[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:89045016
This update for minicom fixes the following issue: This security issue was fixed: - CVE-2017-7467: Invalid cursor coordinates and scroll regions could lead to code execution .

oval:org.secpod.oval:def:89045167
This update for dovecot22 fixes the following issues: - insecure SSL/TLS key and certificate file creation - Fix LDAP based authentication for some setups

oval:org.secpod.oval:def:89000001
SUSE Linux Enterprise Server 12 SP2 is installed

oval:org.secpod.oval:def:89045310
This update for libtcnative-1-0 fixes the following issues: - Upgrade to libtcnative-1.1.34 See https://tomcat.apache.org/native-1.1-doc/miscellaneous/changelog.html * Unconditionally disable export Ciphers. * Improve ephemeral key handling for DH and ECDH. Parameter strength is by default derived ...

oval:org.secpod.oval:def:89045003
This update of freeradius-server fixes several issues. Security issue fixed: - CVE-2015-4680: Fixed Insufficent CRL application for intermediate certificates Non security issues fixed: - Allows FreeRadius Server to start on SUSE Linux Enterprise Server 12 SP2 systems by relaxing a too strict openss ...

oval:org.secpod.oval:def:89045181
This update for libarchive fixes several issues. These security issues were fixed: - CVE-2016-8687: Buffer overflow when printing a filename . - CVE-2016-8689: Heap overflow when reading corrupted 7Zip files . - CVE-2016-8688: Use after free because of incorrect calculation in next_line . - CVE-2016 ...

oval:org.secpod.oval:def:89045304
This update for wget fixes the following issues: Security issues fixed: - CVE-2016-7098: Fixed a potential race condition by creating files with .tmp ext and making them accessible to the current user only. Non security issues fixed: - bsc#1005091: Don"t call xfree on string returned by usr_error - ...

oval:org.secpod.oval:def:89045260
libX11 was updated to fix a memory leak that was introduced with the security fix for CVE-2016-7942.

oval:org.secpod.oval:def:89045187
This update for libass fixes the following issues: CVE-2016-7969, CVE-2016-7970, CVE-2016-7971, CVE-2016-7972: Fixed multiple memory allocation issues found by fuzzing .

oval:org.secpod.oval:def:89045213
This update for the X Window System client libraries fixes a class of privilege escalation issues. A malicious X Server could send specially crafted data to X clients, which allowed for triggering crashes, or privilege escalation if this relationship was untrusted or crossed user or permission level ...

oval:org.secpod.oval:def:89045191
This update for ghostscript fixes the following issues: - bsc#1006592: Fix a regression introduced in CVE-2013-5653 by which ps files couldn"t be opened in okular/evince .

oval:org.secpod.oval:def:89045236
This update for gstreamer-plugins-bad fixes the following issues: - CVE-2016-9809: Malicious mkv/h264 file could cause an off by one out of bounds read and lead to crash - CVE-2016-9812: Malicious mpeg file could cause invalid a null pointer access and lead to crash - CVE-2016-9813: Malicious mpeg ...

oval:org.secpod.oval:def:89045000
This update for gstreamer-0_10-plugins-base fixes the following issue: - CVE-2016-9811: out of bounds memory read in windows_icon_typefind

oval:org.secpod.oval:def:89045235
This update for gstreamer-plugins-good fixes the following security issues: - CVE-2016-9807: Flic decoder invalid read could lead to crash. - CVE-2016-9634: Flic out-of-bounds write could lead to code execution. - CVE-2016-9635: Flic out-of-bounds write could lead to code execution. - CVE-2016-96 ...

oval:org.secpod.oval:def:89045542
This update for unrar to version 5.6.1 fixes several issues. These security issues were fixed: - CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file . - CVE ...

oval:org.secpod.oval:def:89045347
This update for xen fixes the following issues: - A Mishandling of SYSCALL singlestep during emulation which could have lead to privilege escalation. - CMPXCHG8B emulation failed to ignore operand size override which could have lead to information disclosure. - PV guests may have been able to mask ...

oval:org.secpod.oval:def:89045177
This update for ImageMagick fixes the following issues: - Memory allocation failure in AcquireMagickMemory [bsc#1007245] - update incomplete patch of CVE-2016-6823 [bsc#1001066]

oval:org.secpod.oval:def:89000529
This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND=quot;ldapquot; was used . - Changed DB_CONFIG to root:ldap permissions . - Fixed an issue where slapd becomes unresponsive after many fai ...

oval:org.secpod.oval:def:89045317
This update for sudo fixes the following issues: - fix two security vulnerabilities that allowed users to bypass sudo"s NOEXEC functionality: * noexec bypass via system and popen [CVE-2016-7032, bsc#1007766] * noexec bypass via wordexp [CVE-2016-7076, bsc#1007501]

oval:org.secpod.oval:def:89045194
This update for gc fixes the following issues: - integer overflow in GC_MALLOC_ATOMIC

oval:org.secpod.oval:def:89045174
This update for gd fixes the following issues: * CVE-2016-9933 possible stackoverflow on malicious truecolor images [bsc#1015187]

oval:org.secpod.oval:def:89045018
This update for bind fixes the following issues: - An attacker with the ability to send and receive messages to an authoritative DNS server was able to circumvent TSIG authentication of AXFR requests. A server that relied solely on TSIG keys for protection could be manipulated into providing an AXF ...

oval:org.secpod.oval:def:89045033
This update for evince fixes the following issues: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code

oval:org.secpod.oval:def:89045020
This update for libsoup fixes the following issues: - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup .

oval:org.secpod.oval:def:89043980
This update for apache2 fixes several issues. These security issues were fixed: - CVE-2017-9789: When under stress the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour . - CVE-2017-7659: A maliciously constructed HTTP/2 request c ...

oval:org.secpod.oval:def:89045243
This update for dnsmasq fixes the following issues: - CVE-2015-8899: Denial of service between local and remote dns entries

oval:org.secpod.oval:def:89045350
libXi was updated to fix two security issues. These security issues were fixed: - CVE-2016-7945: Integer overflows in libXI can cause out of boundary memory access or endless loops . - CVE-2016-7946: Insufficient validation of data in libXI can cause out of boundary memory access or endless loops ...

oval:org.secpod.oval:def:89003265
This update for cups fixes the following issues: - CVE-2019-8675: Fixed a stack buffer overflow in libcups"s asn1_get_type function. - CVE-2019-8696: Fixed a stack buffer overflow in libcups"s asn1_get_packed function .

oval:org.secpod.oval:def:89003024
This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201118 official release. - Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack INTEL-SA-00389 - CVE-2020-8698: Fixed Fast Store For ...

oval:org.secpod.oval:def:89003266
This update for postgresql94 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner .

oval:org.secpod.oval:def:89003268
This update for LibVNCServer fixes the following issues: Security issues fixed: - CVE-2018-15126: Fixed use-after-free in file transfer extension - CVE-2018-6307: Fixed use-after-free in file transfer extension server code - CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC cli ...

oval:org.secpod.oval:def:89044807
This update for curl fixes the following issues: Security issues fixed: - CVE-2017-1000254: FTP PWD response parser out of bounds read - CVE-2017-1000257: IMAP FETCH response out of bounds read Bugs fixed: - Fixed error error:1408F10B:SSL routines when connecting to ftps via proxy

oval:org.secpod.oval:def:89044805
This update for SuSEfirewall2 fixes the following issues: - CVE-2017-15638: Fixed a security issue with too open implicit portmapper rules : A source net restriction for _rpc_ services was not taken into account for the implicitly added rules for port 111, making the portmap service accessible to ev ...

oval:org.secpod.oval:def:89044812
This update for curl fixes the following issues: - CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service - CVE-2017-1000101: URL globbing out of bounds read could lead to a denial of service

oval:org.secpod.oval:def:89044811
This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2016-10087: NULL pointer dereference in png_set_text_2

oval:org.secpod.oval:def:89003134
This update for webkit2gtk3 to version 2.22.6 fixes the following issues: Security issues fixed: - CVE-2019-6212: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content. - CVE-2019-6215: Fixed a type confusion ...

oval:org.secpod.oval:def:89003371
This update for ghostscript fixes the following issue: Security issue fixed: - CVE-2019-3838: Fixed a vulnerability which made forceput operator in DefineResource to be still accessible which could allow access to file system outside of the constraints of -dSAFER .

oval:org.secpod.oval:def:89003131
This update for ghostscript fixes the following issue: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code .

oval:org.secpod.oval:def:89044917
This update for evince fixes the following issue: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code .

oval:org.secpod.oval:def:89044918
This update for libplist fixes the following issues: - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service via split encoded Apple Property List data . - CVE-2017-5545: The main function in plistutil ...

oval:org.secpod.oval:def:89003017
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth . - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation . - CVE-2019-14559: Fixed a remotely e ...

oval:org.secpod.oval:def:89044912
This update for netpbm fixes the following issues: Security bugs: * CVE-2017-2586: A NULL pointer dereference in stringToUint function could lead to a denial of service problem when processing malformed images. [bsc#1024292] * CVE-2017-2581: A out-of-bounds write in writeRasterPbm could be used by ...

oval:org.secpod.oval:def:89003018
This update for bluez fixes the following issues: - CVE-2020-0556: Fixed improper access control which may lead to escalation of privilege and denial of service by an unauthenticated user .

oval:org.secpod.oval:def:89044915
This update for xorg-x11-server fixes several issues. These security issues were fixed: - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm could lead to shared memory segments of other users beeing freed - CVE-2017-13723: A local denial of service via unusual characters in XkbA ...

oval:org.secpod.oval:def:89044914
This update for libquicktime fixes the following issues: * CVE-2017-9122: A DoS in quicktime_read_moov function in moov.c via acrafted mp4 file was fixed. * CVE-2017-9123: An invalid memory read in lqt_frame_duration via a crafted mp4 file was fixed. * CVE-2017-9124: A NULL pointer dereference in ...

oval:org.secpod.oval:def:89044922
This Linux kernel update for SUSE Linux Enterprise 12 SP2 fixes the following issues: - A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most notably Java. These issues have been remedied. [bsc#1045340]

oval:org.secpod.oval:def:89044921
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000364: The default stack guard page was too small and could be jumped over by userland programs using more than one page of stack in functions and so lea ...

oval:org.secpod.oval:def:89003364
This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users These non-security issues were fixed: - Fix a segmentation fault in sss_cache command. ...

oval:org.secpod.oval:def:89003244
This update for the Linux Kernel 4.4.121-92_117 fixes one issue. The following security issue was fixed: - CVE-2018-5390: Fixed expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for every incoming packet which could have led to a denial of service .

oval:org.secpod.oval:def:89003124
This update for xen fixes the following issues: Security vulnerabilities fixed: - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Denial of Service affecting the entire hos ...

oval:org.secpod.oval:def:89003125
This update for libssh2_org fixes the following issues: - Incorrect upstream fix for CVE-2019-3859 broke public key authentication [bsc#1133528, bsc#1130103]

oval:org.secpod.oval:def:89003369
This update for curl fixes the following issues: Security issues fixed: - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP . - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message . - CVE-2018-1689 ...

oval:org.secpod.oval:def:89044824
This update for tcpdump to version 4.9.0 and libpcap to version 1.8.1 fixes the several issues. These security issues were fixed in tcpdump: - CVE-2016-7922: The AH parser in tcpdump had a buffer overflow in print-ah.c:ah_print . - CVE-2016-7923: The ARP parser in tcpdump had a buffer overflow in pr ...

oval:org.secpod.oval:def:89003008
This update for kernel-firmware fixes the following issue: - CVE-2020-12321: Updated the Intel Bluetooth firmware for buffer overflow security bugs .

oval:org.secpod.oval:def:89003129
This update for libsoup fixes the following issues: Security issue fixed: - CVE-2018-12910: Fix crash when handling empty hostnames . - CVE-2017-2885: Fix chunk decoding buffer overrun that could be exploited against either clients or servers . Bug fixes: - bsc#1086036: translation-update-upstream c ...

oval:org.secpod.oval:def:89044705
This update for kernel-firmware fixes the following issues: - Update Intel WiFi firmwares for the 3160, 7260 and 7265 adapters. Security issues fixed are part of the KRACK attacks affecting the firmware: - CVE-2017-13080: The reinstallation of the Group Temporal key could be used for replay attacks ...

oval:org.secpod.oval:def:89044947
This update for libxslt fixes the following issues: - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page . - CVE-2016-4738: Fix he ...

oval:org.secpod.oval:def:89044832
This update for kdelibs4 fixes the following issues: - CVE-2017-8422: This update fixes problem in the DBUS authentication of the kauth framework that could be used to escalate privileges depending on bugs or misimplemented dbus services

oval:org.secpod.oval:def:89044713
This update for emacs fixes one issues. This security issue was fixed: - CVE-2017-14482: Remote code execution via mails with Content-Type: text/enriched

oval:org.secpod.oval:def:89044712
This MariaDB update to version 10.0.31 GA fixes the following issues: Security issues fixed: - CVE-2017-3308: Subcomponent: Server: DML: Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this ...

oval:org.secpod.oval:def:89044950
This update for xen fixes several issues. These security issues were fixed: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch - A mali ...

oval:org.secpod.oval:def:89003233
This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigated ECDSA timing attack

oval:org.secpod.oval:def:89003475
This update for sudo fixes the following issues: - CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers .

oval:org.secpod.oval:def:89003234
This update for texlive fixes the following issue: - CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex

oval:org.secpod.oval:def:89003114
This update for gstreamer-plugins-base fixes the following issue: Security issue fixed: - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser .

oval:org.secpod.oval:def:89003477
This update for ucode-intel fixes the following issues: Updated to the 20190312 bundle release New Platforms: - AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile - CFL-S P0 6-9e-c/22 000000a2 Core Gen9 Deskto ...

oval:org.secpod.oval:def:89044939
pcsc-lite was updated to fix one security issue. This security issue was fixed: - CVE-2016-10109: This use-after-free and double-free issue allowed local attacker to cause a Denial of Service and possible privilege escalation .

oval:org.secpod.oval:def:89003115
This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 . - CVE-2018-20506: Fixed an integer overflow when FTS3 extension is enabled .

oval:org.secpod.oval:def:89044941
This update for sane-backends fixes the following issues: - saned could have leaked uninitialized memory back to its requesters for some opcodes, allowing for information disclosure of saned memory .

oval:org.secpod.oval:def:89044944
This update for ImageMagick fixes the following issues: Security issues fixed: * CVE-2017-15033: A denial of service attack was fixed in ReadYUVImage in coders/yuv.c [bsc#1061873] * CVE-2017-11446: An infinite loop in ReadPESImage was fixed. * CVE-2017-12433: A memory leak in ReadPESImage in coder ...

oval:org.secpod.oval:def:89003189
This update for vim fixes the following issue: Security issue fixed: - CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c .

oval:org.secpod.oval:def:89003185
This update for openssl fixes the following issues: OpenSSL Security Advisory [10 September 2019] - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance . - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key .

oval:org.secpod.oval:def:89003065
This update for libpcap fixes the following issues: - CVE-2019-15165: Added sanity checks for PHB header length before allocating memory . - CVE-2018-16301: Fixed a buffer overflow .

oval:org.secpod.oval:def:89003186
This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent . Other issues fixed: - libxl: save current memo ...

oval:org.secpod.oval:def:89003181
This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs

oval:org.secpod.oval:def:89003182
This update for postgresql10 to version 10.9 fixes the following issue: Security issue fixed: - CVE-2019-10164: Fixed buffer-overflow vulnerabilities in SCRAM verifier parsing . More information at https://www.postgresql.org/docs/10/release-10-9.html

oval:org.secpod.oval:def:89003299
This update for webkit2gtk3 to version 2.22.5 fixes the following issues: Security issues fixed: - CVE-2018-4438: Fixed a logic issue which lead to memory corruption - CVE-2018-4437, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464: Fixed multiple memory corruption issues with improved me ...

oval:org.secpod.oval:def:89003179
This update for libseccomp fixes the following issues: Update to new upstream release 2.4.1: * Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 : * Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS ...

oval:org.secpod.oval:def:89003052
This update for libssh2_org fixes the following issues: Security issues fixed: - CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets . - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet . - CVE-2019-3860: Fixed Out-of- ...

oval:org.secpod.oval:def:89003291
This update for openssl fixes the following issues: - Reject invalid EC point coordinates This helps openssl using services that do not do this verification on their own.

oval:org.secpod.oval:def:89003171
This update for dovecot22 fixes the following issues: - CVE-2019-11500: Fixed a potential remote code execution in the IMAP and ManageSieve protocol parsers .

oval:org.secpod.oval:def:89003046
This update for xrdp fixes the following issues: Security issues fixed: - CVE-2013-1430: When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd was created. Its content was the equivalent of the user"s cleartext password, DES encrypted with a known key ...

oval:org.secpod.oval:def:89003167
This update for openssl fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher"s CAT: Cache Attacks on TLS Implementations - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differently to a ...

oval:org.secpod.oval:def:89003047
This update for webkit2gtk3 to version 2.22.4 fixes the following issues: Security issues fixed: CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018 ...

oval:org.secpod.oval:def:89003168
This update for postgresql96 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner .

oval:org.secpod.oval:def:89003169
This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . Non-security issues fixed: - Fixed an issue where the first login failed and subsequent o ...

oval:org.secpod.oval:def:89044909
This update for apache2 fixes the following issues: - CVE-2016-8740 Server memory can be exhausted and service denied when HTTP/2 is used [bsc#1013648]

oval:org.secpod.oval:def:89003044
This update for perl fixes the following issues: Security issue fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment .

oval:org.secpod.oval:def:89044905
This update for jakarta-taglibs-standard fixes the following issues: - CVE-2015-0254: Apache Standard Taglibs allowed remote attackers to execute arbitrary code or conduct external XML entity attacks via a crafted XSLT extension in a x:parse or x:transform JSTL XML tag

oval:org.secpod.oval:def:89044911
This update for cpio fixes two issues. This security issue was fixed: - CVE-2016-2037: The cpio_safer_name_suffix function in util.c in cpio allowed remote attackers to cause a denial of service via a crafted cpio file . This non-security issue was fixed: - bsc#1020108: Always use 32 bit CRC to pre ...

oval:org.secpod.oval:def:89044910
The ppp package was updated to fix the following security issue: - CVE-2015-3310: Fixed a buffer overflow in radius plug-in"s rc_mksid .

oval:org.secpod.oval:def:89003040
This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-6954: Fixed a vulnerability in the symlink handling of systemd-tmpfiles which allowed a local user to obtain ownership of arbitrary files . - CVE-2019-3842: Fixed a vulnerability in pam_systemd which allowed a loca ...

oval:org.secpod.oval:def:89003156
This update for curl fixes the following issues: Security issue fixed: - CVE-2019-5482: Fixed TFTP small blocksize heap buffer overflow .

oval:org.secpod.oval:def:89003277
This update for systemd fixes the following issues: Security vulnerability fixed: - CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS message on the system bus by an unprivileged user Other bug fixes and changes: - journal-remote: set a limit on the number of fields in a messa ...

oval:org.secpod.oval:def:89003037
This update for gstreamer-0_10-plugins-base fixes the following issues: Security issue fixed: - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser .

oval:org.secpod.oval:def:89044649
This update for bind fixes the following issues: CVE-2017-3137 : Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could have been exploited to cause a denial of service of a bind server performing recursion. CVE-2017-31 ...

oval:org.secpod.oval:def:89044769
This update for wireshark fixes the following issues: - CVE-2017-17083: NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. - CVE-2017-17084: IWARP_MPA dissector could crash. This was addre ...

oval:org.secpod.oval:def:89044898
GNU binutil was updated to the 2.29.1 release, bringing various new features, fixing a lot of bugs and security issues. Following security issues are being addressed by this release: * 18750 bsc#1030296 CVE-2014-9939 * 20891 bsc#1030585 CVE-2017-7225 * 20892 bsc#1030588 CVE-2017-7224 * 20898 bsc#103 ...

oval:org.secpod.oval:def:89044897
The network debugging tool wireshark was updated to version 2.2.7 to fix the following issues: - CVE-2017-9352: Bazaar dissector infinite loop - CVE-2017-9348: DOF dissector read overflow - CVE-2017-9351: DHCP dissector read overflow - CVE-2017-9346: SoulSeek dissector infinite loop - CVE-20 ...

oval:org.secpod.oval:def:89044658
This update for dovecot22 to version 2.2.29.1 fixes the following issues: This security issue was fixed: - CVE-2017-2669: Don"t double-expand %variables in keys. If dict was used as the authentication passdb, using specially crafted %variables in the username could be used to cause DoS Additionally ...

oval:org.secpod.oval:def:89044779
This update for libzip fixes one issues. This security issue was fixed: - CVE-2017-14107: The _zip_read_eocd64 function mishandled EOCD records, which allowed remote attackers to cause a denial of service via a crafted ZIP archive .

oval:org.secpod.oval:def:89044772
This update for evince fixes the following issues: Security issue fixed: - CVE-2017-1000083: Remove support for tar and tar-like commands in comics backend .

oval:org.secpod.oval:def:89044895
This update provides Quagga 1.1.1, which brings several fixes and enhancements. Security issues fixed: - CVE-2017-5495: Telnet "vty" interface DoS due to unbounded memory allocation. - CVE-2016-1245: Stack overrun in IPv6 RA receive code. Bug fixes: - Do not enable zebra"s TCP interface to use de ...

oval:org.secpod.oval:def:89044892
This update for opensaml fixes the following issues: Security issue fixed: - CVE-2017-16853: Fix the DynamicMetadataProvider class to properly configure itself with the MetadataFilter plugins, to avoid possible MITM attacks .

oval:org.secpod.oval:def:89044638
This update for systemd fixes the following issues: Security issue fixed: - CVE-2017-9217: resolved: Fix null pointer p-question dereferencing that could lead to resolved aborting The update also fixed several non-security bugs: - core/mount: Use the -c flag to not canonicalize paths when calling / ...

oval:org.secpod.oval:def:89044759
This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-9600: Null Pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder - CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl - CVE-2017-5498: left-shift undefined behaviour - CVE-20 ...

oval:org.secpod.oval:def:89044637
This update for wget fixes the following security issues: - CVE-2017-13089,CVE-2017-13090: Missing checks for negative remaining_chunk_size in skip_short_body and fd_read_body could cause stack buffer overflows, which could have been exploited by malicious servers

oval:org.secpod.oval:def:89044766
This update for wireshark to version 2.2.9 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation . - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of ...

oval:org.secpod.oval:def:89044889
This update for jasper fixes the following issues: - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec. - CVE-2016-9395: Invalid jasper files could lead to abort of the library caused by attacker provided image. - CVE-2016-9398: Invalid jasper files could lead to abort of the lib ...

oval:org.secpod.oval:def:89044888
This update for bind fixes the following issues: - Fixed a possible denial of service vulnerability

oval:org.secpod.oval:def:89044764
This update for libgcrypt fixes the following issues: - CVE-2017-7526: Hardening against a local side-channel attack in RSA key handling has been added

oval:org.secpod.oval:def:89044884
This update for freeradius-server fixes the following issues: Security issue fixed: - CVE-2017-9148: Disable OpenSSL"s internal session cache to mitigate authentication bypass. Non security issue fixed: - Fix case insensitive matching in compiled regular expressions

oval:org.secpod.oval:def:89044760
This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. - CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. Bugfixes: - Drop patch ncurses-5.9-environ ...

oval:org.secpod.oval:def:89044881
This update for libquicktime fixes the following issues: - A crafted MP4 file could have caused libquicktime to crash or lead to undefined behaviour

oval:org.secpod.oval:def:89044678
xerces-j2 was updated to fix several issues. This security issue was fixed: - bsc#814241: Prevent possible DoS through very long attribute names This non-security issue was fixed: - Prevent StackOverflowError when applying a pattern restriction on long strings while trying to validate an XML file ag ...

oval:org.secpod.oval:def:89044799
This update for bash fixes an issue that could lead to syntax errors when parsing scripts that use expr inside loops. Additionally, the popd build-in now ensures that the normalized stack offset is within bounds before trying to free that stack entry. This fixes a segmentation fault.

oval:org.secpod.oval:def:89044674
This wireshark update to version 2.2.8 fixes the following issues: Security issues fixed: - CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing length validation. - CVE-2017-11410: The WBXML dissector could go into an infinite loop. - CVE-2017-11408: The ...

oval:org.secpod.oval:def:89044795
This update for poppler fixes the following issues: Security issues fixed: - CVE-2017-9775: Fix a stack overflow bug in pdftocairo that could have been exploited in a denial of service attack through a specially crafted PDF document. - CVE-2017-9776: Fix an integer overflow bug that could have been ...

oval:org.secpod.oval:def:89044797
This update for git fixes the following issues: This security issue was fixed: - CVE-2017-14867: Git used unsafe Perl scripts to support subcommands such as cvsserver, which allowed attackers to execute arbitrary OS commands via shell metacharacters in a module name .

oval:org.secpod.oval:def:89003082
This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-19788: Fixed handling of UIDs over MAX_UINT

oval:org.secpod.oval:def:89044672
This update for openvpn fixes the following issues: - CVE-2017-12166: Lack of bound check in read_key in old legacy key handling before using values could be used for a remote buffer overflow .

oval:org.secpod.oval:def:89044793
This update for liblouis fixes several issues. These security issues were fixed: - CVE-2017-13738: Prevent illegal address access in the _lou_getALine function that allowed to cause remote DoS . - CVE-2017-13739: Prevent heap-based buffer overflow in the function resolveSubtable that could have caus ...

oval:org.secpod.oval:def:89044671
This update for dnsmasq fixes the following security issues: - CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354] - CVE-2017-14492: heap based overflow. [bsc#1060355] - CVE-2017-14493: stack based overflow. [bsc#1060360] - CVE-2017-14494: DHCP - info leak. [bsc#1060361] - CVE-2017-14495: DNS ...

oval:org.secpod.oval:def:89003078
This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Save registry file outside share as unprivileged user . Non-security issue fixed: - Backport changes to support quotas with SMB2 .

oval:org.secpod.oval:def:89003197
This update for permissions fixes the following issues: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary . - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links . - Fix ...

oval:org.secpod.oval:def:89044786
This update for tcmu-runner fixes the following issues: Security issues fixed: - CVE-2017-1000198: The glfs handler allowed local DoS via crafted CheckConfig strings - CVE-2017-1000199: The qcow handler leaked information via the CheckConfig D-Bus method

oval:org.secpod.oval:def:89003193
This update for dovecot22 fixes the following issues: Security issues fixed: - CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation . - CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication . Other issue fi ...

oval:org.secpod.oval:def:89044661
This update for perl fixes the following issues: Security issues fixed: - CVE-2017-12837: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a regular expression with a " ...

oval:org.secpod.oval:def:89003073
This update for LibVNCServer fixes the following issues: Security issues fixed: - CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c - CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c - CVE-2018-20748: Fixed multiple heap out-of-bound writes ...

oval:org.secpod.oval:def:89003194
This update for libjpeg-turbo fixes the following issues: - CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. [bsc#1156402]

oval:org.secpod.oval:def:89044726
This update for clamav fixes the following issues: Security issue fixed: - CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in libclamunrar Non security issues fixed: - Provide and obsolete clamav-nodb to trigger its removal in openSUSE Leap

oval:org.secpod.oval:def:89044967
This update for sssd provides the following fixes: Security issues fixed: - CVE-2017-12173: Fixed unsanitized input when searching in local cache database . Non security issues fixed: - Fixed a segfault issue in ldap_rfc_2307_fallback_to_local_users. - Install /var/lib/sss/mc directory to correct s ...

oval:org.secpod.oval:def:89044848
This update for xen to version 4.7.2 fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memory_exchange permited PV guest breakout . - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or driver domai ...

oval:org.secpod.oval:def:89044969
This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-11112: Illegal address access in append_acs. - CVE-2017-11113: Dereferencing NULL pointer in _nc_parse_entry. - CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken termcap f ...

oval:org.secpod.oval:def:89044612
This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2017-6502: Possible file-descriptor leak in libmagickcore that could be triggered via a specially crafted webp file . - CVE-2017-7943: The ReadSVGImage function in svg.c allowed remote attackers to consume an amount ...

oval:org.secpod.oval:def:89044733
This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory . Bugfixes: - Force usage of ncurses6-config thru NCURSES_CONFIG env var . - Add missing ldb module directory . - Don"t package man pages for VFS modul ...

oval:org.secpod.oval:def:89044856
This update for strongswan fixes the following issues: - CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service - CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service - IKEv1 protocol is vulnerable to DoS amplification attack

oval:org.secpod.oval:def:89044734
This update for tboot fixes the following issues: Security issue fixed: - CVE-2017-16837: Certain function pointers in Trusted Boot through 1.9.6 are notvalidated and can cause arbitrary code execution, which allows local users tooverwrite dynamic PCRs of Trusted Platform Module by h Bug fixes: - ...

oval:org.secpod.oval:def:89044855
This update for curl fixes the following issues: Security issue fixed: - CVE-2016-9586: libcurl printf floating point buffer overflow - CVE-2017-7407: The ourWriteOut function in tool_writeout.c in curl might have allowed physically proximate attackers to obtain sensitive information from process m ...

oval:org.secpod.oval:def:89044976
This update for libgcrypt fixes the following issues: - CVE-2017-9526: Store the session key in secure memory to ensure that constant time point operations are used in the MPI library. - Don"t require secure memory for the fips selftests, this prevents the Oops, secure memory pool already initializ ...

oval:org.secpod.oval:def:89002925
This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol .

oval:org.secpod.oval:def:89044970
This update for libmicrohttpd fixes the following issues: - CVE-2013-7038: The MHD_http_unescape function in libmicrohttpd might have allowed remote attackers to obtain sensitive information or cause a denial of service via unspecified vectors that trigger an out-of-bounds read. - CVE-2013-7039: S ...

oval:org.secpod.oval:def:89002923
This update for gcc10 fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with quot;-10quot; suffix, you can specify ...

oval:org.secpod.oval:def:89044959
This update for poppler fixes the following issues: - CVE-2017-9406: Fixed a memory leak that occurred while parsing invalid XRef attributes . - CVE-2017-9083: Fixed a memory leak that occurred when the parser tried to recover from a broken input file

oval:org.secpod.oval:def:89044837
This update for libvirt fixes several issues. This security issue was fixed: - bsc#1053600: Escape ssh commed line to prevent interpreting malicious hostname as arguments, allowing for command execution These non-security issues were fixed: - bsc#1049505, bsc#1051017: Security manager: Don"t autogen ...

oval:org.secpod.oval:def:89002919
This update for openssl fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . Non-security issue fixed: - Fixed a crash in BN_copy .

oval:org.secpod.oval:def:89044966
This update for ghostscript fixes the following security vulnerabilities: - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to cause a ...

oval:org.secpod.oval:def:89044965
This update for systemd fixes the following issues: This security issue was fixed: - CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges . These non-security issues were fixed: - Fix permission set on /var/lib/systemd ...

oval:org.secpod.oval:def:89044749
This update for apache2 fixes the following security issues: Security issues fixed: - CVE-2016-0736: Protect mod_session_crypto data with a MAC to prevent padding oracle attacks . - CVE-2016-2161: Malicious input to mod_auth_digest could have caused the server to crash, resulting in DoS . - CVE-2016 ...

oval:org.secpod.oval:def:89044875
This update for graphite2 fixes one issue. This security issues was fixed: - CVE-2017-5436: An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution .

oval:org.secpod.oval:def:89044756
This update for git fixes the following issues: - git 2.12.3: * CVE-2017-8386: Fix git-shell not to escape with the starting dash name * Fix for potential segv introduced in v2.11.0 and later * Misc fixes and cleanups. - git 2.12.2: * CLI output fixes * Dump http transport fixes * various fixes for ...

oval:org.secpod.oval:def:89044630
This update for libXcursor fixes the following issues: Security issue fixed: - CVE-2017-16612: Fix integeroverflow while parsing images and a signedness issue while parsing comments .

oval:org.secpod.oval:def:89044992
This update for git fixes the following issues: - CVE-2017-1000117: A client side code execution via shell injection when receiving special submodule strings from a malicious server was fixed

oval:org.secpod.oval:def:89044753
This audiofile update fixes the following issue: Security issues fixed: - CVE-2015-7747: Fixed buffer overflow issue when changing both number of channels and sample format. - CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients - CVE-2017-6828: heap-based buffer overflow ...

oval:org.secpod.oval:def:89044874
This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2017-9439: A memory leak was found in the function ReadPDBImage incoders/pdb.c - CVE-2017-9440: A memory leak was found in the function ReadPSDChannelin coders/psd.c - CVE-2017-9501: An assertion failure could cau ...

oval:org.secpod.oval:def:89044616
This update for freeradius fixes the following issues: Security issues fixed: - CVE-2017-10988: Decode "signed" attributes correctly. - CVE-2017-10987: Check for option overflowing the packet. - CVE-2017-10985: Fix infinite loop and memory exhaustion with "concat" attributes. - CVE-2017-10984: Fi ...

oval:org.secpod.oval:def:89044622
This update for samba fixes the following issues: Security issues fixed: - CVE-2017-14746: Use-after-free vulnerability . - CVE-2017-15275: Server heap memory information leak . Bug fixes: - Update "winbind expand groups" doc in smb.conf man page .

oval:org.secpod.oval:def:89044985
This update for libical fixes the following issues: Security issues fixed: - CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service via a crafted ics file. - CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial ...

oval:org.secpod.oval:def:89044746
This update for postgresql96 fixes the following issues: Security issues fixed: - CVE-2017-15098: Fix crash due to rowtype mismatch in json{b}_populate_recordset . - CVE-2017-15099: Ensure that INSERT ... ON CONFLICT DO UPDATE checks table permissions and RLS policies in all cases . Bug fixes: - Upd ...

oval:org.secpod.oval:def:89044988
This update for apache2 fixes the following issues: Security issue fixed: - CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest. Bug fixes: - Include individual sysconfig.d files instead of the whole sysconfig.d directory. - Include sysconfig.d/include.conf after httpd.conf is process ...

oval:org.secpod.oval:def:89044624
This update for libquicktime fixes the following issues: Security issue fixed: - CVE-2016-2399: Adjust patch to prevent endless loop when there are less than 256 bytes to read

oval:org.secpod.oval:def:89044981
This update for poppler fixes the following issues: Security issues fixed: - CVE-2017-9775: DoS stack buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document - CVE-2017-9776: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF document - CVE-201 ...

oval:org.secpod.oval:def:89044742
This update for gd fixes the following security issues: - CVE-2016-6906: An out-of-bounds read in TGA decompression was fixed which could have lead to crashes. - CVE-2016-6912: Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library allowed remote attackers to have unspe ...

oval:org.secpod.oval:def:89002974
This update for LibVNCServer fixes the following issues: - CVE-2019-15690: Fixed a heap buffer overflow . - CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory . - CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large h ...

oval:org.secpod.oval:def:89044013
This update fixes the following issues in yast2-smt: - Explicitly mention Organization Credentials - Rearrange the SMT set-up dialog - Added missing translation marks - Remove cron job rescheduling This update is a requirement for the security update for SMT. Because of that it is tagged as secu ...

oval:org.secpod.oval:def:89044016
This update for apache2 fixes the following issues: Security issues fixed: - CVE-2016-8743: Fixed liberal whitespace interpretation accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain o ...

oval:org.secpod.oval:def:89002956
This update for cyrus-sasl fixes the following issues: - CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet .

oval:org.secpod.oval:def:89002946
This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters .

oval:org.secpod.oval:def:89002892
This update for ucode-intel fixes the following issues: - Intel CPU Microcode updated to 20201027 prerelease - CVE-2020-8695: Fixed Intel RAPL sidechannel attack - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 # New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New V ...

oval:org.secpod.oval:def:89002894
This update for vim fixes the following issues: - CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces .

oval:org.secpod.oval:def:89044215
This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - Adjust smbcacls "--propagate-inheritance" feature to align with upstream .

oval:org.secpod.oval:def:89044699
This update for gstreamer-plugins-good fixes the following issues: - A crafted aac audio file could have caused an invalid read and thus corruption or denial of service - A crafted mp4 file could have caused an invalid read and thus corruption or denial of service - A crafted avi file could have c ...

oval:org.secpod.oval:def:89044211
This update for gdm fixes the following issues: - Avoid the signal SIGTRAP when gdm exits .

oval:org.secpod.oval:def:89044691
This update for rrdtool provides the following fixes: - CVE-2013-2131: Enhance imginfo format validation checks to prevent crashes. - Add rrdtool-cached sub-package to SLE 12-SP1

oval:org.secpod.oval:def:89002886
This update for mariadb fixes the following issues: Security issue fixed: - CVE-2019-2974: Fixed Server Optimizer .

oval:org.secpod.oval:def:89044688
This update for ImageMagick fixes the following issues: - CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped - CVE-2016-10049: Corrupt RLE files could have overfl ...

oval:org.secpod.oval:def:89044685
This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory . Bugfixes: - Don"t package man pages for VFS modules that aren"t built . - sync_req: make async_connect_send reentrant; ; . - Document winbind: ignore ...

oval:org.secpod.oval:def:89044200
This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids .

oval:org.secpod.oval:def:89044684
This security update for spice fixes the following issues: CVE-2016-9577: A buffer overflow in the spice server could have potentially been used by unauthenticated attackers to execute arbitrary code. CVE-2016-9578: Unauthenticated attackers could have caused a denial of service via a crafted messa ...

oval:org.secpod.oval:def:89044681
This update for libplist fixes the following issues: Security issues fixed: - CVE-2017-6439: Heap-based buffer overflow in the parse_string_node function. - CVE-2017-6438: Heap-based buffer overflow in the parse_unicode_node function. - CVE-2017-6437: The base64encode function in base64.c allows l ...

oval:org.secpod.oval:def:89044680
This update for systemd and dracut fixes the following issues: Security issues fixed: - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. Non-security issues fixed in systemd: - Automounter issue in combination with NFS volumes - Missing sy ...

oval:org.secpod.oval:def:89044683
This update for ImageMagick fixes the following issues: * CVE-2017-14989: use-after-free in RenderFreetype in MagickCore/annotate.c could lead to denial of service [bsc#1061254] * CVE-2017-14682: GetNextToken in MagickCore/token.c heap buffer overflow could lead to denial of service [bsc#1060176] * ...

oval:org.secpod.oval:def:89044682
This update for tigervnc provides the several fixes. These security issues were fixed: - CVE-2017-7392, CVE-2017-7396: Client can cause leak in VNC server - CVE-2017-7395: Authenticated VNC client can crash VNC server - CVE-2017-7394: Client can crash or block VNC server - CVE-2017-7393: Authenti ...

oval:org.secpod.oval:def:89002990
This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension .

oval:org.secpod.oval:def:89002872
This update for openssl fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME .

oval:org.secpod.oval:def:89044235
This update for java-1_7_0-openjdk fixes the following issues: - Update to 2.6.25 - OpenJDK 7u291 * Security fixes + JDK-8247619: Improve Direct Buffering of Characters * Import of OpenJDK 7 u291 build 1 + JDK-8254177: Upgrade time-zone data to tzdata2020b + JDK-8254982: Upgrade time-zone data to ...

oval:org.secpod.oval:def:89002986
This update for ovmf fixes the following issues: - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler . - CVE-2019-14559: Fixed a memory leak in ArpOnFrameRcvdDpc .

oval:org.secpod.oval:def:89044581
This update for policycoreutils fixes the following issues: * CVE-2016-7545: nonpriv session can escape to parent [bsc#1000998]

oval:org.secpod.oval:def:89003416
This update for wpa_supplicant fixes the following issues: This security issue was fixed: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the vul ...

oval:org.secpod.oval:def:89003401
This update for curl fixes the following issues: Security issue fixed: - CVE-2019-5436: Fixed a heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server .

oval:org.secpod.oval:def:89003402
This update for wget fixes the following issues: Security issue fixed: - CVE-2019-5953: Fixed a buffer overflow vulnerability which might cause code execution .

oval:org.secpod.oval:def:89003465
This update for gdb fixes the following issues: Update to gdb 8.3.1: Security issues fixed: - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version gt; librpm.so.3 [bsc#1145692]: * Allow a ...

oval:org.secpod.oval:def:89003224
This update for ibus fixes the following issues: Security issue fixed: - CVE-2019-14822: Fixed a misconfiguration of the DBus server that allowed an unprivileged user to monitor and send method calls to the ibus bus of another user

oval:org.secpod.oval:def:89003108
This update for curl fixes the following issues: Security issue fixed: - CVE-2018-16839: Fixed a buffer overflow in the SASL authentication code .

oval:org.secpod.oval:def:89003227
This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2019-8457: Fixed a Heap out-of-bound read in rtreenode when handling invalid rtree tables .

oval:org.secpod.oval:def:89044295
This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update which could have caused named to terminate unexpectedly . - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the ...

oval:org.secpod.oval:def:89003214
This update for sqlite3 fixes the following issues: - CVE-2017-2518: Fixed a use-after-free vulnerability which could have led to buffer overflow via a crafted SQL statement .

oval:org.secpod.oval:def:89003441
This update for freeradius-server fixes the following issues: Security issues fixed: - CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points . - CVE-2019-11234: Fixed an authentication bypass caused by reflecting privou ...

oval:org.secpod.oval:def:89003201
This update for dbus-1 fixes the following issue: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication .

oval:org.secpod.oval:def:89003324
This update for the Linux Kernel 4.4.121-92_104 fixes one issue. The following security issue was fixed: - CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for every incoming packet which can lead to a denial of service .

oval:org.secpod.oval:def:89003445
This update for bash fixes the following issues: Security issue fixed: - CVE-2019-9924: Fixed a vulnerability in which shell did not prevent user BASH_CMDS allowing the user to execute any command with the permissions of the shell .

oval:org.secpod.oval:def:89003326
This update for the Linux Kernel 3.12.74-60_64_110- fixes one issue. The following security issue was fixed: - CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for every incoming packet which can lead to a denial of servic ...

oval:org.secpod.oval:def:89003312
This update for atftp fixes the following issues: Security issues fixed: - CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because thread_list_mutex was not locked . - CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by an insecu ...

oval:org.secpod.oval:def:89003433
This update for spice fixes the following issues: Security issue fixed: - CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution .

oval:org.secpod.oval:def:89003438
This update for libssh2_org fixes the following issues: - Fix the previous fix for CVE-2019-3860

oval:org.secpod.oval:def:89003436
This update for xen fixes the following issues: Security issues fixed: - Fixed an issue which could allow malicious PV guests may cause a host crash or gain access to data pertaining to other guests.Additionally, vulnerable configurations are likely to be unstable even in the absence of an attack . ...

oval:org.secpod.oval:def:89003357
This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input . - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources . - CVE-2019-13164: Security fix for qemu-bridge-help ...

oval:org.secpod.oval:def:89003084
This update for ghostscript to 9.27 fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. - CVE-2019 ...

oval:org.secpod.oval:def:89043976
This update for spice-vdagent provides the following fixes: This security issue was fixed: - CVE-2017-15108: Properly escape save directory that is passed to the shell to prevent local attacker with access to the session the agent runs from injecting arbitrary commands to be executed . This non-secu ...

oval:org.secpod.oval:def:89045547
This update for aspell fixes the following issues: - CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top .

oval:org.secpod.oval:def:89003003
This update for postgresql10 fixes the following issues: Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a

oval:org.secpod.oval:def:89003273
This update for clamav fixes the following issues: - CVE-2019-15961: Fixed a denial of service which might occur when scanning a specially crafted email file as .

oval:org.secpod.oval:def:89044203
This update for tomcat fixes the following issues: - CVE-2021-25329: Complete fix for CVE-2020-9484

oval:org.secpod.oval:def:89002972
This update for LibVNCServer fixes the following issues: - CVE-2020-25708 [bsc#1178682], libvncserver/rfbserver.c has a divide by zero which could result in DoS

oval:org.secpod.oval:def:89003383
This update for java-1_7_0-openjdk fixes the following issues: Security issues fixed : - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes - CVE-2019-2964: Better support for patt ...

oval:org.secpod.oval:def:89003474
This update for mailman fixes the following issues: - CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root .

oval:org.secpod.oval:def:89045341
This mariadb update to version 10.0.28 fixes the following issues : Security fixes: - CVE-2016-8283: Unspecified vulnerability in subcomponent Types - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated - CVE-201 ...

oval:org.secpod.oval:def:89045539
This update for openssl fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521]

oval:org.secpod.oval:def:89044926
This update for openssh fixes the following issues: Security issue fixed: - CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server . Bug fixes: - FIPS: Startup selfchecks . - FIPS: Silent complaints about unsupported key exchange methods . - Refine handling of sockets for X ...

oval:org.secpod.oval:def:89048082
This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.60 state of Mozilla SSL root CAs Removed CAs: - Global Chambersign Root - EC-ACC - Network Solutions Certificate Authority - Staat der Nederlanden EV Root CA - SwissSign Platinum CA - G2 Added CAs: - DIGITALSIGN GLOB ...

oval:org.secpod.oval:def:89003000
This update for tigervnc fixes the following issues: - CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder . - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode . - CVE-2019-15693: Fixed a heap-based buffer overflow in TightDecoder::Filte ...

oval:org.secpod.oval:def:89003005
This update for postgresql12 fixes the following issues: Upgrade to version 12.5: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a

oval:org.secpod.oval:def:89044787
This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling - CVE-2017-3317: unspecified vulnerability affecting Logging - CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 - CVE-2017 ...

oval:org.secpod.oval:def:89045770
This update for postgresql96 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake .

oval:org.secpod.oval:def:89045796
This update for postgresql10 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake .

oval:org.secpod.oval:def:89045567
This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ...

oval:org.secpod.oval:def:89003002
This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU .

oval:org.secpod.oval:def:89003410
This update for xen fixes the following issues: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service . - CVE-2019-143 ...

oval:org.secpod.oval:def:89000695
This update for ghostscript to version 9.52 fixes the following issues: - CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2_image_compose .

oval:org.secpod.oval:def:89043999
This update for glibc fixes the following issues: - CVE-2017-18269: Fix SSE2 memmove issue when crossing 2GB boundary - CVE-2018-11236: Fix overflow in path length computation - CVE-2018-11237: Don"t write beyond buffer destination in __mempcpy_avx512_no_vzeroupper Non security bugs fixed: - Fix ...

oval:org.secpod.oval:def:89044626
This update for gdk-pixbuf provides the following fixes: - Add overflow checks when creating pixbuf structures in general - Fix arithmetic overflow in the BMP loader - Adds support for BMPv3 with bitmasks

oval:org.secpod.oval:def:89044989
This update for gdk-pixbuf fixes the following issues: - CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability - CVE-2017-2870: tiff_image_parse Code Execution Vulnerability - CVE-2017-6313: A dangerous integer underflow in io-icns.c - CVE-2017-6314: Infinite loop ...

oval:org.secpod.oval:def:89045778
This update for postgresql, postgresql13 and postgresql14 fixes the following issues: Security issues fixed: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshak ...

oval:org.secpod.oval:def:89045576
This update for libesmtp fixes the following issues: - CVE-2019-19977: Fix stack-based buffer over-read in ntlm/ntlmstruct.c .

oval:org.secpod.oval:def:89044627
This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues: - New vmware-namespace-cmd command line utility - GTK3 support - Common Agent Framework - Guest authentication with xmlsec1 - Sub-command to push updated network information to the host on demand - Fix f ...

oval:org.secpod.oval:def:89044818
This update librsvg to version 2.40.18 fixes the following issues: Security issue fixed: - CVE-2017-11464: A SIGFPE is raised in the function box_blur_line of rsvg-filter.c

oval:org.secpod.oval:def:89044575
This update for dbus-1 to version 1.8.22 fixes one security issue and bugs. The following security issue was fixed: - bsc#1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. The following upstream changes are included: - Change the default config ...

oval:org.secpod.oval:def:89045106
This update for linuxptp fixes the following issues: - CVE-2021-3570: Validate the messageLength field of incoming messages

oval:org.secpod.oval:def:89044867
This update for gstreamer-0_10-plugins-base fixes the following security issues: - A crafted AVI file could have caused a floating point exception leading to DoS

oval:org.secpod.oval:def:89045568
This update for file fixes the following issues: - CVE-2019-18218: Fixed heap-based buffer overflow in cdf_read_property_info in cdf.c .

oval:org.secpod.oval:def:89045110
This update for systemd fixes the following issues: Security issues fixed: - CVE-2021-33910: Fixed a denial of service in systemd Other fixes: - mount-util: shorten the loop a bit - mount-util: do not use the official MAX_HANDLE_SZ - mount-util: tape over name_to_handle_at flakiness - mount-u ...

oval:org.secpod.oval:def:89044645
This update for tiff to version 4.0.8 fixes a several bugs and security issues: These security issues were fixed: - CVE-2017-7595: The JPEGSetupEncode function allowed remote attackers to cause a denial of service via a crafted image . - CVE-2016-10371: The TIFFWriteDirectoryTagCheckedRational func ...

oval:org.secpod.oval:def:89003361
This update for MozillaFirefox fixes the following issues: Security issues fixed: CVE-2018-18500: Fixed a use-after-free parsing HTML5 stream . CVE-2018-18501: Fixed multiple memory safety bugs . CVE-2018-18505: Fixed a privilege escalation through IPC channel messages .

oval:org.secpod.oval:def:89003120
This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 68.3esr Security issues fixed: - CVE-2019-17008: Fixed a use-after-free in worker destruction - CVE-2019-13722: Fixed a stack corruption due to incorrect number of arguments in WebRTC code - CVE-2019-11745: ...

oval:org.secpod.oval:def:89003390
This update for MozillaFirefox fixes the following issues: - Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 - CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sa ...

oval:org.secpod.oval:def:89044885
This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the following issues: This security issue was fixed for mozilla-nss: - CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating handshake hashes These security issues were fixed for Firefox - CVE-2017-7825: Fixed some Tibetan and ...

oval:org.secpod.oval:def:89044613
This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts - CVE-2017-7792 Buffer overflow viewing certificates ...

oval:org.secpod.oval:def:89044741
This update for MozillaFirefox ESR 52.5 fixes the following issues: Security issues fixed: - CVE-2017-7826: Memory safety bugs fixed . - CVE-2017-7828: Use-after-free of PressShell while restyling layout . - CVE-2017-7830: Cross-origin URL information leak through Resource Timing API . Mozilla Found ...

oval:org.secpod.oval:def:89045793
This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-afte ...

oval:org.secpod.oval:def:89044860
This update for apparmor provides the following fixes: This security issue was fixed: - CVE-2017-6507: Preserve unknown profiles when reloading apparmor.service These non-security issues were fixed: - Add tunables/kernelvars abstraction. - Update flags of ntpd profile. - Force AppArmor to start a ...

oval:org.secpod.oval:def:89044717
This update for util-linux fixes the following issues: This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges . This non-security issues were fixed: - lscpu: Implement WSL detection and w ...

oval:org.secpod.oval:def:89045277
This update for util-linux fixes the following issues: - Consider redundant slashes when comparing paths . - Use upstream compatibility patches for --show-pt-geometry with obsolescence and deprecation warning - Replace cifs mount detection patch with upstream one that covers all cases . - Reuse exi ...

oval:org.secpod.oval:def:89044700
This update for gstreamer fixes the following security issues: - A crafted AVI file could have caused an invalid memory read, possibly causing DoS or corruption

oval:org.secpod.oval:def:89044927
This update for gstreamer-plugins-base fixes the following issues: * CVE-2016-9811: Malicious file could could cause an invalid read leading to crash [bsc#1013669]

oval:org.secpod.oval:def:89044991
This update for gstreamer-plugins-base fixes the following security issues: - A crafted AVI file could have caused a floating point exception leading to DoS - A crafted AVI file could have caused a stack overflow leading to DoS - A crafted SAMI subtitle file could have caused an invalid memory acc ...

oval:org.secpod.oval:def:89045256
This update for gstreamer-plugins-bad fixes the following security issues, which would allow attackers able to submit media files for indexing to cause code execution or crashes: - Check an integer overflow and initialize a buffer in vmncdec. - CVE-2016-9809: Ensure codec_data has the right size ...

oval:org.secpod.oval:def:89003392
This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas - CVE-2018-16866: Fixed an information leak in journald - Fixed an issue during system startup in relation to encrypted sw ...

oval:org.secpod.oval:def:89045261
This update for openjpeg2 fixes the following issues: * CVE-2016-9114: NULL Pointer Access in function imagetopnm of convert.c:1943 could lead to crash [bsc#1007740] * CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.c [bsc#1007741] * CVE-2016-9580, CVE-2016-9581: Possible Heap ...

oval:org.secpod.oval:def:89044644
This update for libXdmcp fixes the following issues: - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable

oval:org.secpod.oval:def:89044968
This update for samba fixes several issues. These security issues were fixed: - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client . - CVE-2017-12150: Always enforce smb signing when it is configured . - CVE-2017-1215 ...

oval:org.secpod.oval:def:89044751
This update for spice fixes the following issues: - CVE-2017-7506: A possible buffer overflow via invalid monitor configurations

oval:org.secpod.oval:def:89044994
This update for cairo fixes the following issues: - CVE-2017-7475: Fixed a segfault in get_bitmap_surface due to malformed font . - CVE-2016-9082: fix a segfault when using 4GB images since int values were used for pointer operations .

oval:org.secpod.oval:def:89045385
This update for ImageMagick fixes the following issues: * CVE-2016-9556 Possible Heap-overflow found by fuzzing [bsc#1011130] * CVE-2016-9559 Possible Null pointer access found by fuzzing [bsc#1011136] * CVE-2016-8707 Possible code execution in Tiff conver utility [bsc#1014159] * CVE-2016-8866 Memor ...

oval:org.secpod.oval:def:89045344
This update for qemu to version 2.6.2 fixes the several issues. These security issues were fixed: - CVE-2016-7161: Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU allowed attackers to execute arbitrary code on the QEMU host via a large ethlite packet . - CVE-201 ...

oval:org.secpod.oval:def:89045178
This update for tar fixes the following issues: - Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path name specified on the command line [bsc#1007188] [CVE-2016-6321] - Fix Amanda integration iss ...

oval:org.secpod.oval:def:89044949
This update for pam fixes the following issues: - CVE-2015-3238: pam_unix in conjunction with SELinux allowed for DoS attacks . - log a hint to syslog if /etc/nologin is present, but empty . - If /etc/nologin is present, but empty, log a hint to syslog. - Added support for libowcrypt.so, if present ...

oval:org.secpod.oval:def:89002876
This update for gcc9 fixes the following issues: The GNU Compiler Collection is shipped in version 9. A detailed changelog on what changed in GCC 9 is available at https://gcc.gnu.org/gcc-9/changes.html The compilers have been added to the SUSE Linux Enterprise Toolchain Module. To use these compile ...

oval:org.secpod.oval:def:89003083
This update for clamav to version 0.100.3 fixes the following issues: Security issues fixed : - CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. - CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files . ...

oval:org.secpod.oval:def:89003318
This update for ghostscript to version 9.26a fixes the following issues: Security issue fixed: - CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators

oval:org.secpod.oval:def:89003293
This update for binutils fixes the following issues: binutils was updated to current 2.32 branch @7b468db3 [jsc#ECO-368]: Includes the following security fixes:.

oval:org.secpod.oval:def:89003177
This update for MozillaFirefox fixes the following issues: Security issuess addressed: - update to Firefox ESR 60.6.1 : - CVE-2019-9813: Fixed Ionmonkey type confusion with __proto__ mutations - CVE-2019-9810: Fixed IonMonkey MArraySlice incorrect alias information - Update to Firefox ESR 60.6 : - C ...

oval:org.secpod.oval:def:89003117
This update for glib2 provides the following fix: Security issues fixed: - CVE-2019-12450: Fixed an improper file permission when copy operation takes place . - CVE-2018-16428: Avoid a null pointer dereference that could crash glib2 users in markup processing . - CVE-2018-16429: Fixed out-of-bounds ...

oval:org.secpod.oval:def:89003343
This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers . - CVE-2019-6111: Properly ...

oval:org.secpod.oval:def:89003346
This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate te ...

oval:org.secpod.oval:def:89048630
This update of grub2 fixes the following issues: * rebuild the package with the new secure boot key .

oval:org.secpod.oval:def:89044234
This update for cups fixes the following issues: - CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks

oval:org.secpod.oval:def:89044802
This update for postgresql94 fixes the following issues: * CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. * CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. * CVE-2017-7548: lo_put ...

oval:org.secpod.oval:def:89044850
This update for postgresql96 fixes the following issues: * CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. * CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. * CVE-2017-7548: lo_put ...

oval:org.secpod.oval:def:89046056
This update for virglrenderer fixes the following issues: - CVE-2022-0135: Fixed out-of-bonds write in read_transfer_data .

oval:org.secpod.oval:def:89045540
This update for cpio fixes the following issues: - A patch previously applied to remedy CVE-2021-38185 introduced a regression that had the potential to cause a segmentation fault in cpio. [bsc#1189465]

oval:org.secpod.oval:def:89048179
This update for bluez fixes the following issues: - CVE-2022-39176: Fixed a memory safety issue that could allow physically proximate attackers to obtain sensitive information . - CVE-2022-39177: Fixed a memory safety issue that could allow physically proximate attackers to cause a denial of service ...

oval:org.secpod.oval:def:89003278
This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of ...

oval:org.secpod.oval:def:89048159
This update for freeradius-server fixes the following issues: - CVE-2022-41859: Fixed an issue in EAP-PWD that could leak information about the password, which could facilitate dictionary attacks . - CVE-2022-41860: Fixed a crash in servers with EAP_SIM manually configured, which could be triggered ...

oval:org.secpod.oval:def:89047681
This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser .

oval:org.secpod.oval:def:89048894
This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230512 release. * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL-N | A0 | 06-be-00/01 | | 0000 ...

oval:org.secpod.oval:def:89047044
This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ...

oval:org.secpod.oval:def:89046080
This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb . - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image . - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS ...

oval:org.secpod.oval:def:89046090
This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser .

oval:org.secpod.oval:def:89049103
This update for java-1_8_0-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 6 : * Fixed issue in Java Virtual Machine where outofmemory killer terminates the jvm due to failure in control groups detection.

oval:org.secpod.oval:def:89049237
This update for tomcat fixes the following issues: * Remove the log4j dependency as it is not used by the tomcat package Security hardening, related to Spring Framework vulnerabilities: \- Deprecate getResources and always return null .

oval:org.secpod.oval:def:89044953
This update for krb5 fixes several issues. This security issue was fixed: - CVE-2017-11462: Prevent automatic security context deletion to prevent double-free These non-security issues were fixed: - Set rdns and dns_canonicalize_hostname to false in krb5.conf in order to improve client security in ...

oval:org.secpod.oval:def:89003113
This update for krb5 fixes the following issues: Security issue fixed: - CVE-2018-20217: Fixed an assertion issue with older encryption types

oval:org.secpod.oval:def:89044641
This update for krb5 fixes the following issues: Security issues fixed: - CVE-2017-15088: A buffer overflow in get_matching_data was fixed that could under specific circumstances be used to execute code

oval:org.secpod.oval:def:89003199
This update for libssh2_org fixes the following issue: - CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service .

oval:org.secpod.oval:def:89003160
This update for samba fixes the following issue: - CVE-2019-10218: Fixed a path injection caused by filenames containing path separators .

oval:org.secpod.oval:def:89003211
This update for samba fixes the following issues: - CVE-2019-10218: Fixed a path injection caused by filenames containing path separators .

oval:org.secpod.oval:def:89045258
This update for libgme fixes the following issues: - CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961: Various issues were fixed in the handling of SPC music files that could have been exploited for gaining privileges of desktop users. [bsc#1015941]

oval:org.secpod.oval:def:89045293
This update for libcares2 fixes the following issues: - Add patch to fix single byte out of buffer write

oval:org.secpod.oval:def:89000634
This update for wicked fixes the following issues: - CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options . - CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IA_PD option . - CVE-2020-7216: Fixed a potential denial of service via a memory leak when p ...

oval:org.secpod.oval:def:89000363
This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues: - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method . - CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images . - CVE-2020-6825: Fixed Memory ...

oval:org.secpod.oval:def:89044266
This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ...

oval:org.secpod.oval:def:89046901
This update for open-iscsi fixes the following issues: - CVE-2020-17437: Fixed an out of bounds memory access when the TCP urgent flag is set. Non-security fixes: - Fix an issue with ARP booting when using different subnets . - Allow target discovery using db mode .

oval:org.secpod.oval:def:89003415
This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match . - CVE-2009-5155: Fixed a denial of service in parse_reg_exp . Non-security issues fixed: - Added cfi information ...

oval:org.secpod.oval:def:89048166
This update for libXpm fixes the following issues: - CVE-2022-46285: Fixed an infinite loop that could be triggered when reading a XPM image with a C-style comment that is never closed . - CVE-2022-44617: Fixed an excessive resource consumption that could be triggered when reading small crafted XPM ...

oval:org.secpod.oval:def:89048018
This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing .

oval:org.secpod.oval:def:89047008
This update for squid fixes the following issues: - CVE-2022-41317: Fixed exposure of sensitive information in cache manager . - CVE-2022-41318: Fixed buffer overread in SSPI and SMB Authentication .

oval:org.secpod.oval:def:89000322
This update for bind fixes the following issues: - Amended documentation referring to rule types quot;krb5-subdomainquot; and quot;ms-subdomainquot;. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. [ ...

oval:org.secpod.oval:def:89048032
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ...

oval:org.secpod.oval:def:89048778
This update for shadow fixes the following issues: * CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn .

oval:org.secpod.oval:def:89048671
This update for systemd fixes the following issues: * CVE-2023-26604: Fixed a privilege escalation via the less pager. * CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting . * CVE-2022-3821: Fixed buffer overrun in format_timespan function . Bug fixes: * ...

oval:org.secpod.oval:def:89048657
This update for xterm fixes the following issues: * CVE-2022-45063: Fixed command injection in ESC 50 fontoperation by disabling the change font functionality .

oval:org.secpod.oval:def:89048591
This update for poppler fixes the following issues: * CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder . * CVE-2019-13283: Fixed heap-based buffer over-read that could be triggered by sending a crafted PDF document to the pdftotext tool .

oval:org.secpod.oval:def:89047042
This update for postgresql-jdbc fixes the following issues: - CVE-2022-31197: Fixed SQL injection vulnerability .

oval:org.secpod.oval:def:89047634
This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed denial of service vulnerability with lots of connections . - Exclude ipv6 addresses in client protocol version 2 code

oval:org.secpod.oval:def:89046069
This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c .

oval:org.secpod.oval:def:89000614
This update for postgresql96 fixes the following issues: PostgreSQL was updated to version 9.6.17. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension .

oval:org.secpod.oval:def:89000272
This update for krb5-appl fixes the following issues: - CVE-2020-10188: Fixed a remote root execution .

oval:org.secpod.oval:def:89046088
This update for tcpdump fixes the following issues: - CVE-2018-16301: Fixed segfault when handling large files .

oval:org.secpod.oval:def:89046062
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ...

oval:org.secpod.oval:def:89046101
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework

oval:org.secpod.oval:def:89046745
This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ...

oval:org.secpod.oval:def:89047050
This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ...

oval:org.secpod.oval:def:89047795
This update for MozillaFirefox fixes the following issues: Updated to version 102.4.0 ESR : - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.prin ...

oval:org.secpod.oval:def:89047708
This update for tiff fixes the following issues: - CVE-2022-2519: Fixed a double free in rotateImage . - CVE-2022-2520: Fixed a assertion failure in rotateImage . - CVE-2022-2521: Fixed invalid free in TIFFClose . - CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c . - CVE-2022-2868: F ...

oval:org.secpod.oval:def:89046911
This update for bluez fixes the following issues: - CVE-2019-8922: Fixed a buffer overflow in the implementation of the Service Discovery Protocol .

oval:org.secpod.oval:def:89047647
This update for bluez fixes the following issues: - CVE-2019-8921: Fixed heap-based buffer overflow via crafted request . - CVE-2016-9803: Fixed memory leak .

oval:org.secpod.oval:def:89046071
This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege - CVE-2021-0127: Intel Processor Breakpoint Control Flow - CVE-2021-0145: Fa ...

oval:org.secpod.oval:def:89002897
This update for tigervnc fixes the following issues: - CVE-2020-26117: Server certificates were stored as certiticate authorities, allowing malicious owners of these certificates to impersonate any server after a client had added an exception .

oval:org.secpod.oval:def:89047652
This update for multipath-tools fixes the following issues: - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. - Avoid linking to libreadline to avoid licensing issue

oval:org.secpod.oval:def:89048876
This update for openvswitch fixes the following issues: * CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV . * CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV . * CVE-2022-32166: Fixed out of bounds read in minimask_equal .

oval:org.secpod.oval:def:89046899
This update for rsync fixes the following issues: - CVE-2022-29154: Fixed an arbitrary file write issue that could be triggered by a malicious remote server .

oval:org.secpod.oval:def:89044942
This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as "root". [CVE-2017-7494, bso#12780, bsc#1038231]

oval:org.secpod.oval:def:89044639
This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as "root". [CVE-2017-7494, bso#12780, bsc#1038231]

oval:org.secpod.oval:def:89044767
This update for sudo fixes the following security issue: - CVE-2017-1000368: A follow-up fix to CVE-2017-1000367, the Linux process name could also contain a newline, which could be used to trick sudo to read/write to an arbitrary open terminal. Also the following non security bug was fixed: - Link ...

oval:org.secpod.oval:def:89044608
MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues : * MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of Javascript objects * MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder * MFSA 2017-02/CVE-2017-5386: WebExtensions can use data: protocol to affect ot ...

oval:org.secpod.oval:def:89044725
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation . - CVE-2017-261 ...

oval:org.secpod.oval:def:89044849
This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed : - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass ...

oval:org.secpod.oval:def:89044614
The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs: - CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017 . - CVE-2017-2636 ...

oval:org.secpod.oval:def:89044958
This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS . - CVE-2017-5857: The Virtio GPU Device em ...

oval:org.secpod.oval:def:89044872
The MozillaFirefox was updated to the new ESR 52.2 release, which fixes the following issues : * MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder * MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading * MFSA 2017-16/CVE-2017-7751 Use-after-free with content viewer listene ...

oval:org.secpod.oval:def:89044752
This update for sudo fixes the following issues: CVE-2017-1000367: - Due to incorrect assumptions in /proc/[pid]/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. [bsc#1039361] - Fix FQDN for ho ...

oval:org.secpod.oval:def:89045345
This update for bind fixes the following issues: - A defect in BIND"s handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. - Fix BIND to return a valid hostname in response to ldapdump q ...

oval:org.secpod.oval:def:89045342
xen was updated to version 4.7.1 to fix 17 security issues. These security issues were fixed: - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host . - CVE-2016-9386: x86 null segments were not always treated as unusable allo ...

oval:org.secpod.oval:def:89045360
The SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security issues. The following security bugs were fixed: - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges . - CVE-2016-9794: A ...

oval:org.secpod.oval:def:89045022
This update for bind fixes the following issues: - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699] - Fix a potential assertion failure that could have ...

oval:org.secpod.oval:def:89045383
MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues: * MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES * MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution * MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM ...

oval:org.secpod.oval:def:89045014
This update for sudo fixes the following issues: - A regression in the fix for the CVE-2017-1000368 that broke sudo with the requiretty flag

oval:org.secpod.oval:def:89045255
This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5 : - CVE-2016-5297: Incorrect argument length checking in Javascript - CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler - CVE-2 ...

oval:org.secpod.oval:def:89045161
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive critical security fixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges . - CVE-2016-8632: The t ...

oval:org.secpod.oval:def:89045390
This update for MozillaFirefox fixes security issues. The following vulnerabilities were fixed in Firefox ESR 45.5.1 : - CVE-2016-9079: Use-after-free in SVG Animation could be used for code execution

oval:org.secpod.oval:def:89047023
This update for postgresql14 fixes the following issues: - Upgrade to version 14.5: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to version 14.4 - Release notes: https://www.postgresql.org/docs/release/14.4/ - Release anno ...

oval:org.secpod.oval:def:89047947
This update for tomcat fixes the following issues: - CVE-2022-42252: Fixed a request smuggling .

oval:org.secpod.oval:def:89048013
This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags .

oval:org.secpod.oval:def:89044662
This update for tomcat fixes the following issues: Security issues fixed: - CVE-2017-5664: A problem in handling error pages was fixed, to avoid potential file overwrites during error page handling. - CVE-2017-7674: A CORS Filter issue could lead to client and server side cache poisoning - CVE-2017 ...

oval:org.secpod.oval:def:89044827
This update for tomcat fixes the following issues: - CVE-2017-5647 Pipelined requests could lead to information disclosure - CVE-2017-5648 Untrusted application could retain listener leading to information disclosure - CVE-2016-8745 shared Processor on Connector code could lead to information disc ...

oval:org.secpod.oval:def:89045371
This update for tomcat fixes the following issues: Feature changes: The embedded Apache Commons DBCP component was updated to version 2.0. Security fixes: - CVE-2016-0762: Realm Timing Attack - CVE-2016-5018: Security Manager Bypass - CVE-2016-6794: System Property Disclosure - CVE-2016-6796: Se ...

oval:org.secpod.oval:def:89048514
This update for xorg-x11-server fixes the following issues: * Fixed a regression introduced with security update for CVE-2022-46340 .

oval:org.secpod.oval:def:89000318
This update for xerces-c fixes the following issues: - CVE-2017-12627: Processing of external DTD paths could have resulted in a null pointer dereference under certain conditions

oval:org.secpod.oval:def:89048095
This update for glibc fixes the following issues: - CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings

oval:org.secpod.oval:def:89046726
This update for sysstat fixes the following issues: Security issue fixed: - CVE-2019-19725: Fixed double free in check_file_actlst in sa_common.c . Bug fixes: - Enable log information of starting/stoping services

oval:org.secpod.oval:def:89002967
This update for spice-gtk fixes the following issues: - CVE-2018-10873: Fixed a potential heap corruption when demarshalling - CVE-2018-10893: Fixed a buffer overflow on image lz checks

oval:org.secpod.oval:def:89000410
This update for libexif fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file . - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c . - CVE-2 ...

oval:org.secpod.oval:def:89000455
This update for spice fixes the following issues: - CVE-2018-10873: Fixed a potential heap corruption when demarshalling - CVE-2018-10893: Fixed a buffer overflow on image lz checks

oval:org.secpod.oval:def:89046050
This update for zsh fixes the following issues: - CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion . - CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option . - ...

oval:org.secpod.oval:def:89000662
This update for libxslt fixes the following issue: - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure .

oval:org.secpod.oval:def:89000608
This update for git fixes the following issues: Security issue fixed: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host . Non-security issue fixed: git was updated to 2.26.0 for SHA256 supp ...

oval:org.secpod.oval:def:89000312
This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code . - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . ...

oval:org.secpod.oval:def:89000307
This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised . - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expre ...

oval:org.secpod.oval:def:89000651
This update for icu fixes the following issues: - CVE-2020-10531: Fixed integer overflow in UnicodeString:doAppend .

oval:org.secpod.oval:def:89000402
This update for git to 2.26.2 fixes the following issues: Security issue fixed: - CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted . Non-security issue fixed: - ...

oval:org.secpod.oval:def:89000573
This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug . - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion . Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives . - Don"t defaul ...

oval:org.secpod.oval:def:89000440
This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53.1 - CVE-2020-12402: Fixed a potential side channel attack during RSA key generation . - CVE-2020-12399: Fixed a timing attack on DSA signature generation . - CVE-2019-17006: Added length che ...

oval:org.secpod.oval:def:89000075
This update for python to version 2.7.17 fixes the following issues: Syncing with lots of upstream bug fixes and security fixes. Bug fixes: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed t ...

oval:org.secpod.oval:def:89000044
This update for pam_radius fixes the following issues: - CVE-2015-9542: Fixed a buffer overflow in password field . - On s390x didn"t decrypt passwords correctly .

oval:org.secpod.oval:def:89000314
This update for dovecot22 fixes the following issues: - CVE-2020-12673: improper implementation of NTLM does not check message buffer size . - CVE-2020-12674: improper implementation of RPA mechanism .

oval:org.secpod.oval:def:89000667
This update for libX11 fixes the following issues: - Fixed XIM client heap overflows

oval:org.secpod.oval:def:89000233
This update for libX11 fixes the following issues: - CVE-2020-14363: Fix an integer overflow in init_om .

oval:org.secpod.oval:def:89000242
This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to version 68.9.0 Extended Support Release . - CVE-2020-12405: Fixed a use-after-free in SharedWorkerService. - CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes. - CVE-2020-12410: Fixed multiple ...

oval:org.secpod.oval:def:89000069
This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ...

oval:org.secpod.oval:def:89000052
This update for libX11 fixes the following issues: - Fixed XIM client heap overflows .

oval:org.secpod.oval:def:89000403
This update for openldap2 fixes the following issues: - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules .

oval:org.secpod.oval:def:89000153
This update for postgresql96 fixes the following issues: Upgrade to version 9.6.20: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a

oval:org.secpod.oval:def:89000260
This update for squid fixes the following issues: - CVE-2020-15049.patch: fixes a Cache Poisoning and Request Smuggling attack

oval:org.secpod.oval:def:89048006
This update for glib2 fixes the following issues: - CVE-2021-28153: Fixed a dangling symlink when g_file_replace is used with G_FILE_CREATE_REPLACE_DESTINATION .

oval:org.secpod.oval:def:89048044
This update for xorg-x11-server fixes the following issues: - CVE-2022-46340: Server XTestSwapFakeInput stack overflow - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access - CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free - CVE-2022-46343: Server ScreenSaverSetAttribute ...

oval:org.secpod.oval:def:89049108
This update for ghostscript fixes the following issues: * CVE-2023-36664: Fixed permission validation mishandling for pipe devices with the %pipe% prefix or the | pipe character prefix .

oval:org.secpod.oval:def:89044901
This update for java-1_8_0-ibm fixes the following issues: - Version update to 8.0-4.10 [bsc#1053431] CVE-2017-10111, CVE-2017-10110, CVE-2017-10107, CVE-2017-10101, CVE-2017-10096, CVE-2017-10090, CVE-2017-10089, CVE-2017-10087, CVE-2017-10102, CVE-2017-10116, CVE-2017-10074, CVE-2017-10078, CVE-20 ...

oval:org.secpod.oval:def:89044990
This update for java-1_8_0-openjdk fixes the following issues: - Upgrade to version jdk8u131 - bsc#1034849 * Security fixes - S8163520, CVE-2017-3509: Reuse cache entries - S8163528, CVE-2017-3511: Better library loading - S8165626, CVE-2017-3512: Improved window framing - S8167110, CVE-2017-3514: ...

oval:org.secpod.oval:def:89045335
OpenJDK Java was updated to jdk8u111 to fix the following issues: * Security fixes + S8146490: Direct indirect CRL checks + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks + S8156794: Extend data sharing + S8157176: Improved ...

oval:org.secpod.oval:def:89045196
This update for java-1_7_1-ibm fixes the following issues: - Version update to 7.1-3.60 Fixing the following CVE"s: CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, CVE-2016-5542

oval:org.secpod.oval:def:89045162
This update for java-1_8_0-ibm fixes the following issues: - CVE-2016-5568: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT - CVE-2016-5556: Unspecified vulnerability allowed remote attackers to affect confidentiali ...

oval:org.secpod.oval:def:89045274
This update for java-1_7_0-openjdk fixes the following issues: - Update to 2.6.8 - OpenJDK 7u121 * Security fixes + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks + S8157176: Improved classfile parsing + S8157739, CVE-2016-55 ...

oval:org.secpod.oval:def:89044957
This update for tiff fixes the following issues: - A crafted TIFF image could cause a crash and potential code execution when processed by the "tiffcp" utility . Also a regression from the version update to 4.0.7 was fixed in handling TIFFTAG_FAXRECVPARAMS

oval:org.secpod.oval:def:89045170
This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed: - CVE-2016-8887: NULL pointer dereference in jp2_colr_destroy - CVE-2016-8886: memory allocation failure in jas_malloc - CVE-2016-8884,CVE-2016-8885: two null pointer dereferences in bmp_getdata ...

oval:org.secpod.oval:def:89048791
This update for liblouis fixes the following issues: * CVE-2023-26767: Fixed buffer overflow vulnerability in lou_logFile function . * CVE-2023-26768: Fixed buffer overflow in lou_logFile . * CVE-2023-26769: Fixed buffer Overflow vulnerability in resolveSubtable function .

oval:org.secpod.oval:def:89047043
This update for krb5-appl fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in krb5-appl telnetd .

oval:org.secpod.oval:def:89047684
This update for telnet fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in telnetd .

oval:org.secpod.oval:def:89048148
This update for git fixes the following issues: - CVE-2022-41903: Fixed a heap overflow in the "git archive" and "git log --format" commands . - CVE-2022-23521: Fixed an integer overflow that could be triggered when parsing a gitattributes file .

oval:org.secpod.oval:def:89003300
This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice . - CVE-2019-19604: Fixed a recursive clone followed by a su ...

oval:org.secpod.oval:def:89045776
This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos . - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members .

oval:org.secpod.oval:def:89044998
This update for openjpeg2 fixes several issues. These security issues were fixed: - CVE-2016-10507: Integer overflow vulnerability in the bmp24toimage function allowed remote attackers to cause a denial of service via a crafted bmp file . - CVE-2017-14039: A heap-based buffer overflow was discovere ...

oval:org.secpod.oval:def:89045160
This update for w3m fixes the following issues: - update to debian git version addressed security issues: CVE-2016-9622: w3m: null deref CVE-2016-9623: w3m: null deref CVE-2016-9624: w3m: near-null deref CVE-2016-9625: w3m: stack overflow CVE-2016-9626: w3m: stack overflow CVE-2016-9627: w3m: ...

oval:org.secpod.oval:def:89044902
This update for guile fixes the following issues: - CVE-2016-8605: Fixed thread-unsafe umask modification .

oval:org.secpod.oval:def:89049308
This update for krb5 fixes the following issues: * CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated remote user

oval:org.secpod.oval:def:89003480
This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user . These non-secu ...

oval:org.secpod.oval:def:89048606
This update for emacs fixes the following issues: * CVE-2022-48337: Fixed etags local command injection vulnerability . * CVE-2022-48339: Fixed htmlfontify.el command injection vulnerability .

oval:org.secpod.oval:def:89048665
This update for xorg-x11-server fixes the following issues: * CVE-2023-1393: Fixed use-after-free overlay window .

oval:org.secpod.oval:def:89048967
This update for libX11 fixes the following issues: * CVE-2023-3138: Fixed buffer overflows in InitExt.c .

oval:org.secpod.oval:def:89049227
This update for gstreamer-plugins-good fixes the following issues: * CVE-2023-37327: Fixed FLAC file parsing integer overflow remote code execution vulnerability

oval:org.secpod.oval:def:89049240
This update for gstreamer-plugins-base fixes the following issues: * CVE-2023-37327: Fixed FLAC file parsing integer overflow remote code execution vulnerability. * CVE-2023-37328: Fixed PGS file parsing heap-based buffer overflow remote code execution vulnerability

oval:org.secpod.oval:def:89045566
This update for bind fixes the following issues: - CVE-2020-8622: A truncated TSIG response can lead to an assertion failure .

oval:org.secpod.oval:def:89048061
This update for java-1_7_1-ibm fixes the following issues: IBM Security Update November 2022: - CVE-2022-3676: A security vulnerability was fixed in version 7.1.5.15, adding the reference here.

oval:org.secpod.oval:def:89048069
This update for java-1_8_0-ibm fixes the following issues: IBM Security Update November 2022: - CVE-2022-3676: A security vulnerability was fixed in version 8.0.7.20, adding the reference here.

oval:org.secpod.oval:def:89049229
This update for webkit2gtk3 fixes the following issues: Update to version 2.40.5 : * CVE-2023-38133: Fixed information disclosure. * CVE-2023-38572: Fixed Same-Origin-Policy bypass. * CVE-2023-38592: Fixed arbitrary code execution. * CVE-2023-38594: Fixed arbitrary code execution. * CVE-2023-38595: ...

oval:org.secpod.oval:def:89048187
This update for tiff fixes the following issues: - CVE-2022-48281: Fixed a buffer overflow that could be triggered via a crafted image .

oval:org.secpod.oval:def:89003010
This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 - Fix for CVE-2020-15706 - Fix for CVE-2020-15707 - Use overflow checking primitives where the arithmetic expression for buffer allocations may inclu ...

oval:org.secpod.oval:def:89048824
This update for shim fixes the following issues: * Updated shim signature after shim 15.7 be signed back: signature- sles.x86_64.asc, signature-sles.aarch64.asc * Add POST_PROCESS_PE_FLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe because g ...

oval:org.secpod.oval:def:89047036
This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c .

oval:org.secpod.oval:def:89046084
This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function .

oval:org.secpod.oval:def:89047011
This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA a ...

oval:org.secpod.oval:def:89044205
This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars .

oval:org.secpod.oval:def:89048194
This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp ...

oval:org.secpod.oval:def:89003166
This update for apache2 fixes the following issues: * CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for URL normalization throughout all of its components. In particular, consecutive slashes were not always collapsed. Attackers could potentially abuse these inconsistencies ...

oval:org.secpod.oval:def:89046431
This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash

oval:org.secpod.oval:def:89044012
This update for perl fixes the following issues: These security issue were fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c . - CVE-2018-6798: Fixed heap buffer overflow in regexec.c . - CVE-2018-6797: Fixed sharp-s regexp overflow . - CVE-2018-12015: The Archive::Tar module allow ...

oval:org.secpod.oval:def:89048749
This update for ovmf fixes the following issues: * CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 . * CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd .

oval:org.secpod.oval:def:89044952
This update for libpng15 fixes the following issues: Security issues fixed: - CVE-2015-8540: read underflow in libpng - CVE-2016-10087: NULL pointer dereference in png_set_text_2

oval:org.secpod.oval:def:89044660
This update for libpng12 fixes the following issues: Security issues fixed: - CVE-2015-8540: read underflow in libpng - CVE-2016-10087: NULL pointer dereference in png_set_text_2

oval:org.secpod.oval:def:89044611
Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generate ...

oval:org.secpod.oval:def:89045156
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed: - CVE-2016-9311, CVE-2016-9310, bsc#1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc#1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428, bsc ...

oval:org.secpod.oval:def:89003151
This update for mariadb fixes the following issues: Update to MariaDB 10.0.38 GA . Security issues fixed: - CVE-2019-2537: Denial of service via multiple protocols - CVE-2019-2529: Denial of service via multiple protocols - CVE-2018-3282: Server Storage Engines unspecified vulnerability - CVE-20 ...

oval:org.secpod.oval:def:89044677
This update for java-1_7_1-ibm fixes the following issues: - Version update to 7.1-4.5 bsc#1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number ...

oval:org.secpod.oval:def:89044791
This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u151 Security issues fixed: - CVE-2017-10274: Handle smartcard clean up better - CVE-2017-10281: Better queuing priorities - CVE-2017-10285: Unreferenced references - CVE-2017-10295: Better URL connections - ...

oval:org.secpod.oval:def:89044854
This update for expat fixes the following issues: - CVE-2016-9063: Possible integer overflow to fix inside XML_Parse leading to unexpected behaviour - CVE-2017-9233: External Entity Vulnerability could lead to denial of service

oval:org.secpod.oval:def:89045007
This update for opus fixes the following issues: - CVE-2017-0381: Fixed a remote code execution vulnerability in silk/NLSF_stabilize.c when playing certain media files

oval:org.secpod.oval:def:89045011
This update for java-1_7_1-ibm fixes the following issues: - Security update to version 7.1.4.15 [bsc#1070162] * CVE-2017-10349: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE . Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE ...

oval:org.secpod.oval:def:89003262
This update for java-1_7_1-ibm to version 7.1.4.40 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl . - CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c . More information: https://developer.ibm.com/javasdk/support/s ...

oval:org.secpod.oval:def:89003374
This update for java-1_8_0-ibm to version 8.0.5.30 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl . - CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c . - CVE-2018-1890: Fixed a local privilege escalation via RPATH ...

oval:org.secpod.oval:def:89044920
This update for xen fixes several issues: These security issues were fixed: - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host - CVE-2017 ...

oval:org.secpod.oval:def:89003236
This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend .

oval:org.secpod.oval:def:89044823
This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service by leveraging an incorrect return value . - CVE-2017-8379: Memory leak in the keyboard input event handlers support allo ...

oval:org.secpod.oval:def:89044896
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.38 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing ex ...

oval:org.secpod.oval:def:89003097
This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 45. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes . - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component . - CVE-2019-2697: Fixed fla ...

oval:org.secpod.oval:def:89044675
This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c . - CVE-2017-9524: The qemu-nbd server when built with the Network Bloc ...

oval:org.secpod.oval:def:89044695
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY , but d ...

oval:org.secpod.oval:def:89003308
This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd . - CVE-20 ...

oval:org.secpod.oval:def:89003411
This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation . - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp . - CVE-2018-19489: Fixed a denial of ser ...

oval:org.secpod.oval:def:89003340
This update for java-1_7_0-openjdk fixes the following issues: Update to 2.6.18 - OpenJDK 7u221 Security issues fixed: - CVE-2019-2602: Fixed flaw inside BigDecimal implementation . - CVE-2019-2684: Fixed flaw inside the RMI registry implementation . - CVE-2019-2698: Fixed out of bounds access fla ...

oval:org.secpod.oval:def:89003339
This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 35. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes . - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component . - CVE-2019-2697: Fixed fla ...

oval:org.secpod.oval:def:89003320
This update for java-1_8_0-openjdk to version 8u191 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ...

oval:org.secpod.oval:def:89003443
This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd . Other isses addressed: - Fixed an issue which caused openSSL mismatch - Fixed several bugs in the BA ...

oval:org.secpod.oval:def:89048593
This update for vim fixes the following issues: * CVE-2023-0512: Fixed a divide By Zero . * CVE-2023-1175: vim: an incorrect calculation of buffer size . * CVE-2023-1170: Fixed a heap-based Buffer Overflow . * CVE-2023-1127: Fixed divide by zero in scrolldown . Updated to version 9.0 with patch leve ...

oval:org.secpod.oval:def:89044816
This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] Security issues fixed: - CVE-2016-7055: The x86_64 optimized montgomery multiplication may produce incorrect results - CVE-2017-3731: Truncated packet could crash via OOB read - CVE-2017-37 ...

oval:org.secpod.oval:def:89044844
This update for gnutls fixes the following security issues: - GnuTLS could have crashed when processing maliciously crafted OpenPGP certificates - GnuTLS could have falsely accepted certificates when using OCSP - GnuTLS could have suffered from 100% CPU load DoS attacks by using SSL alert packets ...

oval:org.secpod.oval:def:89048292
This update for clamav fixes the following issues: - CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser . - CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser .

oval:org.secpod.oval:def:89048134
This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions .

oval:org.secpod.oval:def:89049264
This update for openssl-1_0_0 fixes the following issues: * CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value

oval:org.secpod.oval:def:89048766
This update for dmidecode fixes the following issues: * CVE-2023-30630: Fixed potential privilege escalation vulnerability via file overwrite .

oval:org.secpod.oval:def:89048478
This update for xen fixes the following issues: * CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode . * CVE-2022-42331: Fixed speculative vulnerability in 32bit SYSCALL path on x86 . ## Special Instructions and Notes: * Please reboot the system after installing this update.

oval:org.secpod.oval:def:89048191
This update for xen fixes the following issues: - CVE-2022-23824: Fixed multiple speculative execution issues . Special Instructions and Notes: Please reboot the system after installing this update.

oval:org.secpod.oval:def:89000232
This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 68.6.1esr MFSA 2020-11 * CVE-2020-6819 Use-after-free while running the nsDocShell destructor * CVE-2020-6820 Use-after-free when handling a ReadableStream

oval:org.secpod.oval:def:89000691
This update for squid fixes the following issues: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply . - CVE-2020-15811: Improve Transfer-Encoding handling . - CVE-2020-15810: Enforce token characters for field-name .

oval:org.secpod.oval:def:89003341
This update for evince fixes the following issues: Security issues fixed: - CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory . - CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c .

oval:org.secpod.oval:def:89044647
This update for squid fixes the following issues: - CVE-2016-10003: Prevent incorrect forwarding of cached private responses when Collapsed Forwarding feature is enabled. This allowed remote attacker to discover private and sensitive information about another user . - CVE-2016-10002: Fixed incorrec ...

oval:org.secpod.oval:def:89048777
This update for git fixes the following issues: * CVE-2023-25652: Fixed partial overwrite of paths outside the working tree . * CVE-2023-25815: Fixed malicious placemtn of crafted message . * CVE-2023-29007: Fixed arbitrary configuration injection .

oval:org.secpod.oval:def:89000578
This update for python3 fixes the following issues: - Fixed a directory traversal in _download_http_url

oval:org.secpod.oval:def:89045288
This update for samba fixes the following issues: Security issues fixed: - CVE-2016-2125: Don"t send delegated credentials to all servers. - CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process. - CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execut ...

oval:org.secpod.oval:def:89045155
This update for samba fixes the following issues: Security issues fixed: - CVE-2016-2125: Don"t send delegated credentials to all servers. - CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process. - CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execut ...

oval:org.secpod.oval:def:89000624
This update for squid fixes the following issues: - CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake . - CVE-2019-18860: Fixed handling of invalid domain names in cachemgr.cgi .

oval:org.secpod.oval:def:89000336
This update for squid fixes the following issues: - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing . - CVE ...

oval:org.secpod.oval:def:89003331
This update for squid fixes the following issues: Security issue fixed: - CVE-2019-12529: Fixed a potential denial of service associated with HTTP Basic Authentication credentials . - CVE-2019-12525: Fixed a denial of service during processing of HTTP Digest Authentication credentials . - CVE-2019-1 ...

oval:org.secpod.oval:def:89048502
This update for nrpe fixes the following issues: * CVE-2015-4000: Fixed Logjam Attack by increasing the standard size of 512 bit dh parameters to 2048 .

oval:org.secpod.oval:def:89049142
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.0.2 ESR Security fixes: * CVE-2023-3600: Fixed use-after-free in workers Other fixes: * Fixed a startup crash experienced by some Windows users by blocking instances of a malicious injected DLL * Fixed ...

oval:org.secpod.oval:def:89049191
This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR . * CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas . * CVE-2023-4046: Fixed incorrect value used during WASM compilation . * CVE-2023-4047: Fix ...

oval:org.secpod.oval:def:89049110
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox and MozillaFirefox-branding-SLE: This update provides Firefox Extended Support Release 115.0 ESR * New: * Required fields are now highlighted in PDF forms. * Improved performance on high ...

oval:org.secpod.oval:def:89048927
This update for cups fixes the following issues: * CVE-2023-32324: Fixed a buffer overflow in format_log_line which could cause a denial-of-service .

oval:org.secpod.oval:def:89049319
This update for vim fixes the following issues: Updated to version 9.0 with patch level 1572. * CVE-2023-2426: Fixed Out-of-range Pointer Offset use . * CVE-2023-2609: Fixed NULL Pointer Dereference . * CVE-2023-2610: Fixed nteger Overflow or Wraparound . * CVE-2023-1264: Fixed NULL Pointer Derefere ...

oval:org.secpod.oval:def:89049403
This update for cups fixes the following issues: * CVE-2023-4504: Fixed heap overflow in OpenPrinting CUPS Postscript Parsing . * CVE-2023-34241: Fixed a use-after-free problem in cupsdAcceptClient . * CVE-2023-32360: Fixed information leak through Cups-Get-Document operation .

oval:org.secpod.oval:def:89048858
This update for java-1_8_0-openjdk fixes the following issues: * Updated to version jdk8u372 : * CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker to access critical data without authorization . * CVE-2023-21937: Fixed an issue in the Networking component that could a ...

oval:org.secpod.oval:def:89048944
This update for java-1_8_0-ibm fixes the following issues: * CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS . * CVE-2023-21937: Fixed vulnerability inside the networking component . * CVE-2023-21938: Fixed vulnerability inside the library componen ...

oval:org.secpod.oval:def:89049325
This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u382 * CVE-2023-22045: Fixed a difficult to exploit vulnerability that allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Ora ...

oval:org.secpod.oval:def:89048799
This update for harfbuzz fixes the following issues: * CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O growth via consecutive marks .

oval:org.secpod.oval:def:89000430
This update for tomcat fixes the following issues: CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence If an attacker was able to control the contents and name of a file on a server configured to use the PersistenceManager, then the attacker could have triggered a remote code ...

oval:org.secpod.oval:def:89048197
This update for vim fixes the following issues: - Updated to version 9.0.1234: - CVE-2023-0433: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0288: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0054: Fixed an out of bounds memory write that c ...

oval:org.secpod.oval:def:89044747
This update for vim fixes the following issues: Security issues fixed: - CVE-2017-5953: Fixed a possible overflow with corrupted spell file - CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file - CVE-2017-6349: Fixed a possible overflow when reading a corrupted undo file N ...

oval:org.secpod.oval:def:89045234
This update for vim fixes the following security issues: - Fixed CVE-2016-1248 an arbitrary command execution vulnerability This update for vim fixes the following issues: - Fix build with Python 3.5

oval:org.secpod.oval:def:89045113
This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970: Use-after-free in accessibility features of a document * CVE-2021-30547: Out of bounds write in ANGLE ...

oval:org.secpod.oval:def:89048022
This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u352 : - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows unauthenticated attacker with network access and can cause unauthorized update, insert or delete access via multiple protocols ...

oval:org.secpod.oval:def:89046909
This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 11 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead to ...

oval:org.secpod.oval:def:89046914
This update for java-1_7_1-ibm fixes the following issues: - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead t ...

oval:org.secpod.oval:def:89045774
This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ...

oval:org.secpod.oval:def:89045792
This update for java-1_7_0-openjdk fixes the following issues: Update to OpenJDK 7u321 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFReader . - ...

oval:org.secpod.oval:def:89045551
This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u302 - CVE-2021-2341: Improve file transfers. - CVE-2021-2369: Better jar file validation. - CVE-2021-2388: Enhance compiler validation. - CVE-2021-2161: Less ambiguous processing

oval:org.secpod.oval:def:89002926
This update for freetype2 fixes the following issues: - CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps .

oval:org.secpod.oval:def:89000213
This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server . - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect . - CVE-2020-1938: mod_proxy_ajp: Add quot;secretquot; parameter to proxy ...

oval:org.secpod.oval:def:89043960
This update for git fixes several issues. These security issues were fixed: - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository

oval:org.secpod.oval:def:89044796
icu was updated to fix two security issues. These security issues were fixed: - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode used an integer data type that is inconsistent w ...

oval:org.secpod.oval:def:89044784
This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" (bsc#1018808) - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL (bsc#959495) - CVE-2015-3900: hostname validation d ...

oval:org.secpod.oval:def:89002928
This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command . - CVE-2016-7798: Fixed an IV Reuse in GCM Mode . - CVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf ...

oval:org.secpod.oval:def:89044879
This update for apache2 provides the following fixes: Security issues fixed: - CVE-2017-3167: In Apache use of httpd ap_get_basic_auth_pw outside of the authentication phase could lead to authentication requirements bypass - CVE-2017-3169: In mod_ssl may have a dereference NULL pointer issue which ...

oval:org.secpod.oval:def:89044755
This update for apache2 fixes the following security issue: - CVE-2017-9798: Prevent use-after-free use of memory that allowed for an information leak via OPTIONS .

oval:org.secpod.oval:def:89044853
This update for expat fixes the following security issues: - CVE-2012-6702: Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, made it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand f ...

oval:org.secpod.oval:def:89048533
This update for openssl fixes the following issues: * CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralNameFixed . * CVE-2023-0215: Fixed a use-after-free following BIO_new_NDEF . * CVE-2022-4304: Fixed a timing oracle in RSA decryption . The following non-security bug were fixed: * ...

oval:org.secpod.oval:def:89045105
This update for qemu fixes the following issues: - CVE-2021-3595: Fixed an invalid pointer initialization may lead to information disclosure . - CVE-2021-3592: Fixed an invalid pointer initialization may lead to information disclosure . - CVE-2021-3594: Fixed an invalid pointer initialization may ...

oval:org.secpod.oval:def:89048694
This update for ghostscript fixes the following issues: * CVE-2023-28879: Fixed buffer Overflow in s_xBCPE_process .

oval:org.secpod.oval:def:89048794
This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 : * Security fixes: * CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . * CVE-2023-21843: Fixed soundbank URL ...

oval:org.secpod.oval:def:89048841
This update for postgresql15 fixes the following issues: Updated to version 15.3: \- CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script . \- CVE-2023-2455: Fixed an issue that could allow a us ...

oval:org.secpod.oval:def:89048146
This update for MozillaFirefox fixes the following issues: - Updated to version 102.7.0 ESR : - CVE-2022-46871: Updated an out of date library which contained several vulnerabilities. - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and drop on Linux. - CVE-2023-23601: Fixed a potential ...

oval:org.secpod.oval:def:89048584
This update for mozilla-nss fixes the following issues: Updated to NSS 3.79.4 : * CVE-2023-0767: Fixed handling of unknown PKCS#12 safe bag types.

oval:org.secpod.oval:def:89048641
This update for MozillaFirefox fixes the following issues: Updated to version 102.8.0 ESR : * CVE-2023-25728: Fixed content security policy leak in violation reports using iframes. * CVE-2023-25730: Fixed screen hijack via browser fullscreen mode. * CVE-2023-25743: Fixed Fullscreen notification not ...

oval:org.secpod.oval:def:89048839
This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR : * CVE-2023-32205: Browser prompts could have been obscured by popups * CVE-2023-32206: Crash in RLBox Expat driver * CVE-2023-32207: Potential permissions request bypass via clickjacking * CVE-2023-322 ...

oval:org.secpod.oval:def:89048969
This update for libwebp fixes the following issues: * CVE-2023-1999: Fixed double free .

oval:org.secpod.oval:def:89048632
This update for MozillaFirefox fixes the following issues: Update to version 102.9.0 ESR : * CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android * CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android * CVE-2023-25749: Fi ...

oval:org.secpod.oval:def:89048936
This update for MozillaFirefox fixes the following issues: Extended Support Release 102.12.0 ESR : * CVE-2023-34414: Click-jacking certificate exceptions through rendering lag * CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12

oval:org.secpod.oval:def:89048702
This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 102.10.0 ESR * CVE-2023-29531: Out-of-bound memory access in WebGL on macOS * CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533: Fullscreen notification obscured * MFSA-TMP-202 ...

oval:org.secpod.oval:def:89047750
This update for curl fixes the following issues: - CVE-2022-32221: Fixed POST following PUT confusion .

oval:org.secpod.oval:def:89049137
This update for openssh fixes the following issues: * CVE-2023-38408: Fixed a condition where specific libaries loaded via ssh- agent"s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if those libraries were present on the victim"s system and if the agen ...

oval:org.secpod.oval:def:89048998
This update for sqlite3 fixes the following issues: * CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, when relying on --safe for execution of an untrusted CLI script .

oval:org.secpod.oval:def:89047730
This update for libxml2 fixes the following issues: - CVE-2016-3709: Fixed possible XSS vulnerability . - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE . - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles .

oval:org.secpod.oval:def:89044202
This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ...

oval:org.secpod.oval:def:89002980
This update for glibc fixes the following issues: - CVE-2020-10029: Fixed a stack corruption from range reduction of pseudo-zero - Use posix_spawn on popen - Correct locking and cancellation cleanup in syslog functions - Fixed concurrent changes on nscd aware files

oval:org.secpod.oval:def:89048540
This update for libxslt fixes the following issues: * CVE-2021-30560: Fixing a use after free vulnerability in Blink XSLT .

oval:org.secpod.oval:def:89049072
This update for bind fixes the following issues: * CVE-2023-2828: Fixed DOS against recursive resolvers related to cache- cleaning algorithm .

oval:org.secpod.oval:def:89046009
This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs . - CVE-2022-25235: Fixed UTF-8 character validation in a certain context . - CVE-2022-25313: Fixed stack exhaustion in build_model via uncontrolled recursi ...

oval:org.secpod.oval:def:89051573
This update for openssl fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case .

oval:org.secpod.oval:def:89044631
This update for libxml2 fixes the following security issues: * CVE-2017-9050: A heap-based buffer over-read in xmlDictAddString * CVE-2017-9049: A heap-based buffer overflow in xmlDictComputeFastKey * CVE-2017-9048: A stack overflow vulnerability in xmlSnprintfElementContent * CVE-2017-9047: A st ...

oval:org.secpod.oval:def:89048151
This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure channel . - CVE- ...

oval:org.secpod.oval:def:89002934
This update for samba fixes the following issues: - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify .

oval:org.secpod.oval:def:89048149
This update for mozilla-nss fixes the following issues: - CVE-2022-3479: Fixed a potential crash that could be triggered when a server requested a client authentication certificate, but the client had no certificates stored . - Updated to version 3.79.3 : - CVE-2022-23491: Removed trust for 3 root c ...

oval:org.secpod.oval:def:89003297
This update for bzip2 fixes the following issues: - Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors .

oval:org.secpod.oval:def:89003284
This update for bzip2 fixes the following issues: Security issue fixed: - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . - CVE-2016-3189: Fixed a use-after-free in bzip2recover .

oval:org.secpod.oval:def:89003281
This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files . - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . Non-security issues fixed: - Add ...

oval:org.secpod.oval:def:89000274
This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the "Cache-Digest" header in a HTTP/2 request . - CVE-2020-11985: IP address spoofing when proxying using mod_remoteip and mod_rewrite . - CVE-2020-11993: When trace/debug was e ...

oval:org.secpod.oval:def:89000275
This update for squid fixes the following issues: - CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses . - CVE-2020-11945: fixes a potential remote execution vulnerability w ...

oval:org.secpod.oval:def:89048916
This update for tomcat fixes the following issues: * CVE-2023-28709: Mended an incomplete fix for CVE-2023-24998 .

oval:org.secpod.oval:def:89048596
This update for tomcat fixes the following issues: * CVE-2023-24998: Fixed FileUpload DoS with excessive parts .

oval:org.secpod.oval:def:89048651
This update for jakarta-commons-fileupload fixes the following issues: * CVE-2016-3092: Fixed a usage of vulnerable FileUpload package can result in denial of service . * CVE-2023-24998: Fixed a FileUpload deny of service with excessive parts .

oval:org.secpod.oval:def:89048058
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3635: Fixed a use-after-free in the tst_timer of the file drivers/atm/idt77252.c . - CVE-2022-3424: Fixed use-after-free in gru_set_context_option, gru_fau ...

oval:org.secpod.oval:def:89049089
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE-2022-45884: Fixed a use-after-free in dvbde ...

oval:org.secpod.oval:def:89048619
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure . * CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer o ...

oval:org.secpod.oval:def:89046982
The SUSE Linux Enterprise 12 SP2 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries . - CVE-2022-36879: Fixed ...

oval:org.secpod.oval:def:89047685
The SUSE Linux Enterprise 12-SP2 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3303: Fixed a race condition in the sound subsystem due to improper locking . - CVE-2022-41218: Fixed an use-after-free caused by refcount races in drivers/me ...

oval:org.secpod.oval:def:89046723
This update for python fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module .

oval:org.secpod.oval:def:89047767
This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // .

oval:org.secpod.oval:def:89048505
This update for python3 fixes the following issues: * CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters . * CVE-2022-40899: Fixed REDoS in http.cookiejar .

oval:org.secpod.oval:def:89048201
This update for python fixes the following issues: - CVE-2022-45061: Fixed an excessive CPU usage when decoding crafted IDNA domain names . Non-security fixes: - Fixed the 2038 bug in the compileall module .

oval:org.secpod.oval:def:89048930
This update for qemu fixes the following issues: * CVE-2022-0216: Fixed a use-after-free in lsi_do_msgout in hw/scsi/lsi53c895a.c . * CVE-2021-3929: Fixed use-after-free in nvme, caused by DMA reentrancy issue . * CVE-2021-4207: Fixed heap buffer overflow caused by double fetch in qxl_cursor . * CVE ...

oval:org.secpod.oval:def:89049256
This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230808 release. * CVE-2022-40982: Fixed a potential security vulnerability in some Intel, Processors which may allow information disclosure. * CVE-2023-23908: Fixed a potential security vulnerability in some ...

oval:org.secpod.oval:def:89046067
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a mishandling of a long jump over an instruction sequence where inner instructions require substa ...

oval:org.secpod.oval:def:89046023
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ...

oval:org.secpod.oval:def:89046003
This update for webkit2gtk3 fixes the following issues: Update to version 2.34.5 : - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - CVE-2022-22590: A use after free issue was addressed with improved memory management. - CVE-2022-22592: A logic issue was addresse ...

oval:org.secpod.oval:def:89046907
This update for glibc fixes the following issues: Security issues fixed: - CVE-2015-5180: Fix crash with internal QTYPE in resolv - CVE-2016-10228: Rewrite iconv option parsing - CVE-2019-25013: Fix buffer overrun in EUC-KR conversion module - CVE-2020-27618: Accept redundant shift sequences in I ...

oval:org.secpod.oval:def:89003020
This update for webkit2gtk3 fixes the following issues: Security issue fixed: - CVE-2020-3899: Fixed a memory consumption issue that could have led to remote code execution . Non-security issues fixed: - Update to version 2.28.2 : + Fix excessive CPU usage due to GdkFrameClock not being stopped. + F ...

oval:org.secpod.oval:def:89003028
This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.3 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several ...

oval:org.secpod.oval:def:89003165
This update for webkit2gtk3 fixes the following issues: Updated to version 2.24.4 . Security issues fixed: - CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, CVE-2019-8684, CVE-2019-8688, CVE-2019-8595, CVE-2019-8607, CVE-2019-8615, CVE-2019-86 ...

oval:org.secpod.oval:def:89048973
This update for webkit2gtk3 fixes the following issues: Add security patches : * CVE-2023-28204: Fixed processing of web content that may disclose sensitive information . * CVE-2023-32373: Fixed processing of maliciously crafted web content that may lead to arbitrary code execution .

oval:org.secpod.oval:def:89002964
This update for gdm fixes the following issues: - CVE-2020-16125: Fixed a privilege escalation .

oval:org.secpod.oval:def:89002888
This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.4 : + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925.

oval:org.secpod.oval:def:89000457
This update for webkit2gtk3 to version 2.28.1 fixes the following issues: Security issues fixed: - CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled . - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free ...

oval:org.secpod.oval:def:89045790
This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak .

oval:org.secpod.oval:def:89048113
This update for webkit2gtk3 fixes the following issues: Update to version 2.38.3 : - CVE-2022-42852: Fixed disclosure of process memory by improved memory handling. - CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content . - CVE-2022-42863: Fixed ...

oval:org.secpod.oval:def:89003460
This update for webkit2gtk3 to version 2.24.1 fixes the following issues: Security issues fixed: - CVE-2019-6201, CVE-2019-6251, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8506, CVE-2019-8515, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-20 ...

oval:org.secpod.oval:def:89003442
This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-13012: Fixed improper restriction of file permissions when creating directories . Non-security issue fixed: - Added explicit requires between libglib2 and libgio2 .

oval:org.secpod.oval:def:89047030
This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API . - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence . - Pa ...

oval:org.secpod.oval:def:89048081
This update for vim fixes the following issues: Updated to version 9.0.0814: * Fixing bsc#1192478 VUL-1: CVE-2021-3928: vim: vim is vulnerable to Stack-based Buffer Overflow * Fixing bsc#1203508 VUL-0: CVE-2022-3234: vim: Heap-based Buffer Overflow prior to 9.0.0483. * Fixing bsc#1203509 VUL-1: CVE- ...

oval:org.secpod.oval:def:89046991
This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 : - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution.

oval:org.secpod.oval:def:89048774
This update for webkit2gtk3 fixes the following issues: Update to version 2.38.6 : * CVE-2022-0108: Fixed information leak. * CVE-2022-32885: Fixed arbitrary code execution. * CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer. * CVE-2023-27932: Fixed Same Origin Policy bypas ...

oval:org.secpod.oval:def:89003027
This update for the Linux Kernel 4.4.121-92_146 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op . - CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configure ...

oval:org.secpod.oval:def:89045107
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. - CVE-2021-33909: Fixed an out-of-bounds ...

oval:org.secpod.oval:def:89002959
This update for the Linux Kernel 4.4.180-94_107 fixes several issues. The following security issues were fixed: - CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege ...

oval:org.secpod.oval:def:89002939
This update for the Linux Kernel 4.4.180-94_130 fixes several issues. The following security issues were fixed: - CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege ...

oval:org.secpod.oval:def:89002983
This update for the Linux Kernel 4.4.180-94_113 fixes one issue. The following security issue was fixed: - CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted .

oval:org.secpod.oval:def:89002982
This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 [bsc#1173876], unaligned acces ...

oval:org.secpod.oval:def:89003029
This update for the Linux Kernel 3.12.74-60_64_115 fixes several issues. The following security issues were fixed: - CVE-2020-12653: Fixed a buffer overflow in mwifiex_cmd_append_vsie_tlv which could have allowed local users to gain privileges or cause a denial of service . - CVE-2020-12654: Fixed a ...

oval:org.secpod.oval:def:89002922
This update for ucode-intel fixes the following issues: Updated Intel CPU Microcode to 20200602 This update contains security mitigations for: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one whic ...

oval:org.secpod.oval:def:89002961
This update for the Linux Kernel 4.4.121-92_129 fixes several issues. The following security issues were fixed: - CVE-2020-12653: Fixed a buffer overflow in mwifiex_cmd_append_vsie_tlv which could have allowed local users to gain privileges or cause a denial of service . - CVE-2020-12654: Fixed a he ...

oval:org.secpod.oval:def:89002958
This update for the Linux Kernel 4.4.121-92_129 fixes one issue. The following security issue was fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access .

oval:org.secpod.oval:def:89002871
This update for the Linux Kernel 4.4.121-92_117 fixes several issues. The following security issues were fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access . - CVE-2019-15666: Fixed an out of bounds read __xfrm_policy_unlink, which coul ...

oval:org.secpod.oval:def:89003001
This update for the Linux Kernel 3.12.74-60_64_124 fixes several issues. The following security issues were fixed: - CVE-2020-1749: Fixed an issue in the networking protocols in encrypted IPsec tunnel - CVE-2019-5108: Fixed an issue where by triggering AP to send IAPP location updates for stations ...

oval:org.secpod.oval:def:89002907
This update for the Linux Kernel 3.12.74-60_64_110 fixes several issues. The following security issues were fixed: - CVE-2019-14896: A heap-based buffer overflow vulnerability was found in the Marvell WiFi chip driver. A remote attacker could cause a denial of service or, possibly execute arbitrary ...

oval:org.secpod.oval:def:89000108
This update for cups fixes the following issues: - CVE-2020-3898: Fixed a heap buffer overflow in ppdFindOption .

oval:org.secpod.oval:def:89002885
This update for the Linux Kernel 4.4.180-94_121 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op . - CVE-2020-8694: Fixed an insufficient access control in the Linux kernel driver for some Intel Processors which might ...

oval:org.secpod.oval:def:89003133
This update for the Linux Kernel 4.4.121-92_101 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue due to an improper error handling . - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling ...

oval:org.secpod.oval:def:89003377
This update for ucode-intel fixes the following issues: - Updated to 20191112 official security release - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues

oval:org.secpod.oval:def:89003372
This update for the Linux Kernel 4.4.121-92_109 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue due to an improper error handling . - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling ...

oval:org.secpod.oval:def:89003009
This update for the Linux Kernel 4.4.121-92_125 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c . - CVE-2019-9458: Fixed a use-after-free in media/v4l . ...

oval:org.secpod.oval:def:89003066
This update for the Linux Kernel 3.12.74-60_64_118 fixes several issues. The following security issues were fixed: - CVE-2019-10220: Fixed a relative path escape in the Samba client module . - CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by ...

oval:org.secpod.oval:def:89003170
This update for the Linux Kernel 4.4.121-92_114 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue due to an improper error handling . - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling ...

oval:org.secpod.oval:def:89003042
This update for the Linux Kernel 4.4.121-92_120 fixes several issues. The following security issues were fixed: - CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged g ...

oval:org.secpod.oval:def:89003280
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception ...

oval:org.secpod.oval:def:89003275
This update for the Linux Kernel 4.4.121-92_120 fixes several issues. The following security issues were fixed: - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship . - CVE-20 ...

oval:org.secpod.oval:def:89002908
This update for the Linux Kernel 4.4.180-94_116 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c . - CVE-2020-11668: Fixed a memory corruption issue in th ...

oval:org.secpod.oval:def:89002997
This update for the Linux Kernel 4.4.121-92_120 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-0155: Fixed a privilege escalation in the i915 graphics driver . - CVE-2019-16746: Fixed a buffer overflow in net/ ...

oval:org.secpod.oval:def:89002867
This update for the Linux Kernel 4.4.180-94_127 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c . - CVE-2020-11668: Fixed a memory corruption issue in th ...

oval:org.secpod.oval:def:89003307
This update for the Linux Kernel 3.12.74-60_64_107 fixes one issue. The following security issue was fixed: - CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest ...

oval:org.secpod.oval:def:89003329
This update for ucode-intel fixes the following issues: - Updated to 20191112 security release - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-gt;New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile - CNL-U D0 6-6 ...

oval:org.secpod.oval:def:89003356
The SUSE Linux Enterprise 12 SP 2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-10638: In the Linux kernel, a device could be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols . When such ...

oval:org.secpod.oval:def:89003350
This update for the Linux Kernel 4.4.121-92_95 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platfo ...

oval:org.secpod.oval:def:89003048
This update for the Linux Kernel 4.4.121-92_98 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platfo ...

oval:org.secpod.oval:def:89003286
This update for the Linux Kernel 4.4.121-92_104 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB-gt;tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments . A remote attacker co ...

oval:org.secpod.oval:def:89003086
This update for the Linux Kernel 3.12.74-60_64_115 fixes one issue. The following security issue was fixed: This update contains a regression fix for CVE-2019-11478 .

oval:org.secpod.oval:def:89003418
This update for the Linux Kernel 4.4.121-92_73 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platfo ...

oval:org.secpod.oval:def:89003464
This update for the Linux Kernel 4.4.121-92_104 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network ...

oval:org.secpod.oval:def:89003204
The SUSE Linux Enterprise 12 SP2 kernel version 4.4.121 was updated to receive various security and bugfixes. T

oval:org.secpod.oval:def:89003264
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs.

oval:org.secpod.oval:def:89003379
This update for the Linux Kernel 3.12.74-60_64_115 fixes several issues. The following security issues were fixed: - CVE-2019-11487: The Linux kernel allowed page-gt;_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/d ...

oval:org.secpod.oval:def:89003138
This update for ucode-intel fixes the following issues: ucode-intel was updated to official QSR 2019.1 microcode release ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx VLV D0 6-37-9/0F 000009 ...

oval:org.secpod.oval:def:89003232
This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ...

oval:org.secpod.oval:def:89003354
This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarch ...

oval:org.secpod.oval:def:89003479
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179(bnc#1128166((bnc#1107829(bnc#1124732(bnc#1124735 ...

oval:org.secpod.oval:def:89003178
This update for the Linux Kernel 3.12.74-60_64_104 fixes one issue. The following security issue was fixed: - CVE-2018-16884: A flaw was found in the Linux kernel"s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time could make bc_svc_process use wrong back-chann ...

oval:org.secpod.oval:def:89003091
This update for qemu fixes the following issues: Following security issues were fixed: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2018-20815: Fix DOS possibility in device tree processing - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature quot;md-cl ...

oval:org.secpod.oval:def:89003081
This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ...

oval:org.secpod.oval:def:89003408
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes.

oval:org.secpod.oval:def:89003466
This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarchitec ...

oval:org.secpod.oval:def:89003246
This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 40. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11772: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM ...

oval:org.secpod.oval:def:89003187
This update for java-1_8_0-openjdk to version 8u222 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation . - CVE-2019-2762: Exceptional throw cases . - CVE-2019-2766: Improve file protocol handling . - CVE-2019-2769: Better copies of CopiesList . - CVE-2019 ...

oval:org.secpod.oval:def:89003427
This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 50. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM Security Update July 2019 - CVE-2019-7317: Fixed ...

oval:org.secpod.oval:def:89000388
This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks .

oval:org.secpod.oval:def:89003100
This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 and fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_st ...

oval:org.secpod.oval:def:89003105
This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Unin ...

oval:org.secpod.oval:def:89043959
This update for kernel-firmware fixes the following issues: This security issue was fixed: - CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker with local user access caused by speculative execution and indirect branch prediction

oval:org.secpod.oval:def:89043981
The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 . More information on: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-D ata-File Following chipsets are fixed in th ...

oval:org.secpod.oval:def:89003057
This update for java-1_8_0-openjdk to version 8u212 fixes the following issues: Security issues fixed: - CVE-2019-2602: Better String parsing . - CVE-2019-2684: More dynamic RMI interactions . - CVE-2019-2698: Fuzzing TrueType fonts - setCurrGlyphID . - CVE-2019-2422: Better FileChannel . - CVE-2018 ...

oval:org.secpod.oval:def:89043991
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache us ...

oval:org.secpod.oval:def:89043990
This update for qemu fixes several issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests . Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writ ...

oval:org.secpod.oval:def:89044015
The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 . More information on: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-D ata-File Following chipsets are fixed in th ...

oval:org.secpod.oval:def:89044002
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2018-3639: Information leaks using Memory Disambiguation feature in modern CPUs were mitigated, aka Spectre Variant 4 . A new boot commandline option was int ...

oval:org.secpod.oval:def:89044000
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to 4.4.121 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability that allowed local users with access t ...

oval:org.secpod.oval:def:89003406
This update for java-1_7_0-openjdk to version 7u201 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ...

oval:org.secpod.oval:def:89048476
This update for the Linux Kernel 4.4.120-92_70 fixes one issue. The following security issue was fixed: * CVE-2018-5848: Fixed an unsigned integer overflow in wmi_set_ie. This could lead to a buffer overflow .

oval:org.secpod.oval:def:89044831
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.90 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000252: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service via an out-of bounds guest_irq value, related ...

oval:org.secpod.oval:def:89044642
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000405: A bug in the THP CoW support could be used by local attackers to corrupt memory of other processes and cause them to crash . - CVE-2017-16939: The ...

oval:org.secpod.oval:def:89044789
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000111: fix race condition in net-packet code that could be exploited to cause out-of-bounds memory access . - CVE-2017-1000112: fix race condit ...

oval:org.secpod.oval:def:89044873
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive the following security fixes: - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was vulnerable to a stack overflow while processing L2CAP configuration responses, resulting in a potential remote denial-of-service vulnera ...

oval:org.secpod.oval:def:89044620
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive the following security update: - CVE-2017-7533: Bug in inotify code allowed privilege escalation .

oval:org.secpod.oval:def:89003469
This update for the Linux Kernel 3.12.74-60_64_96 fixes one issue. The following security issue was fixed: - CVE-2018-14734: drivers/infiniband/core/ucma.c allowed ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a den ...

oval:org.secpod.oval:def:89044808
This update for openssl fixes the following issues: - OpenSSL Security Advisory [07 Dec 2017] * CVE-2017-3737: OpenSSL 1.0.2 introduced an \error state\ mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fai ...

oval:org.secpod.oval:def:89003257
This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization .

oval:org.secpod.oval:def:89003137
This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document . - CVE-2018-1000802: Fixed a command injection in th ...

oval:org.secpod.oval:def:89044800
This update for java-1_8_0-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 Upgrade to version jdk8u121 : - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution - S8156804, CVE-2017-32 ...

oval:org.secpod.oval:def:89044955
This update for java-1_8_0-ibm to version 8.0-4.0 fixes a lot of security issues : Following CVEs are fixed: CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3253 CVE-2017-3259 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2016-2183 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2017-3252 More info ...

oval:org.secpod.oval:def:89003470
This update for python fixes the following issues: Security issues fixed: - CVE-2019-9948: Fixed a "file:" blacklist bypass in URIs by using the "local-file:" scheme instead . - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization ...

oval:org.secpod.oval:def:89044813
This update for java-1_8_0-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remot ...

oval:org.secpod.oval:def:89043975
This update for openssl fixes the following issues: - CVE-2018-0732: During key agreement in a TLS handshake using a DH based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key fo ...

oval:org.secpod.oval:def:89003064
This update for python fixes the following issues: Security issues fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser . - CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat . Non-security issue fixed: - Fixed a bug where PyWeakReference struc ...

oval:org.secpod.oval:def:89003294
This update for MozillaFirefox fixes the following issues: Updated to new ESR version 68.1 . In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750 ...

oval:org.secpod.oval:def:89044657
This update for openssl fixes the following issues: Security issues fixed: - CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read - CVE-2017-3736: openssl: bn_sqrx8x_internal carry bug on x86_64 - Out of bounds read+crash in DES_fcrypt - openssl DEFAULT_SUSE cipher ...

oval:org.secpod.oval:def:89044676
This update for java-1_7_1-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remot ...

oval:org.secpod.oval:def:89003079
This update for python fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation .

oval:org.secpod.oval:def:89044859
- S8021108: Clean up doclint warnings and errors in java.text package - S8021417: Fix doclint issues in java.util.concurrent - S8021833: javadoc cleanup in java.net - S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails - S8022175: Fix doclint warnings in javax.prin ...

oval:org.secpod.oval:def:89045001
This update for libcares2 fixes the following issues: - CVE-2017-1000381: A NAPTR parser out of bounds access was fixed that could lead to crashes

oval:org.secpod.oval:def:89000565
This update for python3 fixes the following issues: Update to 3.4.10 from 3.4.6: Security issues fixed: - Update expat copy from 2.1.1 to 2.2.0 to fix the following issues: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2017-9233, CVE-2016-9063 - CVE-2017-1000158: Fix an integer overflow in thePy ...

oval:org.secpod.oval:def:89000146
This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to NSS 3.47.1: Security issues fixed: - CVE-2019-17006: Added length checks for cryptographic primitives . - CVE-2019-11745: EncryptUpdate should use maxout, not block size . - CVE-2019-11727: Fixed vulnera ...

oval:org.secpod.oval:def:89003210
This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack . - CVE-2019-11711: Script injection within domain through inner window reuse . - CVE-2019-11712: Cross-origin POST ...

oval:org.secpod.oval:def:89003333
This update for MozillaFirefox to ESR 60.9 fixes the following issues: Security issues fixed: - CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. - CVE-2019-11746: Fixed a use-after-free while manipulating video. - CVE-2019-11744: F ...

oval:org.secpod.oval:def:89000180
This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball . - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service ...

oval:org.secpod.oval:def:89003323
This update for MozillaFirefox to 68.2.0 ESR fixes the following issues: Mozilla Firefox was updated to version 68.2.0 ESR . Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library . - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB . - CVE ...

oval:org.secpod.oval:def:89003431
This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser - CVE-2018-20406: Fixed a integer overflow via a large LONG_BINPUT

oval:org.secpod.oval:def:89045272
This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTP_PROXY environment variable based on user supplied Proxy request header. - CVE-2016-0772: A vulnerability in s ...

oval:org.secpod.oval:def:89045127
The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools [bnc#914890] - CVE-2016-9297: tif_dirread.c read outside buffer in _TIFFPrintField [bnc#1010161] - CVE-2016-3658: Illegal r ...

oval:org.secpod.oval:def:89044686
This update for tiff fixes the following issues: Security issues fixed: - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted TIFF image, related to WRITE of size 2048 and libtiff/tif_next.c:64:9 . - CVE-2016-102 ...

oval:org.secpod.oval:def:89045019
This update for rpcbind fixes the following issues: - CVE-2017-8779: A crafted UDP package could lead rcpbind to remote denial-of-service

oval:org.secpod.oval:def:89044729
This update for libxml2 fixes the following issues: * CVE-2016-4658: use-after-free error could lead to crash [bsc#1005544] * Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873] * CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not d ...

oval:org.secpod.oval:def:89044728
This update for openssh fixes several issues. These security issues were fixed: - CVE-2016-8858: The kex_input_kexinit function in kex.c allowed remote attackers to cause a denial of service by sending many duplicate KEXINIT requests . - CVE-2016-10012: The shared memory manager did not ensure tha ...

oval:org.secpod.oval:def:89045326
This update for pcre to version 8.39 fixes several issues. If you use pcre extensively please be aware that this is an update to a new version. Please make sure that your software works with the updated version. This version fixes a number of vulnerabilities that affect pcre and applications using ...

oval:org.secpod.oval:def:89045149
This update for pcre to version 8.39 fixes several issues. If you use pcre extensively please be aware that this is an update to a new version. Please make sure that your software works with the updated version. This version fixes a number of vulnerabilities that affect pcre and applications using ...

oval:org.secpod.oval:def:89044693
The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitra ...

oval:org.secpod.oval:def:89048864
This update for curl fixes the following issues: * CVE-2023-28320: Fixed siglongjmp race condition . * CVE-2023-28321: Fixed IDN wildcard matching . * CVE-2023-28322: Fixed POST-after-PUT confusion .

oval:org.secpod.oval:def:89002853
This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol .

oval:org.secpod.oval:def:89003269
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-3819: A flaw was fixed in the function hid_debug_events_read in drivers/hid/hid-debug.c file which may have enter an infinite loop with certain parameters ...

oval:org.secpod.oval:def:89048976
This update for bluez fixes the following issues: * CVE-2023-27349: Fixed crash while handling unsupported events .

oval:org.secpod.oval:def:89048543
This update for webkit2gtk3 fixes the following issues: Update to version 2.38.5 : * CVE-2023-23529: Fixed possible arbitrary code execution via maliciously crafted web content. * CVE-2023-23518: Processing maliciously crafted web content may lead to Previously fixed inside update to version 2.38.4 ...

oval:org.secpod.oval:def:89048510
This update for apache2 fixes the following issues: * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy . The following non-security bugs were fixed: * Fixed passing health check does not recover worker from its error state .

oval:org.secpod.oval:def:89049250
This update for kernel-firmware fixes the following issues: * CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. ## Special Instructions and Notes: * Please reboot the system after installing this update.

oval:org.secpod.oval:def:89049268
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2018-20784: Fixed a denial of service by mishandled leaf cfs_rq in kernel/sched/fair.c . * CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambigua ...

oval:org.secpod.oval:def:89049151
This update for kernel-firmware fixes the following issues: * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability . ## Special Instructions and Notes: * Please reboot the system after installing this update.

oval:org.secpod.oval:def:89048914
This update for openssl fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers .

oval:org.secpod.oval:def:89049197
This update for openssl fixes the following issues: * CVE-2023-3446: Fixed DH_check excessive time with over sized modulus .

oval:org.secpod.oval:def:89048735
This update for openssl fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled .

oval:org.secpod.oval:def:89048520
This update for openssl fixes the following issues: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints .

oval:org.secpod.oval:def:89048946
This update for libcares2 fixes the following issues: * CVE-2023-32067: Fixed a denial of service that could be triggered by a 0-byte UDP payload . * CVE-2023-31147: Fixed an insufficient randomness in generation of DNS query IDs . * CVE-2023-31130: Fixed a buffer underflow when configuring specific ...

oval:org.secpod.oval:def:89000107
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing ...

CVE    3
CVE-2011-3172
CVE-2017-5753
CVE-2018-19052
*CPE
cpe:/o:suse:suse_linux_enterprise_server:12:sp2

© SecPod Technologies