Download
| Alert*
oval:org.secpod.oval:def:89045016
This update for minicom fixes the following issue: This security issue was fixed: - CVE-2017-7467: Invalid cursor coordinates and scroll regions could lead to code execution . oval:org.secpod.oval:def:89045167 This update for dovecot22 fixes the following issues: - insecure SSL/TLS key and certificate file creation - Fix LDAP based authentication for some setups oval:org.secpod.oval:def:89000001 SUSE Linux Enterprise Server 12 SP2 is installed oval:org.secpod.oval:def:89045310 This update for libtcnative-1-0 fixes the following issues: - Upgrade to libtcnative-1.1.34 See https://tomcat.apache.org/native-1.1-doc/miscellaneous/changelog.html * Unconditionally disable export Ciphers. * Improve ephemeral key handling for DH and ECDH. Parameter strength is by default derived ... oval:org.secpod.oval:def:89045003 This update of freeradius-server fixes several issues. Security issue fixed: - CVE-2015-4680: Fixed Insufficent CRL application for intermediate certificates Non security issues fixed: - Allows FreeRadius Server to start on SUSE Linux Enterprise Server 12 SP2 systems by relaxing a too strict openss ... oval:org.secpod.oval:def:89045181 This update for libarchive fixes several issues. These security issues were fixed: - CVE-2016-8687: Buffer overflow when printing a filename . - CVE-2016-8689: Heap overflow when reading corrupted 7Zip files . - CVE-2016-8688: Use after free because of incorrect calculation in next_line . - CVE-2016 ... oval:org.secpod.oval:def:89045304 This update for wget fixes the following issues: Security issues fixed: - CVE-2016-7098: Fixed a potential race condition by creating files with .tmp ext and making them accessible to the current user only. Non security issues fixed: - bsc#1005091: Don"t call xfree on string returned by usr_error - ... oval:org.secpod.oval:def:89045260 libX11 was updated to fix a memory leak that was introduced with the security fix for CVE-2016-7942. oval:org.secpod.oval:def:89045187 This update for libass fixes the following issues: CVE-2016-7969, CVE-2016-7970, CVE-2016-7971, CVE-2016-7972: Fixed multiple memory allocation issues found by fuzzing . oval:org.secpod.oval:def:89045213 This update for the X Window System client libraries fixes a class of privilege escalation issues. A malicious X Server could send specially crafted data to X clients, which allowed for triggering crashes, or privilege escalation if this relationship was untrusted or crossed user or permission level ... oval:org.secpod.oval:def:89045191 This update for ghostscript fixes the following issues: - bsc#1006592: Fix a regression introduced in CVE-2013-5653 by which ps files couldn"t be opened in okular/evince . oval:org.secpod.oval:def:89045236 This update for gstreamer-plugins-bad fixes the following issues: - CVE-2016-9809: Malicious mkv/h264 file could cause an off by one out of bounds read and lead to crash - CVE-2016-9812: Malicious mpeg file could cause invalid a null pointer access and lead to crash - CVE-2016-9813: Malicious mpeg ... oval:org.secpod.oval:def:89045000 This update for gstreamer-0_10-plugins-base fixes the following issue: - CVE-2016-9811: out of bounds memory read in windows_icon_typefind oval:org.secpod.oval:def:89045235 This update for gstreamer-plugins-good fixes the following security issues: - CVE-2016-9807: Flic decoder invalid read could lead to crash. - CVE-2016-9634: Flic out-of-bounds write could lead to code execution. - CVE-2016-9635: Flic out-of-bounds write could lead to code execution. - CVE-2016-96 ... oval:org.secpod.oval:def:89045542 This update for unrar to version 5.6.1 fixes several issues. These security issues were fixed: - CVE-2017-12938: Prevent remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . directory, a symlink to the .. directory, and a regular file . - CVE ... oval:org.secpod.oval:def:89045347 This update for xen fixes the following issues: - A Mishandling of SYSCALL singlestep during emulation which could have lead to privilege escalation. - CMPXCHG8B emulation failed to ignore operand size override which could have lead to information disclosure. - PV guests may have been able to mask ... oval:org.secpod.oval:def:89045177 This update for ImageMagick fixes the following issues: - Memory allocation failure in AcquireMagickMemory [bsc#1007245] - update incomplete patch of CVE-2016-6823 [bsc#1001066] oval:org.secpod.oval:def:89000529 This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND=quot;ldapquot; was used . - Changed DB_CONFIG to root:ldap permissions . - Fixed an issue where slapd becomes unresponsive after many fai ... oval:org.secpod.oval:def:89045317 This update for sudo fixes the following issues: - fix two security vulnerabilities that allowed users to bypass sudo"s NOEXEC functionality: * noexec bypass via system and popen [CVE-2016-7032, bsc#1007766] * noexec bypass via wordexp [CVE-2016-7076, bsc#1007501] oval:org.secpod.oval:def:89045194 This update for gc fixes the following issues: - integer overflow in GC_MALLOC_ATOMIC oval:org.secpod.oval:def:89045174 This update for gd fixes the following issues: * CVE-2016-9933 possible stackoverflow on malicious truecolor images [bsc#1015187] oval:org.secpod.oval:def:89045018 This update for bind fixes the following issues: - An attacker with the ability to send and receive messages to an authoritative DNS server was able to circumvent TSIG authentication of AXFR requests. A server that relied solely on TSIG keys for protection could be manipulated into providing an AXF ... oval:org.secpod.oval:def:89045033 This update for evince fixes the following issues: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code oval:org.secpod.oval:def:89045020 This update for libsoup fixes the following issues: - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup . oval:org.secpod.oval:def:89043980 This update for apache2 fixes several issues. These security issues were fixed: - CVE-2017-9789: When under stress the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour . - CVE-2017-7659: A maliciously constructed HTTP/2 request c ... oval:org.secpod.oval:def:89045243 This update for dnsmasq fixes the following issues: - CVE-2015-8899: Denial of service between local and remote dns entries oval:org.secpod.oval:def:89045350 libXi was updated to fix two security issues. These security issues were fixed: - CVE-2016-7945: Integer overflows in libXI can cause out of boundary memory access or endless loops . - CVE-2016-7946: Insufficient validation of data in libXI can cause out of boundary memory access or endless loops ... oval:org.secpod.oval:def:89003265 This update for cups fixes the following issues: - CVE-2019-8675: Fixed a stack buffer overflow in libcups"s asn1_get_type function. - CVE-2019-8696: Fixed a stack buffer overflow in libcups"s asn1_get_packed function . oval:org.secpod.oval:def:89003024 This update for ucode-intel fixes the following issues: - Updated Intel CPU Microcode to 20201118 official release. - Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms. - CVE-2020-8695: Fixed Intel RAPL sidechannel attack INTEL-SA-00389 - CVE-2020-8698: Fixed Fast Store For ... oval:org.secpod.oval:def:89003266 This update for postgresql94 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner . oval:org.secpod.oval:def:89003268 This update for LibVNCServer fixes the following issues: Security issues fixed: - CVE-2018-15126: Fixed use-after-free in file transfer extension - CVE-2018-6307: Fixed use-after-free in file transfer extension server code - CVE-2018-20020: Fixed heap out-of-bound write inside structure in VNC cli ... oval:org.secpod.oval:def:89044807 This update for curl fixes the following issues: Security issues fixed: - CVE-2017-1000254: FTP PWD response parser out of bounds read - CVE-2017-1000257: IMAP FETCH response out of bounds read Bugs fixed: - Fixed error error:1408F10B:SSL routines when connecting to ftps via proxy oval:org.secpod.oval:def:89044805 This update for SuSEfirewall2 fixes the following issues: - CVE-2017-15638: Fixed a security issue with too open implicit portmapper rules : A source net restriction for _rpc_ services was not taken into account for the implicitly added rules for port 111, making the portmap service accessible to ev ... oval:org.secpod.oval:def:89044812 This update for curl fixes the following issues: - CVE-2017-1000100: TFP sends more than buffer size and it could lead to a denial of service - CVE-2017-1000101: URL globbing out of bounds read could lead to a denial of service oval:org.secpod.oval:def:89044811 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2016-10087: NULL pointer dereference in png_set_text_2 oval:org.secpod.oval:def:89003134 This update for webkit2gtk3 to version 2.22.6 fixes the following issues: Security issues fixed: - CVE-2019-6212: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content. - CVE-2019-6215: Fixed a type confusion ... oval:org.secpod.oval:def:89003371 This update for ghostscript fixes the following issue: Security issue fixed: - CVE-2019-3838: Fixed a vulnerability which made forceput operator in DefineResource to be still accessible which could allow access to file system outside of the constraints of -dSAFER . oval:org.secpod.oval:def:89003131 This update for ghostscript fixes the following issue: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code . oval:org.secpod.oval:def:89044917 This update for evince fixes the following issue: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code . oval:org.secpod.oval:def:89044918 This update for libplist fixes the following issues: - CVE-2017-5209: The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service via split encoded Apple Property List data . - CVE-2017-5545: The main function in plistutil ... oval:org.secpod.oval:def:89003017 This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-0739: Update openssl to 1.0.2o to limit ASN.1 constructed types recursive definition depth . - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation . - CVE-2019-14559: Fixed a remotely e ... oval:org.secpod.oval:def:89044912 This update for netpbm fixes the following issues: Security bugs: * CVE-2017-2586: A NULL pointer dereference in stringToUint function could lead to a denial of service problem when processing malformed images. [bsc#1024292] * CVE-2017-2581: A out-of-bounds write in writeRasterPbm could be used by ... oval:org.secpod.oval:def:89003018 This update for bluez fixes the following issues: - CVE-2020-0556: Fixed improper access control which may lead to escalation of privilege and denial of service by an unauthenticated user . oval:org.secpod.oval:def:89044915 This update for xorg-x11-server fixes several issues. These security issues were fixed: - CVE-2017-13721: Missing validation of shmseg resource id in Xext/XShm could lead to shared memory segments of other users beeing freed - CVE-2017-13723: A local denial of service via unusual characters in XkbA ... oval:org.secpod.oval:def:89044914 This update for libquicktime fixes the following issues: * CVE-2017-9122: A DoS in quicktime_read_moov function in moov.c via acrafted mp4 file was fixed. * CVE-2017-9123: An invalid memory read in lqt_frame_duration via a crafted mp4 file was fixed. * CVE-2017-9124: A NULL pointer dereference in ... oval:org.secpod.oval:def:89044922 This Linux kernel update for SUSE Linux Enterprise 12 SP2 fixes the following issues: - A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most notably Java. These issues have been remedied. [bsc#1045340] oval:org.secpod.oval:def:89044921 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000364: The default stack guard page was too small and could be jumped over by userland programs using more than one page of stack in functions and so lea ... oval:org.secpod.oval:def:89003364 This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users These non-security issues were fixed: - Fix a segmentation fault in sss_cache command. ... oval:org.secpod.oval:def:89003244 This update for the Linux Kernel 4.4.121-92_117 fixes one issue. The following security issue was fixed: - CVE-2018-5390: Fixed expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for every incoming packet which could have led to a denial of service . oval:org.secpod.oval:def:89003124 This update for xen fixes the following issues: Security vulnerabilities fixed: - CVE-2018-19961, CVE-2018-19962: Fixed an issue related to insufficient TLB flushing with AMD IOMMUs, which potentially allowed a guest to escalate its privileges, may cause a Denial of Service affecting the entire hos ... oval:org.secpod.oval:def:89003125 This update for libssh2_org fixes the following issues: - Incorrect upstream fix for CVE-2019-3859 broke public key authentication [bsc#1133528, bsc#1130103] oval:org.secpod.oval:def:89003369 This update for curl fixes the following issues: Security issues fixed: - CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP . - CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message . - CVE-2018-1689 ... oval:org.secpod.oval:def:89044824 This update for tcpdump to version 4.9.0 and libpcap to version 1.8.1 fixes the several issues. These security issues were fixed in tcpdump: - CVE-2016-7922: The AH parser in tcpdump had a buffer overflow in print-ah.c:ah_print . - CVE-2016-7923: The ARP parser in tcpdump had a buffer overflow in pr ... oval:org.secpod.oval:def:89003008 This update for kernel-firmware fixes the following issue: - CVE-2020-12321: Updated the Intel Bluetooth firmware for buffer overflow security bugs . oval:org.secpod.oval:def:89003129 This update for libsoup fixes the following issues: Security issue fixed: - CVE-2018-12910: Fix crash when handling empty hostnames . - CVE-2017-2885: Fix chunk decoding buffer overrun that could be exploited against either clients or servers . Bug fixes: - bsc#1086036: translation-update-upstream c ... oval:org.secpod.oval:def:89044705 This update for kernel-firmware fixes the following issues: - Update Intel WiFi firmwares for the 3160, 7260 and 7265 adapters. Security issues fixed are part of the KRACK attacks affecting the firmware: - CVE-2017-13080: The reinstallation of the Group Temporal key could be used for replay attacks ... oval:org.secpod.oval:def:89044947 This update for libxslt fixes the following issues: - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page . - CVE-2016-4738: Fix he ... oval:org.secpod.oval:def:89044832 This update for kdelibs4 fixes the following issues: - CVE-2017-8422: This update fixes problem in the DBUS authentication of the kauth framework that could be used to escalate privileges depending on bugs or misimplemented dbus services oval:org.secpod.oval:def:89044713 This update for emacs fixes one issues. This security issue was fixed: - CVE-2017-14482: Remote code execution via mails with Content-Type: text/enriched oval:org.secpod.oval:def:89044712 This MariaDB update to version 10.0.31 GA fixes the following issues: Security issues fixed: - CVE-2017-3308: Subcomponent: Server: DML: Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MariaDB Server. Successful attacks of this ... oval:org.secpod.oval:def:89044950 This update for xen fixes several issues. These security issues were fixed: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch - A mali ... oval:org.secpod.oval:def:89003233 This update for libgcrypt fixes the following issues: Security issues fixed: - CVE-2019-13627: Mitigated ECDSA timing attack oval:org.secpod.oval:def:89003475 This update for sudo fixes the following issues: - CVE-2019-14287: Fixed an issue where a user with sudo privileges that allowed them to run commands with an arbitrary uid, could run commands as root, despite being forbidden to do so in sudoers . oval:org.secpod.oval:def:89003234 This update for texlive fixes the following issue: - CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex oval:org.secpod.oval:def:89003114 This update for gstreamer-plugins-base fixes the following issue: Security issue fixed: - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser . oval:org.secpod.oval:def:89003477 This update for ucode-intel fixes the following issues: Updated to the 20190312 bundle release New Platforms: - AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile - CFL-S P0 6-9e-c/22 000000a2 Core Gen9 Deskto ... oval:org.secpod.oval:def:89044939 pcsc-lite was updated to fix one security issue. This security issue was fixed: - CVE-2016-10109: This use-after-free and double-free issue allowed local attacker to cause a Denial of Service and possible privilege escalation . oval:org.secpod.oval:def:89003115 This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 . - CVE-2018-20506: Fixed an integer overflow when FTS3 extension is enabled . oval:org.secpod.oval:def:89044941 This update for sane-backends fixes the following issues: - saned could have leaked uninitialized memory back to its requesters for some opcodes, allowing for information disclosure of saned memory . oval:org.secpod.oval:def:89044944 This update for ImageMagick fixes the following issues: Security issues fixed: * CVE-2017-15033: A denial of service attack was fixed in ReadYUVImage in coders/yuv.c [bsc#1061873] * CVE-2017-11446: An infinite loop in ReadPESImage was fixed. * CVE-2017-12433: A memory leak in ReadPESImage in coder ... oval:org.secpod.oval:def:89003189 This update for vim fixes the following issue: Security issue fixed: - CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c . oval:org.secpod.oval:def:89003185 This update for openssl fixes the following issues: OpenSSL Security Advisory [10 September 2019] - CVE-2019-1547: Added EC_GROUP_set_generator side channel attack avoidance . - CVE-2019-1563: Fixed Bleichenbacher attack against cms/pkcs7 encryption transported key . oval:org.secpod.oval:def:89003065 This update for libpcap fixes the following issues: - CVE-2019-15165: Added sanity checks for PHB header length before allocating memory . - CVE-2018-16301: Fixed a buffer overflow . oval:org.secpod.oval:def:89003186 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent . Other issues fixed: - libxl: save current memo ... oval:org.secpod.oval:def:89003181 This update for nfs-utils fixes the following issues: - CVE-2019-3689: Fixed root-owned files stored in insecure /var/lib/nfs oval:org.secpod.oval:def:89003182 This update for postgresql10 to version 10.9 fixes the following issue: Security issue fixed: - CVE-2019-10164: Fixed buffer-overflow vulnerabilities in SCRAM verifier parsing . More information at https://www.postgresql.org/docs/10/release-10-9.html oval:org.secpod.oval:def:89003299 This update for webkit2gtk3 to version 2.22.5 fixes the following issues: Security issues fixed: - CVE-2018-4438: Fixed a logic issue which lead to memory corruption - CVE-2018-4437, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464: Fixed multiple memory corruption issues with improved me ... oval:org.secpod.oval:def:89003179 This update for libseccomp fixes the following issues: Update to new upstream release 2.4.1: * Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 : * Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS ... oval:org.secpod.oval:def:89003052 This update for libssh2_org fixes the following issues: Security issues fixed: - CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets . - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet . - CVE-2019-3860: Fixed Out-of- ... oval:org.secpod.oval:def:89003291 This update for openssl fixes the following issues: - Reject invalid EC point coordinates This helps openssl using services that do not do this verification on their own. oval:org.secpod.oval:def:89003171 This update for dovecot22 fixes the following issues: - CVE-2019-11500: Fixed a potential remote code execution in the IMAP and ManageSieve protocol parsers . oval:org.secpod.oval:def:89003046 This update for xrdp fixes the following issues: Security issues fixed: - CVE-2013-1430: When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd was created. Its content was the equivalent of the user"s cleartext password, DES encrypted with a known key ... oval:org.secpod.oval:def:89003167 This update for openssl fixes the following issues: Security issues fixed: - The 9 Lives of Bleichenbacher"s CAT: Cache Attacks on TLS Implementations - CVE-2019-1559: Fixed OpenSSL 0-byte Record Padding Oracle which under certain circumstances a TLS server can be forced to respond differently to a ... oval:org.secpod.oval:def:89003047 This update for webkit2gtk3 to version 2.22.4 fixes the following issues: Security issues fixed: CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018 ... oval:org.secpod.oval:def:89003168 This update for postgresql96 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner . oval:org.secpod.oval:def:89003169 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share . Non-security issues fixed: - Fixed an issue where the first login failed and subsequent o ... oval:org.secpod.oval:def:89044909 This update for apache2 fixes the following issues: - CVE-2016-8740 Server memory can be exhausted and service denied when HTTP/2 is used [bsc#1013648] oval:org.secpod.oval:def:89003044 This update for perl fixes the following issues: Security issue fixed: - CVE-2018-18311: Fixed integer overflow with oversize environment . oval:org.secpod.oval:def:89044905 This update for jakarta-taglibs-standard fixes the following issues: - CVE-2015-0254: Apache Standard Taglibs allowed remote attackers to execute arbitrary code or conduct external XML entity attacks via a crafted XSLT extension in a x:parse or x:transform JSTL XML tag oval:org.secpod.oval:def:89044911 This update for cpio fixes two issues. This security issue was fixed: - CVE-2016-2037: The cpio_safer_name_suffix function in util.c in cpio allowed remote attackers to cause a denial of service via a crafted cpio file . This non-security issue was fixed: - bsc#1020108: Always use 32 bit CRC to pre ... oval:org.secpod.oval:def:89044910 The ppp package was updated to fix the following security issue: - CVE-2015-3310: Fixed a buffer overflow in radius plug-in"s rc_mksid . oval:org.secpod.oval:def:89003040 This update for systemd fixes the following issues: Security issues fixed: - CVE-2018-6954: Fixed a vulnerability in the symlink handling of systemd-tmpfiles which allowed a local user to obtain ownership of arbitrary files . - CVE-2019-3842: Fixed a vulnerability in pam_systemd which allowed a loca ... oval:org.secpod.oval:def:89003156 This update for curl fixes the following issues: Security issue fixed: - CVE-2019-5482: Fixed TFTP small blocksize heap buffer overflow . oval:org.secpod.oval:def:89003277 This update for systemd fixes the following issues: Security vulnerability fixed: - CVE-2019-6454: Fixed a crash of PID1 by sending specially crafted D-BUS message on the system bus by an unprivileged user Other bug fixes and changes: - journal-remote: set a limit on the number of fields in a messa ... oval:org.secpod.oval:def:89003037 This update for gstreamer-0_10-plugins-base fixes the following issues: Security issue fixed: - CVE-2019-9928: Fixed a heap-based overflow in the rtsp connection parser . oval:org.secpod.oval:def:89044649 This update for bind fixes the following issues: CVE-2017-3137 : Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could have been exploited to cause a denial of service of a bind server performing recursion. CVE-2017-31 ... oval:org.secpod.oval:def:89044769 This update for wireshark fixes the following issues: - CVE-2017-17083: NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginning of a buffer. - CVE-2017-17084: IWARP_MPA dissector could crash. This was addre ... oval:org.secpod.oval:def:89044898 GNU binutil was updated to the 2.29.1 release, bringing various new features, fixing a lot of bugs and security issues. Following security issues are being addressed by this release: * 18750 bsc#1030296 CVE-2014-9939 * 20891 bsc#1030585 CVE-2017-7225 * 20892 bsc#1030588 CVE-2017-7224 * 20898 bsc#103 ... oval:org.secpod.oval:def:89044897 The network debugging tool wireshark was updated to version 2.2.7 to fix the following issues: - CVE-2017-9352: Bazaar dissector infinite loop - CVE-2017-9348: DOF dissector read overflow - CVE-2017-9351: DHCP dissector read overflow - CVE-2017-9346: SoulSeek dissector infinite loop - CVE-20 ... oval:org.secpod.oval:def:89044658 This update for dovecot22 to version 2.2.29.1 fixes the following issues: This security issue was fixed: - CVE-2017-2669: Don"t double-expand %variables in keys. If dict was used as the authentication passdb, using specially crafted %variables in the username could be used to cause DoS Additionally ... oval:org.secpod.oval:def:89044779 This update for libzip fixes one issues. This security issue was fixed: - CVE-2017-14107: The _zip_read_eocd64 function mishandled EOCD records, which allowed remote attackers to cause a denial of service via a crafted ZIP archive . oval:org.secpod.oval:def:89044772 This update for evince fixes the following issues: Security issue fixed: - CVE-2017-1000083: Remove support for tar and tar-like commands in comics backend . oval:org.secpod.oval:def:89044895 This update provides Quagga 1.1.1, which brings several fixes and enhancements. Security issues fixed: - CVE-2017-5495: Telnet "vty" interface DoS due to unbounded memory allocation. - CVE-2016-1245: Stack overrun in IPv6 RA receive code. Bug fixes: - Do not enable zebra"s TCP interface to use de ... oval:org.secpod.oval:def:89044892 This update for opensaml fixes the following issues: Security issue fixed: - CVE-2017-16853: Fix the DynamicMetadataProvider class to properly configure itself with the MetadataFilter plugins, to avoid possible MITM attacks . oval:org.secpod.oval:def:89044638 This update for systemd fixes the following issues: Security issue fixed: - CVE-2017-9217: resolved: Fix null pointer p-question dereferencing that could lead to resolved aborting The update also fixed several non-security bugs: - core/mount: Use the -c flag to not canonicalize paths when calling / ... oval:org.secpod.oval:def:89044759 This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-9600: Null Pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder - CVE-2016-10251: Use of uninitialized value in jpc_pi_nextcprl - CVE-2017-5498: left-shift undefined behaviour - CVE-20 ... oval:org.secpod.oval:def:89044637 This update for wget fixes the following security issues: - CVE-2017-13089,CVE-2017-13090: Missing checks for negative remaining_chunk_size in skip_short_body and fd_read_body could cause stack buffer overflows, which could have been exploited by malicious servers oval:org.secpod.oval:def:89044766 This update for wireshark to version 2.2.9 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation . - CVE-2017-13766: The Profinet I/O dissector could have crash with an out-of ... oval:org.secpod.oval:def:89044889 This update for jasper fixes the following issues: - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec. - CVE-2016-9395: Invalid jasper files could lead to abort of the library caused by attacker provided image. - CVE-2016-9398: Invalid jasper files could lead to abort of the lib ... oval:org.secpod.oval:def:89044888 This update for bind fixes the following issues: - Fixed a possible denial of service vulnerability oval:org.secpod.oval:def:89044764 This update for libgcrypt fixes the following issues: - CVE-2017-7526: Hardening against a local side-channel attack in RSA key handling has been added oval:org.secpod.oval:def:89044884 This update for freeradius-server fixes the following issues: Security issue fixed: - CVE-2017-9148: Disable OpenSSL"s internal session cache to mitigate authentication bypass. Non security issue fixed: - Fix case insensitive matching in compiled regular expressions oval:org.secpod.oval:def:89044760 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. - CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. Bugfixes: - Drop patch ncurses-5.9-environ ... oval:org.secpod.oval:def:89044881 This update for libquicktime fixes the following issues: - A crafted MP4 file could have caused libquicktime to crash or lead to undefined behaviour oval:org.secpod.oval:def:89044678 xerces-j2 was updated to fix several issues. This security issue was fixed: - bsc#814241: Prevent possible DoS through very long attribute names This non-security issue was fixed: - Prevent StackOverflowError when applying a pattern restriction on long strings while trying to validate an XML file ag ... oval:org.secpod.oval:def:89044799 This update for bash fixes an issue that could lead to syntax errors when parsing scripts that use expr inside loops. Additionally, the popd build-in now ensures that the normalized stack offset is within bounds before trying to free that stack entry. This fixes a segmentation fault. oval:org.secpod.oval:def:89044674 This wireshark update to version 2.2.8 fixes the following issues: Security issues fixed: - CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing length validation. - CVE-2017-11410: The WBXML dissector could go into an infinite loop. - CVE-2017-11408: The ... oval:org.secpod.oval:def:89044795 This update for poppler fixes the following issues: Security issues fixed: - CVE-2017-9775: Fix a stack overflow bug in pdftocairo that could have been exploited in a denial of service attack through a specially crafted PDF document. - CVE-2017-9776: Fix an integer overflow bug that could have been ... oval:org.secpod.oval:def:89044797 This update for git fixes the following issues: This security issue was fixed: - CVE-2017-14867: Git used unsafe Perl scripts to support subcommands such as cvsserver, which allowed attackers to execute arbitrary OS commands via shell metacharacters in a module name . oval:org.secpod.oval:def:89003082 This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-19788: Fixed handling of UIDs over MAX_UINT oval:org.secpod.oval:def:89044672 This update for openvpn fixes the following issues: - CVE-2017-12166: Lack of bound check in read_key in old legacy key handling before using values could be used for a remote buffer overflow . oval:org.secpod.oval:def:89044793 This update for liblouis fixes several issues. These security issues were fixed: - CVE-2017-13738: Prevent illegal address access in the _lou_getALine function that allowed to cause remote DoS . - CVE-2017-13739: Prevent heap-based buffer overflow in the function resolveSubtable that could have caus ... oval:org.secpod.oval:def:89044671 This update for dnsmasq fixes the following security issues: - CVE-2017-14491: 2 byte heap based overflow. [bsc#1060354] - CVE-2017-14492: heap based overflow. [bsc#1060355] - CVE-2017-14493: stack based overflow. [bsc#1060360] - CVE-2017-14494: DHCP - info leak. [bsc#1060361] - CVE-2017-14495: DNS ... oval:org.secpod.oval:def:89003078 This update for samba fixes the following issues: Security issue fixed: - CVE-2019-3880: Save registry file outside share as unprivileged user . Non-security issue fixed: - Backport changes to support quotas with SMB2 . oval:org.secpod.oval:def:89003197 This update for permissions fixes the following issues: - CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid which could have allowed a squid user to gain persistence by changing the binary . - CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic links . - Fix ... oval:org.secpod.oval:def:89044786 This update for tcmu-runner fixes the following issues: Security issues fixed: - CVE-2017-1000198: The glfs handler allowed local DoS via crafted CheckConfig strings - CVE-2017-1000199: The qcow handler leaked information via the CheckConfig D-Bus method oval:org.secpod.oval:def:89003193 This update for dovecot22 fixes the following issues: Security issues fixed: - CVE-2019-7524: Fixed an improper file handling which could result in stack overflow allowing local root escalation . - CVE-2019-3814: Fixed a vulnerability related to SSL client certificate authentication . Other issue fi ... oval:org.secpod.oval:def:89044661 This update for perl fixes the following issues: Security issues fixed: - CVE-2017-12837: Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service via a regular expression with a " ... oval:org.secpod.oval:def:89003073 This update for LibVNCServer fixes the following issues: Security issues fixed: - CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c - CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c - CVE-2018-20748: Fixed multiple heap out-of-bound writes ... oval:org.secpod.oval:def:89003194 This update for libjpeg-turbo fixes the following issues: - CVE-2019-2201: Several integer overflow issues and subsequent segfaults occurred in libjpeg-turbo, when attempting to compress or decompress gigapixel images. [bsc#1156402] oval:org.secpod.oval:def:89044726 This update for clamav fixes the following issues: Security issue fixed: - CVE-2012-6706: Fixed an arbitrary memory write in VMSF_DELTA filter in libclamunrar Non security issues fixed: - Provide and obsolete clamav-nodb to trigger its removal in openSUSE Leap oval:org.secpod.oval:def:89044967 This update for sssd provides the following fixes: Security issues fixed: - CVE-2017-12173: Fixed unsanitized input when searching in local cache database . Non security issues fixed: - Fixed a segfault issue in ldap_rfc_2307_fallback_to_local_users. - Install /var/lib/sss/mc directory to correct s ... oval:org.secpod.oval:def:89044848 This update for xen to version 4.7.2 fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memory_exchange permited PV guest breakout . - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or driver domai ... oval:org.secpod.oval:def:89044969 This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-11112: Illegal address access in append_acs. - CVE-2017-11113: Dereferencing NULL pointer in _nc_parse_entry. - CVE-2017-10684, CVE-2017-10685: Add modified upstream fix from ncurses 6.0 to avoid broken termcap f ... oval:org.secpod.oval:def:89044612 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2017-6502: Possible file-descriptor leak in libmagickcore that could be triggered via a specially crafted webp file . - CVE-2017-7943: The ReadSVGImage function in svg.c allowed remote attackers to consume an amount ... oval:org.secpod.oval:def:89044733 This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory . Bugfixes: - Force usage of ncurses6-config thru NCURSES_CONFIG env var . - Add missing ldb module directory . - Don"t package man pages for VFS modul ... oval:org.secpod.oval:def:89044856 This update for strongswan fixes the following issues: - CVE-2017-9022: Insufficient Input Validation in gmp Plugin leads to Denial of service - CVE-2017-9023: Incorrect x509 ASN.1 parser error handling could lead to Denial of service - IKEv1 protocol is vulnerable to DoS amplification attack oval:org.secpod.oval:def:89044734 This update for tboot fixes the following issues: Security issue fixed: - CVE-2017-16837: Certain function pointers in Trusted Boot through 1.9.6 are notvalidated and can cause arbitrary code execution, which allows local users tooverwrite dynamic PCRs of Trusted Platform Module by h Bug fixes: - ... oval:org.secpod.oval:def:89044855 This update for curl fixes the following issues: Security issue fixed: - CVE-2016-9586: libcurl printf floating point buffer overflow - CVE-2017-7407: The ourWriteOut function in tool_writeout.c in curl might have allowed physically proximate attackers to obtain sensitive information from process m ... oval:org.secpod.oval:def:89044976 This update for libgcrypt fixes the following issues: - CVE-2017-9526: Store the session key in secure memory to ensure that constant time point operations are used in the MPI library. - Don"t require secure memory for the fips selftests, this prevents the Oops, secure memory pool already initializ ... oval:org.secpod.oval:def:89002925 This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol . oval:org.secpod.oval:def:89044970 This update for libmicrohttpd fixes the following issues: - CVE-2013-7038: The MHD_http_unescape function in libmicrohttpd might have allowed remote attackers to obtain sensitive information or cause a denial of service via unspecified vectors that trigger an out-of-bounds read. - CVE-2013-7039: S ... oval:org.secpod.oval:def:89002923 This update for gcc10 fixes the following issues: This update provides the GCC10 compiler suite and runtime libraries. The base SUSE Linux Enterprise libraries libgcc_s1, libstdc++6 are replaced by the gcc10 variants. The new compiler variants are available with quot;-10quot; suffix, you can specify ... oval:org.secpod.oval:def:89044959 This update for poppler fixes the following issues: - CVE-2017-9406: Fixed a memory leak that occurred while parsing invalid XRef attributes . - CVE-2017-9083: Fixed a memory leak that occurred when the parser tried to recover from a broken input file oval:org.secpod.oval:def:89044837 This update for libvirt fixes several issues. This security issue was fixed: - bsc#1053600: Escape ssh commed line to prevent interpreting malicious hostname as arguments, allowing for command execution These non-security issues were fixed: - bsc#1049505, bsc#1051017: Security manager: Don"t autogen ... oval:org.secpod.oval:def:89002919 This update for openssl fixes the following issues: Security issue fixed: - CVE-2019-1551: Fixed an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli . Non-security issue fixed: - Fixed a crash in BN_copy . oval:org.secpod.oval:def:89044966 This update for ghostscript fixes the following security vulnerabilities: - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to cause a ... oval:org.secpod.oval:def:89044965 This update for systemd fixes the following issues: This security issue was fixed: - CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges . These non-security issues were fixed: - Fix permission set on /var/lib/systemd ... oval:org.secpod.oval:def:89044749 This update for apache2 fixes the following security issues: Security issues fixed: - CVE-2016-0736: Protect mod_session_crypto data with a MAC to prevent padding oracle attacks . - CVE-2016-2161: Malicious input to mod_auth_digest could have caused the server to crash, resulting in DoS . - CVE-2016 ... oval:org.secpod.oval:def:89044875 This update for graphite2 fixes one issue. This security issues was fixed: - CVE-2017-5436: An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution . oval:org.secpod.oval:def:89044756 This update for git fixes the following issues: - git 2.12.3: * CVE-2017-8386: Fix git-shell not to escape with the starting dash name * Fix for potential segv introduced in v2.11.0 and later * Misc fixes and cleanups. - git 2.12.2: * CLI output fixes * Dump http transport fixes * various fixes for ... oval:org.secpod.oval:def:89044630 This update for libXcursor fixes the following issues: Security issue fixed: - CVE-2017-16612: Fix integeroverflow while parsing images and a signedness issue while parsing comments . oval:org.secpod.oval:def:89044992 This update for git fixes the following issues: - CVE-2017-1000117: A client side code execution via shell injection when receiving special submodule strings from a malicious server was fixed oval:org.secpod.oval:def:89044753 This audiofile update fixes the following issue: Security issues fixed: - CVE-2015-7747: Fixed buffer overflow issue when changing both number of channels and sample format. - CVE-2017-6827: heap-based buffer overflow in MSADPCM::initializeCoefficients - CVE-2017-6828: heap-based buffer overflow ... oval:org.secpod.oval:def:89044874 This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2017-9439: A memory leak was found in the function ReadPDBImage incoders/pdb.c - CVE-2017-9440: A memory leak was found in the function ReadPSDChannelin coders/psd.c - CVE-2017-9501: An assertion failure could cau ... oval:org.secpod.oval:def:89044616 This update for freeradius fixes the following issues: Security issues fixed: - CVE-2017-10988: Decode "signed" attributes correctly. - CVE-2017-10987: Check for option overflowing the packet. - CVE-2017-10985: Fix infinite loop and memory exhaustion with "concat" attributes. - CVE-2017-10984: Fi ... oval:org.secpod.oval:def:89044622 This update for samba fixes the following issues: Security issues fixed: - CVE-2017-14746: Use-after-free vulnerability . - CVE-2017-15275: Server heap memory information leak . Bug fixes: - Update "winbind expand groups" doc in smb.conf man page . oval:org.secpod.oval:def:89044985 This update for libical fixes the following issues: Security issues fixed: - CVE-2016-5824: libical 1.0 allows remote attackers to cause a denial of service via a crafted ics file. - CVE-2016-5827: The icaltime_from_string function in libical 0.47 and 1.0 allows remote attackers to cause a denial ... oval:org.secpod.oval:def:89044746 This update for postgresql96 fixes the following issues: Security issues fixed: - CVE-2017-15098: Fix crash due to rowtype mismatch in json{b}_populate_recordset . - CVE-2017-15099: Ensure that INSERT ... ON CONFLICT DO UPDATE checks table permissions and RLS policies in all cases . Bug fixes: - Upd ... oval:org.secpod.oval:def:89044988 This update for apache2 fixes the following issues: Security issue fixed: - CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest. Bug fixes: - Include individual sysconfig.d files instead of the whole sysconfig.d directory. - Include sysconfig.d/include.conf after httpd.conf is process ... oval:org.secpod.oval:def:89044624 This update for libquicktime fixes the following issues: Security issue fixed: - CVE-2016-2399: Adjust patch to prevent endless loop when there are less than 256 bytes to read oval:org.secpod.oval:def:89044981 This update for poppler fixes the following issues: Security issues fixed: - CVE-2017-9775: DoS stack buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document - CVE-2017-9776: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PDF document - CVE-201 ... oval:org.secpod.oval:def:89044742 This update for gd fixes the following security issues: - CVE-2016-6906: An out-of-bounds read in TGA decompression was fixed which could have lead to crashes. - CVE-2016-6912: Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library allowed remote attackers to have unspe ... oval:org.secpod.oval:def:89002974 This update for LibVNCServer fixes the following issues: - CVE-2019-15690: Fixed a heap buffer overflow . - CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory . - CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large h ... oval:org.secpod.oval:def:89044013 This update fixes the following issues in yast2-smt: - Explicitly mention Organization Credentials - Rearrange the SMT set-up dialog - Added missing translation marks - Remove cron job rescheduling This update is a requirement for the security update for SMT. Because of that it is tagged as secu ... oval:org.secpod.oval:def:89044016 This update for apache2 fixes the following issues: Security issues fixed: - CVE-2016-8743: Fixed liberal whitespace interpretation accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain o ... oval:org.secpod.oval:def:89002956 This update for cyrus-sasl fixes the following issues: - CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet . oval:org.secpod.oval:def:89002946 This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters . oval:org.secpod.oval:def:89002892 This update for ucode-intel fixes the following issues: - Intel CPU Microcode updated to 20201027 prerelease - CVE-2020-8695: Fixed Intel RAPL sidechannel attack - CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 # New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New V ... oval:org.secpod.oval:def:89002894 This update for vim fixes the following issues: - CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces . oval:org.secpod.oval:def:89044215 This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . - Adjust smbcacls "--propagate-inheritance" feature to align with upstream . oval:org.secpod.oval:def:89044699 This update for gstreamer-plugins-good fixes the following issues: - A crafted aac audio file could have caused an invalid read and thus corruption or denial of service - A crafted mp4 file could have caused an invalid read and thus corruption or denial of service - A crafted avi file could have c ... oval:org.secpod.oval:def:89044211 This update for gdm fixes the following issues: - Avoid the signal SIGTRAP when gdm exits . oval:org.secpod.oval:def:89044691 This update for rrdtool provides the following fixes: - CVE-2013-2131: Enhance imginfo format validation checks to prevent crashes. - Add rrdtool-cached sub-package to SLE 12-SP1 oval:org.secpod.oval:def:89002886 This update for mariadb fixes the following issues: Security issue fixed: - CVE-2019-2974: Fixed Server Optimizer . oval:org.secpod.oval:def:89044688 This update for ImageMagick fixes the following issues: - CVE-2016-10046: Prevent buffer overflow in draw.c caused by an incorrect length calculation - CVE-2016-10048: Arbitrary module could have been load because relative path were not escaped - CVE-2016-10049: Corrupt RLE files could have overfl ... oval:org.secpod.oval:def:89044685 This update for samba fixes the following issues: Security issues fixed: - CVE-2017-2619: Symlink race permits opening files outside share directory . Bugfixes: - Don"t package man pages for VFS modules that aren"t built . - sync_req: make async_connect_send reentrant; ; . - Document winbind: ignore ... oval:org.secpod.oval:def:89044200 This update for samba fixes the following issues: - CVE-2021-20254: Fixed a buffer overrun in sids_to_unixids . oval:org.secpod.oval:def:89044684 This security update for spice fixes the following issues: CVE-2016-9577: A buffer overflow in the spice server could have potentially been used by unauthenticated attackers to execute arbitrary code. CVE-2016-9578: Unauthenticated attackers could have caused a denial of service via a crafted messa ... oval:org.secpod.oval:def:89044681 This update for libplist fixes the following issues: Security issues fixed: - CVE-2017-6439: Heap-based buffer overflow in the parse_string_node function. - CVE-2017-6438: Heap-based buffer overflow in the parse_unicode_node function. - CVE-2017-6437: The base64encode function in base64.c allows l ... oval:org.secpod.oval:def:89044680 This update for systemd and dracut fixes the following issues: Security issues fixed: - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server. Non-security issues fixed in systemd: - Automounter issue in combination with NFS volumes - Missing sy ... oval:org.secpod.oval:def:89044683 This update for ImageMagick fixes the following issues: * CVE-2017-14989: use-after-free in RenderFreetype in MagickCore/annotate.c could lead to denial of service [bsc#1061254] * CVE-2017-14682: GetNextToken in MagickCore/token.c heap buffer overflow could lead to denial of service [bsc#1060176] * ... oval:org.secpod.oval:def:89044682 This update for tigervnc provides the several fixes. These security issues were fixed: - CVE-2017-7392, CVE-2017-7396: Client can cause leak in VNC server - CVE-2017-7395: Authenticated VNC client can crash VNC server - CVE-2017-7394: Client can crash or block VNC server - CVE-2017-7393: Authenti ... oval:org.secpod.oval:def:89002990 This update for postgresql10 fixes the following issues: PostgreSQL was updated to version 10.12. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:89002872 This update for openssl fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME . oval:org.secpod.oval:def:89044235 This update for java-1_7_0-openjdk fixes the following issues: - Update to 2.6.25 - OpenJDK 7u291 * Security fixes + JDK-8247619: Improve Direct Buffering of Characters * Import of OpenJDK 7 u291 build 1 + JDK-8254177: Upgrade time-zone data to tzdata2020b + JDK-8254982: Upgrade time-zone data to ... oval:org.secpod.oval:def:89002986 This update for ovmf fixes the following issues: - CVE-2019-14562: Fixed an overflow in DxeImageVerificationHandler . - CVE-2019-14559: Fixed a memory leak in ArpOnFrameRcvdDpc . oval:org.secpod.oval:def:89044581 This update for policycoreutils fixes the following issues: * CVE-2016-7545: nonpriv session can escape to parent [bsc#1000998] oval:org.secpod.oval:def:89003416 This update for wpa_supplicant fixes the following issues: This security issue was fixed: - CVE-2018-14526: Under certain conditions, the integrity of EAPOL-Key messages was not checked, leading to a decryption oracle. An attacker within range of the Access Point and client could have abused the vul ... oval:org.secpod.oval:def:89003401 This update for curl fixes the following issues: Security issue fixed: - CVE-2019-5436: Fixed a heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server . oval:org.secpod.oval:def:89003402 This update for wget fixes the following issues: Security issue fixed: - CVE-2019-5953: Fixed a buffer overflow vulnerability which might cause code execution . oval:org.secpod.oval:def:89003465 This update for gdb fixes the following issues: Update to gdb 8.3.1: Security issues fixed: - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version gt; librpm.so.3 [bsc#1145692]: * Allow a ... oval:org.secpod.oval:def:89003224 This update for ibus fixes the following issues: Security issue fixed: - CVE-2019-14822: Fixed a misconfiguration of the DBus server that allowed an unprivileged user to monitor and send method calls to the ibus bus of another user oval:org.secpod.oval:def:89003108 This update for curl fixes the following issues: Security issue fixed: - CVE-2018-16839: Fixed a buffer overflow in the SASL authentication code . oval:org.secpod.oval:def:89003227 This update for sqlite3 fixes the following issues: Security issue fixed: - CVE-2019-8457: Fixed a Heap out-of-bound read in rtreenode when handling invalid rtree tables . oval:org.secpod.oval:def:89044295 This update for bind fixes the following issues: - CVE-2021-25214: Fixed a broken inbound incremental zone update which could have caused named to terminate unexpectedly . - CVE-2021-25215: Fixed an assertion check which could have failed while answering queries for DNAME records that required the ... oval:org.secpod.oval:def:89003214 This update for sqlite3 fixes the following issues: - CVE-2017-2518: Fixed a use-after-free vulnerability which could have led to buffer overflow via a crafted SQL statement . oval:org.secpod.oval:def:89003441 This update for freeradius-server fixes the following issues: Security issues fixed: - CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points . - CVE-2019-11234: Fixed an authentication bypass caused by reflecting privou ... oval:org.secpod.oval:def:89003201 This update for dbus-1 fixes the following issue: Security issue fixed: - CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication . oval:org.secpod.oval:def:89003324 This update for the Linux Kernel 4.4.121-92_104 fixes one issue. The following security issue was fixed: - CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for every incoming packet which can lead to a denial of service . oval:org.secpod.oval:def:89003445 This update for bash fixes the following issues: Security issue fixed: - CVE-2019-9924: Fixed a vulnerability in which shell did not prevent user BASH_CMDS allowing the user to execute any command with the permissions of the shell . oval:org.secpod.oval:def:89003326 This update for the Linux Kernel 3.12.74-60_64_110- fixes one issue. The following security issue was fixed: - CVE-2018-5390: The Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue and tcp_prune_ofo_queue for every incoming packet which can lead to a denial of servic ... oval:org.secpod.oval:def:89003312 This update for atftp fixes the following issues: Security issues fixed: - CVE-2019-11366: Fixed a denial of service caused by a NULL pointer dereference because thread_list_mutex was not locked . - CVE-2019-11365: Fixed a buffer overflow which could lead to remote code execution caused by an insecu ... oval:org.secpod.oval:def:89003433 This update for spice fixes the following issues: Security issue fixed: - CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution . oval:org.secpod.oval:def:89003438 This update for libssh2_org fixes the following issues: - Fix the previous fix for CVE-2019-3860 oval:org.secpod.oval:def:89003436 This update for xen fixes the following issues: Security issues fixed: - Fixed an issue which could allow malicious PV guests may cause a host crash or gain access to data pertaining to other guests.Additionally, vulnerable configurations are likely to be unstable even in the absence of an attack . ... oval:org.secpod.oval:def:89003357 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-14378: Security fix for heap overflow in ip_reass on big packet input . - CVE-2019-12155: Security fix for null pointer dereference while releasing spice resources . - CVE-2019-13164: Security fix for qemu-bridge-help ... oval:org.secpod.oval:def:89003084 This update for ghostscript to 9.27 fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. - CVE-2019 ... oval:org.secpod.oval:def:89043976 This update for spice-vdagent provides the following fixes: This security issue was fixed: - CVE-2017-15108: Properly escape save directory that is passed to the shell to prevent local attacker with access to the session the agent runs from injecting arbitrary commands to be executed . This non-secu ... oval:org.secpod.oval:def:89045547 This update for aspell fixes the following issues: - CVE-2019-25051: Fixed heap-buffer-overflow in acommon:ObjStack:dup_top . oval:org.secpod.oval:def:89003003 This update for postgresql10 fixes the following issues: Upgrade to version 10.15: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89003273 This update for clamav fixes the following issues: - CVE-2019-15961: Fixed a denial of service which might occur when scanning a specially crafted email file as . oval:org.secpod.oval:def:89044203 This update for tomcat fixes the following issues: - CVE-2021-25329: Complete fix for CVE-2020-9484 oval:org.secpod.oval:def:89002972 This update for LibVNCServer fixes the following issues: - CVE-2020-25708 [bsc#1178682], libvncserver/rfbserver.c has a divide by zero which could result in DoS oval:org.secpod.oval:def:89003383 This update for java-1_7_0-openjdk fixes the following issues: Security issues fixed : - CVE-2019-2933: Windows file handling redux - CVE-2019-2945: Better socket support - CVE-2019-2949: Better Kerberos ccache handling - CVE-2019-2958: Build Better Processes - CVE-2019-2964: Better support for patt ... oval:org.secpod.oval:def:89003474 This update for mailman fixes the following issues: - CVE-2019-3693: Fixed a local privilege escalation from wwwrun to root . oval:org.secpod.oval:def:89045341 This mariadb update to version 10.0.28 fixes the following issues : Security fixes: - CVE-2016-8283: Unspecified vulnerability in subcomponent Types - CVE-2016-7440: Unspecified vulnerability in subcomponent Encryption - CVE-2016-5629: Unspecified vulnerability in subcomponent Federated - CVE-201 ... oval:org.secpod.oval:def:89045539 This update for openssl fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. [bsc#1189521] oval:org.secpod.oval:def:89044926 This update for openssh fixes the following issues: Security issue fixed: - CVE-2017-15906: Stricter checking of operations in read-only mode in sftp server . Bug fixes: - FIPS: Startup selfchecks . - FIPS: Silent complaints about unsupported key exchange methods . - Refine handling of sockets for X ... oval:org.secpod.oval:def:89048082 This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.60 state of Mozilla SSL root CAs Removed CAs: - Global Chambersign Root - EC-ACC - Network Solutions Certificate Authority - Staat der Nederlanden EV Root CA - SwissSign Platinum CA - G2 Added CAs: - DIGITALSIGN GLOB ... oval:org.secpod.oval:def:89003000 This update for tigervnc fixes the following issues: - CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder . - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode . - CVE-2019-15693: Fixed a heap-based buffer overflow in TightDecoder::Filte ... oval:org.secpod.oval:def:89003005 This update for postgresql12 fixes the following issues: Upgrade to version 12.5: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89044787 This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling - CVE-2017-3317: unspecified vulnerability affecting Logging - CVE-2017-3312: insecure error log file handling in mysqld_safe, incomplete CVE-2016-6664 - CVE-2017 ... oval:org.secpod.oval:def:89045770 This update for postgresql96 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045796 This update for postgresql10 fixes the following issues: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshake . oval:org.secpod.oval:def:89045567 This update for openexr fixes the following issues: - CVE-2021-20298 [bsc#1188460]: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 [bsc#1188459]: Fixed Null-dereference READ in Imf_2_5:Header:operator - CVE-2021-20300 [bsc#1188458]: Fixed Integer-overflow in Imf_2_5:hufUncompress - CVE-2021-2 ... oval:org.secpod.oval:def:89003002 This update for samba fixes the following issues: - CVE-2020-10745: Fixed an issue which parsing and packing of NBT and DNS packets containing dots could potentially have consumed excessive CPU . oval:org.secpod.oval:def:89003410 This update for xen fixes the following issues: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service . - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service . - CVE-2019-143 ... oval:org.secpod.oval:def:89000695 This update for ghostscript to version 9.52 fixes the following issues: - CVE-2020-12268: Fixed a heap-based buffer overflow in jbig2_image_compose . oval:org.secpod.oval:def:89043999 This update for glibc fixes the following issues: - CVE-2017-18269: Fix SSE2 memmove issue when crossing 2GB boundary - CVE-2018-11236: Fix overflow in path length computation - CVE-2018-11237: Don"t write beyond buffer destination in __mempcpy_avx512_no_vzeroupper Non security bugs fixed: - Fix ... oval:org.secpod.oval:def:89044626 This update for gdk-pixbuf provides the following fixes: - Add overflow checks when creating pixbuf structures in general - Fix arithmetic overflow in the BMP loader - Adds support for BMPv3 with bitmasks oval:org.secpod.oval:def:89044989 This update for gdk-pixbuf fixes the following issues: - CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability - CVE-2017-2870: tiff_image_parse Code Execution Vulnerability - CVE-2017-6313: A dangerous integer underflow in io-icns.c - CVE-2017-6314: Infinite loop ... oval:org.secpod.oval:def:89045778 This update for postgresql, postgresql13 and postgresql14 fixes the following issues: Security issues fixed: - CVE-2021-23214: Make the server reject extraneous data after an SSL or GSS encryption handshake . - CVE-2021-23222: Make libpq reject extraneous data after an SSL or GSS encryption handshak ... oval:org.secpod.oval:def:89045576 This update for libesmtp fixes the following issues: - CVE-2019-19977: Fix stack-based buffer over-read in ntlm/ntlmstruct.c . oval:org.secpod.oval:def:89044627 This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs and security issues: - New vmware-namespace-cmd command line utility - GTK3 support - Common Agent Framework - Guest authentication with xmlsec1 - Sub-command to push updated network information to the host on demand - Fix f ... oval:org.secpod.oval:def:89044818 This update librsvg to version 2.40.18 fixes the following issues: Security issue fixed: - CVE-2017-11464: A SIGFPE is raised in the function box_blur_line of rsvg-filter.c oval:org.secpod.oval:def:89044575 This update for dbus-1 to version 1.8.22 fixes one security issue and bugs. The following security issue was fixed: - bsc#1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. The following upstream changes are included: - Change the default config ... oval:org.secpod.oval:def:89045106 This update for linuxptp fixes the following issues: - CVE-2021-3570: Validate the messageLength field of incoming messages oval:org.secpod.oval:def:89044867 This update for gstreamer-0_10-plugins-base fixes the following security issues: - A crafted AVI file could have caused a floating point exception leading to DoS oval:org.secpod.oval:def:89045568 This update for file fixes the following issues: - CVE-2019-18218: Fixed heap-based buffer overflow in cdf_read_property_info in cdf.c . oval:org.secpod.oval:def:89045110 This update for systemd fixes the following issues: Security issues fixed: - CVE-2021-33910: Fixed a denial of service in systemd Other fixes: - mount-util: shorten the loop a bit - mount-util: do not use the official MAX_HANDLE_SZ - mount-util: tape over name_to_handle_at flakiness - mount-u ... oval:org.secpod.oval:def:89044645 This update for tiff to version 4.0.8 fixes a several bugs and security issues: These security issues were fixed: - CVE-2017-7595: The JPEGSetupEncode function allowed remote attackers to cause a denial of service via a crafted image . - CVE-2016-10371: The TIFFWriteDirectoryTagCheckedRational func ... oval:org.secpod.oval:def:89003361 This update for MozillaFirefox fixes the following issues: Security issues fixed: CVE-2018-18500: Fixed a use-after-free parsing HTML5 stream . CVE-2018-18501: Fixed multiple memory safety bugs . CVE-2018-18505: Fixed a privilege escalation through IPC channel messages . oval:org.secpod.oval:def:89003120 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 68.3esr Security issues fixed: - CVE-2019-17008: Fixed a use-after-free in worker destruction - CVE-2019-13722: Fixed a stack corruption due to incorrect number of arguments in WebRTC code - CVE-2019-11745: ... oval:org.secpod.oval:def:89003390 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox Firefox 60.7.2 MFSA 2019-19 - CVE-2019-11708: Fix sandbox escape using Prompt:Open. * Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes could result in the non-sa ... oval:org.secpod.oval:def:89044885 This update for MozillaFirefox to ESR 52.4, mozilla-nss fixes the following issues: This security issue was fixed for mozilla-nss: - CVE-2017-7805: Prevent use-after-free in TLS 1.2 when generating handshake hashes These security issues were fixed for Firefox - CVE-2017-7825: Fixed some Tibetan and ... oval:org.secpod.oval:def:89044613 This update for MozillaFirefox to ESR 52.3 fixes several issues. These security issues were fixed: - CVE-2017-7807 Domain hijacking through AppCache fallback - CVE-2017-7791 Spoofing following page navigation with data: protocol and modal alerts - CVE-2017-7792 Buffer overflow viewing certificates ... oval:org.secpod.oval:def:89044741 This update for MozillaFirefox ESR 52.5 fixes the following issues: Security issues fixed: - CVE-2017-7826: Memory safety bugs fixed . - CVE-2017-7828: Use-after-free of PressShell while restyling layout . - CVE-2017-7830: Cross-origin URL information leak through Resource Timing API . Mozilla Found ... oval:org.secpod.oval:def:89045793 This update for MozillaFirefox fixes the following issues: MozillaFirefox was updated to Extended Support Release 91.3.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-49 * CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets * CVE-2021-38504: Use-afte ... oval:org.secpod.oval:def:89044860 This update for apparmor provides the following fixes: This security issue was fixed: - CVE-2017-6507: Preserve unknown profiles when reloading apparmor.service These non-security issues were fixed: - Add tunables/kernelvars abstraction. - Update flags of ntpd profile. - Force AppArmor to start a ... oval:org.secpod.oval:def:89044717 This update for util-linux fixes the following issues: This security issue was fixed: - CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges . This non-security issues were fixed: - lscpu: Implement WSL detection and w ... oval:org.secpod.oval:def:89045277 This update for util-linux fixes the following issues: - Consider redundant slashes when comparing paths . - Use upstream compatibility patches for --show-pt-geometry with obsolescence and deprecation warning - Replace cifs mount detection patch with upstream one that covers all cases . - Reuse exi ... oval:org.secpod.oval:def:89044700 This update for gstreamer fixes the following security issues: - A crafted AVI file could have caused an invalid memory read, possibly causing DoS or corruption oval:org.secpod.oval:def:89044927 This update for gstreamer-plugins-base fixes the following issues: * CVE-2016-9811: Malicious file could could cause an invalid read leading to crash [bsc#1013669] oval:org.secpod.oval:def:89044991 This update for gstreamer-plugins-base fixes the following security issues: - A crafted AVI file could have caused a floating point exception leading to DoS - A crafted AVI file could have caused a stack overflow leading to DoS - A crafted SAMI subtitle file could have caused an invalid memory acc ... oval:org.secpod.oval:def:89045256 This update for gstreamer-plugins-bad fixes the following security issues, which would allow attackers able to submit media files for indexing to cause code execution or crashes: - Check an integer overflow and initialize a buffer in vmncdec. - CVE-2016-9809: Ensure codec_data has the right size ... oval:org.secpod.oval:def:89003392 This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled allocas - CVE-2018-16866: Fixed an information leak in journald - Fixed an issue during system startup in relation to encrypted sw ... oval:org.secpod.oval:def:89045261 This update for openjpeg2 fixes the following issues: * CVE-2016-9114: NULL Pointer Access in function imagetopnm of convert.c:1943 could lead to crash [bsc#1007740] * CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.c [bsc#1007741] * CVE-2016-9580, CVE-2016-9581: Possible Heap ... oval:org.secpod.oval:def:89044644 This update for libXdmcp fixes the following issues: - CVE-2017-2625: The generation of session key in XDM using libXdmcp might have used weak entropy, making the session keys predictable oval:org.secpod.oval:def:89044968 This update for samba fixes several issues. These security issues were fixed: - CVE-2017-12163: Prevent client short SMB1 write from writing server memory to file, leaking information from the server to the client . - CVE-2017-12150: Always enforce smb signing when it is configured . - CVE-2017-1215 ... oval:org.secpod.oval:def:89044751 This update for spice fixes the following issues: - CVE-2017-7506: A possible buffer overflow via invalid monitor configurations oval:org.secpod.oval:def:89044994 This update for cairo fixes the following issues: - CVE-2017-7475: Fixed a segfault in get_bitmap_surface due to malformed font . - CVE-2016-9082: fix a segfault when using 4GB images since int values were used for pointer operations . oval:org.secpod.oval:def:89045385 This update for ImageMagick fixes the following issues: * CVE-2016-9556 Possible Heap-overflow found by fuzzing [bsc#1011130] * CVE-2016-9559 Possible Null pointer access found by fuzzing [bsc#1011136] * CVE-2016-8707 Possible code execution in Tiff conver utility [bsc#1014159] * CVE-2016-8866 Memor ... oval:org.secpod.oval:def:89045344 This update for qemu to version 2.6.2 fixes the several issues. These security issues were fixed: - CVE-2016-7161: Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU allowed attackers to execute arbitrary code on the QEMU host via a large ethlite packet . - CVE-201 ... oval:org.secpod.oval:def:89045178 This update for tar fixes the following issues: - Fix the POINTYFEATHER vulnerability - GNU tar archiver can be tricked into extracting files and directories in the given destination, regardless of the path name specified on the command line [bsc#1007188] [CVE-2016-6321] - Fix Amanda integration iss ... oval:org.secpod.oval:def:89044949 This update for pam fixes the following issues: - CVE-2015-3238: pam_unix in conjunction with SELinux allowed for DoS attacks . - log a hint to syslog if /etc/nologin is present, but empty . - If /etc/nologin is present, but empty, log a hint to syslog. - Added support for libowcrypt.so, if present ... oval:org.secpod.oval:def:89002876 This update for gcc9 fixes the following issues: The GNU Compiler Collection is shipped in version 9. A detailed changelog on what changed in GCC 9 is available at https://gcc.gnu.org/gcc-9/changes.html The compilers have been added to the SUSE Linux Enterprise Toolchain Module. To use these compile ... oval:org.secpod.oval:def:89003083 This update for clamav to version 0.100.3 fixes the following issues: Security issues fixed : - CVE-2019-1787: Fixed an out-of-bounds heap read condition which may occur when scanning PDF documents. - CVE-2019-1789: Fixed an out-of-bounds heap read condition which may occur when scanning PE files . ... oval:org.secpod.oval:def:89003318 This update for ghostscript to version 9.26a fixes the following issues: Security issue fixed: - CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators oval:org.secpod.oval:def:89003293 This update for binutils fixes the following issues: binutils was updated to current 2.32 branch @7b468db3 [jsc#ECO-368]: Includes the following security fixes:. oval:org.secpod.oval:def:89003177 This update for MozillaFirefox fixes the following issues: Security issuess addressed: - update to Firefox ESR 60.6.1 : - CVE-2019-9813: Fixed Ionmonkey type confusion with __proto__ mutations - CVE-2019-9810: Fixed IonMonkey MArraySlice incorrect alias information - Update to Firefox ESR 60.6 : - C ... oval:org.secpod.oval:def:89003117 This update for glib2 provides the following fix: Security issues fixed: - CVE-2019-12450: Fixed an improper file permission when copy operation takes place . - CVE-2018-16428: Avoid a null pointer dereference that could crash glib2 users in markup processing . - CVE-2018-16429: Fixed out-of-bounds ... oval:org.secpod.oval:def:89003343 This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers . - CVE-2019-6111: Properly ... oval:org.secpod.oval:def:89003346 This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to manipulate te ... oval:org.secpod.oval:def:89048630 This update of grub2 fixes the following issues: * rebuild the package with the new secure boot key . oval:org.secpod.oval:def:89044234 This update for cups fixes the following issues: - CVE-2021-25317: ownership of /var/log/cups could allow privilege escalation from lp user to root via symlink attacks oval:org.secpod.oval:def:89044802 This update for postgresql94 fixes the following issues: * CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. * CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. * CVE-2017-7548: lo_put ... oval:org.secpod.oval:def:89044850 This update for postgresql96 fixes the following issues: * CVE-2017-7547: Further restrict visibility of pg_user_mappings.umoptions, to protect passwords stored as user mapping options. * CVE-2017-7546: Disallow empty passwords in all password-based authentication methods. * CVE-2017-7548: lo_put ... oval:org.secpod.oval:def:89046056 This update for virglrenderer fixes the following issues: - CVE-2022-0135: Fixed out-of-bonds write in read_transfer_data . oval:org.secpod.oval:def:89045540 This update for cpio fixes the following issues: - A patch previously applied to remedy CVE-2021-38185 introduced a regression that had the potential to cause a segmentation fault in cpio. [bsc#1189465] oval:org.secpod.oval:def:89048179 This update for bluez fixes the following issues: - CVE-2022-39176: Fixed a memory safety issue that could allow physically proximate attackers to obtain sensitive information . - CVE-2022-39177: Fixed a memory safety issue that could allow physically proximate attackers to cause a denial of service ... oval:org.secpod.oval:def:89003278 This update for strongswan provides the following fixes: Security issues fixed: - CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker with local user credentials to resource exhaustion and denial of service while reading from the socket . - CVE-2018-10811: Fixed a denial of ... oval:org.secpod.oval:def:89048159 This update for freeradius-server fixes the following issues: - CVE-2022-41859: Fixed an issue in EAP-PWD that could leak information about the password, which could facilitate dictionary attacks . - CVE-2022-41860: Fixed a crash in servers with EAP_SIM manually configured, which could be triggered ... oval:org.secpod.oval:def:89047681 This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser . oval:org.secpod.oval:def:89048894 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230512 release. * New Platforms | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL-N | A0 | 06-be-00/01 | | 0000 ... oval:org.secpod.oval:def:89047044 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.2.0esr ESR: * Fixed: Various stability, functionality, and security fixes. - MFSA 2022-34 * CVE-2022-38472 Address bar spoofing via XSLT error handling * CVE-2022-38473 Cross-origin XSLT Documents would ... oval:org.secpod.oval:def:89046080 This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb . - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image . - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS ... oval:org.secpod.oval:def:89046090 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser . oval:org.secpod.oval:def:89049103 This update for java-1_8_0-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 6 : * Fixed issue in Java Virtual Machine where outofmemory killer terminates the jvm due to failure in control groups detection. oval:org.secpod.oval:def:89049237 This update for tomcat fixes the following issues: * Remove the log4j dependency as it is not used by the tomcat package Security hardening, related to Spring Framework vulnerabilities: \- Deprecate getResources and always return null . oval:org.secpod.oval:def:89044953 This update for krb5 fixes several issues. This security issue was fixed: - CVE-2017-11462: Prevent automatic security context deletion to prevent double-free These non-security issues were fixed: - Set rdns and dns_canonicalize_hostname to false in krb5.conf in order to improve client security in ... oval:org.secpod.oval:def:89003113 This update for krb5 fixes the following issues: Security issue fixed: - CVE-2018-20217: Fixed an assertion issue with older encryption types oval:org.secpod.oval:def:89044641 This update for krb5 fixes the following issues: Security issues fixed: - CVE-2017-15088: A buffer overflow in get_matching_data was fixed that could under specific circumstances be used to execute code oval:org.secpod.oval:def:89003199 This update for libssh2_org fixes the following issue: - CVE-2019-17498: Fixed an integer overflow in a bounds check that might have led to the disclosure of sensitive information or a denial of service . oval:org.secpod.oval:def:89003160 This update for samba fixes the following issue: - CVE-2019-10218: Fixed a path injection caused by filenames containing path separators . oval:org.secpod.oval:def:89003211 This update for samba fixes the following issues: - CVE-2019-10218: Fixed a path injection caused by filenames containing path separators . oval:org.secpod.oval:def:89045258 This update for libgme fixes the following issues: - CVE-2016-9957, CVE-2016-9958, CVE-2016-9959, CVE-2016-9960, CVE-2016-9961: Various issues were fixed in the handling of SPC music files that could have been exploited for gaining privileges of desktop users. [bsc#1015941] oval:org.secpod.oval:def:89045293 This update for libcares2 fixes the following issues: - Add patch to fix single byte out of buffer write oval:org.secpod.oval:def:89000634 This update for wicked fixes the following issues: - CVE-2019-18902: Fixed a use-after-free when receiving invalid DHCP6 client options . - CVE-2019-18903: Fixed a use-after-free when receiving invalid DHCP6 IA_PD option . - CVE-2020-7216: Fixed a potential denial of service via a memory leak when p ... oval:org.secpod.oval:def:89000363 This update for MozillaFirefox to version 68.7.0 ESR fixes the following issues: - CVE-2020-6821: Uninitialized memory could be read when using the WebGL copyTexSubImage method . - CVE-2020-6822: Fixed out of bounds write in GMPDecodeData when processing large images . - CVE-2020-6825: Fixed Memory ... oval:org.secpod.oval:def:89044266 This update for MozillaFirefox fixes the following issues: - Firefox was updated to 78.10.0 ESR * CVE-2021-23994: Out of bound write due to lazy initialization * CVE-2021-23995: Use-after-free in Responsive Design Mode * CVE-2021-23998: Secure Lock icon could have been spoofed * CVE-2021-23961: Mor ... oval:org.secpod.oval:def:89046901 This update for open-iscsi fixes the following issues: - CVE-2020-17437: Fixed an out of bounds memory access when the TCP urgent flag is set. Non-security fixes: - Fix an issue with ARP booting when using different subnets . - Allow target discovery using db mode . oval:org.secpod.oval:def:89003415 This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match . - CVE-2009-5155: Fixed a denial of service in parse_reg_exp . Non-security issues fixed: - Added cfi information ... oval:org.secpod.oval:def:89048166 This update for libXpm fixes the following issues: - CVE-2022-46285: Fixed an infinite loop that could be triggered when reading a XPM image with a C-style comment that is never closed . - CVE-2022-44617: Fixed an excessive resource consumption that could be triggered when reading small crafted XPM ... oval:org.secpod.oval:def:89048018 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing . oval:org.secpod.oval:def:89047008 This update for squid fixes the following issues: - CVE-2022-41317: Fixed exposure of sensitive information in cache manager . - CVE-2022-41318: Fixed buffer overread in SSPI and SMB Authentication . oval:org.secpod.oval:def:89000322 This update for bind fixes the following issues: - Amended documentation referring to rule types quot;krb5-subdomainquot; and quot;ms-subdomainquot;. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. [ ... oval:org.secpod.oval:def:89048032 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 102.6.0 ESR : - CVE-2022-46880: Use-after-free in WebGL - CVE-2022-46872: Arbitrary file read from a compromised content process - CVE-2022-46881: Memory corruption in WebGL - CVE-2022-46874: Drag and Dropped ... oval:org.secpod.oval:def:89048778 This update for shadow fixes the following issues: * CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn . oval:org.secpod.oval:def:89048671 This update for systemd fixes the following issues: * CVE-2023-26604: Fixed a privilege escalation via the less pager. * CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting . * CVE-2022-3821: Fixed buffer overrun in format_timespan function . Bug fixes: * ... oval:org.secpod.oval:def:89048657 This update for xterm fixes the following issues: * CVE-2022-45063: Fixed command injection in ESC 50 fontoperation by disabling the change font functionality . oval:org.secpod.oval:def:89048591 This update for poppler fixes the following issues: * CVE-2022-38784: Fixed integer overflow in the JBIG2 decoder . * CVE-2019-13283: Fixed heap-based buffer over-read that could be triggered by sending a crafted PDF document to the pdftotext tool . oval:org.secpod.oval:def:89047042 This update for postgresql-jdbc fixes the following issues: - CVE-2022-31197: Fixed SQL injection vulnerability . oval:org.secpod.oval:def:89047634 This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed denial of service vulnerability with lots of connections . - Exclude ipv6 addresses in client protocol version 2 code oval:org.secpod.oval:def:89046069 This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c . oval:org.secpod.oval:def:89000614 This update for postgresql96 fixes the following issues: PostgreSQL was updated to version 9.6.17. Security issue fixed: - CVE-2020-1720: Fixed a missing authorization check in the ALTER ... DEPENDS ON extension . oval:org.secpod.oval:def:89000272 This update for krb5-appl fixes the following issues: - CVE-2020-10188: Fixed a remote root execution . oval:org.secpod.oval:def:89046088 This update for tcpdump fixes the following issues: - CVE-2018-16301: Fixed segfault when handling large files . oval:org.secpod.oval:def:89046062 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022 ... oval:org.secpod.oval:def:89046101 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR : - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework oval:org.secpod.oval:def:89046745 This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR : - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution - CVE-2022-31744: CSP bypass enabling stylesheet injection - CVE-2022-34468: CSP sandbox header wit ... oval:org.secpod.oval:def:89047050 This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated from 102.2.0esr to 102.3.0esr : - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed by ... oval:org.secpod.oval:def:89047795 This update for MozillaFirefox fixes the following issues: Updated to version 102.4.0 ESR : - CVE-2022-42927: Fixed same-origin policy violation that could have leaked cross-origin URLs. - CVE-2022-42928: Fixed memory Corruption in JS Engine. - CVE-2022-42929: Fixed denial of Service via window.prin ... oval:org.secpod.oval:def:89047708 This update for tiff fixes the following issues: - CVE-2022-2519: Fixed a double free in rotateImage . - CVE-2022-2520: Fixed a assertion failure in rotateImage . - CVE-2022-2521: Fixed invalid free in TIFFClose . - CVE-2022-2867: Fixed out of bounds read and write in tiffcrop.c . - CVE-2022-2868: F ... oval:org.secpod.oval:def:89046911 This update for bluez fixes the following issues: - CVE-2019-8922: Fixed a buffer overflow in the implementation of the Service Discovery Protocol . oval:org.secpod.oval:def:89047647 This update for bluez fixes the following issues: - CVE-2019-8921: Fixed heap-based buffer overflow via crafted request . - CVE-2016-9803: Fixed memory leak . oval:org.secpod.oval:def:89046071 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege - CVE-2021-0127: Intel Processor Breakpoint Control Flow - CVE-2021-0145: Fa ... oval:org.secpod.oval:def:89002897 This update for tigervnc fixes the following issues: - CVE-2020-26117: Server certificates were stored as certiticate authorities, allowing malicious owners of these certificates to impersonate any server after a client had added an exception . oval:org.secpod.oval:def:89047652 This update for multipath-tools fixes the following issues: - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. - Avoid linking to libreadline to avoid licensing issue oval:org.secpod.oval:def:89048876 This update for openvswitch fixes the following issues: * CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV . * CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV . * CVE-2022-32166: Fixed out of bounds read in minimask_equal . oval:org.secpod.oval:def:89046899 This update for rsync fixes the following issues: - CVE-2022-29154: Fixed an arbitrary file write issue that could be triggered by a malicious remote server . oval:org.secpod.oval:def:89044942 This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as "root". [CVE-2017-7494, bso#12780, bsc#1038231] oval:org.secpod.oval:def:89044639 This update for samba fixes the following issue: - An unprivileged user with access to the samba server could cause smbd to load a specially crafted shared library, which then had the ability to execute arbitrary code on the server as "root". [CVE-2017-7494, bso#12780, bsc#1038231] oval:org.secpod.oval:def:89044767 This update for sudo fixes the following security issue: - CVE-2017-1000368: A follow-up fix to CVE-2017-1000367, the Linux process name could also contain a newline, which could be used to trick sudo to read/write to an arbitrary open terminal. Also the following non security bug was fixed: - Link ... oval:org.secpod.oval:def:89044608 MozillaFirefox 45 ESR was updated to 45.7 to fix the following issues : * MFSA 2017-02/CVE-2017-5378: Pointer and frame data leakage of Javascript objects * MFSA 2017-02/CVE-2017-5396: Use-after-free with Media Decoder * MFSA 2017-02/CVE-2017-5386: WebExtensions can use data: protocol to affect ot ... oval:org.secpod.oval:def:89044725 This update for xen fixes several issues. These security issues were fixed: - CVE-2017-2620: In CIRRUS_BLTMODE_MEMSYSSRC mode the bitblit copy routine cirrus_bitblt_cputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation . - CVE-2017-261 ... oval:org.secpod.oval:def:89044849 This update for MozillaFirefox to ESR 45.8 fixes the following issues: Security issues fixed : - CVE-2017-5402: Use-after-free working with events in FontFace objects - CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping - CVE-2017-5400: asm.js JIT-spray bypass ... oval:org.secpod.oval:def:89044614 The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs: - CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017 . - CVE-2017-2636 ... oval:org.secpod.oval:def:89044958 This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS . - CVE-2017-5857: The Virtio GPU Device em ... oval:org.secpod.oval:def:89044872 The MozillaFirefox was updated to the new ESR 52.2 release, which fixes the following issues : * MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder * MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading * MFSA 2017-16/CVE-2017-7751 Use-after-free with content viewer listene ... oval:org.secpod.oval:def:89044752 This update for sudo fixes the following issues: CVE-2017-1000367: - Due to incorrect assumptions in /proc/[pid]/stat parsing, a local attacker can pretend that his tty is any file on the filesystem, thus gaining arbitrary file write access on SELinux-enabled systems. [bsc#1039361] - Fix FQDN for ho ... oval:org.secpod.oval:def:89045345 This update for bind fixes the following issues: - A defect in BIND"s handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. - Fix BIND to return a valid hostname in response to ldapdump q ... oval:org.secpod.oval:def:89045342 xen was updated to version 4.7.1 to fix 17 security issues. These security issues were fixed: - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host . - CVE-2016-9386: x86 null segments were not always treated as unusable allo ... oval:org.secpod.oval:def:89045360 The SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security issues. The following security bugs were fixed: - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges . - CVE-2016-9794: A ... oval:org.secpod.oval:def:89045022 This update for bind fixes the following issues: - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. [CVE-2016-9131, bsc#1018700, bsc#1018699] - Fix a potential assertion failure that could have ... oval:org.secpod.oval:def:89045383 MozillaFirefox 45 ESR was updated to 45.6 to fix the following issues: * MFSA 2016-95/CVE-2016-9897: Memory corruption in libGLES * MFSA 2016-95/CVE-2016-9901: Data from Pocket server improperly sanitized before execution * MFSA 2016-95/CVE-2016-9898: Use-after-free in Editor while manipulating DOM ... oval:org.secpod.oval:def:89045014 This update for sudo fixes the following issues: - A regression in the fix for the CVE-2017-1000368 that broke sudo with the requiretty flag oval:org.secpod.oval:def:89045255 This update for MozillaFirefox, mozilla-nss fixes security issues and bugs. The following vulnerabilities were fixed in Firefox ESR 45.5 : - CVE-2016-5297: Incorrect argument length checking in Javascript - CVE-2016-9066: Integer overflow leading to a buffer overflow in nsScriptLoadHandler - CVE-2 ... oval:org.secpod.oval:def:89045161 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive critical security fixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges . - CVE-2016-8632: The t ... oval:org.secpod.oval:def:89045390 This update for MozillaFirefox fixes security issues. The following vulnerabilities were fixed in Firefox ESR 45.5.1 : - CVE-2016-9079: Use-after-free in SVG Animation could be used for code execution oval:org.secpod.oval:def:89047023 This update for postgresql14 fixes the following issues: - Upgrade to version 14.5: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension . - Upgrade to version 14.4 - Release notes: https://www.postgresql.org/docs/release/14.4/ - Release anno ... oval:org.secpod.oval:def:89047947 This update for tomcat fixes the following issues: - CVE-2022-42252: Fixed a request smuggling . oval:org.secpod.oval:def:89048013 This update for emacs fixes the following issues: - CVE-2022-45939: Fixed shell command injection via source code files when using ctags . oval:org.secpod.oval:def:89044662 This update for tomcat fixes the following issues: Security issues fixed: - CVE-2017-5664: A problem in handling error pages was fixed, to avoid potential file overwrites during error page handling. - CVE-2017-7674: A CORS Filter issue could lead to client and server side cache poisoning - CVE-2017 ... oval:org.secpod.oval:def:89044827 This update for tomcat fixes the following issues: - CVE-2017-5647 Pipelined requests could lead to information disclosure - CVE-2017-5648 Untrusted application could retain listener leading to information disclosure - CVE-2016-8745 shared Processor on Connector code could lead to information disc ... oval:org.secpod.oval:def:89045371 This update for tomcat fixes the following issues: Feature changes: The embedded Apache Commons DBCP component was updated to version 2.0. Security fixes: - CVE-2016-0762: Realm Timing Attack - CVE-2016-5018: Security Manager Bypass - CVE-2016-6794: System Property Disclosure - CVE-2016-6796: Se ... oval:org.secpod.oval:def:89048514 This update for xorg-x11-server fixes the following issues: * Fixed a regression introduced with security update for CVE-2022-46340 . oval:org.secpod.oval:def:89000318 This update for xerces-c fixes the following issues: - CVE-2017-12627: Processing of external DTD paths could have resulted in a null pointer dereference under certain conditions oval:org.secpod.oval:def:89048095 This update for glibc fixes the following issues: - CVE-2016-10739: getaddrinfo: Fully parse IPv4 address strings oval:org.secpod.oval:def:89046726 This update for sysstat fixes the following issues: Security issue fixed: - CVE-2019-19725: Fixed double free in check_file_actlst in sa_common.c . Bug fixes: - Enable log information of starting/stoping services oval:org.secpod.oval:def:89002967 This update for spice-gtk fixes the following issues: - CVE-2018-10873: Fixed a potential heap corruption when demarshalling - CVE-2018-10893: Fixed a buffer overflow on image lz checks oval:org.secpod.oval:def:89000410 This update for libexif fixes the following issues: Security issues fixed: - CVE-2016-6328: Fixed an integer overflow in parsing MNOTE entry data of the input file . - CVE-2017-7544: Fixed an out-of-bounds heap read vulnerability in exif_data_save_data_entry function in libexif/exif-data.c . - CVE-2 ... oval:org.secpod.oval:def:89000455 This update for spice fixes the following issues: - CVE-2018-10873: Fixed a potential heap corruption when demarshalling - CVE-2018-10893: Fixed a buffer overflow on image lz checks oval:org.secpod.oval:def:89046050 This update for zsh fixes the following issues: - CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion . - CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option . - ... oval:org.secpod.oval:def:89000662 This update for libxslt fixes the following issue: - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure . oval:org.secpod.oval:def:89000608 This update for git fixes the following issues: Security issue fixed: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host . Non-security issue fixed: git was updated to 2.26.0 for SHA256 supp ... oval:org.secpod.oval:def:89000312 This update for qemu fixes the following issues: Security issues fixed: - CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code . - CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation . - CVE-2020-1983: Fixed a use-after-free in the ip_reass function of slirp . ... oval:org.secpod.oval:def:89000307 This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised . - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expre ... oval:org.secpod.oval:def:89000651 This update for icu fixes the following issues: - CVE-2020-10531: Fixed integer overflow in UnicodeString:doAppend . oval:org.secpod.oval:def:89000402 This update for git to 2.26.2 fixes the following issues: Security issue fixed: - CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted . Non-security issue fixed: - ... oval:org.secpod.oval:def:89000573 This update for mailman fixes the following issues: Security issue fixed: - CVE-2020-12108: Fixed a content injection bug . - CVE-2020-12137: Fixed a XSS vulnerability caused by MIME type confusion . Non-security issue fixed: - Fixed rights and ownership on /var/lib/mailman/archives . - Don"t defaul ... oval:org.secpod.oval:def:89000440 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to version 3.53.1 - CVE-2020-12402: Fixed a potential side channel attack during RSA key generation . - CVE-2020-12399: Fixed a timing attack on DSA signature generation . - CVE-2019-17006: Added length che ... oval:org.secpod.oval:def:89000075 This update for python to version 2.7.17 fixes the following issues: Syncing with lots of upstream bug fixes and security fixes. Bug fixes: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed t ... oval:org.secpod.oval:def:89000044 This update for pam_radius fixes the following issues: - CVE-2015-9542: Fixed a buffer overflow in password field . - On s390x didn"t decrypt passwords correctly . oval:org.secpod.oval:def:89000314 This update for dovecot22 fixes the following issues: - CVE-2020-12673: improper implementation of NTLM does not check message buffer size . - CVE-2020-12674: improper implementation of RPA mechanism . oval:org.secpod.oval:def:89000667 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows oval:org.secpod.oval:def:89000233 This update for libX11 fixes the following issues: - CVE-2020-14363: Fix an integer overflow in init_om . oval:org.secpod.oval:def:89000242 This update for MozillaFirefox fixes the following issues: - MozillaFirefox was updated to version 68.9.0 Extended Support Release . - CVE-2020-12405: Fixed a use-after-free in SharedWorkerService. - CVE-2020-12406: Fixed a JavaScript Type confusion with NativeTypes. - CVE-2020-12410: Fixed multiple ... oval:org.secpod.oval:def:89000069 This update for MozillaFirefox fixes the following issues: Update to version 68.8.0 ESR : - CVE-2020-12387: Use-after-free during worker shutdown - CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens - CVE-2020-12389: Sandbox escape with improperly separated process types - CVE-2020 ... oval:org.secpod.oval:def:89000052 This update for libX11 fixes the following issues: - Fixed XIM client heap overflows . oval:org.secpod.oval:def:89000403 This update for openldap2 fixes the following issues: - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules . oval:org.secpod.oval:def:89000153 This update for postgresql96 fixes the following issues: Upgrade to version 9.6.20: * CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and firing of deferred triggers within index expressions and materialized view queries. * CVE-2020-25694, bsc#1178667: a oval:org.secpod.oval:def:89000260 This update for squid fixes the following issues: - CVE-2020-15049.patch: fixes a Cache Poisoning and Request Smuggling attack oval:org.secpod.oval:def:89048006 This update for glib2 fixes the following issues: - CVE-2021-28153: Fixed a dangling symlink when g_file_replace is used with G_FILE_CREATE_REPLACE_DESTINATION . oval:org.secpod.oval:def:89048044 This update for xorg-x11-server fixes the following issues: - CVE-2022-46340: Server XTestSwapFakeInput stack overflow - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access - CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free - CVE-2022-46343: Server ScreenSaverSetAttribute ... oval:org.secpod.oval:def:89049108 This update for ghostscript fixes the following issues: * CVE-2023-36664: Fixed permission validation mishandling for pipe devices with the %pipe% prefix or the | pipe character prefix . oval:org.secpod.oval:def:89044901 This update for java-1_8_0-ibm fixes the following issues: - Version update to 8.0-4.10 [bsc#1053431] CVE-2017-10111, CVE-2017-10110, CVE-2017-10107, CVE-2017-10101, CVE-2017-10096, CVE-2017-10090, CVE-2017-10089, CVE-2017-10087, CVE-2017-10102, CVE-2017-10116, CVE-2017-10074, CVE-2017-10078, CVE-20 ... oval:org.secpod.oval:def:89044990 This update for java-1_8_0-openjdk fixes the following issues: - Upgrade to version jdk8u131 - bsc#1034849 * Security fixes - S8163520, CVE-2017-3509: Reuse cache entries - S8163528, CVE-2017-3511: Better library loading - S8165626, CVE-2017-3512: Improved window framing - S8167110, CVE-2017-3514: ... oval:org.secpod.oval:def:89045335 OpenJDK Java was updated to jdk8u111 to fix the following issues: * Security fixes + S8146490: Direct indirect CRL checks + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks + S8156794: Extend data sharing + S8157176: Improved ... oval:org.secpod.oval:def:89045196 This update for java-1_7_1-ibm fixes the following issues: - Version update to 7.1-3.60 Fixing the following CVE"s: CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, CVE-2016-5542 oval:org.secpod.oval:def:89045162 This update for java-1_8_0-ibm fixes the following issues: - CVE-2016-5568: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT - CVE-2016-5556: Unspecified vulnerability allowed remote attackers to affect confidentiali ... oval:org.secpod.oval:def:89045274 This update for java-1_7_0-openjdk fixes the following issues: - Update to 2.6.8 - OpenJDK 7u121 * Security fixes + S8151921: Improved page resolution + S8155968: Update command line options + S8155973, CVE-2016-5542: Tighten jar checks + S8157176: Improved classfile parsing + S8157739, CVE-2016-55 ... oval:org.secpod.oval:def:89044957 This update for tiff fixes the following issues: - A crafted TIFF image could cause a crash and potential code execution when processed by the "tiffcp" utility . Also a regression from the version update to 4.0.7 was fixed in handling TIFFTAG_FAXRECVPARAMS oval:org.secpod.oval:def:89045170 This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed: - CVE-2016-8887: NULL pointer dereference in jp2_colr_destroy - CVE-2016-8886: memory allocation failure in jas_malloc - CVE-2016-8884,CVE-2016-8885: two null pointer dereferences in bmp_getdata ... oval:org.secpod.oval:def:89048791 This update for liblouis fixes the following issues: * CVE-2023-26767: Fixed buffer overflow vulnerability in lou_logFile function . * CVE-2023-26768: Fixed buffer overflow in lou_logFile . * CVE-2023-26769: Fixed buffer Overflow vulnerability in resolveSubtable function . oval:org.secpod.oval:def:89047043 This update for krb5-appl fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in krb5-appl telnetd . oval:org.secpod.oval:def:89047684 This update for telnet fixes the following issues: - CVE-2022-39028: Fixed NULL pointer dereference in telnetd . oval:org.secpod.oval:def:89048148 This update for git fixes the following issues: - CVE-2022-41903: Fixed a heap overflow in the "git archive" and "git log --format" commands . - CVE-2022-23521: Fixed an integer overflow that could be triggered when parsing a gitattributes file . oval:org.secpod.oval:def:89003300 This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice . - CVE-2019-19604: Fixed a recursive clone followed by a su ... oval:org.secpod.oval:def:89045776 This update for samba fixes the following issues: - CVE-2016-2124: Fixed not to fallback to non spnego authentication if we require kerberos . - CVE-2020-25717: Fixed privilege escalation inside an AD Domain where a user could become root on domain members . oval:org.secpod.oval:def:89044998 This update for openjpeg2 fixes several issues. These security issues were fixed: - CVE-2016-10507: Integer overflow vulnerability in the bmp24toimage function allowed remote attackers to cause a denial of service via a crafted bmp file . - CVE-2017-14039: A heap-based buffer overflow was discovere ... oval:org.secpod.oval:def:89045160 This update for w3m fixes the following issues: - update to debian git version addressed security issues: CVE-2016-9622: w3m: null deref CVE-2016-9623: w3m: null deref CVE-2016-9624: w3m: near-null deref CVE-2016-9625: w3m: stack overflow CVE-2016-9626: w3m: stack overflow CVE-2016-9627: w3m: ... oval:org.secpod.oval:def:89044902 This update for guile fixes the following issues: - CVE-2016-8605: Fixed thread-unsafe umask modification . oval:org.secpod.oval:def:89049308 This update for krb5 fixes the following issues: * CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated remote user oval:org.secpod.oval:def:89003480 This update for util-linux fixes the following issues: This non-security issue was fixed: - CVE-2018-7738: bash-completion/umount allowed local users to gain privileges by embedding shell commands in a mountpoint name, which was mishandled during a umount command by a different user . These non-secu ... oval:org.secpod.oval:def:89048606 This update for emacs fixes the following issues: * CVE-2022-48337: Fixed etags local command injection vulnerability . * CVE-2022-48339: Fixed htmlfontify.el command injection vulnerability . oval:org.secpod.oval:def:89048665 This update for xorg-x11-server fixes the following issues: * CVE-2023-1393: Fixed use-after-free overlay window . oval:org.secpod.oval:def:89048967 This update for libX11 fixes the following issues: * CVE-2023-3138: Fixed buffer overflows in InitExt.c . oval:org.secpod.oval:def:89049227 This update for gstreamer-plugins-good fixes the following issues: * CVE-2023-37327: Fixed FLAC file parsing integer overflow remote code execution vulnerability oval:org.secpod.oval:def:89049240 This update for gstreamer-plugins-base fixes the following issues: * CVE-2023-37327: Fixed FLAC file parsing integer overflow remote code execution vulnerability. * CVE-2023-37328: Fixed PGS file parsing heap-based buffer overflow remote code execution vulnerability oval:org.secpod.oval:def:89045566 This update for bind fixes the following issues: - CVE-2020-8622: A truncated TSIG response can lead to an assertion failure . oval:org.secpod.oval:def:89048061 This update for java-1_7_1-ibm fixes the following issues: IBM Security Update November 2022: - CVE-2022-3676: A security vulnerability was fixed in version 7.1.5.15, adding the reference here. oval:org.secpod.oval:def:89048069 This update for java-1_8_0-ibm fixes the following issues: IBM Security Update November 2022: - CVE-2022-3676: A security vulnerability was fixed in version 8.0.7.20, adding the reference here. oval:org.secpod.oval:def:89049229 This update for webkit2gtk3 fixes the following issues: Update to version 2.40.5 : * CVE-2023-38133: Fixed information disclosure. * CVE-2023-38572: Fixed Same-Origin-Policy bypass. * CVE-2023-38592: Fixed arbitrary code execution. * CVE-2023-38594: Fixed arbitrary code execution. * CVE-2023-38595: ... oval:org.secpod.oval:def:89048187 This update for tiff fixes the following issues: - CVE-2022-48281: Fixed a buffer overflow that could be triggered via a crafted image . oval:org.secpod.oval:def:89003010 This update for grub2 fixes the following issues: - Fix for CVE-2020-10713 - Fix for CVE-2020-14308 CVE-2020-14309, CVE-2020-14310, CVE-2020-14311 - Fix for CVE-2020-15706 - Fix for CVE-2020-15707 - Use overflow checking primitives where the arithmetic expression for buffer allocations may inclu ... oval:org.secpod.oval:def:89048824 This update for shim fixes the following issues: * Updated shim signature after shim 15.7 be signed back: signature- sles.x86_64.asc, signature-sles.aarch64.asc * Add POST_PROCESS_PE_FLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe because g ... oval:org.secpod.oval:def:89047036 This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c . oval:org.secpod.oval:def:89046084 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:89047011 This update for bind fixes the following issues: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations . - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA a ... oval:org.secpod.oval:def:89044205 This update for libnettle fixes the following issues: - CVE-2021-20305: Fixed the multiply function which was being called with out-of-range scalars . oval:org.secpod.oval:def:89048194 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body . - CVE-2022-36760: Fixed an issue in mod_proxy_ajp ... oval:org.secpod.oval:def:89003166 This update for apache2 fixes the following issues: * CVE-2019-0220: The Apache HTTP server did not use a consistent strategy for URL normalization throughout all of its components. In particular, consecutive slashes were not always collapsed. Attackers could potentially abuse these inconsistencies ... oval:org.secpod.oval:def:89046431 This update for openssl fixes the following issues: - CVE-2022-2068: Fixed more shell code injection issues in c_rehash oval:org.secpod.oval:def:89044012 This update for perl fixes the following issues: These security issue were fixed: - CVE-2018-6913: Fixed space calculation issues in pp_pack.c . - CVE-2018-6798: Fixed heap buffer overflow in regexec.c . - CVE-2018-6797: Fixed sharp-s regexp overflow . - CVE-2018-12015: The Archive::Tar module allow ... oval:org.secpod.oval:def:89048749 This update for ovmf fixes the following issues: * CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 . * CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd . oval:org.secpod.oval:def:89044952 This update for libpng15 fixes the following issues: Security issues fixed: - CVE-2015-8540: read underflow in libpng - CVE-2016-10087: NULL pointer dereference in png_set_text_2 oval:org.secpod.oval:def:89044660 This update for libpng12 fixes the following issues: Security issues fixed: - CVE-2015-8540: read underflow in libpng - CVE-2016-10087: NULL pointer dereference in png_set_text_2 oval:org.secpod.oval:def:89044611 Mozilla Firefox was updated to the Firefox ESR release 45.9. Mozilla NSS was updated to support TLS 1.3 and various new ciphers, PRFs, Diffie Hellman key agreement and support for more hashes. Security issues fixed in Firefox - MFSA 2017-11/CVE-2017-5469: Potential Buffer overflow in flex-generate ... oval:org.secpod.oval:def:89045156 This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed: - CVE-2016-9311, CVE-2016-9310, bsc#1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc#1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428, bsc ... oval:org.secpod.oval:def:89003151 This update for mariadb fixes the following issues: Update to MariaDB 10.0.38 GA . Security issues fixed: - CVE-2019-2537: Denial of service via multiple protocols - CVE-2019-2529: Denial of service via multiple protocols - CVE-2018-3282: Server Storage Engines unspecified vulnerability - CVE-20 ... oval:org.secpod.oval:def:89044677 This update for java-1_7_1-ibm fixes the following issues: - Version update to 7.1-4.5 bsc#1038505 - CVE-2016-9840: zlib: Out-of-bounds pointer arithmetic in inftrees.c - CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inffast.c - CVE-2016-9842: zlib: Undefined left shift of negative number ... oval:org.secpod.oval:def:89044791 This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u151 Security issues fixed: - CVE-2017-10274: Handle smartcard clean up better - CVE-2017-10281: Better queuing priorities - CVE-2017-10285: Unreferenced references - CVE-2017-10295: Better URL connections - ... oval:org.secpod.oval:def:89044854 This update for expat fixes the following issues: - CVE-2016-9063: Possible integer overflow to fix inside XML_Parse leading to unexpected behaviour - CVE-2017-9233: External Entity Vulnerability could lead to denial of service oval:org.secpod.oval:def:89045007 This update for opus fixes the following issues: - CVE-2017-0381: Fixed a remote code execution vulnerability in silk/NLSF_stabilize.c when playing certain media files oval:org.secpod.oval:def:89045011 This update for java-1_7_1-ibm fixes the following issues: - Security update to version 7.1.4.15 [bsc#1070162] * CVE-2017-10349: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE . Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE ... oval:org.secpod.oval:def:89003262 This update for java-1_7_1-ibm to version 7.1.4.40 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl . - CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c . More information: https://developer.ibm.com/javasdk/support/s ... oval:org.secpod.oval:def:89003374 This update for java-1_8_0-ibm to version 8.0.5.30 fixes the following issues: Security issues fixed: - CVE-2019-2422: Fixed a memory disclosure in FileChannelImpl . - CVE-2018-11212: Fixed an issue in alloc_sarray function in jmemmgr.c . - CVE-2018-1890: Fixed a local privilege escalation via RPATH ... oval:org.secpod.oval:def:89044920 This update for xen fixes several issues: These security issues were fixed: - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host - CVE-2017 ... oval:org.secpod.oval:def:89003236 This update for polkit fixes the following issues: Security issue fixed: - CVE-2019-6133: Fixed improper caching of auth decisions, which could bypass uid checking in the interactive backend . oval:org.secpod.oval:def:89044823 This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service by leveraging an incorrect return value . - CVE-2017-8379: Memory leak in the keyboard input event handlers support allo ... oval:org.secpod.oval:def:89044896 The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.38 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing ex ... oval:org.secpod.oval:def:89003097 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 45. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes . - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component . - CVE-2019-2697: Fixed fla ... oval:org.secpod.oval:def:89044675 This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c . - CVE-2017-9524: The qemu-nbd server when built with the Network Bloc ... oval:org.secpod.oval:def:89044695 The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY , but d ... oval:org.secpod.oval:def:89003308 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd . - CVE-20 ... oval:org.secpod.oval:def:89003411 This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation . - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp . - CVE-2018-19489: Fixed a denial of ser ... oval:org.secpod.oval:def:89003340 This update for java-1_7_0-openjdk fixes the following issues: Update to 2.6.18 - OpenJDK 7u221 Security issues fixed: - CVE-2019-2602: Fixed flaw inside BigDecimal implementation . - CVE-2019-2684: Fixed flaw inside the RMI registry implementation . - CVE-2019-2698: Fixed out of bounds access fla ... oval:org.secpod.oval:def:89003339 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 35. Security issues fixed: - CVE-2019-10245: Fixed Java bytecode verifier issue causing crashes . - CVE-2019-2698: Fixed out of bounds access flaw in the 2D component . - CVE-2019-2697: Fixed fla ... oval:org.secpod.oval:def:89003320 This update for java-1_8_0-openjdk to version 8u191 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ... oval:org.secpod.oval:def:89003443 This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd . Other isses addressed: - Fixed an issue which caused openSSL mismatch - Fixed several bugs in the BA ... oval:org.secpod.oval:def:89048593 This update for vim fixes the following issues: * CVE-2023-0512: Fixed a divide By Zero . * CVE-2023-1175: vim: an incorrect calculation of buffer size . * CVE-2023-1170: Fixed a heap-based Buffer Overflow . * CVE-2023-1127: Fixed divide by zero in scrolldown . Updated to version 9.0 with patch leve ... oval:org.secpod.oval:def:89044816 This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] Security issues fixed: - CVE-2016-7055: The x86_64 optimized montgomery multiplication may produce incorrect results - CVE-2017-3731: Truncated packet could crash via OOB read - CVE-2017-37 ... oval:org.secpod.oval:def:89044844 This update for gnutls fixes the following security issues: - GnuTLS could have crashed when processing maliciously crafted OpenPGP certificates - GnuTLS could have falsely accepted certificates when using OCSP - GnuTLS could have suffered from 100% CPU load DoS attacks by using SSL alert packets ... oval:org.secpod.oval:def:89048292 This update for clamav fixes the following issues: - CVE-2023-20032: Fixed a possible remote code execution vulnerability in the HFS+ file parser . - CVE-2023-20052: Fixed a possible remote information leak vulnerability in the DMG file parser . oval:org.secpod.oval:def:89048134 This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions . oval:org.secpod.oval:def:89049264 This update for openssl-1_0_0 fixes the following issues: * CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value oval:org.secpod.oval:def:89048766 This update for dmidecode fixes the following issues: * CVE-2023-30630: Fixed potential privilege escalation vulnerability via file overwrite . oval:org.secpod.oval:def:89048478 This update for xen fixes the following issues: * CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode . * CVE-2022-42331: Fixed speculative vulnerability in 32bit SYSCALL path on x86 . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89048191 This update for xen fixes the following issues: - CVE-2022-23824: Fixed multiple speculative execution issues . Special Instructions and Notes: Please reboot the system after installing this update. oval:org.secpod.oval:def:89000232 This update for MozillaFirefox fixes the following issues: - Mozilla Firefox 68.6.1esr MFSA 2020-11 * CVE-2020-6819 Use-after-free while running the nsDocShell destructor * CVE-2020-6820 Use-after-free when handling a ReadableStream oval:org.secpod.oval:def:89000691 This update for squid fixes the following issues: - CVE-2020-24606: Fix livelocking in peerDigestHandleReply . - CVE-2020-15811: Improve Transfer-Encoding handling . - CVE-2020-15810: Enforce token characters for field-name . oval:org.secpod.oval:def:89003341 This update for evince fixes the following issues: Security issues fixed: - CVE-2019-11459: Fixed an improper error handling in which could have led to use of uninitialized use of memory . - CVE-2019-1010006: Fixed a buffer overflow in backend/tiff/tiff-document.c . oval:org.secpod.oval:def:89044647 This update for squid fixes the following issues: - CVE-2016-10003: Prevent incorrect forwarding of cached private responses when Collapsed Forwarding feature is enabled. This allowed remote attacker to discover private and sensitive information about another user . - CVE-2016-10002: Fixed incorrec ... oval:org.secpod.oval:def:89048777 This update for git fixes the following issues: * CVE-2023-25652: Fixed partial overwrite of paths outside the working tree . * CVE-2023-25815: Fixed malicious placemtn of crafted message . * CVE-2023-29007: Fixed arbitrary configuration injection . oval:org.secpod.oval:def:89000578 This update for python3 fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89045288 This update for samba fixes the following issues: Security issues fixed: - CVE-2016-2125: Don"t send delegated credentials to all servers. - CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process. - CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execut ... oval:org.secpod.oval:def:89045155 This update for samba fixes the following issues: Security issues fixed: - CVE-2016-2125: Don"t send delegated credentials to all servers. - CVE-2016-2126: Denial of service due to a client triggered crash in the winbindd parent process. - CVE-2016-2123: Heap-based Buffer Overflow Remote Code Execut ... oval:org.secpod.oval:def:89000624 This update for squid fixes the following issues: - CVE-2020-14059: Fixed an issue where a client could potentially deny the service of a server during TLS Handshake . - CVE-2019-18860: Fixed handling of invalid domain names in cachemgr.cgi . oval:org.secpod.oval:def:89000336 This update for squid fixes the following issues: - CVE-2019-12528: Fixed an information disclosure flaw in the FTP gateway . - CVE-2019-12526: Fixed potential remote code execution during URN processing . - CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing . - CVE ... oval:org.secpod.oval:def:89003331 This update for squid fixes the following issues: Security issue fixed: - CVE-2019-12529: Fixed a potential denial of service associated with HTTP Basic Authentication credentials . - CVE-2019-12525: Fixed a denial of service during processing of HTTP Digest Authentication credentials . - CVE-2019-1 ... oval:org.secpod.oval:def:89048502 This update for nrpe fixes the following issues: * CVE-2015-4000: Fixed Logjam Attack by increasing the standard size of 512 bit dh parameters to 2048 . oval:org.secpod.oval:def:89049142 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.0.2 ESR Security fixes: * CVE-2023-3600: Fixed use-after-free in workers Other fixes: * Fixed a startup crash experienced by some Windows users by blocking instances of a malicious injected DLL * Fixed ... oval:org.secpod.oval:def:89049191 This update for MozillaFirefox fixes the following security issues: Firefox was updated to Extended Support Release 115.1.0 ESR . * CVE-2023-4045: Fixed cross-origin restrictions bypass with Offscreen Canvas . * CVE-2023-4046: Fixed incorrect value used during WASM compilation . * CVE-2023-4047: Fix ... oval:org.secpod.oval:def:89049110 This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox and MozillaFirefox-branding-SLE: This update provides Firefox Extended Support Release 115.0 ESR * New: * Required fields are now highlighted in PDF forms. * Improved performance on high ... oval:org.secpod.oval:def:89048927 This update for cups fixes the following issues: * CVE-2023-32324: Fixed a buffer overflow in format_log_line which could cause a denial-of-service . oval:org.secpod.oval:def:89049319 This update for vim fixes the following issues: Updated to version 9.0 with patch level 1572. * CVE-2023-2426: Fixed Out-of-range Pointer Offset use . * CVE-2023-2609: Fixed NULL Pointer Dereference . * CVE-2023-2610: Fixed nteger Overflow or Wraparound . * CVE-2023-1264: Fixed NULL Pointer Derefere ... oval:org.secpod.oval:def:89049403 This update for cups fixes the following issues: * CVE-2023-4504: Fixed heap overflow in OpenPrinting CUPS Postscript Parsing . * CVE-2023-34241: Fixed a use-after-free problem in cupsdAcceptClient . * CVE-2023-32360: Fixed information leak through Cups-Get-Document operation . oval:org.secpod.oval:def:89048858 This update for java-1_8_0-openjdk fixes the following issues: * Updated to version jdk8u372 : * CVE-2023-21930: Fixed an issue in the JSSE component that could allow an attacker to access critical data without authorization . * CVE-2023-21937: Fixed an issue in the Networking component that could a ... oval:org.secpod.oval:def:89048944 This update for java-1_8_0-ibm fixes the following issues: * CVE-2023-21930: Fixed possible compromise from unauthenticated attacker with network access via TLS . * CVE-2023-21937: Fixed vulnerability inside the networking component . * CVE-2023-21938: Fixed vulnerability inside the library componen ... oval:org.secpod.oval:def:89049325 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u382 * CVE-2023-22045: Fixed a difficult to exploit vulnerability that allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Ora ... oval:org.secpod.oval:def:89048799 This update for harfbuzz fixes the following issues: * CVE-2023-25193: Fixed vulnerability that allowed attackers to trigger O growth via consecutive marks . oval:org.secpod.oval:def:89000430 This update for tomcat fixes the following issues: CVE-2020-9484 Apache Tomcat Remote Code Execution via session persistence If an attacker was able to control the contents and name of a file on a server configured to use the PersistenceManager, then the attacker could have triggered a remote code ... oval:org.secpod.oval:def:89048197 This update for vim fixes the following issues: - Updated to version 9.0.1234: - CVE-2023-0433: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0288: Fixed an out of bounds memory access that could cause a crash . - CVE-2023-0054: Fixed an out of bounds memory write that c ... oval:org.secpod.oval:def:89044747 This update for vim fixes the following issues: Security issues fixed: - CVE-2017-5953: Fixed a possible overflow with corrupted spell file - CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file - CVE-2017-6349: Fixed a possible overflow when reading a corrupted undo file N ... oval:org.secpod.oval:def:89045234 This update for vim fixes the following security issues: - Fixed CVE-2016-1248 an arbitrary command execution vulnerability This update for vim fixes the following issues: - Fix build with Python 3.5 oval:org.secpod.oval:def:89045113 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 78.12.0 ESR * Fixed: Various stability, functionality, and security fixes MFSA 2021-29 * CVE-2021-29970: Use-after-free in accessibility features of a document * CVE-2021-30547: Out of bounds write in ANGLE ... oval:org.secpod.oval:def:89048022 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u352 : - CVE-2022-21619,CVE-2022-21624: Fixed difficult to exploit vulnerability allows unauthenticated attacker with network access and can cause unauthorized update, insert or delete access via multiple protocols ... oval:org.secpod.oval:def:89046909 This update for java-1_8_0-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 11 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead to ... oval:org.secpod.oval:def:89046914 This update for java-1_7_1-ibm fixes the following issues: - Updated to Java 7.1 Service Refresh 5 Fix Pack 15 : - CVE-2022-34169: Fixed an integer truncation issue in the Xalan Java XSLT library that occurred when processing malicious stylesheets . - CVE-2022-21549: Fixed an issue that could lead t ... oval:org.secpod.oval:def:89045774 This update for java-1_8_0-openjdk fixes the following issues: Update to version OpenJDK 8u312 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFRe ... oval:org.secpod.oval:def:89045792 This update for java-1_7_0-openjdk fixes the following issues: Update to OpenJDK 7u321 : - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS . - CVE-2021-35556: Fixed excessive memory allocation in RTFParser . - CVE-2021-35559: Fixed excessive memory allocation in RTFReader . - ... oval:org.secpod.oval:def:89045551 This update for java-1_8_0-openjdk fixes the following issues: - Update to version jdk8u302 - CVE-2021-2341: Improve file transfers. - CVE-2021-2369: Better jar file validation. - CVE-2021-2388: Enhance compiler validation. - CVE-2021-2161: Less ambiguous processing oval:org.secpod.oval:def:89002926 This update for freetype2 fixes the following issues: - CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps . oval:org.secpod.oval:def:89000213 This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server . - CVE-2020-1927: mod_rewrite configurations vulnerable to open redirect . - CVE-2020-1938: mod_proxy_ajp: Add quot;secretquot; parameter to proxy ... oval:org.secpod.oval:def:89043960 This update for git fixes several issues. These security issues were fixed: - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository oval:org.secpod.oval:def:89044796 icu was updated to fix two security issues. These security issues were fixed: - CVE-2014-8147: The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode used an integer data type that is inconsistent w ... oval:org.secpod.oval:def:89044784 This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" (bsc#1018808) - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL (bsc#959495) - CVE-2015-3900: hostname validation d ... oval:org.secpod.oval:def:89002928 This update for ruby2.1 fixes the following issues: Security issues fixed: - CVE-2015-9096: Fixed an SMTP command injection via CRLFsequences in a RCPT TO or MAIL FROM command . - CVE-2016-7798: Fixed an IV Reuse in GCM Mode . - CVE-2017-0898: Fixed a buffer underrun vulnerability in Kernel.sprintf ... oval:org.secpod.oval:def:89044879 This update for apache2 provides the following fixes: Security issues fixed: - CVE-2017-3167: In Apache use of httpd ap_get_basic_auth_pw outside of the authentication phase could lead to authentication requirements bypass - CVE-2017-3169: In mod_ssl may have a dereference NULL pointer issue which ... oval:org.secpod.oval:def:89044755 This update for apache2 fixes the following security issue: - CVE-2017-9798: Prevent use-after-free use of memory that allowed for an information leak via OPTIONS . oval:org.secpod.oval:def:89044853 This update for expat fixes the following security issues: - CVE-2012-6702: Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, made it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand f ... oval:org.secpod.oval:def:89048533 This update for openssl fixes the following issues: * CVE-2023-0286: Fixed X.400 address type confusion in X.509 GeneralNameFixed . * CVE-2023-0215: Fixed a use-after-free following BIO_new_NDEF . * CVE-2022-4304: Fixed a timing oracle in RSA decryption . The following non-security bug were fixed: * ... oval:org.secpod.oval:def:89045105 This update for qemu fixes the following issues: - CVE-2021-3595: Fixed an invalid pointer initialization may lead to information disclosure . - CVE-2021-3592: Fixed an invalid pointer initialization may lead to information disclosure . - CVE-2021-3594: Fixed an invalid pointer initialization may ... oval:org.secpod.oval:def:89048694 This update for ghostscript fixes the following issues: * CVE-2023-28879: Fixed buffer Overflow in s_xBCPE_process . oval:org.secpod.oval:def:89048794 This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 : * Security fixes: * CVE-2023-21830: Fixed improper restrictions in CORBA deserialization . * CVE-2023-21835: Fixed handshake DoS attack against DTLS connections . * CVE-2023-21843: Fixed soundbank URL ... oval:org.secpod.oval:def:89048841 This update for postgresql15 fixes the following issues: Updated to version 15.3: \- CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script . \- CVE-2023-2455: Fixed an issue that could allow a us ... oval:org.secpod.oval:def:89048146 This update for MozillaFirefox fixes the following issues: - Updated to version 102.7.0 ESR : - CVE-2022-46871: Updated an out of date library which contained several vulnerabilities. - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and drop on Linux. - CVE-2023-23601: Fixed a potential ... oval:org.secpod.oval:def:89048584 This update for mozilla-nss fixes the following issues: Updated to NSS 3.79.4 : * CVE-2023-0767: Fixed handling of unknown PKCS#12 safe bag types. oval:org.secpod.oval:def:89048641 This update for MozillaFirefox fixes the following issues: Updated to version 102.8.0 ESR : * CVE-2023-25728: Fixed content security policy leak in violation reports using iframes. * CVE-2023-25730: Fixed screen hijack via browser fullscreen mode. * CVE-2023-25743: Fixed Fullscreen notification not ... oval:org.secpod.oval:def:89048839 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR : * CVE-2023-32205: Browser prompts could have been obscured by popups * CVE-2023-32206: Crash in RLBox Expat driver * CVE-2023-32207: Potential permissions request bypass via clickjacking * CVE-2023-322 ... oval:org.secpod.oval:def:89048969 This update for libwebp fixes the following issues: * CVE-2023-1999: Fixed double free . oval:org.secpod.oval:def:89048632 This update for MozillaFirefox fixes the following issues: Update to version 102.9.0 ESR : * CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android * CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android * CVE-2023-25749: Fi ... oval:org.secpod.oval:def:89048936 This update for MozillaFirefox fixes the following issues: Extended Support Release 102.12.0 ESR : * CVE-2023-34414: Click-jacking certificate exceptions through rendering lag * CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12 oval:org.secpod.oval:def:89048702 This update for MozillaFirefox fixes the following issues: * Firefox Extended Support Release 102.10.0 ESR * CVE-2023-29531: Out-of-bound memory access in WebGL on macOS * CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass * CVE-2023-29533: Fullscreen notification obscured * MFSA-TMP-202 ... oval:org.secpod.oval:def:89047750 This update for curl fixes the following issues: - CVE-2022-32221: Fixed POST following PUT confusion . oval:org.secpod.oval:def:89049137 This update for openssh fixes the following issues: * CVE-2023-38408: Fixed a condition where specific libaries loaded via ssh- agent"s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if those libraries were present on the victim"s system and if the agen ... oval:org.secpod.oval:def:89048998 This update for sqlite3 fixes the following issues: * CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, when relying on --safe for execution of an untrusted CLI script . oval:org.secpod.oval:def:89047730 This update for libxml2 fixes the following issues: - CVE-2016-3709: Fixed possible XSS vulnerability . - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE . - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles . oval:org.secpod.oval:def:89044202 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89002980 This update for glibc fixes the following issues: - CVE-2020-10029: Fixed a stack corruption from range reduction of pseudo-zero - Use posix_spawn on popen - Correct locking and cancellation cleanup in syslog functions - Fixed concurrent changes on nscd aware files oval:org.secpod.oval:def:89048540 This update for libxslt fixes the following issues: * CVE-2021-30560: Fixing a use after free vulnerability in Blink XSLT . oval:org.secpod.oval:def:89049072 This update for bind fixes the following issues: * CVE-2023-2828: Fixed DOS against recursive resolvers related to cache- cleaning algorithm . oval:org.secpod.oval:def:89046009 This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs . - CVE-2022-25235: Fixed UTF-8 character validation in a certain context . - CVE-2022-25313: Fixed stack exhaustion in build_model via uncontrolled recursi ... oval:org.secpod.oval:def:89051573 This update for openssl fixes the following issues: * CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case . oval:org.secpod.oval:def:89044631 This update for libxml2 fixes the following security issues: * CVE-2017-9050: A heap-based buffer over-read in xmlDictAddString * CVE-2017-9049: A heap-based buffer overflow in xmlDictComputeFastKey * CVE-2017-9048: A stack overflow vulnerability in xmlSnprintfElementContent * CVE-2017-9047: A st ... oval:org.secpod.oval:def:89048151 This update for samba fixes the following issues: - CVE-2021-20251: Fixed an issue where the bad password count would not be properly incremented, which could allow attackers to brute force a user"s password . - CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure channel . - CVE- ... oval:org.secpod.oval:def:89002934 This update for samba fixes the following issues: - CVE-2020-14323: Unprivileged user can crash winbind . - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify . oval:org.secpod.oval:def:89048149 This update for mozilla-nss fixes the following issues: - CVE-2022-3479: Fixed a potential crash that could be triggered when a server requested a client authentication certificate, but the client had no certificates stored . - Updated to version 3.79.3 : - CVE-2022-23491: Removed trust for 3 root c ... oval:org.secpod.oval:def:89003297 This update for bzip2 fixes the following issues: - Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors . oval:org.secpod.oval:def:89003284 This update for bzip2 fixes the following issues: Security issue fixed: - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . - CVE-2016-3189: Fixed a use-after-free in bzip2recover . oval:org.secpod.oval:def:89003281 This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files . - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors . Non-security issues fixed: - Add ... oval:org.secpod.oval:def:89000274 This update for apache2 fixes the following issues: - CVE-2020-9490: Fixed a crash caused by a specially crafted value for the "Cache-Digest" header in a HTTP/2 request . - CVE-2020-11985: IP address spoofing when proxying using mod_remoteip and mod_rewrite . - CVE-2020-11993: When trace/debug was e ... oval:org.secpod.oval:def:89000275 This update for squid fixes the following issues: - CVE-2019-12519, CVE-2019-12521: fixes incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses . - CVE-2020-11945: fixes a potential remote execution vulnerability w ... oval:org.secpod.oval:def:89048916 This update for tomcat fixes the following issues: * CVE-2023-28709: Mended an incomplete fix for CVE-2023-24998 . oval:org.secpod.oval:def:89048596 This update for tomcat fixes the following issues: * CVE-2023-24998: Fixed FileUpload DoS with excessive parts . oval:org.secpod.oval:def:89048651 This update for jakarta-commons-fileupload fixes the following issues: * CVE-2016-3092: Fixed a usage of vulnerable FileUpload package can result in denial of service . * CVE-2023-24998: Fixed a FileUpload deny of service with excessive parts . oval:org.secpod.oval:def:89048058 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3635: Fixed a use-after-free in the tst_timer of the file drivers/atm/idt77252.c . - CVE-2022-3424: Fixed use-after-free in gru_set_context_option, gru_fau ... oval:org.secpod.oval:def:89049089 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2017-5753: Fixed spectre vulnerability in prlimit . * CVE-2022-3566: Fixed race condition in the TCP Handler . * CVE-2022-45884: Fixed a use-after-free in dvbde ... oval:org.secpod.oval:def:89048619 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure . * CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer o ... oval:org.secpod.oval:def:89046982 The SUSE Linux Enterprise 12 SP2 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries . - CVE-2022-36879: Fixed ... oval:org.secpod.oval:def:89047685 The SUSE Linux Enterprise 12-SP2 kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-3303: Fixed a race condition in the sound subsystem due to improper locking . - CVE-2022-41218: Fixed an use-after-free caused by refcount races in drivers/me ... oval:org.secpod.oval:def:89046723 This update for python fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module . oval:org.secpod.oval:def:89047767 This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:89048505 This update for python3 fixes the following issues: * CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters . * CVE-2022-40899: Fixed REDoS in http.cookiejar . oval:org.secpod.oval:def:89048201 This update for python fixes the following issues: - CVE-2022-45061: Fixed an excessive CPU usage when decoding crafted IDNA domain names . Non-security fixes: - Fixed the 2038 bug in the compileall module . oval:org.secpod.oval:def:89048930 This update for qemu fixes the following issues: * CVE-2022-0216: Fixed a use-after-free in lsi_do_msgout in hw/scsi/lsi53c895a.c . * CVE-2021-3929: Fixed use-after-free in nvme, caused by DMA reentrancy issue . * CVE-2021-4207: Fixed heap buffer overflow caused by double fetch in qxl_cursor . * CVE ... oval:org.secpod.oval:def:89049256 This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20230808 release. * CVE-2022-40982: Fixed a potential security vulnerability in some Intel, Processors which may allow information disclosure. * CVE-2023-23908: Fixed a potential security vulnerability in some ... oval:org.secpod.oval:def:89046067 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a mishandling of a long jump over an instruction sequence where inner instructions require substa ... oval:org.secpod.oval:def:89046023 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer , named Branch Target Injection and Intra-Mode Branch History Injection are now mitigated. The following security bugs were fixed ... oval:org.secpod.oval:def:89046003 This update for webkit2gtk3 fixes the following issues: Update to version 2.34.5 : - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - CVE-2022-22590: A use after free issue was addressed with improved memory management. - CVE-2022-22592: A logic issue was addresse ... oval:org.secpod.oval:def:89046907 This update for glibc fixes the following issues: Security issues fixed: - CVE-2015-5180: Fix crash with internal QTYPE in resolv - CVE-2016-10228: Rewrite iconv option parsing - CVE-2019-25013: Fix buffer overrun in EUC-KR conversion module - CVE-2020-27618: Accept redundant shift sequences in I ... oval:org.secpod.oval:def:89003020 This update for webkit2gtk3 fixes the following issues: Security issue fixed: - CVE-2020-3899: Fixed a memory consumption issue that could have led to remote code execution . Non-security issues fixed: - Update to version 2.28.2 : + Fix excessive CPU usage due to GdkFrameClock not being stopped. + F ... oval:org.secpod.oval:def:89003028 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.3 : + Enable kinetic scrolling with async scrolling. + Fix web process hangs on large GitHub pages. + Bubblewrap sandbox should not attempt to bind empty paths. + Fix threading issues in the media player. + Fix several ... oval:org.secpod.oval:def:89003165 This update for webkit2gtk3 fixes the following issues: Updated to version 2.24.4 . Security issues fixed: - CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8669, CVE-2019-8678, CVE-2019-8680, CVE-2019-8683, CVE-2019-8684, CVE-2019-8688, CVE-2019-8595, CVE-2019-8607, CVE-2019-8615, CVE-2019-86 ... oval:org.secpod.oval:def:89048973 This update for webkit2gtk3 fixes the following issues: Add security patches : * CVE-2023-28204: Fixed processing of web content that may disclose sensitive information . * CVE-2023-32373: Fixed processing of maliciously crafted web content that may lead to arbitrary code execution . oval:org.secpod.oval:def:89002964 This update for gdm fixes the following issues: - CVE-2020-16125: Fixed a privilege escalation . oval:org.secpod.oval:def:89002888 This update for webkit2gtk3 fixes the following issues: - Update to version 2.28.4 : + Fix several crashes and rendering issues. + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925. oval:org.secpod.oval:def:89000457 This update for webkit2gtk3 to version 2.28.1 fixes the following issues: Security issues fixed: - CVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled . - CVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free ... oval:org.secpod.oval:def:89045790 This update for webkit2gtk3 fixes the following issues: - CVE-2021-42762: Updated seccomp rules with latest changes from flatpak . oval:org.secpod.oval:def:89048113 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.3 : - CVE-2022-42852: Fixed disclosure of process memory by improved memory handling. - CVE-2022-42856: Fixed a potential arbitrary code execution when processing maliciously crafted web content . - CVE-2022-42863: Fixed ... oval:org.secpod.oval:def:89003460 This update for webkit2gtk3 to version 2.24.1 fixes the following issues: Security issues fixed: - CVE-2019-6201, CVE-2019-6251, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8506, CVE-2019-8515, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544, CVE-2019-8551, CVE-2019-8558, CVE-20 ... oval:org.secpod.oval:def:89003442 This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-13012: Fixed improper restriction of file permissions when creating directories . Non-security issue fixed: - Added explicit requires between libglib2 and libgio2 . oval:org.secpod.oval:def:89047030 This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API . - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence . - Pa ... oval:org.secpod.oval:def:89048081 This update for vim fixes the following issues: Updated to version 9.0.0814: * Fixing bsc#1192478 VUL-1: CVE-2021-3928: vim: vim is vulnerable to Stack-based Buffer Overflow * Fixing bsc#1203508 VUL-0: CVE-2022-3234: vim: Heap-based Buffer Overflow prior to 9.0.0483. * Fixing bsc#1203509 VUL-1: CVE- ... oval:org.secpod.oval:def:89046991 This update for webkit2gtk3 fixes the following issues: Updated to version 2.36.8 : - CVE-2022-32886: Fixed a buffer overflow issue that could potentially lead to code execution. - CVE-2022-32912: Fixed an out-of-bounds read that could potentially lead to code execution. oval:org.secpod.oval:def:89048774 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.6 : * CVE-2022-0108: Fixed information leak. * CVE-2022-32885: Fixed arbitrary code execution. * CVE-2023-25358: Fixed use-after-free vulnerability in WebCore::RenderLayer. * CVE-2023-27932: Fixed Same Origin Policy bypas ... oval:org.secpod.oval:def:89003027 This update for the Linux Kernel 4.4.121-92_146 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op . - CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configure ... oval:org.secpod.oval:def:89045107 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. - CVE-2021-33909: Fixed an out-of-bounds ... oval:org.secpod.oval:def:89002959 This update for the Linux Kernel 4.4.180-94_107 fixes several issues. The following security issues were fixed: - CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege ... oval:org.secpod.oval:def:89002939 This update for the Linux Kernel 4.4.180-94_130 fixes several issues. The following security issues were fixed: - CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege ... oval:org.secpod.oval:def:89002983 This update for the Linux Kernel 4.4.180-94_113 fixes one issue. The following security issue was fixed: - CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted . oval:org.secpod.oval:def:89002982 This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 [bsc#1173876], unaligned acces ... oval:org.secpod.oval:def:89003029 This update for the Linux Kernel 3.12.74-60_64_115 fixes several issues. The following security issues were fixed: - CVE-2020-12653: Fixed a buffer overflow in mwifiex_cmd_append_vsie_tlv which could have allowed local users to gain privileges or cause a denial of service . - CVE-2020-12654: Fixed a ... oval:org.secpod.oval:def:89002922 This update for ucode-intel fixes the following issues: Updated Intel CPU Microcode to 20200602 This update contains security mitigations for: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one whic ... oval:org.secpod.oval:def:89002961 This update for the Linux Kernel 4.4.121-92_129 fixes several issues. The following security issues were fixed: - CVE-2020-12653: Fixed a buffer overflow in mwifiex_cmd_append_vsie_tlv which could have allowed local users to gain privileges or cause a denial of service . - CVE-2020-12654: Fixed a he ... oval:org.secpod.oval:def:89002958 This update for the Linux Kernel 4.4.121-92_129 fixes one issue. The following security issue was fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access . oval:org.secpod.oval:def:89002871 This update for the Linux Kernel 4.4.121-92_117 fixes several issues. The following security issues were fixed: - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access . - CVE-2019-15666: Fixed an out of bounds read __xfrm_policy_unlink, which coul ... oval:org.secpod.oval:def:89003001 This update for the Linux Kernel 3.12.74-60_64_124 fixes several issues. The following security issues were fixed: - CVE-2020-1749: Fixed an issue in the networking protocols in encrypted IPsec tunnel - CVE-2019-5108: Fixed an issue where by triggering AP to send IAPP location updates for stations ... oval:org.secpod.oval:def:89002907 This update for the Linux Kernel 3.12.74-60_64_110 fixes several issues. The following security issues were fixed: - CVE-2019-14896: A heap-based buffer overflow vulnerability was found in the Marvell WiFi chip driver. A remote attacker could cause a denial of service or, possibly execute arbitrary ... oval:org.secpod.oval:def:89000108 This update for cups fixes the following issues: - CVE-2020-3898: Fixed a heap buffer overflow in ppdFindOption . oval:org.secpod.oval:def:89002885 This update for the Linux Kernel 4.4.180-94_121 fixes several issues. The following security issues were fixed: - CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op . - CVE-2020-8694: Fixed an insufficient access control in the Linux kernel driver for some Intel Processors which might ... oval:org.secpod.oval:def:89003133 This update for the Linux Kernel 4.4.121-92_101 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue due to an improper error handling . - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling ... oval:org.secpod.oval:def:89003377 This update for ucode-intel fixes the following issues: - Updated to 20191112 official security release - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues oval:org.secpod.oval:def:89003372 This update for the Linux Kernel 4.4.121-92_109 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue due to an improper error handling . - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling ... oval:org.secpod.oval:def:89003009 This update for the Linux Kernel 4.4.121-92_125 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c . - CVE-2019-9458: Fixed a use-after-free in media/v4l . ... oval:org.secpod.oval:def:89003066 This update for the Linux Kernel 3.12.74-60_64_118 fixes several issues. The following security issues were fixed: - CVE-2019-10220: Fixed a relative path escape in the Samba client module . - CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by ... oval:org.secpod.oval:def:89003170 This update for the Linux Kernel 4.4.121-92_114 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue due to an improper error handling . - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling ... oval:org.secpod.oval:def:89003042 This update for the Linux Kernel 4.4.121-92_120 fixes several issues. The following security issues were fixed: - CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged g ... oval:org.secpod.oval:def:89003280 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception ... oval:org.secpod.oval:def:89003275 This update for the Linux Kernel 4.4.121-92_120 fixes several issues. The following security issues were fixed: - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship . - CVE-20 ... oval:org.secpod.oval:def:89002908 This update for the Linux Kernel 4.4.180-94_116 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c . - CVE-2020-11668: Fixed a memory corruption issue in th ... oval:org.secpod.oval:def:89002997 This update for the Linux Kernel 4.4.121-92_120 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-0155: Fixed a privilege escalation in the i915 graphics driver . - CVE-2019-16746: Fixed a buffer overflow in net/ ... oval:org.secpod.oval:def:89002867 This update for the Linux Kernel 4.4.180-94_127 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgacon_scroll . - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c . - CVE-2020-11668: Fixed a memory corruption issue in th ... oval:org.secpod.oval:def:89003307 This update for the Linux Kernel 3.12.74-60_64_107 fixes one issue. The following security issue was fixed: - CVE-2019-14835: A buffer overflow flaw was found in the way vhost functionality, that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest ... oval:org.secpod.oval:def:89003329 This update for ucode-intel fixes the following issues: - Updated to 20191112 security release - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old-gt;New - ---- new platforms ---------------------------------------- - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile - CNL-U D0 6-6 ... oval:org.secpod.oval:def:89003356 The SUSE Linux Enterprise 12 SP 2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-10638: In the Linux kernel, a device could be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols . When such ... oval:org.secpod.oval:def:89003350 This update for the Linux Kernel 4.4.121-92_95 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platfo ... oval:org.secpod.oval:def:89003048 This update for the Linux Kernel 4.4.121-92_98 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platfo ... oval:org.secpod.oval:def:89003286 This update for the Linux Kernel 4.4.121-92_104 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB-gt;tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments . A remote attacker co ... oval:org.secpod.oval:def:89003086 This update for the Linux Kernel 3.12.74-60_64_115 fixes one issue. The following security issue was fixed: This update contains a regression fix for CVE-2019-11478 . oval:org.secpod.oval:def:89003418 This update for the Linux Kernel 4.4.121-92_73 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platfo ... oval:org.secpod.oval:def:89003464 This update for the Linux Kernel 4.4.121-92_104 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network ... oval:org.secpod.oval:def:89003204 The SUSE Linux Enterprise 12 SP2 kernel version 4.4.121 was updated to receive various security and bugfixes. T oval:org.secpod.oval:def:89003264 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. oval:org.secpod.oval:def:89003379 This update for the Linux Kernel 3.12.74-60_64_115 fixes several issues. The following security issues were fixed: - CVE-2019-11487: The Linux kernel allowed page-gt;_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/d ... oval:org.secpod.oval:def:89003138 This update for ucode-intel fixes the following issues: ucode-intel was updated to official QSR 2019.1 microcode release ---- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx VLV D0 6-37-9/0F 000009 ... oval:org.secpod.oval:def:89003232 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003354 This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarch ... oval:org.secpod.oval:def:89003479 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179(bnc#1128166((bnc#1107829(bnc#1124732(bnc#1124735 ... oval:org.secpod.oval:def:89003178 This update for the Linux Kernel 3.12.74-60_64_104 fixes one issue. The following security issue was fixed: - CVE-2018-16884: A flaw was found in the Linux kernel"s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time could make bc_svc_process use wrong back-chann ... oval:org.secpod.oval:def:89003091 This update for qemu fixes the following issues: Following security issues were fixed: - CVE-2019-9824: Fixed an information leak in slirp - CVE-2018-20815: Fix DOS possibility in device tree processing - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature quot;md-cl ... oval:org.secpod.oval:def:89003081 This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarc ... oval:org.secpod.oval:def:89003408 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. oval:org.secpod.oval:def:89003466 This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarchitec ... oval:org.secpod.oval:def:89003246 This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 5 Fix Pack 40. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11772: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM ... oval:org.secpod.oval:def:89003187 This update for java-1_8_0-openjdk to version 8u222 fixes the following issues: Security issues fixed: - CVE-2019-2745: Improved ECC Implementation . - CVE-2019-2762: Exceptional throw cases . - CVE-2019-2766: Improve file protocol handling . - CVE-2019-2769: Better copies of CopiesList . - CVE-2019 ... oval:org.secpod.oval:def:89003427 This update for java-1_7_1-ibm fixes the following issues: Update to Java 7.1 Service Refresh 4 Fix Pack 50. Security issues fixed: - CVE-2019-11771: IBM Security Update July 2019 - CVE-2019-11775: IBM Security Update July 2019 - CVE-2019-4473: IBM Security Update July 2019 - CVE-2019-7317: Fixed ... oval:org.secpod.oval:def:89000388 This update for libpng16 fixes the following issues: Security issues fixed: - CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free was called under png_safe_execute . - CVE-2017-12652: Fixed an Input Validation Error related to the length of chunks . oval:org.secpod.oval:def:89003100 This update for libsolv, libzypp and zypper fixes the following issues: libsolv was updated to version 0.6.36 and fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read . - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_st ... oval:org.secpod.oval:def:89003105 This update for MozillaFirefox fixes the following issues: Security issues fixed: - CVE-2019-11691: Use-after-free in XMLHttpRequest - CVE-2019-11692: Use-after-free removing listeners in the event listener manager - CVE-2019-11693: Buffer overflow in WebGL bufferdata on Linux - CVE-2019-11694: Unin ... oval:org.secpod.oval:def:89043959 This update for kernel-firmware fixes the following issues: This security issue was fixed: - CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker with local user access caused by speculative execution and indirect branch prediction oval:org.secpod.oval:def:89043981 The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 . More information on: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-D ata-File Following chipsets are fixed in th ... oval:org.secpod.oval:def:89003057 This update for java-1_8_0-openjdk to version 8u212 fixes the following issues: Security issues fixed: - CVE-2019-2602: Better String parsing . - CVE-2019-2684: More dynamic RMI interactions . - CVE-2019-2698: Fuzzing TrueType fonts - setCurrGlyphID . - CVE-2019-2422: Better FileChannel . - CVE-2018 ... oval:org.secpod.oval:def:89043991 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3620: Local attackers on baremetal systems could use speculative code patterns on hyperthreaded processors to read data present in the L1 Datacache us ... oval:org.secpod.oval:def:89043990 This update for qemu fixes several issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests . Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writ ... oval:org.secpod.oval:def:89044015 The Intel CPU microcode bundle was updated to the 20180703 release. For the listed CPU chipsets this fixes CVE-2018-3640 and helps mitigating CVE-2018-3639 . More information on: https://downloadcenter.intel.com/download/27945/Linux-Processor-Microcode-D ata-File Following chipsets are fixed in th ... oval:org.secpod.oval:def:89044002 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2018-3639: Information leaks using Memory Disambiguation feature in modern CPUs were mitigated, aka Spectre Variant 4 . A new boot commandline option was int ... oval:org.secpod.oval:def:89044000 The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to 4.4.121 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability that allowed local users with access t ... oval:org.secpod.oval:def:89003406 This update for java-1_7_0-openjdk to version 7u201 fixes the following issues: Security issues fixed: - CVE-2018-3136: Manifest better support - CVE-2018-3139: Better HTTP Redirection - CVE-2018-3149: Enhance JNDI lookups - CVE-2018-3169: Improve field accesses - CVE-2018-3180: Improve TLS conn ... oval:org.secpod.oval:def:89048476 This update for the Linux Kernel 4.4.120-92_70 fixes one issue. The following security issue was fixed: * CVE-2018-5848: Fixed an unsigned integer overflow in wmi_set_ie. This could lead to a buffer overflow . oval:org.secpod.oval:def:89044831 The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.90 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000252: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service via an out-of bounds guest_irq value, related ... oval:org.secpod.oval:def:89044642 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000405: A bug in the THP CoW support could be used by local attackers to corrupt memory of other processes and cause them to crash . - CVE-2017-16939: The ... oval:org.secpod.oval:def:89044789 The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000111: fix race condition in net-packet code that could be exploited to cause out-of-bounds memory access . - CVE-2017-1000112: fix race condit ... oval:org.secpod.oval:def:89044873 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive the following security fixes: - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel was vulnerable to a stack overflow while processing L2CAP configuration responses, resulting in a potential remote denial-of-service vulnera ... oval:org.secpod.oval:def:89044620 The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive the following security update: - CVE-2017-7533: Bug in inotify code allowed privilege escalation . oval:org.secpod.oval:def:89003469 This update for the Linux Kernel 3.12.74-60_64_96 fixes one issue. The following security issue was fixed: - CVE-2018-14734: drivers/infiniband/core/ucma.c allowed ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a den ... oval:org.secpod.oval:def:89044808 This update for openssl fixes the following issues: - OpenSSL Security Advisory [07 Dec 2017] * CVE-2017-3737: OpenSSL 1.0.2 introduced an \error state\ mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fai ... oval:org.secpod.oval:def:89003257 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization . oval:org.secpod.oval:def:89003137 This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document . - CVE-2018-1000802: Fixed a command injection in th ... oval:org.secpod.oval:def:89044800 This update for java-1_8_0-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 Upgrade to version jdk8u121 : - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution - S8156804, CVE-2017-32 ... oval:org.secpod.oval:def:89044955 This update for java-1_8_0-ibm to version 8.0-4.0 fixes a lot of security issues : Following CVEs are fixed: CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3253 CVE-2017-3259 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2016-2183 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2017-3252 More info ... oval:org.secpod.oval:def:89003470 This update for python fixes the following issues: Security issues fixed: - CVE-2019-9948: Fixed a "file:" blacklist bypass in URIs by using the "local-file:" scheme instead . - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization ... oval:org.secpod.oval:def:89044813 This update for java-1_8_0-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remot ... oval:org.secpod.oval:def:89043975 This update for openssl fixes the following issues: - CVE-2018-0732: During key agreement in a TLS handshake using a DH based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key fo ... oval:org.secpod.oval:def:89003064 This update for python fixes the following issues: Security issues fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser . - CVE-2018-14647: Fixed a denial-of-service vulnerability in Expat . Non-security issue fixed: - Fixed a bug where PyWeakReference struc ... oval:org.secpod.oval:def:89003294 This update for MozillaFirefox fixes the following issues: Updated to new ESR version 68.1 . In addition to the already fixed vulnerabilities released in previous ESR updates, the following were also fixed: CVE-2019-11751, CVE-2019-11736, CVE-2019-9812, CVE-2019-11748, CVE-2019-11749, CVE-2019-11750 ... oval:org.secpod.oval:def:89044657 This update for openssl fixes the following issues: Security issues fixed: - CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read - CVE-2017-3736: openssl: bn_sqrx8x_internal carry bug on x86_64 - Out of bounds read+crash in DES_fcrypt - openssl DEFAULT_SUSE cipher ... oval:org.secpod.oval:def:89044676 This update for java-1_7_1-ibm fixes the following issues: Security issue fixed: - CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remot ... oval:org.secpod.oval:def:89003079 This update for python fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation . oval:org.secpod.oval:def:89044859 - S8021108: Clean up doclint warnings and errors in java.text package - S8021417: Fix doclint issues in java.util.concurrent - S8021833: javadoc cleanup in java.net - S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails - S8022175: Fix doclint warnings in javax.prin ... oval:org.secpod.oval:def:89045001 This update for libcares2 fixes the following issues: - CVE-2017-1000381: A NAPTR parser out of bounds access was fixed that could lead to crashes oval:org.secpod.oval:def:89000565 This update for python3 fixes the following issues: Update to 3.4.10 from 3.4.6: Security issues fixed: - Update expat copy from 2.1.1 to 2.2.0 to fix the following issues: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2017-9233, CVE-2016-9063 - CVE-2017-1000158: Fix an integer overflow in thePy ... oval:org.secpod.oval:def:89000146 This update for mozilla-nspr, mozilla-nss fixes the following issues: mozilla-nss was updated to NSS 3.47.1: Security issues fixed: - CVE-2019-17006: Added length checks for cryptographic primitives . - CVE-2019-11745: EncryptUpdate should use maxout, not block size . - CVE-2019-11727: Fixed vulnera ... oval:org.secpod.oval:def:89003210 This update for MozillaFirefox, mozilla-nss fixes the following issues: MozillaFirefox to version ESR 60.8: - CVE-2019-9811: Sandbox escape via installation of malicious language pack . - CVE-2019-11711: Script injection within domain through inner window reuse . - CVE-2019-11712: Cross-origin POST ... oval:org.secpod.oval:def:89003333 This update for MozillaFirefox to ESR 60.9 fixes the following issues: Security issues fixed: - CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. - CVE-2019-11746: Fixed a use-after-free while manipulating video. - CVE-2019-11744: F ... oval:org.secpod.oval:def:89000180 This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball . - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service ... oval:org.secpod.oval:def:89003323 This update for MozillaFirefox to 68.2.0 ESR fixes the following issues: Mozilla Firefox was updated to version 68.2.0 ESR . Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library . - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB . - CVE ... oval:org.secpod.oval:def:89003431 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser - CVE-2018-20406: Fixed a integer overflow via a large LONG_BINPUT oval:org.secpod.oval:def:89045272 This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTP_PROXY environment variable based on user supplied Proxy request header. - CVE-2016-0772: A vulnerability in s ... oval:org.secpod.oval:def:89045127 The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools [bnc#914890] - CVE-2016-9297: tif_dirread.c read outside buffer in _TIFFPrintField [bnc#1010161] - CVE-2016-3658: Illegal r ... oval:org.secpod.oval:def:89044686 This update for tiff fixes the following issues: Security issues fixed: - CVE-2016-10272: LibTIFF 4.0.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted TIFF image, related to WRITE of size 2048 and libtiff/tif_next.c:64:9 . - CVE-2016-102 ... oval:org.secpod.oval:def:89045019 This update for rpcbind fixes the following issues: - CVE-2017-8779: A crafted UDP package could lead rcpbind to remote denial-of-service oval:org.secpod.oval:def:89044729 This update for libxml2 fixes the following issues: * CVE-2016-4658: use-after-free error could lead to crash [bsc#1005544] * Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873] * CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not d ... oval:org.secpod.oval:def:89044728 This update for openssh fixes several issues. These security issues were fixed: - CVE-2016-8858: The kex_input_kexinit function in kex.c allowed remote attackers to cause a denial of service by sending many duplicate KEXINIT requests . - CVE-2016-10012: The shared memory manager did not ensure tha ... oval:org.secpod.oval:def:89045326 This update for pcre to version 8.39 fixes several issues. If you use pcre extensively please be aware that this is an update to a new version. Please make sure that your software works with the updated version. This version fixes a number of vulnerabilities that affect pcre and applications using ... oval:org.secpod.oval:def:89045149 This update for pcre to version 8.39 fixes several issues. If you use pcre extensively please be aware that this is an update to a new version. Please make sure that your software works with the updated version. This version fixes a number of vulnerabilities that affect pcre and applications using ... oval:org.secpod.oval:def:89044693 The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitra ... oval:org.secpod.oval:def:89048864 This update for curl fixes the following issues: * CVE-2023-28320: Fixed siglongjmp race condition . * CVE-2023-28321: Fixed IDN wildcard matching . * CVE-2023-28322: Fixed POST-after-PUT confusion . oval:org.secpod.oval:def:89002853 This update for samba fixes the following issues: - ZeroLogon: An elevation of privilege was possible with some configurations when an attacker established a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol . oval:org.secpod.oval:def:89003269 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2019-3819: A flaw was fixed in the function hid_debug_events_read in drivers/hid/hid-debug.c file which may have enter an infinite loop with certain parameters ... oval:org.secpod.oval:def:89048976 This update for bluez fixes the following issues: * CVE-2023-27349: Fixed crash while handling unsupported events . oval:org.secpod.oval:def:89048543 This update for webkit2gtk3 fixes the following issues: Update to version 2.38.5 : * CVE-2023-23529: Fixed possible arbitrary code execution via maliciously crafted web content. * CVE-2023-23518: Processing maliciously crafted web content may lead to Previously fixed inside update to version 2.38.4 ... oval:org.secpod.oval:def:89048510 This update for apache2 fixes the following issues: * CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy . The following non-security bugs were fixed: * Fixed passing health check does not recover worker from its error state . oval:org.secpod.oval:def:89049250 This update for kernel-firmware fixes the following issues: * CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability in some of the AMD CPUs. ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89049268 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2018-20784: Fixed a denial of service by mishandled leaf cfs_rq in kernel/sched/fair.c . * CVE-2018-3639: Fixed Speculative Store Bypass aka 'Memory Disambigua ... oval:org.secpod.oval:def:89049151 This update for kernel-firmware fixes the following issues: * CVE-2023-20593: Fixed AMD ucode for ZenBleed vulnerability . ## Special Instructions and Notes: * Please reboot the system after installing this update. oval:org.secpod.oval:def:89048914 This update for openssl fixes the following issues: * CVE-2023-2650: Fixed possible denial of service translating ASN.1 object identifiers . oval:org.secpod.oval:def:89049197 This update for openssl fixes the following issues: * CVE-2023-3446: Fixed DH_check excessive time with over sized modulus . oval:org.secpod.oval:def:89048735 This update for openssl fixes the following issues: * CVE-2023-0465: Invalid certificate policies in leaf certificates were silently ignored . * CVE-2023-0466: Certificate policy check were not enabled . oval:org.secpod.oval:def:89048520 This update for openssl fixes the following issues: * CVE-2023-0464: Fixed excessive Resource Usage Verifying X.509 Policy Constraints . oval:org.secpod.oval:def:89048946 This update for libcares2 fixes the following issues: * CVE-2023-32067: Fixed a denial of service that could be triggered by a 0-byte UDP payload . * CVE-2023-31147: Fixed an insufficient randomness in generation of DNS query IDs . * CVE-2023-31130: Fixed a buffer underflow when configuring specific ... oval:org.secpod.oval:def:89000107 The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing ... |