispatch.c. Non-security issue fixed: - bind will no longer rely on /etc/insserv.conf oval:org.secpod.oval:def:89050798 This update for wireshark to version 2.4.14 fixes the following issues: Security issues fixed: - CVE-2019-10895: NetScaler file parser crash. - CVE-2019-10899: SRVLOC dissector crash. - CVE-2019-10894: GSS-API dissector crash. - CVE-2019-10896: DOF dissector crash. - CVE-2019-10901: LDSS dissector c ... oval:org.secpod.oval:def:89050803 This update libreoffice and libraries fixes the following issues: LibreOffice was updated to 6.3.3 , bringing many bug and stability fixes. More information for the 6.3 release at: https://wiki.documentfoundation.org/ReleaseNotes/6.3 Security issue fixed: - CVE-2019-9853: Fixed an issue where by exe ... oval:org.secpod.oval:def:89050804 This update for sssd fixes the following issues: Security issue fixed: - CVE-2018-16838: Fixed an authentication bypass related to the Group Policy Objects implementation . Non-security issues fixed: - Allow defaults sudoRole without sudoUser attribute - Missing GPOs directory could have led to log ... oval:org.secpod.oval:def:89050844 This update for libqt5-qtbase fixes the following issues: Security issues fixed: - CVE-2018-19872: Fixed an issue which could allow a division by zero leading to crash . - CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service when opening crafted gif files ... oval:org.secpod.oval:def:89050869 This update includes the GNU Compiler Collection 9. A full changelog is provided by the GCC team on: https://www.gnu.org/software/gcc/gcc-9/changes.html The base system compiler libraries libgcc_s1, libstdc++6 and others are now built by the gcc 9 packages. To use it, install "gcc9" or "gcc9-c++" or ... oval:org.secpod.oval:def:89050882 This update for webkit2gtk3 to version 2.22.6 fixes the following issues : Security vulnerabilities fixed: - CVE-2018-4437: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. - CVE-2018-443 ... oval:org.secpod.oval:def:89050886 This update for wireshark to version 2.4.16 fixes the following issues: Security issue fixed: - CVE-2019-13619: ASN.1 BER and related dissectors crash . oval:org.secpod.oval:def:89050901 This update for yubico-piv-tool fixes the following issues: Security issues fixed: - Fixed an buffer overflow and an out of bounds memory read in ykpiv_transfer_data, which could be triggered by a malicious token. - Fixed an buffer overflow and an out of bounds memory read in _ykpiv_fetch_object, w ... oval:org.secpod.oval:def:89044208 This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-239 ... oval:org.secpod.oval:def:89046010 This update for tomcat fixes the following issues: - CVE-2022-23181: Fixed time of check, time of use vulnerability that allowed local privilege escalation oval:org.secpod.oval:def:89049776 This update for cups fixes the following issues: Security issue fixed: - CVE-2018-4700: Fixed extremely predictable cookie generation that is effectively breaking the CSRF protection of the CUPS web interface . oval:org.secpod.oval:def:89050636 This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match . - CVE-2009-5155: Fixed a denial of service in parse_reg_exp . Non-security issues fixed: - Does no longer compres ... oval:org.secpod.oval:def:89046015 This update for nodejs8 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe . - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite . - CVE-2021-32804: Fixed insufficient absolute path s ... oval:org.secpod.oval:def:89046007 This update for nodejs8 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe . - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite . - CVE-2021-32804: Fixed insufficient absolute path s ... oval:org.secpod.oval:def:89049721 This update for samba fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-1139: Disable NTLMv1 auth if smb.conf doesn"t allow it; - CVE-2018-1140: ldbsearch "" and DNS query with escapes crashes; - CVE-2018-10919: Confidential attribute disclosure via substrin ... oval:org.secpod.oval:def:89049777 This update for qemu fixes the following issues: Security issue fixed: - CVE-2018-16847: Fixed an out of bounds r/w buffer access in cmb operations . Non-security issue fixed: - Fixed serial console issue in SLES 12 SP2 that triggered a qemu-kvm bug . oval:org.secpod.oval:def:89049637 This update for rpm fixes the following issues: This security vulnerability was fixed: - CVE-2017-7500: Fixed symlink attacks during RPM installation oval:org.secpod.oval:def:89048033 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ... oval:org.secpod.oval:def:89047799 This update for libtasn1 fixes the following issues: - CVE-2021-46848: Fixed off-by-one array size check that affects asn1_encode_simple_der oval:org.secpod.oval:def:89046993 This update for dpdk fixes the following issues: - CVE-2022-2132: Fixed DoS when a vhost header crosses more than two descriptors and exhausts all mbufs . oval:org.secpod.oval:def:89046051 This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c . oval:org.secpod.oval:def:89046060 This update for wpa_supplicant fixes the following issues: - CVE-2022-23303: Fixed side-channel attacks in SAE . - CVE-2022-23304: Fixed side-channel attacks in EAP-pwd . oval:org.secpod.oval:def:89047714 This update for jdom fixes the following issues: - CVE-2021-33813: Fixed XXE issue in SAXBuilder can cause a denial of service via a crafted HTTP request . oval:org.secpod.oval:def:89000412 This update for mariadb and mariadb-connector-c fixes the following issues: - Update mariadb to 10.2.36 GA [bsc#1177472, bsc#1178428] fixing for the following security vulnerabilities: CVE-2020-14812, CVE-2020-14765, CVE-2020-14776, CVE-2020-14789 CVE-2020-15180 - Update mariadb-connector-c to 3.1.1 ... oval:org.secpod.oval:def:89000182 This update for flac fixes the following issues: - CVE-2020-0499: Fixed an out-of-bounds access . oval:org.secpod.oval:def:89000326 This update for mariadb-connector-c fixes the following issues: Security issue fixed: - CVE-2020-13249: Fixed an improper validation of OK packets received from clients . Non-security issues fixed: - Update to release 3.1.8 * CONC-304: Rename the static library to libmariadb.a and other libmariadb ... oval:org.secpod.oval:def:89000480 This update for dovecot23 fixes the following issues: Security issues fixed: - CVE-2020-10957: Fixed a crash caused by malformed NOOP commands . - CVE-2020-10958: Fixed a use-after-free when receiving too many newlines . - CVE-2020-10967: Fixed a crash in the lmtp and submission components caused by ... oval:org.secpod.oval:def:89000641 This update for unbound fixes the following issues: - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target . - CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers could ... oval:org.secpod.oval:def:89046098 This update for tcpdump fixes the following issues: - CVE-2018-16301: Fixed segfault when handling large files . oval:org.secpod.oval:def:89049765 This update for yast2-rmt to version 1.1.12 fixes the following issues: Security issue fixed: - CVE-2018-17957: Secure MySQL credentials by not exposing them on the command line oval:org.secpod.oval:def:89049726 This update for pam fixes the following issue: Security issue fixed: - CVE-2018-17953: Fixed IP address and subnet handling of pam_access.so that was not honoured correctly when a single host was specified . oval:org.secpod.oval:def:89049594 This update for axis fixes the following security issue: - CVE-2018-8032: Prevent cross-site scripting attack in the default servlet/services . oval:org.secpod.oval:def:89049698 This update for fuse fixes the following issues: - CVE-2018-10906: fusermount was vulnerable to a restriction bypass when SELinux is active. This allowed non-root users to mount a FUSE file system with the "allow_other" mount option regardless of whether "user_allow_other" is set in the fuse configu ... oval:org.secpod.oval:def:89049742 This update for apache2 fixes the following issues: The following security vulnerabilities were fixed: - CVE-2018-1333: Fixed a worker exhaustion that could have lead to a denial of service via specially crafted HTTP/2 requests . - CVE-2018-8011: Fixed a null pointer dereference in mod_md, which cou ... oval:org.secpod.oval:def:89049763 This update for postgresql10 fixes the following issues: PostgreSQL 10 was updated to 10.5: - https://www.postgresql.org/about/news/1851/ - https://www.postgresql.org/docs/current/static/release-10-5.html A dump/restore is not required for those running 10.X. However, if you use the adminpack extens ... oval:org.secpod.oval:def:89049758 This update for libzypp, zypper, libsolv provides the following fixes: Security fixes in libzypp: - CVE-2018-7685: PackageProvider: Validate RPMs before caching - CVE-2017-9269: Be sure bad packages do not stay in the cache Changes in libzypp: - Update to version 17.6.4 - Automatically fetch repos ... oval:org.secpod.oval:def:89049657 This update for binutils to version 2.31 fixes the following issues: These security issues were fixed: - CVE-2017-15996: readelf allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted ELF file that triggered a buffer overflow on fuzzed archive ... oval:org.secpod.oval:def:89049723 This update for cairo fixes the following issues: The following security vulnerability was addressed: - CVE-2017-9814: Fixed and out-of-bounds read in cairo-truetype-subset.c by replacing the malloc implementation with _cairo_malloc and checking the size before memory allocation oval:org.secpod.oval:def:89046074 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89046097 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:89046747 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89047013 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ... oval:org.secpod.oval:def:89047760 This update for MozillaFirefox fixes the following issues: - Updated to version 102.4.0 ESR - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.pri ... oval:org.secpod.oval:def:89047727 This update for tiff fixes the following issues: - CVE-2022-2519: Fixed a double free in rotateImage . - CVE-2022-2520: Fixed a assertion failure in rotateImage . - CVE-2022-2521: Fixed invalid free in TIFFClose . - CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c . - CVE-2022-2868: F ... oval:org.secpod.oval:def:89046903 This update for bluez fixes the following issues: - CVE-2019-8922: Fixed a buffer overflow in the implementation of the Service Discovery Protocol . oval:org.secpod.oval:def:89047954 This update for nginx fixes the following issues: - CVE-2021-3618: Fixed the ALPACA attack limiting the number of errors after which the connection is closed . oval:org.secpod.oval:def:89047009 This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack . - Added hardening to systemd services . Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled . - Allowed wait4 to be called so that the broker can wait for its child ... oval:org.secpod.oval:def:89002975 This update for tigervnc fixes the following issues: - CVE-2020-26117: Server certificates were stored as certiticate authorities, allowing malicious owners of these certificates to impersonate any server after a client had added an exception oval:org.secpod.oval:def:89047747 This update for multipath-tools fixes the following issues: - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. - Avoid linking to libreadline to avoid licensing issue oval:org.secpod.oval:def:89049705 This update for wireshark fixes vulnerabilities that could be used to trigger dissector crashes or cause dissectors to go into large infinite loops by making Wireshark read specially crafted packages from the network or capture files . This includes: - CVE-2018-11356: DNS dissector crash - CVE-2018- ... oval:org.secpod.oval:def:89049773 This update for wireshark fixes the following issues: Security issues fixed: - CVE-2018-14342: BGP dissector large loop - CVE-2018-14344: ISMP dissector crash - CVE-2018-14340: Multiple dissectors could crash - CVE-2018-14343: ASN.1 BER dissector crash - CVE-2018-14339: MMSE dissector infinite l ... oval:org.secpod.oval:def:89049736 This update for wireshark to version 2.4.9 fixes the following issues: Security issues fixed : - CVE-2018-16058: Bluetooth AVDTP dissector crash - CVE-2018-16056: Bluetooth Attribute Protocol dissector crash - CVE-2018-16057: Radiotap dissector crash Further bug fixes and updated protocol support ... oval:org.secpod.oval:def:89046075 This update for wireshark fixes the following issues: Update to Wireshark 3.6.2: - CVE-2022-0586: RTMPT dissector infinite loop - CVE-2022-0585: Large loops in multiple dissectors - CVE-2022-0583: PVFS dissector crash - CVE-2022-0582: CSN.1 dissector crash - CVE-2022-0581: CMS dissector crash oval:org.secpod.oval:def:89000114 This update for nodejs10 fixes the following issues: - nodejs10 was updated to 10.22.1 LTS: - CVE-2020-8252: Fixed a buffer overflow in realpath . - CVE-2020-15095: Fixed an information leak through log files . - Explicitly add -fno-strict-aliasing to CFLAGS to fix compilation on Aarch64 with gcc10 oval:org.secpod.oval:def:89048038 This update for wireshark fixes the following issues: Update to version 3.6.10: - CVE-2022-3725: OPUS dissector crash . - Multiple dissector infinite loops . - Kafka dissector memory exhaustion . oval:org.secpod.oval:def:89047025 This update for webkit2gtk3 fixes the following issues: - CVE-2022-32893: Fixed processing maliciously crafted web content may lead to arbitrary code execution . Bugfixes: - Fixed WebKitGTK not allowing to be used from non-main threads . oval:org.secpod.oval:def:89046082 This update for zsh fixes the following issues: - CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion . - CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option . oval:org.secpod.oval:def:89046102 This update for python-libxml2-python fixes the following issues: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes . oval:org.secpod.oval:def:89050611 This update for axis fixes the following issues: Security issue fixed: - CVE-2012-5784, CVE-2014-3596: Fixed missing connection hostname check against X.509 certificate name . oval:org.secpod.oval:def:89050808 This update for libreoffice and libraries fixes the following issues: LibreOffice was updated to 6.2.5.2 , bringing lots of bug and stability fixes. Additional bugfixes: - If there is no firebird engine we still need java to run hsqldb - PPTX: Rectangle turns from green to blue and loses transparen ... oval:org.secpod.oval:def:89047709 This update fixes the following issues: dracut-saltboot: - Update to version 0.1.1661440542.6cbe0da * Use standard susemanager.conf * Move image services to dracut-saltboot package * Use salt bundle golang-github-lusitaniae-apache_exporter: - Update to upstream release 0.11.0 * Add TLS support * Sw ... oval:org.secpod.oval:def:89046910 This update for postgresql10 fixes the following issues: - Upgrade to 10.22: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to 10.21: - CVE-2022-1552: Confined additional operations within security restricted operation sandbo ... oval:org.secpod.oval:def:89048016 This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags . oval:org.secpod.oval:def:89049599 This update for sssd fixes the following security issue: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users . oval:org.secpod.oval:def:89049702 This update for zziplib fixes the following issues: - CVE-2018-17828: Remove any "../" components from pathnames of extracted files to avoid path traversal during unpacking oval:org.secpod.oval:def:89049685 This update for libvorbis fixes the following issues: The following security issue was fixed: - Fixed the validation of channels in mapping0_forward, which previously allowed remote attackers to cause a denial of service via specially crafted files oval:org.secpod.oval:def:89049592 This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-1116: Fix uid comparison lacking in polkit_backend_interactive_authority_check_authorization . oval:org.secpod.oval:def:89000429 This update for python3 fixes the following issues: - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service . oval:org.secpod.oval:def:89049714 This update for squid fixes the following issues: Security issues fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling . - CVE-2018-19132: Fixed small memory leak in processing of SNMP packets . Non-security issues fixed: - Create runtime directories needed whe ... oval:org.secpod.oval:def:89049659 This update for perl fixes the following issues: Secuirty issues fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment . - CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun . - CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars . - CVE-20 ... oval:org.secpod.oval:def:89049771 This update for spice-gtk fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling - CVE-2018-10893: Avoid buffer overflow on image lz checks Other bugs fixed: - Add setuid bit to spice-client-glib-usb-acl-helper oval:org.secpod.oval:def:89000491 This update for glibc fixes the following issues: - CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution . oval:org.secpod.oval:def:89049673 This update for spice fixes the following issues: Security issues fixed: - CVE-2018-10873: Fix potential heap corruption when demarshalling - CVE-2018-10893: Avoid buffer overflow on image lz checks oval:org.secpod.oval:def:89049639 This update for curl fixes the following issues: - CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes - CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes - CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c ... oval:org.secpod.oval:def:89049753 This update for glibc fixes the following security issues: - CVE-2017-18269: An SSE2-optimized memmove implementation for i386 did not correctly perform the overlapping memory check if the source memory range spaned the middle of the address space, resulting in corrupt data being produced by the cop ... oval:org.secpod.oval:def:89049728 This update for tiff fixes the following security issues: These security issues were fixed: - CVE-2017-18013: Fixed a NULL pointer dereference in the tif_print.cTIFFPrintDirectory function that could have lead to denial of service . - CVE-2018-10963: Fixed an assertion failure in the TIFFWriteDirect ... oval:org.secpod.oval:def:89049712 This update for openslp fixes the following issues: - CVE-2017-17833: Prevent heap-related memory corruption issue which may have manifested itself as a denial-of-service or a remote code-execution vulnerability - Prevent out of bounds reads in message parsing oval:org.secpod.oval:def:89049668 This update for webkit2gtk3 to version 2.20.3 fixes the following issues: These security issues were fixed: - CVE-2018-4190: An unspecified issue allowed remote attackers to obtain sensitive credential information that is transmitted during a CSS mask-image fetch . - CVE-2018-4199: An unspecified is ... oval:org.secpod.oval:def:89049778 This update for perl-Archive-Zip fixes the following security issue: - CVE-2018-10860: Prevent directory traversal caused by not properly sanitizing paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could have used this flaw to write or overwrit ... oval:org.secpod.oval:def:89049655 This update for perl fixes the following issues: - CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files oval:org.secpod.oval:def:89049629 This update for clamav to version 0.100.1 fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-0360: HWP integer overflow, infinite loop vulnerability - CVE-2018-0361: PDF object length check, unreasonably long time to parse relatively small file - Buffer o ... oval:org.secpod.oval:def:89049741 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth . oval:org.secpod.oval:def:89049760 This update for zsh to version 5.5 fixes the following issues: Security issues fixed: - CVE-2018-1100: Fixes a buffer overflow in utils.c:checkmailpath that can lead to local arbitrary code execution - CVE-2018-1071: Fixed a stack-based buffer overflow in exec.c:hashcmd - CVE-2018-1083: Fixed a st ... oval:org.secpod.oval:def:89049759 This update for gpg2 fixes the following security issue: - CVE-2018-12020: GnuPG mishandled the original filename during decryption and verification actions, which allowed remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option ... oval:org.secpod.oval:def:89049633 This update for ghostscript fixes the following issues: - CVE-2018-10194: The set_text_distance function did not prevent overflows in text-positioning calculation, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document . oval:org.secpod.oval:def:89049695 This update for glib2 fixes the following issues: Security issues fixed: - CVE-2018-16428: Do not do a NULL pointer dereference . Avoid that, at the cost of introducing a new translatable error message . - CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse . Non-se ... oval:org.secpod.oval:def:89049597 This update for webkit2gtk3 to version 2.20.5 fixes the following issues: Security issue fixed: - CVE-2018-12911: Fix off-by-one in xdg_mime_get_simple_globs . - CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4267, CVE-2018-4272, CVE-2018-4284: Processing malicio ... oval:org.secpod.oval:def:89049700 This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. - CVE-2018-15686: A vulnerability in unit_deserialize of systemd ... oval:org.secpod.oval:def:89049718 This update for gnutls fixes the following security issues: - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery - CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirteen attack due t ... oval:org.secpod.oval:def:89049717 This update for libssh fixes the following issues: - CVE-2018-10933: Fixed a server mode authentication bypass . oval:org.secpod.oval:def:89049713 This update for net-snmp fixes the following issues: Security issues fixed: - CVE-2018-18065: _set_key in agent/helpers/table_container.c had a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Deni ... oval:org.secpod.oval:def:89049669 This update for curl fixes the following issues: This security issue was fixed: - CVE-2018-14618: Prevent integer overflow in the NTLM authentication code This non-security issue was fixed: - Use OPENSSL_config instead of CONF_modules_load_file to avoid crashes due to openssl engines conflicts oval:org.secpod.oval:def:89049780 This update for libxkbcommon to version 0.8.2 fixes the following issues: - Fix a few NULL-dereferences, out-of-bounds access and undefined behavior in the XKB text format parser. - CVE-2018-15853: Endless recursion could have been used by local attackers to crash xkbcommon users by supplying a craf ... oval:org.secpod.oval:def:89049656 This update for samba fixes the following issues: Update to samba version 4.7.11. Security issues fixed: - CVE-2018-14629: Fixed CNAME loops in Samba AD DC DNS server . - CVE-2018-16841: Fixed segfault on PKINIT when mis-matching principal . - CVE-2018-16851: Fixed NULL pointer de-reference in Samba ... oval:org.secpod.oval:def:89049682 This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues: Issues fixed in MozillaFirefox: - Update to Firefox ESR 60.4 - CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 - CVE-2018-18492: Fixed a use-after-free with ... oval:org.secpod.oval:def:89049678 This update for wpa_supplicant provides the following fixes: This security issues was fixe: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the v ... oval:org.secpod.oval:def:89049674 This update for libarchive fixes the following issues: - CVE-2017-14501: An out-of-bounds read flaw existed in parse_file_info in archive_read_support_format_iso9660.c when extracting a specially crafted iso9660 iso file, related to archive_read_format_iso9660_read_header. - CVE-2017-14502: read_he ... oval:org.secpod.oval:def:89049670 This update for libgcrypt fixes the following issue: The following security issue was fixed: - CVE-2018-0495: Fixed a novel side-channel attack, by enabling blinding for ECDSA signatures oval:org.secpod.oval:def:89049628 This update for zsh to version 5.6 fixes the following security issues: - CVE-2018-0502: The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line . - CVE-2018-13259: Shebang lines exceeding 64 characters were truncated, potentially ... oval:org.secpod.oval:def:89049623 This update for libX11 fixes the following security issues: - CVE-2018-14599: The function XListExtensions was vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact - CVE-2018-14600: The function XListExtensions interpreted a var ... oval:org.secpod.oval:def:89049750 This update for clamav fixes the following issues: clamav was updated to version 0.100.2. Following security issues were fixed: - CVE-2018-15378: Vulnerability in ClamAV"s MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service condition on an affecte ... oval:org.secpod.oval:def:89049782 This update for LibreOffice, libepubgen, liblangtag, libmwaw, libnumbertext, libstaroffice, libwps, myspell-dictionaries, xmlsec1 fixes the following issues: LibreOffice was updated to 6.1.3.2 and contains new features and lots of bugfixes: The full changelog can be found on: https://wiki.documentf ... oval:org.secpod.oval:def:89049652 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-12900: Fixed heap-based buffer overflow in the cpSeparateBufToContigBuf . - CVE-2018-18661: Fixed NULL pointer dereference in the function LZWDecode in the file tif_lzw.c . - CVE-2018-18557: Fixed JBIG decode can lead ... oval:org.secpod.oval:def:89000098 This update for icu fixes the following issues: - CVE-2020-10531: Fixed a potential integer overflow in UnicodeString:doAppend . oval:org.secpod.oval:def:89000087 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53 - CVE-2020-12399: Fixed a timing attack on DSA signature generation . - CVE-2019-17006: Added length checks for cryptographic primitives . Release notes: https://developer.mozilla.org/en-US/ ... oval:org.secpod.oval:def:89000103 This update for java-1_8_0-openjdk to version jdk8u252 fixes the following issues: - CVE-2020-2754: Forward references to Nashorn - CVE-2020-2755: Improve Nashorn matching - CVE-2020-2756: Better mapping of serial ENUMs - CVE-2020-2757: Less Blocking Array Queues - CVE-2020-2773: Better signatur ... oval:org.secpod.oval:def:89000456 This update for git fixes the following issues: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host . oval:org.secpod.oval:def:89000568 This update for java-11-openjdk fixes the following issues: Java was updated to jdk-11.0.7+10 . Security issues fixed: - CVE-2020-2754: Fixed an incorrect handling of regular expressions that could have resulted in denial of service . - CVE-2020-2755: Fixed an incorrect handling of regular expressio ... oval:org.secpod.oval:def:89049774 This update for tcpdump fixes the following issues: Security issues fixed: - CVE-2018-19519: Fixed a stack-based buffer over-read in the print_prefix function oval:org.secpod.oval:def:89000133 This update for nginx fixes the following issues: nginx was updated to 1.16.1 - Added TLS 1.3 support - Replaced obsolete GeoIP module with MaxMinDB-based GeoIP2 - Started nginx after network is online - CVE-2019-20372: Fixed an HTTP request smuggling with certain error_page configurations which ... oval:org.secpod.oval:def:89000613 This update for libX11 fixes the following issues: - CVE-2020-14363: Fix an integer overflow in init_om . oval:org.secpod.oval:def:89000556 This update for tomcat fixes the following issues: - Update to Tomcat 9.0.35. See changelog at oval:org.secpod.oval:def:89000536 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows . oval:org.secpod.oval:def:89000239 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows oval:org.secpod.oval:def:89000587 This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol . - Add fibre channel device"s ofpath support to grub-ofpathname and search hint to speed up root device discovery . oval:org.secpod.oval:def:89000240 This update for dovecot23 fixes the following issues: - CVE-2020-12673: improper implementation of NTLM does not check message buffer size . - CVE-2020-12674: improper implementation of RPA mechanism . oval:org.secpod.oval:def:89000070 This update for mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53.1 - CVE-2020-12402: Fixed a potential side channel attack during RSA key generation - Fixed various FIPS issues in libfreebl3 which were causing segfaults in the test suite of chrony . oval:org.secpod.oval:def:89049693 This update for unzip fixes the following issues: - CVE-2014-9636: Prevent denial of service via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression - CVE-2018-1000035: Prevent heap-based buffer overflow in the ... oval:org.secpod.oval:def:89000676 This update for vim fixes the following issues: - CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces . oval:org.secpod.oval:def:89000302 This update for openssl-1_0_0 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . - Initialized dh-gt;nid to NID_undef in DH_new_method . - Fixed a test failure in apache_ssl in fips mode . - Renamed BN_get_rfc3526_prime_* functions back to get_rfc3526_pri ... oval:org.secpod.oval:def:89000356 This update for gstreamer-plugins-base fixes the following issue: Security issue fixed: - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser . oval:org.secpod.oval:def:89000279 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . - CVE-2019-20382: Fixed a potential DoS due to a memory leak in VNC disconnect . - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code ... oval:org.secpod.oval:def:89000188 This update for openssl-1_1 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:89000162 This update for openldap2 fixes the following issues: - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules . oval:org.secpod.oval:def:89048049 This update for xorg-x11-server fixes the following issues: - CVE-2022-46340: Server XTestSwapFakeInput stack overflow - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access - CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free - CVE-2022-46343: Server ScreenSaverSetAttribute ... oval:org.secpod.oval:def:89048093 This update for ffmpeg fixes the following issues: - CVE-2022-3109: Fixed null pointer dereference in vp3_decode_frame . - CVE-2020-22042: Fixed a denial of service vulnerability led by a memory leak in the link_filter_inouts function in libavfilter/graphparser.c. - CVE-2021-38094: Fixed an integer ... oval:org.secpod.oval:def:89045585 This update for ffmpeg fixes the following issues: - CVE-2019-9721: Fixed a denial of service in the subtitle decoder in handle_open_brace from libavcodec/htmlsubtitles.c . - CVE-2020-22046: Fixed a denial of service vulnerability due to a memory leak in the avpriv_float_dsp_allocl function in libav ... oval:org.secpod.oval:def:89046727 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass authentication when using PAM oval:org.secpod.oval:def:89046728 This update for liblouis fixes the following issues: - CVE-2022-26981: fix buffer overrun in compilePassOpcode . - CVE-2022-31783: prevent an invalid memory write in compileRule . oval:org.secpod.oval:def:89050494 This update for log4j fixes the following issues: - CVE-2019-17571: Fixed a remote code execution by deserialization of untrusted data in SocketServer . oval:org.secpod.oval:def:89047046 This update for flatpak fixes the following issues: - CVE-2021-41133: Fixed sandbox bypass via recent syscalls . oval:org.secpod.oval:def:89000629 This update for salt fixes the following issues: - Fix CVE-2020-11651 and CVE-2020-11652 oval:org.secpod.oval:def:89049635 This update for salt fixes the following issues: Security issues fixed: - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api . - CVE-2018-15751: Fixed remote authentication bypass in salt-api that allows to execute arbitrary commands . Non-security issues fixed: - Improved handling ... oval:org.secpod.oval:def:89049722 This update for tiff fixes the following issues: Security issues fixed: - CVE-2018-19210: Fixed NULL pointer dereference in the TIFFWriteDirectorySec function . - CVE-2017-12944: Fixed denial of service issue in the TIFFReadDirEntryArray function . - CVE-2016-10094: Fixed heap-based buffer overflow ... oval:org.secpod.oval:def:89047798 This update for telnet fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in telnetd . oval:org.secpod.oval:def:89050283 This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice . - CVE-2019-19604: Fixed a recursive clone followed by a su ... oval:org.secpod.oval:def:89045772 This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos . - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members . oval:org.secpod.oval:def:89049649 This update for util-linux fixes the following security issue: - CVE-2018-7738: Fix local vulnerability using embedded shell commands in a mountpoint name oval:org.secpod.oval:def:89045529 This update for nodejs8 fixes the following issues: - CVE-2021-22930: http2: fixes use after free on close in stream canceling . oval:org.secpod.oval:def:89002979 This update for bind fixes the following issues: BIND was upgraded to version 9.16.6: Note: - bind is now more strict in regards to DNSSEC. If queries are not working, check for DNSSEC issues. For instance, if bind is used in a namserver forwarder chain, the forwarding DNS servers must support DNSSE ... oval:org.secpod.oval:def:89047000 This update for libgit2 fixes the following issues: - Fixed DoS by oob write in constructed commit object with a very large number of parents . - CVE-2019-1352: Fixed git on Windows being unaware of NTFS Alternate Data Streams . - CVE-2022-24765: Fixed potential command injection via git worktree . ... oval:org.secpod.oval:def:89048035 This update for tiff fixes the following issues: - CVE-2022-3570: Fixed heap buffer overflows in tiffcrop.c . - CVE-2022-3598: Fixed out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c [bsc#1204642] oval:org.secpod.oval:def:89000547 This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 - Fix for CVE-2020-15706 - Fix for CVE-2020-15707 - Use overflow checking primitives where the arithmetic expression for buffer allocations may inclu ... oval:org.secpod.oval:def:89046041 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:89047759 This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA a ... oval:org.secpod.oval:def:89045099 This update for nodejs10 fixes the following issues: Update nodejs10 to 10.24.1. Including fixes for - CVE-2021-22918: libuv upgrade - Out of bounds read - CVE-2021-27290: ssri Regular Expression Denial of Service - CVE-2021-23362: hosted-git-info Regular Expression Denial of Service - CVE-2020-7 ... oval:org.secpod.oval:def:89044213 This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars . oval:org.secpod.oval:def:89049676 This update for libnettle fixes the following issues: Security issues fixed: - CVE-2018-16869: Fixed a leaky data conversion exposing a manager oracle oval:org.secpod.oval:def:89050926 This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues: Changes in ruby2.5: Update to 2.5.5 and 2.5.4: https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/ Security issues fixed: - CVE-2019-832 ... oval:org.secpod.oval:def:89050817 This update for apache2 fixes the following issues: * CVE-2019-0211: A flaw in the Apache HTTP Server allowed less-privileged child processes or threads to execute arbitrary code with the privileges of the parent process. Attackers with control over CGI scripts or extension modules run by the server ... oval:org.secpod.oval:def:89046746 This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash. - CVE-2022-2097: Fixed partial missing encryption in AES OCB mode oval:org.secpod.oval:def:89000211 This update for nodejs8 fixes the following issues: - CVE-2020-8174: Fixed multiple memory corruption in napi_get_value_string_* . - CVE-2020-11080: Fixed a potential denial of service when receiving unreasonably large HTTP/2 SETTINGS frames . - CVE-2020-7598: Fixed an issue which could have tricked ... oval:org.secpod.oval:def:89000193 This update for nodejs10 fixes the following issues: nodejs10 was updated to version 10.21.0 - CVE-2020-8174: Fixed multiple memory corruption in napi_get_value_string_* . - CVE-2020-11080: Fixed a potential denial of service when receiving unreasonably large HTTP/2 SETTINGS frames . - CVE-2020-1053 ... oval:org.secpod.oval:def:89049744 This update for apache2-mod_jk fixes the following issue: Security issue fixed: - CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd . oval:org.secpod.oval:def:89050791 This update for mariadb to version 10.2.22 fixes the following issues: Security issues fixed: - CVE-2019-2510: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Service . - CVE-2019-2537: Fixed a vulnerability which can lead to MySQL compromise and lead to Denial of Serv ... oval:org.secpod.oval:def:89050599 This update for openssl-1_1 fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher"s CAT: Cache Attacks on TLS Implementations - Fix FIPS RSA generator oval:org.secpod.oval:def:89050559 This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend . oval:org.secpod.oval:def:89049595 This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use thi ... oval:org.secpod.oval:def:89049720 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2018-11763: In Apache HTTP Server by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 conne ... oval:org.secpod.oval:def:89049716 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPEND_WRITE . - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c . - CVE-2017-5732: Fixed privilege escalation via pro ... oval:org.secpod.oval:def:89049661 This update for qemu fixes the following issues: This security issue was fixed: - CVE-2018-12617: qmp_guest_file_read had an integer overflow that could have been exploited by sending a crafted QMP command to the agent via the listening socket causing DoS These non-security issues were fixed: - Al ... oval:org.secpod.oval:def:89049779 This update for wireshark fixes the following issues: Update to Wireshark 2.4.11 . Security issues fixed: - CVE-2018-19625: The Wireshark dissection engine could crash - CVE-2018-19626: The DCOM dissector could crash - CVE-2018-19623: The LBMPDM dissector could crash - CVE-2018-19622: The MMSE di ... oval:org.secpod.oval:def:89049772 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2018-5390 aka SegmentSmack: A remote attacker even with relatively low bandwidth could have caused lots of CPU usage by triggering the worst case scenario during IP a ... oval:org.secpod.oval:def:89050638 This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2019-16168: Fixed improper validation of sqlite_stat1 field that could lead to denial of service . oval:org.secpod.oval:def:89049675 This update for xorg-x11-server fixes the following issues: - CVE-2018-14665: Disable -logfile and -modulepath when running with elevated privileges oval:org.secpod.oval:def:89049747 This update for OpenJDK 10.0.2 fixes the following security issues: - CVE-2018-2940: the libraries sub-component contained an easily exploitable vulnerability that allowed attackers to compromise Java SE or Java SE Embedded over the network, potentially gaining unauthorized read access to data that" ... oval:org.secpod.oval:def:89000191 This update for wireshark and libmaxminddb fixes the following issues: Update wireshark to new major version 3.2.2 and introduce libmaxminddb for GeoIP support . New features include: - Added support for 111 new protocols, including WireGuard, LoRaWAN, TPM 2.0, 802.11ax and QUIC - Improved support f ... oval:org.secpod.oval:def:89049734 This update for wireshark fixes the following issues: Wireshark was updated to 2.4.10 . Following security issues were fixed: - CVE-2018-18227: MS-WSP dissector crash - CVE-2018-12086: OpcUA dissector crash Further bug fixes and updated protocol support that were done are listed in: https://www.wi ... oval:org.secpod.oval:def:89050713 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-0160: Fixed multiple buffer overflows in UDF-related codes in MdeModulePkg\Universal\Disk\PartitionDxe\Udf.c and MdeModulePkg\Universal\Disk\UdfDxe . - CVE-2018-12181: Fixed a stack buffer overflow in the HII database ... oval:org.secpod.oval:def:89049647 This update for lcms2 fixes the following issues: - CVE-2018-16435: A integer overflow was fixed in the AllocateDataSet function in cmscgats.c, that could lead to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile oval:org.secpod.oval:def:89050628 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd . - CVE-20 ... oval:org.secpod.oval:def:89050741 This update for openldap2 fixes the following issues: Security issue fixed: - CVE-2019-13565: Fixed an authentication bypass when using SASL authentication and session encryption . - CVE-2019-13057: Fixed an issue with delegated database admin privileges . - CVE-2017-17740: When both the nops module ... oval:org.secpod.oval:def:89050859 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-12180: Fixed a buffer overflow in BlockIo service, which could lead to memory read/write overrun . - CVE-2018-12178: Fixed an improper DNS check upon receiving a new DNS packet . - CVE-2018-3630: Fixed a logic error i ... oval:org.secpod.oval:def:89049756 This update for openssl-1_1 fixes the following issues: Security issues fixed: - CVE-2018-0734: Fixed timing vulnerability in DSA signature generation . - CVE-2018-0735: Fixed timing vulnerability in ECDSA signature generation . oval:org.secpod.oval:def:89048039 This update for containerd fixes the following issues: Update to containerd v1.6.12 including Docker v20.10.21-ce . Also includes the following fix: - CVE-2022-23471: host memory exhaustion through Terminal resize goroutine leak . - CVE-2022-27191: crash in a golang.org/x/crypto/ssh server . oval:org.secpod.oval:def:89000593 This update for squid fixes the following issues: squid was updated to version 4.13: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply . - CVE-2020-15811: Improve Transfer-Encoding handling . - CVE-2020-15810: Enforce token characters for field-name . oval:org.secpod.oval:def:89003022 This update for python-pip fixes the following issues: - CVE-2019-20916: Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000337 This update for python3 fixes the following issues: Update to 3.6.12 , including: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89002985 This update for python-pip fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89050849 This update for squid to version 4.9 fixes the following issues: Security issues fixed: - CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multi ... oval:org.secpod.oval:def:89048034 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u352 : - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows unauthenticated attacker with network access and can cause unauthorized update, insert or delete access via multiple protocols ... oval:org.secpod.oval:def:89045788 This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ... oval:org.secpod.oval:def:89045548 This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u302 - CVE-2021-2341: Improve file transfers. - CVE-2021-2369: Better jar file validation. - CVE-2021-2388: Enhance compiler validation. - CVE-2021-2161: Less ambiguous processing oval:org.secpod.oval:def:89045777 This update for java-11-openjdk fixes the following issues: Update to 11.0.13+8 - CVE-2021-35550, bsc#1191901: Update the default enabled cipher suites preference - CVE-2021-35565, bsc#1191909: com.sun.net.HttpsServer spins on TLS session close - CVE-2021-35556, bsc#1191910: Richer Text Editors - C ... oval:org.secpod.oval:def:89046897 This update for java-1_8_0-openjdk fixes the following issues: - Updated to version jdk8u345 - CVE-2022-21540: Fixed a potential Java sandbox bypass . - CVE-2022-21541: Fixed a potential Java sandbox bypass . - CVE-2022-34169: Fixed an issue where arbitrary bytecode could be executed via a maliciou ... oval:org.secpod.oval:def:89047711 This update for bluez fixes the following issues: - CVE-2021-0129: Fixed improper access control . - CVE-2020-26558: Fixed vulnerability that may permit a nearby man-in-the-middle attacker to identify the Passkey . - CVE-2019-8921: Fixed heap-based buffer overflow via crafted request . - CVE-2019-89 ... oval:org.secpod.oval:def:89002868 This update for freetype2 fixes the following issues: - CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps . oval:org.secpod.oval:def:89000425 This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server . - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect . - CVE-2020-1938: mod_proxy_ajp: Add quot;secretquot; parameter to proxy ... oval:org.secpod.oval:def:89044022 This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake . - CVE-2019-16255: Fixed a code injection vulnerability of Shell#[] and Shell#test . - CVE-2019-16254: Fixed am HTTP response s ... oval:org.secpod.oval:def:89000392 This update for tomcat to version 9.0.31 fixes the following issues: Security issues fixed: - CVE-2019-17569: Fixed a regression in the handling of Transfer-Encoding headers that would have allowed HTTP Request Smuggling . - CVE-2020-1935: Fixed an HTTP Request Smuggling issue . - CVE-2020-1938: Fix ... oval:org.secpod.oval:def:89049697 This update for git fixes the following issues: - CVE-2018-17456: Git allowed remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a "-" character. . oval:org.secpod.oval:def:89049598 This update for git to version 2.16.4 fixes several issues. These security issues were fixed: - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository oval:org.secpod.oval:def:89047672 This update for libostree fixes the following issues: - CVE-2014-9862: Fixed arbitrary write on heap vulnerability . oval:org.secpod.oval:def:89045578 This update for xerces-c fixes the following issues: - CVE-2018-1311: Fixed use-after-free inside XML parser during the scanning of external DTDs . oval:org.secpod.oval:def:89043956 This update for python-Jinja2 fixes the following issues: - CVE-2020-28493: Fixed a ReDOS vulnerability where urlize could have been called with untrusted user data . oval:org.secpod.oval:def:89049077 This update fixes the following issues: bind: * Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro * There are no source changes dracut-saltboot: * Update to version 0.1.1681904360.84ef141 * Load network configuration even when missing protocol version grafana: * ... oval:org.secpod.oval:def:89046989 This update for freetype2 fixes the following issues: - CVE-2022-27404 Fixed a segmentation fault via a crafted typeface . - CVE-2022-27405 Fixed a buffer overflow via a crafted typeface . - CVE-2022-27406 Fixed a segmentation fault via a crafted typeface . Non-security fixes: - Updated to version 2 ... oval:org.secpod.oval:def:89000221 This update for nodejs8 fixes the following issues: Security issues fixed: - CVE-2019-15604: Fixed a remotely triggerable assertion in the TLS server via a crafted certificate string . - CVE-2019-15605: Fixed an HTTP request smuggling vulnerability via malformed Transfer-Encoding header . - CVE-2019 ... oval:org.secpod.oval:def:89000175 This update for nodejs10 fixes the following issues: nodejs10 was updated to version 10.19.0. Security issues fixed: - CVE-2019-15604: Fixed a remotely triggerable assertion in the TLS server via a crafted certificate string . - CVE-2019-15605: Fixed an HTTP request smuggling vulnerability via malfo ... oval:org.secpod.oval:def:89045111 This update for curl fixes the following issues: - CVE-2021-22925: TELNET stack contents disclosure again. - CVE-2021-22924: Bad connection reuse due to flawed path name checks. - CVE-2021-22923: Insufficiently Protected Credentials. - CVE-2021-22922: Wrong content via metalink not discarded oval:org.secpod.oval:def:89000439 This update for libvirt fixes the following issues: Security issue fixed: - CVE-2020-10703: Fixed a daemon crash caused by pools without target paths . Non-security issues fixed: - apparmor: avoid copying empty profile name . - logging: ensure virtlogd rollover takes priority over logrotate . - qemu ... oval:org.secpod.oval:def:89046053 This update for libcaca fixes the following issues: - CVE-2021-30499: Fixed a memory corruption issue when exporting troff sources . - CVE-2021-30498: Fixed a memory corruption issue when exporting TGA images . - CVE-2021-3410: Fixed an illegal WRITE memory access . oval:org.secpod.oval:def:89047667 This update for curl fixes the following issues: - CVE-2022-32221: Fixed POST following PUT confusion . - CVE-2022-35252: Fixed a potential injection of control characters into cookies . oval:org.secpod.oval:def:89046159 A flaw was found in the way the flags member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cach ... oval:org.secpod.oval:def:89050574 This update for zeromq fixes the following issues: - CVE-2019-13132: An unauthenticated remote attacker could have exploited a stack overflow vulnerability on a server that is supposed to be protected by encryption and authentication to potentially gain a remote code execution. - Correctly mark lic ... oval:org.secpod.oval:def:89046049 This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs . - CVE-2022-25235: Fixed UTF-8 character validation in a certain context . - CVE-2022-25313: Fixed stack exhaustion in build_model via uncontrolled recursi ... oval:org.secpod.oval:def:89003025 This update for samba fixes the following issues: - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records . - CVE-2020-14323: Unprivileged user can crash winbind; . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . oval:org.secpod.oval:def:89050583 This update for bzip2 fixes the following issues: Security issue fixed: - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . oval:org.secpod.oval:def:89050919 This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files . - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . Non-security issues fixed: - Add ... oval:org.secpod.oval:def:89000111 This update for apache2 fixes the following issues: - Enables the patch for CVE-2020-11993 and CVE-2020-9490. The patch was included but not applied in the previous update oval:org.secpod.oval:def:89000277 This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the "Cache-Digest" header in a HTTP/2 request . - CVE-2020-11984: Fixed an information disclosure bug in mod_proxy_uwsgi . - CVE-2020-11993: When trace/debug was enabled for the ... oval:org.secpod.oval:def:89050604 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2018-17189: Fixed a denial of service in mod_http2, via slow and unneeded request bodies - CVE-2018-17199: Fixed that mod_session_cookie did not respect expiry time Non-security issue fixed: - sysconfig.d is not creat ... oval:org.secpod.oval:def:89000270 This update for squid to version 4.11 fixes the following issues: - CVE-2020-11945: Fixed a potential remote code execution vulnerability when using HTTP Digest Authentication . - CVE-2019-12519, CVE-2019-12521: Fixed incorrect buffer handling that can result in cache poisoning, remote execution, an ... oval:org.secpod.oval:def:89048057 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-4378: Fixed stack overflow in __do_proc_dointvec . - CVE-2022-42328: Guests could trigger denial of service via the netback driver . - CVE-2022-42329: Guests c ... oval:org.secpod.oval:def:89047041 The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim"s TCP session . - CVE-2021- ... oval:org.secpod.oval:def:89047691 The SUSE Linux Enterprise 15 kernel was updated. The following security bugs were fixed: - CVE-2022-3303: Fixed a race condition in the sound subsystem due to improper locking . - CVE-2022-41218: Fixed an use-after-free caused by refcount races in drivers/media/dvb-core/dmxdev.c . - CVE-2022-3239: F ... oval:org.secpod.oval:def:89046063 This update for mariadb fixes the following issues: - Update to 10.2.43 : 10.2.43: CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668 CVE-2021-46663 10.2.42: CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048 CVE-2021-46659, bsc#1195339 - The following issues have already been fixe ... oval:org.secpod.oval:def:89045561 This update for mariadb fixes the following issues: Update to version 10.2.40 [bsc#1189320]: - fixes for the following security vulnerabilities: CVE-2021-2372 and CVE-2021-2389 oval:org.secpod.oval:def:89046079 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed: - ... oval:org.secpod.oval:def:89046036 This update for webkit2gtk3 fixes the following issues: Update to version 2.34.6 : - CVE-2022-22620: Processing maliciously crafted web content may have lead to arbitrary code execution. Update to version 2.34.5 : - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - ... oval:org.secpod.oval:def:89048012 This update for nodejs10 fixes the following issues: - CVE-2022-43548: Fixed DNS rebinding in --inspect via invalid octal IP address . oval:org.secpod.oval:def:89046898 This update for nodejs10 fixes the following issues: - CVE-2021-22930, CVE-2021-22940: Fixed two memory corruption issues during HTTP/2 stream cancellation . - CVE-2022-32213, CVE-2022-32214, CVE-2022-32215, CVE-2021-22960, CVE-2021-22959: Fixed multiple HTTP request smuggling issues in the underlyi ... oval:org.secpod.oval:def:89003004 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.4 : + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925. oval:org.secpod.oval:def:89050556 This update for webkit2gtk3 fixes the following issues: Security issues fixed: - CVE-2019-8673, CVE-2019-8678, CVE-2019-8686, CVE-2019-8683, CVE-2019-8671, CVE-2019-8595, CVE-2019-8684, CVE-2019-8681, CVE-2019-8615, CVE-2019-8689, CVE-2019-8680, CVE-2019-8672, CVE-2019-8676, CVE-2019-8666, CVE-2019- ... oval:org.secpod.oval:def:89050594 This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-13012: Fixed improper restriction of file permissions when creating directories . oval:org.secpod.oval:def:89002976 This update for webkit2gtk3 fixes the following issues: -webkit2gtk3 was updated to version 2.30.3 : - CVE-2021-13543: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-13584: Fixed a use after free which could have led to arbitrary code execution. - CVE-2021-9948: ... oval:org.secpod.oval:def:89002940 This update for webkit2gtk3 fixes the following issues: Security issue fixed: - CVE-2020-3899: Fixed a memory consumption issue that could have led to remote code execution . Non-security issues fixed: - Update to version 2.28.2 : + Fix excessive CPU usage due to GdkFrameClock not being stopped. + F ... oval:org.secpod.oval:def:89000694 This update for webkit2gtk3 to version 2.28.1 fixes the following issues: Security issues fixed: - CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled . - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free ... oval:org.secpod.oval:def:89002864 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.3 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several ... oval:org.secpod.oval:def:89045794 This update for webkit2gtk3 fixes the following issues: - CVE-2021-30846: Fixed memory corruption issue that could lead to arbitrary code execution when processing maliciously crafted web content . - CVE-2021-30851: Fixed memory corruption vulnerability that could lead to arbitrary code execution wh ... oval:org.secpod.oval:def:89000265 This update for webkit2gtk3 to version 2.26.4 fixes the following issues: Security issues fixed: - CVE-2019-8835: Fixed multiple memory corruption issues . - CVE-2019-8844: Fixed multiple memory corruption issues . - CVE-2019-8846: Fixed a use-after-free issue . - CVE-2020-3862: Fixed a memory handl ... oval:org.secpod.oval:def:89044296 This update for webkit2gtk3 fixes the following issues: - Update to version 2.32.0 : * Fix the authentication request port when URL omits the port. * Fix iframe scrolling when main frame is scrolled in async * scrolling mode. * Stop using g_memdup. * Show a warning message when overriding signal han ... oval:org.secpod.oval:def:89050848 This update for webkit2gtk3 to version 2.26.2 fixes the following issues: Webkit2gtk3 was updated to version 2.26.2 Security issues addressed: - CVE-2019-8625: Fixed a logic issue where by processing maliciously crafted web content may lead to universal cross site scripting. - CVE-2019-8674: Fixed ... oval:org.secpod.oval:def:89050862 This update for webkit2gtk3 to version 2.24.1 fixes the following issues: Security issues fixed: - CVE-2019-6201, CVE-2019-6251, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8506, CVE-2019-8515, CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-20 ... oval:org.secpod.oval:def:89046037 This update for vim fixes the following issues: - CVE-2022-0318: Fixed heap-based buffer overflow . - CVE-2021-3796: Fixed use-after-free in nv_replace in normal.c . - CVE-2021-3872: Fixed heap-based buffer overflow in win_redr_status drawscreen.c . - CVE-2021-3927: Fixed heap-based buffer overflow ... oval:org.secpod.oval:def:89047026 This update for vim fixes the following issues: Updated to version 9.0 with patch level 0313: - CVE-2022-2183: Fixed out-of-bounds read through get_lisp_indent . - CVE-2022-2182: Fixed heap-based buffer overflow through parse_cmd_address . - CVE-2022-2175: Fixed buffer over-read through cmdline_inse ... oval:org.secpod.oval:def:89047014 This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 : - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution. oval:org.secpod.oval:def:89045118 The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: A heap out-of-bounds write was discovered in net/netfilter/x_tables.c . - CVE-2021-33909: Extremely large seq buffer allocations in seq_file could ... oval:org.secpod.oval:def:89045120 This update for sqlite3 fixes the following issues: - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization - CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizat ... oval:org.secpod.oval:def:89003014 The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bug fixes. The following security bugs were fixed: - CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote us ... oval:org.secpod.oval:def:89044300 This update for sca-patterns-sle11 fixes the following issues: - New regular patterns for version 1.3.1 * Special Register Buffer Data Sampling aka CrossTalk oval:org.secpod.oval:def:89003013 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup . - CVE-2020-14314: Fixed a potential negative array index in do_split . - CVE-2020-14356: Fixed a null ... oval:org.secpod.oval:def:89002978 The SUSE Linux Enterprise 15 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with Syst ... oval:org.secpod.oval:def:89002930 This update for cups fixes the following issues: - CVE-2020-3898: Fixed a heap buffer overflow in ppdFindOption . oval:org.secpod.oval:def:89002963 The SUSE Linux Enterprise 15 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This ... oval:org.secpod.oval:def:89050827 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following new features were implemented: - jsc#SLE-4875: [CML] New device IDs for CML - jsc#SLE-7294: Add cpufreq driver for Raspberry Pi - fate#321840: Reduce memory required to boot capture kernel while u ... oval:org.secpod.oval:def:89050930 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-15291: There was a NULL pointer dereference, caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c dri ... oval:org.secpod.oval:def:89050936 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19767: Fixed ext4_expand_extra_isize mishandles, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ ... oval:org.secpod.oval:def:89050885 This update for ucode-intel fixes the following issues: - Updated to 20191112 official security release - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues oval:org.secpod.oval:def:89050660 This update for xen fixes the following issues: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. - CVE-2019-11135: ... oval:org.secpod.oval:def:89050782 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-15291: There was a NULL pointer dereference, caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c dri ... oval:org.secpod.oval:def:89050663 This update for qemu fixes the following issues: - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE15 - Fix use-after-free in slirp - Fix potential DOS in lsi scsi controller emulation - Expose taa-no "feature", indicating CPU does not have the TSX Async Abort vulnerabil ... oval:org.secpod.oval:def:89050842 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception duri ... oval:org.secpod.oval:def:89050863 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-19767: Fixed ext4_expand_extra_isize mishandles, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ ... oval:org.secpod.oval:def:89050852 This update for ucode-intel fixes the following issues: - Updated to 20191112 security release - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-greater than New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile - CN ... oval:org.secpod.oval:def:89050799 This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-12904: The C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. Other bugfixes: - Don"t run full FIPS self-tests from cons ... oval:org.secpod.oval:def:89050928 The SUSE Linux Enterprise 15 kernel version 4.12.14 was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-10638: Attackers used to be able to track the Linux kernel by the IP ID values the kernel produces for connection-less protocols. When such tra ... oval:org.secpod.oval:def:89050918 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. - CVE-2019-11478: It was possible to ... oval:org.secpod.oval:def:89050857 The SUSE Linux Enterprise 15 kernel version 4.12.14 was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-10638: Attackers used to be able to track the Linux kernel by the IP ID values the kernel produces for connection-less protocols. When such tra ... oval:org.secpod.oval:def:89050581 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data ... oval:org.secpod.oval:def:89050884 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89050781 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89050784 This update for ucode-intel fixes the following issues: The Intel CPU Microcode was updated to the official QSR 2019.1 Microcode release ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx VLV D0 ... oval:org.secpod.oval:def:89050629 This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarch ... oval:org.secpod.oval:def:89050868 This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarchitec ... oval:org.secpod.oval:def:89050620 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue - CVE-2019-3812: Fixed OOB memory a ... oval:org.secpod.oval:def:89049634 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following new feature was added: - NVDIMM memory error notification The following security bugs were fixed: - CVE-2018-13406: An integer overflow in the uvesafb_setcmap function could have result in local ... oval:org.secpod.oval:def:89000371 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . - Fixed an issue in TLS-EAP where the OCSP verification, when an intermediate client certif ... oval:org.secpod.oval:def:89000080 This update for php7 fixes the following issues: - CVE-2020-7062: Fixed a null pointer dereference when using file upload functionality under specific circumstances . - CVE-2020-7063: Fixed an issue where adding files change the permissions to default . - CVE-2020-7059: Fixed an out of bounds read i ... oval:org.secpod.oval:def:89046085 This update for php7 fixes the following issues: - CVE-2021-21703: Fixed local privilege escalation via PHP-FPM . - CVE-2021-21707: Fixed special character breaks path in xml parsing . - CVE-2017-8923: Fixed denial of service when using .= with a long string . - CVE-2015-9253: Fixed endless loop w ... oval:org.secpod.oval:def:89046732 This update for php7 fixes the following issues: - CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. - CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdo_mysql extension with mysqlnd driver. . oval:org.secpod.oval:def:89049701 This update for gd fixes the following issues: Security issue fixed: - CVE-2018-1000222: Fixed a double free vulnerability in gdImageBmpPtr that could result in remote code execution. This could have been exploited via a specially crafted JPEG image files oval:org.secpod.oval:def:89000118 This update for php7 fixes the following issues: - CVE-2020-7069: Fixed an issue when AES-CCM mode was used with openssl_encrypt function with 12 bytes IV, only first 7 bytes of the IV was used . - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing ... oval:org.secpod.oval:def:89045543 This update for php7 fixes the following issues: - CVE-2021-21704: Fixed security issues in pdo_firebase module . oval:org.secpod.oval:def:89050875 This update for python-numpy fixes the following issues: Non-security issues fixed: - Updated to upstream version 1.16.1 oval:org.secpod.oval:def:89050671 This update for python-numpy fixes the following issue: Security issue fixed: - CVE-2019-6446: Set allow_pickle to false by default to restrict loading untrusted content . With this update we decrease the possibility of allowing remote attackers to execute arbitrary code by misusing numpy.load. A wa ... oval:org.secpod.oval:def:89050830 This update for python-Jinja2 to version 2.10.1 fixes the following issues: Security issues fixed: - CVE-2019-8341: Fixed a command injection in from_string . - CVE-2019-10906: Fixed a sandbox escape due to information disclosure via str.format . oval:org.secpod.oval:def:89050742 This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue . - CVE-2019-11324: Fixed invalid CA certificat verification . - CVE-2019-11236: Fixed CRLF injection via request parameter . - CVE-2018-20060: Remove Authorization header wh ... oval:org.secpod.oval:def:89050765 This update for libzypp and libsolv fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed NULL pointer dereference at ext/testcase.c . - CVE-2018-20533: Fixed NULL pointer dereference at ext/testcase.c in libsolvext.a . - CVE-2018-20534: Fixed illegal address access at src/poo ... oval:org.secpod.oval:def:89050866 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2018-13785: Fixed a wrong calculation of row_factor in the png_check_chunk_length function in png ... oval:org.secpod.oval:def:89049775 This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code - CVE-2018-15909: Prevent type confusion using the ... oval:org.secpod.oval:def:89049683 oval:org.secpod.oval:def:89049601 This update for libsndfile fixes the following issues: Security issues fixed: - CVE-2018-13139: Fix a stack-based buffer overflow in psf_memset in common.c that allows remote attackers to cause a denial of service . - CVE-2017-17456: Prevent segmentation fault in the function d2alaw_array that may h ... oval:org.secpod.oval:def:89050929 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. This update brings following features: - Support for Enhanced-IBRS on new Intel CPUs The following security bugs were fixed: - CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption d ... oval:org.secpod.oval:def:89049704 ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 and is part of the mitigations for CVE-2018-3639 and CVE-2018-3646 . Processor Identifier Version Products Model Stepping F-MO-S/PI Old- greater than New ---- new platforms ---------------------- ... oval:org.secpod.oval:def:89049727 This update for ucode-intel fixes the following issues: The microcode bundles was updated to the 20180703 release For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 . More information on: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode ... oval:org.secpod.oval:def:89049689 This update for xen fixes the following issues: Update to Xen 4.10.2 bug fix release . Security vulnerabilities fixed: - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Deni ... oval:org.secpod.oval:def:89049686 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache used by oth ... oval:org.secpod.oval:def:89049746 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14617: Prevent NULL pointer dereference and panic in hfsplus_lookup when opening a file in an hfs+ filesystem that has malformed catalog data, and is mounted ... oval:org.secpod.oval:def:89049622 This update for qemu to version 2.11.2 fixes the following issues: Security issue fixed: - CVE-2018-11806: Fix heap buffer overflow issue that can happen while reassembling fragmented datagrams . - CVE-2018-3639: Mitigation functionality for Speculative Store Bypass issue in x86 . - CVE-2018-7550: F ... oval:org.secpod.oval:def:89049737 This update for xen fixes the following issues: Security issues fixed: - CVE-2018-3665: Fix Lazy FP Save/Restore issue . - CVE-2018-12891: Fix possible Denial of Service via certain PV MMU operations that affect the entire host . - CVE-2018-12892: Fix libxl to honour the readonly flag on HVM emul ... oval:org.secpod.oval:def:89049735 This update for xen fixes the following security issues: - CVE-2018-3646: Systems with microprocessors utilizing speculative execution and address translations may have allowed unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS pr ... oval:org.secpod.oval:def:89049761 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c did not always fill RSB upon a context switch, which made it easier for attacker ... oval:org.secpod.oval:def:89049757 This update for kernel-firmware to version 20180525 fixes the following issues: This security issue was fixed: - CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker with local user access caused by speculative execution and indirect branch prediction oval:org.secpod.oval:def:89050732 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. This update brings following features: - Support for Enhanced-IBRS on new Intel CPUs The following security bugs were fixed: - CVE-2018-9568: In sk_clone_lock of sock.c, there is a possible memory corruption d ... oval:org.secpod.oval:def:89049671 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifi ... oval:org.secpod.oval:def:89049694 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free via certain thread crea ... oval:org.secpod.oval:def:89050320 This update for python fixes the following issues: Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions . oval:org.secpod.oval:def:89050824 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2019-9517: Fixed HTTP/2 implementations that are vulnerable to unconstrained interal data buffering . - CVE-2019-10081: Fixed mod_http2 that is vulnerable to memory corruption on early pushes . - CVE-2019-10082: Fixed m ... oval:org.secpod.oval:def:89000524 This update for python3 fixes the following issues: - Fixed CVE-2020-27619 , where Lib/test/multibytecodec_support calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and SLE12 - ad ... oval:org.secpod.oval:def:89049715 This update for python fixes the following issue: - CVE-2018-1000802: Prevent command injection in shutil module via passage of unfiltered user input oval:org.secpod.oval:def:89050813 This update for expat fixes the following issues: Security issues fixed: - CVE-2019-15903: Fixed heap-based buffer over-read caused by crafted XML input oval:org.secpod.oval:def:89050933 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain va ... oval:org.secpod.oval:def:89050906 This update for python fixes the following issues: Security issues fixed: - CVE-2019-9947: Fixed an insufficient validation of URL paths with embedded whitespace or control characters that could allow HTTP header injections. - CVE-2019-16056: Fixed a parser issue in the email module. - CVE-2019-16 ... oval:org.secpod.oval:def:89050772 This update for python fixes the following issues: Security issues fixed: - CVE-2019-9948: Fixed a "file:" blacklist bypass in URIs by using the "local-file:" scheme instead . - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization ... oval:org.secpod.oval:def:89050893 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization . oval:org.secpod.oval:def:89050650 This update for python3 to 3.6.9 fixes the following issues: Security issues fixed: - CVE-2019-16056: Fixed a parser issue in the email module. - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py . Non-security issues fixed: - Fixed regression of OpenSSL 1.1.1b-1 in EVP_PBE_scr ... oval:org.secpod.oval:def:89050531 This update for python fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser oval:org.secpod.oval:def:89050643 This update for nghttp2 fixes the following issues: Security issues fixed: - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service . - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and ... oval:org.secpod.oval:def:89050762 This update for nginx fixes the following issues: Security issues fixed: - CVE-2019-9511: Fixed a denial of service by manipulating the window size and stream prioritization . - CVE-2019-9513: Fixed a denial of service caused by resource loops . - CVE-2019-9516: Fixed a denial of service caused by h ... oval:org.secpod.oval:def:89050552 This update for python fixes the following issues: Security issue fixed: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . oval:org.secpod.oval:def:89050429 This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk . - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ . - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat . oval:org.secpod.oval:def:89050535 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser - CVE-2018-20406: Fixed a integer overflow via a large LONG_BINPUT oval:org.secpod.oval:def:89049740 This update for openssl-1_1 fixes the following issues: - CVE-2018-0732: During key agreement in a TLS handshake using a DH based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a ke ... oval:org.secpod.oval:def:89050722 This update for python fixes the following issues: - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation . oval:org.secpod.oval:def:89050838 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain va ... oval:org.secpod.oval:def:89050712 This update for python3 to version 3.6.8 fixes the following issues: Security issue fixed: - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter . Non-security issue fixed: - Fixed broken debuginfo packages by switching off LTO and PGO optim ... oval:org.secpod.oval:def:89050835 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to NSS 3.47.1: Security issues fixed: - CVE-2019-17006: Added length checks for cryptographic primitives . - CVE-2019-11745: EncryptUpdate should use maxout, not block size . - CVE-2019-11727: Fixed vulnera ... oval:org.secpod.oval:def:89049636 This update for openssl-1_1 to 1.1.0i fixes the following issues: These security issues were fixed: - CVE-2018-0732: During key agreement in a TLS handshake using a DH based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unre ... oval:org.secpod.oval:def:89050736 This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack . - CVE-2019-11711: Script injection within domain through inner window reuse . - CVE-2019-11712: Cross-origin POST ... oval:org.secpod.oval:def:89049621 This update for tiff fixes the following issues: Security issue fixed: - CVE-2018-10779: TIFFWriteScanline in tif_write.c had a heap-based buffer over-read, as demonstrated by bmp2tiff. - CVE-2018-17100: There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of servic ... oval:org.secpod.oval:def:89050829 This update for rmt-server to version 1.1.1 fixes the following issues: The following issues have been fixed: - Fixed migration problems which caused some extensions / modules to be dropped - Fixed listing of mirrored products - Include online migration paths into offline migration - Sync product ... oval:org.secpod.oval:def:89049770 This update for libxml2 fixes the following security issues: - CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint - CVE-2018-14567: Prevent denial of service via a crafted ... oval:org.secpod.oval:def:89003007 This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . - Add "libsmbldap0" to "libsmbldap ... oval:org.secpod.oval:def:89050605 The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-20855: An issue was discovered in the Linux kernel In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, result ... oval:org.secpod.oval:def:89050593 This update for krb5 fixes the following issues: Security issues fixed: - CVE-2018-5729, CVE-2018-5730: Fixed multiple flaws in LDAP DN checking |
