openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1306-1
Rating: important
References: #1175757
Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560
CVE-2020-6561 CVE-2020-6562 CVE-2020-6563
CVE-2020-6564 CVE-2020-6565 CVE-2020-6566
CVE-2020-6567 CVE-2020-6568 CVE-2020-6569
CVE-2020-6570 CVE-2020-6571
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that fixes 14 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium was updated to version 85.0.4183.83 (boo#1175757) fixing:
- CVE-2020-6558: Insufficient policy enforcement in iOS
- CVE-2020-6559: Use after free in presentation API
- CVE-2020-6560: Insufficient policy enforcement in autofill
- CVE-2020-6561: Inappropriate implementation in Content Security Policy
- CVE-2020-6562: Insufficient policy enforcement in Blink
- CVE-2020-6563: Insufficient policy enforcement in intent handling.
- CVE-2020-6564: Incorrect security UI in permissions
- CVE-2020-6565: Incorrect security UI in Omnibox.
- CVE-2020-6566: Insufficient policy enforcement in media.
- CVE-2020-6567: Insufficient validation of untrusted input in command
line handling.
- CVE-2020-6568: Insufficient policy enforcement in intent handling.
- CVE-2020-6569: Integer overflow in WebUSB.
- CVE-2020-6570: Side-channel information leakage in WebRTC.
- CVE-2020-6571: Incorrect security UI in Omnibox.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1306=1
Package List:
- openSUSE Leap 15.2 (x86_64):
chromedriver-85.0.4183.69-lp152.2.20.1
chromedriver-debuginfo-85.0.4183.69-lp152.2.20.1
chromium-85.0.4183.69-lp152.2.20.1
chromium-debuginfo-85.0.4183.69-lp152.2.20.1
chromium-debugsource-85.0.4183.69-lp152.2.20.1
References:
https://www.suse.com/security/cve/CVE-2020-6558.htmlhttps://www.suse.com/security/cve/CVE-2020-6559.htmlhttps://www.suse.com/security/cve/CVE-2020-6560.htmlhttps://www.suse.com/security/cve/CVE-2020-6561.htmlhttps://www.suse.com/security/cve/CVE-2020-6562.htmlhttps://www.suse.com/security/cve/CVE-2020-6563.htmlhttps://www.suse.com/security/cve/CVE-2020-6564.htmlhttps://www.suse.com/security/cve/CVE-2020-6565.htmlhttps://www.suse.com/security/cve/CVE-2020-6566.htmlhttps://www.suse.com/security/cve/CVE-2020-6567.htmlhttps://www.suse.com/security/cve/CVE-2020-6568.htmlhttps://www.suse.com/security/cve/CVE-2020-6569.htmlhttps://www.suse.com/security/cve/CVE-2020-6570.htmlhttps://www.suse.com/security/cve/CVE-2020-6571.htmlhttps://bugzilla.suse.com/1175757
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
openSUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1302-1
Rating: important
References: #1174633 #1174635 #1174638
Cross-References: CVE-2020-14345 CVE-2020-14346 CVE-2020-14347
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for xorg-x11-server fixes the following issues:
- CVE-2020-14347: Leak of uninitialized heap memory from the X server to
clients on pixmap allocation (bsc#1174633, ZDI-CAN-11426).
- CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation
Vulnerability (bsc#1174638, ZDI-CAN-11429).
- CVE-2020-14345: XKB out-of-bounds access privilege escalation
vulnerability (bsc#1174635, ZDI-CAN-11428).
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1302=1
Package List:
- openSUSE Leap 15.2 (i586 x86_64):
xorg-x11-server-1.20.3-lp152.8.3.1
xorg-x11-server-debuginfo-1.20.3-lp152.8.3.1
xorg-x11-server-debugsource-1.20.3-lp152.8.3.1
xorg-x11-server-extra-1.20.3-lp152.8.3.1
xorg-x11-server-extra-debuginfo-1.20.3-lp152.8.3.1
xorg-x11-server-sdk-1.20.3-lp152.8.3.1
xorg-x11-server-source-1.20.3-lp152.8.3.1
xorg-x11-server-wayland-1.20.3-lp152.8.3.1
xorg-x11-server-wayland-debuginfo-1.20.3-lp152.8.3.1
References:
https://www.suse.com/security/cve/CVE-2020-14345.htmlhttps://www.suse.com/security/cve/CVE-2020-14346.htmlhttps://www.suse.com/security/cve/CVE-2020-14347.htmlhttps://bugzilla.suse.com/1174633https://bugzilla.suse.com/1174635https://bugzilla.suse.com/1174638
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
openSUSE Security Update: Security update for inn
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1304-1
Rating: moderate
References: #1172573
Cross-References: CVE-2020-8026
Affected Products:
openSUSE Backports SLE-15-SP1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for inn fixes the following issues:
- change file owners in /usr/lib/news to root [boo#1172573] [CVE-2020-8026]
This update was imported from the openSUSE:Leap:15.1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP1:
zypper in -t patch openSUSE-2020-1304=1
Package List:
- openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64):
inn-2.5.4-bp151.4.6.1
inn-devel-2.5.4-bp151.4.6.1
mininews-2.5.4-bp151.4.6.1
References:
https://www.suse.com/security/cve/CVE-2020-8026.htmlhttps://bugzilla.suse.com/1172573
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
openSUSE Security Update: Security update for graphviz
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1303-1
Rating: low
References: #1093447
Cross-References: CVE-2018-10196
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for graphviz fixes the following issues:
- CVE-2018-10196: Fixed a null dereference in rebuild_vlis (bsc#1093447).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1303=1
Package List:
- openSUSE Leap 15.2 (i586 x86_64):
graphviz-2.40.1-lp152.7.7.1
graphviz-addons-debuginfo-2.40.1-lp152.7.7.1
graphviz-addons-debugsource-2.40.1-lp152.7.7.1
graphviz-debuginfo-2.40.1-lp152.7.7.1
graphviz-debugsource-2.40.1-lp152.7.7.1
graphviz-devel-2.40.1-lp152.7.7.1
graphviz-doc-2.40.1-lp152.7.7.1
graphviz-gd-2.40.1-lp152.7.7.1
graphviz-gd-debuginfo-2.40.1-lp152.7.7.1
graphviz-gnome-2.40.1-lp152.7.7.1
graphviz-gnome-debuginfo-2.40.1-lp152.7.7.1
graphviz-guile-2.40.1-lp152.7.7.1
graphviz-guile-debuginfo-2.40.1-lp152.7.7.1
graphviz-gvedit-2.40.1-lp152.7.7.1
graphviz-gvedit-debuginfo-2.40.1-lp152.7.7.1
graphviz-java-2.40.1-lp152.7.7.1
graphviz-java-debuginfo-2.40.1-lp152.7.7.1
graphviz-lua-2.40.1-lp152.7.7.1
graphviz-lua-debuginfo-2.40.1-lp152.7.7.1
graphviz-perl-2.40.1-lp152.7.7.1
graphviz-perl-debuginfo-2.40.1-lp152.7.7.1
graphviz-php-2.40.1-lp152.7.7.1
graphviz-php-debuginfo-2.40.1-lp152.7.7.1
graphviz-plugins-core-2.40.1-lp152.7.7.1
graphviz-plugins-core-debuginfo-2.40.1-lp152.7.7.1
graphviz-python-2.40.1-lp152.7.7.1
graphviz-python-debuginfo-2.40.1-lp152.7.7.1
graphviz-ruby-2.40.1-lp152.7.7.1
graphviz-ruby-debuginfo-2.40.1-lp152.7.7.1
graphviz-smyrna-2.40.1-lp152.7.7.1
graphviz-smyrna-debuginfo-2.40.1-lp152.7.7.1
graphviz-tcl-2.40.1-lp152.7.7.1
graphviz-tcl-debuginfo-2.40.1-lp152.7.7.1
libgraphviz6-2.40.1-lp152.7.7.1
libgraphviz6-debuginfo-2.40.1-lp152.7.7.1
References:
https://www.suse.com/security/cve/CVE-2018-10196.htmlhttps://bugzilla.suse.com/1093447
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
openSUSE Security Update: Security update for librepo
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1289-1
Rating: important
References: #1175475
Cross-References: CVE-2020-14352
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for librepo fixes the following issues:
- Fixed path validation to prevent directory traversal attacks
(bsc#1175475, CVE-2020-14352)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1289=1
Package List:
- openSUSE Leap 15.2 (i586 x86_64):
librepo-debuginfo-1.11.2-lp152.2.3.1
librepo-debugsource-1.11.2-lp152.2.3.1
librepo-devel-1.11.2-lp152.2.3.1
librepo0-1.11.2-lp152.2.3.1
librepo0-debuginfo-1.11.2-lp152.2.3.1
python3-librepo-1.11.2-lp152.2.3.1
python3-librepo-debuginfo-1.11.2-lp152.2.3.1
References:
https://www.suse.com/security/cve/CVE-2020-14352.htmlhttps://bugzilla.suse.com/1175475
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
openSUSE Security Update: Security update for apache2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1293-1
Rating: moderate
References: #1175070 #1175071 #1175074
Cross-References: CVE-2020-11984 CVE-2020-11993 CVE-2020-9490
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for apache2 fixes the following issues:
- CVE-2020-9490: Fixed a crash caused by a specially crafted value for the
'Cache-Digest' header in a HTTP/2 request (bsc#1175071).
- CVE-2020-11984: Fixed an information disclosure bug in mod_proxy_uwsgi
(bsc#1175074).
- CVE-2020-11993: When trace/debug was enabled for the HTTP/2 module
logging statements were made on the wrong connection (bsc#1175070).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-1293=1
Package List:
- openSUSE Leap 15.1 (i586 x86_64):
apache2-2.4.33-lp151.8.15.1
apache2-debuginfo-2.4.33-lp151.8.15.1
apache2-debugsource-2.4.33-lp151.8.15.1
apache2-devel-2.4.33-lp151.8.15.1
apache2-event-2.4.33-lp151.8.15.1
apache2-event-debuginfo-2.4.33-lp151.8.15.1
apache2-example-pages-2.4.33-lp151.8.15.1
apache2-prefork-2.4.33-lp151.8.15.1
apache2-prefork-debuginfo-2.4.33-lp151.8.15.1
apache2-utils-2.4.33-lp151.8.15.1
apache2-utils-debuginfo-2.4.33-lp151.8.15.1
apache2-worker-2.4.33-lp151.8.15.1
apache2-worker-debuginfo-2.4.33-lp151.8.15.1
- openSUSE Leap 15.1 (noarch):
apache2-doc-2.4.33-lp151.8.15.1
References:
https://www.suse.com/security/cve/CVE-2020-11984.htmlhttps://www.suse.com/security/cve/CVE-2020-11993.htmlhttps://www.suse.com/security/cve/CVE-2020-9490.htmlhttps://bugzilla.suse.com/1175070https://bugzilla.suse.com/1175071https://bugzilla.suse.com/1175074
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
openSUSE Security Update: Security update for graphviz
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1294-1
Rating: low
References: #1093447
Cross-References: CVE-2018-10196
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for graphviz fixes the following issues:
- CVE-2018-10196: Fixed a null dereference in rebuild_vlis (bsc#1093447).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-1294=1
Package List:
- openSUSE Leap 15.1 (i586 x86_64):
graphviz-2.40.1-lp151.6.6.1
graphviz-addons-debuginfo-2.40.1-lp151.6.6.1
graphviz-addons-debugsource-2.40.1-lp151.6.6.1
graphviz-debuginfo-2.40.1-lp151.6.6.1
graphviz-debugsource-2.40.1-lp151.6.6.1
graphviz-devel-2.40.1-lp151.6.6.1
graphviz-doc-2.40.1-lp151.6.6.1
graphviz-gd-2.40.1-lp151.6.6.1
graphviz-gd-debuginfo-2.40.1-lp151.6.6.1
graphviz-gnome-2.40.1-lp151.6.6.1
graphviz-gnome-debuginfo-2.40.1-lp151.6.6.1
graphviz-guile-2.40.1-lp151.6.6.1
graphviz-guile-debuginfo-2.40.1-lp151.6.6.1
graphviz-gvedit-2.40.1-lp151.6.6.1
graphviz-gvedit-debuginfo-2.40.1-lp151.6.6.1
graphviz-java-2.40.1-lp151.6.6.1
graphviz-java-debuginfo-2.40.1-lp151.6.6.1
graphviz-lua-2.40.1-lp151.6.6.1
graphviz-lua-debuginfo-2.40.1-lp151.6.6.1
graphviz-perl-2.40.1-lp151.6.6.1
graphviz-perl-debuginfo-2.40.1-lp151.6.6.1
graphviz-php-2.40.1-lp151.6.6.1
graphviz-php-debuginfo-2.40.1-lp151.6.6.1
graphviz-plugins-core-2.40.1-lp151.6.6.1
graphviz-plugins-core-debuginfo-2.40.1-lp151.6.6.1
graphviz-python-2.40.1-lp151.6.6.1
graphviz-python-debuginfo-2.40.1-lp151.6.6.1
graphviz-ruby-2.40.1-lp151.6.6.1
graphviz-ruby-debuginfo-2.40.1-lp151.6.6.1
graphviz-smyrna-2.40.1-lp151.6.6.1
graphviz-smyrna-debuginfo-2.40.1-lp151.6.6.1
graphviz-tcl-2.40.1-lp151.6.6.1
graphviz-tcl-debuginfo-2.40.1-lp151.6.6.1
libgraphviz6-2.40.1-lp151.6.6.1
libgraphviz6-debuginfo-2.40.1-lp151.6.6.1
References:
https://www.suse.com/security/cve/CVE-2018-10196.htmlhttps://bugzilla.suse.com/1093447
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
openSUSE Security Update: Security update for grub2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1282-1
Rating: important
References: #1172745 #1174421
Cross-References: CVE-2020-15705
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for grub2 fixes the following issue:
- CVE-2020-15705: Fail kernel validation without shim protocol
(bsc#1174421).
- Add fibre channel device's ofpath support to grub-ofpathname and search
hint to speed up root device discovery (bsc#1172745).
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1282=1
Package List:
- openSUSE Leap 15.2 (i586 x86_64):
grub2-2.04-lp152.7.9.1
grub2-branding-upstream-2.04-lp152.7.9.1
grub2-debuginfo-2.04-lp152.7.9.1
grub2-debugsource-2.04-lp152.7.9.1
- openSUSE Leap 15.2 (noarch):
grub2-i386-efi-2.04-lp152.7.9.1
grub2-i386-efi-debug-2.04-lp152.7.9.1
grub2-i386-pc-2.04-lp152.7.9.1
grub2-i386-pc-debug-2.04-lp152.7.9.1
grub2-i386-xen-2.04-lp152.7.9.1
grub2-snapper-plugin-2.04-lp152.7.9.1
grub2-systemd-sleep-plugin-2.04-lp152.7.9.1
grub2-x86_64-efi-2.04-lp152.7.9.1
grub2-x86_64-efi-debug-2.04-lp152.7.9.1
grub2-x86_64-xen-2.04-lp152.7.9.1
References:
https://www.suse.com/security/cve/CVE-2020-15705.htmlhttps://bugzilla.suse.com/1172745https://bugzilla.suse.com/1174421
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
openSUSE Security Update: Security update for apache2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1285-1
Rating: moderate
References: #1174052 #1175070 #1175071 #1175074
Cross-References: CVE-2020-11984 CVE-2020-11993 CVE-2020-9490
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that solves three vulnerabilities and has one
errata is now available.
Description:
This update for apache2 fixes the following issues:
- CVE-2020-9490: Fixed a crash caused by a specially crafted value for the
'Cache-Digest' header in a HTTP/2 request (bsc#1175071).
- CVE-2020-11984: Fixed an information disclosure bug in mod_proxy_uwsgi
(bsc#1175074).
- CVE-2020-11993: When trace/debug was enabled for the HTTP/2 module
logging statements were made on the wrong connection (bsc#1175070).
- Solve a crash in mod_proxy_uwsgi for empty values of environment
variables. (bsc#1174052)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1285=1
Package List:
- openSUSE Leap 15.2 (i586 x86_64):
apache2-2.4.43-lp152.2.3.1
apache2-debuginfo-2.4.43-lp152.2.3.1
apache2-debugsource-2.4.43-lp152.2.3.1
apache2-devel-2.4.43-lp152.2.3.1
apache2-event-2.4.43-lp152.2.3.1
apache2-event-debuginfo-2.4.43-lp152.2.3.1
apache2-example-pages-2.4.43-lp152.2.3.1
apache2-prefork-2.4.43-lp152.2.3.1
apache2-prefork-debuginfo-2.4.43-lp152.2.3.1
apache2-utils-2.4.43-lp152.2.3.1
apache2-utils-debuginfo-2.4.43-lp152.2.3.1
apache2-worker-2.4.43-lp152.2.3.1
apache2-worker-debuginfo-2.4.43-lp152.2.3.1
- openSUSE Leap 15.2 (noarch):
apache2-doc-2.4.43-lp152.2.3.1
References:
https://www.suse.com/security/cve/CVE-2020-11984.htmlhttps://www.suse.com/security/cve/CVE-2020-11993.htmlhttps://www.suse.com/security/cve/CVE-2020-9490.htmlhttps://bugzilla.suse.com/1174052https://bugzilla.suse.com/1175070https://bugzilla.suse.com/1175071https://bugzilla.suse.com/1175074
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org
openSUSE Security Update: Security update for grub2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1280-1
Rating: important
References: #1172745 #1174421
Cross-References: CVE-2020-15705
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for grub2 fixes the following issues:
- CVE-2020-15705: Fail kernel validation without shim protocol
(bsc#1174421).
- Add fibre channel device's ofpath support to grub-ofpathname and search
hint to speed up root device discovery (bsc#1172745).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-1280=1
Package List:
- openSUSE Leap 15.1 (i586 x86_64):
grub2-2.02-lp151.21.27.1
grub2-branding-upstream-2.02-lp151.21.27.1
grub2-debuginfo-2.02-lp151.21.27.1
grub2-debugsource-2.02-lp151.21.27.1
- openSUSE Leap 15.1 (noarch):
grub2-i386-efi-2.02-lp151.21.27.1
grub2-i386-pc-2.02-lp151.21.27.1
grub2-i386-xen-2.02-lp151.21.27.1
grub2-snapper-plugin-2.02-lp151.21.27.1
grub2-systemd-sleep-plugin-2.02-lp151.21.27.1
grub2-x86_64-efi-2.02-lp151.21.27.1
grub2-x86_64-xen-2.02-lp151.21.27.1
References:
https://www.suse.com/security/cve/CVE-2020-15705.htmlhttps://bugzilla.suse.com/1172745https://bugzilla.suse.com/1174421
--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org