September 2022 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 1202858] VUL-0: CVE-2021-4216: mupdf: division by zero for zero width pages in muraster
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

https://bugzilla.suse.com/show_bug.cgi?id=1202858 Dirk Mueller <dmueller(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |IN_PROGRESS -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1203053] rc-local.service.8 is in wrong systemd subpackage, error when trying to read it
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

http://bugzilla.opensuse.org/show_bug.cgi?id=1203053 http://bugzilla.opensuse.org/show_bug.cgi?id=1203053#c3 --- Comment #3 from OBSbugzilla Bot <bwiedemann+obsbugzillabot(a)suse.com> --- This is an autogenerated message for OBS integration: This bug (1203053) was mentioned in https://build.opensuse.org/request/show/1002990 Factory / systemd -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1202356] systemd not trusting rtc if too far in future
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

http://bugzilla.opensuse.org/show_bug.cgi?id=1202356 http://bugzilla.opensuse.org/show_bug.cgi?id=1202356#c7 --- Comment #7 from OBSbugzilla Bot <bwiedemann+obsbugzillabot(a)suse.com> --- This is an autogenerated message for OBS integration: This bug (1202356) was mentioned in https://build.opensuse.org/request/show/1002990 Factory / systemd -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1175332] VUL-0: CVE-2020-15694: nim: httpClient.get().contentLength() fails to properly validate the server response
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

https://bugzilla.suse.com/show_bug.cgi?id=1175332 https://bugzilla.suse.com/show_bug.cgi?id=1175332#c4 David Anes <david.anes(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|david.anes(a)suse.com |security-team(a)suse.de --- Comment #4 from David Anes <david.anes(a)suse.com> --- All done. Assigning back to security. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1175333] VUL-0: CVE-2020-15693: nim: httpClient is vulnerable to a CR-LF injection
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

https://bugzilla.suse.com/show_bug.cgi?id=1175333 https://bugzilla.suse.com/show_bug.cgi?id=1175333#c4 David Anes <david.anes(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|david.anes(a)suse.com |security-team(a)suse.de --- Comment #4 from David Anes <david.anes(a)suse.com> --- All done. Assigning back to security. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1175334] VUL-0: CVE-2020-15692: nim: mishandle of argument to browsers.openDefaultBrowser
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

https://bugzilla.suse.com/show_bug.cgi?id=1175334 https://bugzilla.suse.com/show_bug.cgi?id=1175334#c4 David Anes <david.anes(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|david.anes(a)suse.com |security-team(a)suse.de --- Comment #4 from David Anes <david.anes(a)suse.com> --- All done. Assigning back to security. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1181705] VUL-0: CVE-2020-15690: nim: Standard library asyncftpclient lacks a check for newline character
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

https://bugzilla.suse.com/show_bug.cgi?id=1181705 https://bugzilla.suse.com/show_bug.cgi?id=1181705#c5 David Anes <david.anes(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|david.anes(a)suse.com |security-team(a)suse.de --- Comment #5 from David Anes <david.anes(a)suse.com> --- All done. Assigning back to security. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1185083] VUL-0: CVE-2021-21372: nim: doCmd can be leveraged to execute arbitrary commands
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

https://bugzilla.suse.com/show_bug.cgi?id=1185083 https://bugzilla.suse.com/show_bug.cgi?id=1185083#c11 David Anes <david.anes(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|david.anes(a)suse.com |security-team(a)suse.de --- Comment #11 from David Anes <david.anes(a)suse.com> --- All done. Assigning back to security. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1185084] VUL-0: CVE-2021-21373: nim: "nimble refresh" falls back to a non-TLS URL in case of error
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

https://bugzilla.suse.com/show_bug.cgi?id=1185084 https://bugzilla.suse.com/show_bug.cgi?id=1185084#c9 David Anes <david.anes(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|david.anes(a)suse.com |security-team(a)suse.de --- Comment #9 from David Anes <david.anes(a)suse.com> --- All done. Assigning back to security. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 1185085] VUL-0: CVE-2021-21374: nim: Improper verification of the SSL/TLS certificate
by bugzilla_noreply＠suse.com 12 Sep '22

12 Sep '22

https://bugzilla.suse.com/show_bug.cgi?id=1185085 https://bugzilla.suse.com/show_bug.cgi?id=1185085#c9 David Anes <david.anes(a)suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|david.anes(a)suse.com |security-team(a)suse.de --- Comment #9 from David Anes <david.anes(a)suse.com> --- All done. Assigning back to security. -- You are receiving this mail because: You are on the CC list for the bug.

1 0