openSUSE Updates September 2019

updates@lists.opensuse.org

2 participants
184 discussions

openSUSE-SU-2019:2217-1: moderate: Security update for djvulibre

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for djvulibre ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2217-1 Rating: moderate References: #1146569 #1146571 #1146572 #1146702 Cross-References: CVE-2019-15142 CVE-2019-15143 CVE-2019-15144 CVE-2019-15145 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for djvulibre fixes the following issues: Security issues fixed: - CVE-2019-15142: Fixed heap-based buffer over-read (bsc#1146702). - CVE-2019-15143: Fixed resource exhaustion caused by corrupted image files (bsc#1146569). - CVE-2019-15144: Fixed denial-of-service caused by crafted PBM image files (bsc#1146571). - CVE-2019-15145: Fixed out-of-bounds read caused by corrupted JB2 image files (bsc#1146572). - Fixed segfault when libtiff encounters corrupted TIFF (upstream issue #295). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2217=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): djvulibre-3.5.27-lp150.2.3.1 djvulibre-debuginfo-3.5.27-lp150.2.3.1 djvulibre-debugsource-3.5.27-lp150.2.3.1 djvulibre-doc-3.5.27-lp150.2.3.1 libdjvulibre-devel-3.5.27-lp150.2.3.1 libdjvulibre21-3.5.27-lp150.2.3.1 libdjvulibre21-debuginfo-3.5.27-lp150.2.3.1 References: https://www.suse.com/security/cve/CVE-2019-15142.html https://www.suse.com/security/cve/CVE-2019-15143.html https://www.suse.com/security/cve/CVE-2019-15144.html https://www.suse.com/security/cve/CVE-2019-15145.html https://bugzilla.suse.com/1146569 https://bugzilla.suse.com/1146571 https://bugzilla.suse.com/1146572 https://bugzilla.suse.com/1146702

2 years, 7 months

openSUSE-RU-2019:2216-1: moderate: Recommended update for python-scipy

by maintenance＠opensuse.org

openSUSE Recommended Update: Recommended update for python-scipy ______________________________________________________________________________ Announcement ID: openSUSE-RU-2019:2216-1 Rating: moderate References: #1149203 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update brings python-scipy to version 1.2.2 (jsc#SLE-8532, bsc#1149203). All relevant changes are availalbe online in the following places: - https://docs.scipy.org/doc/scipy/reference/release.1.1.0.html - https://docs.scipy.org/doc/scipy/reference/release.1.2.0.html This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2216=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): python-scipy-debuginfo-1.2.2-lp150.2.3.2 python-scipy-debugsource-1.2.2-lp150.2.3.2 python2-scipy-1.2.2-lp150.2.3.2 python2-scipy-debuginfo-1.2.2-lp150.2.3.2 python3-scipy-1.2.2-lp150.2.3.2 python3-scipy-debuginfo-1.2.2-lp150.2.3.2 References: https://bugzilla.suse.com/1149203

2 years, 7 months

openSUSE-RU-2019:2214-1: moderate: Recommended update for pacemaker

by maintenance＠opensuse.org

openSUSE Recommended Update: Recommended update for pacemaker ______________________________________________________________________________ Announcement ID: openSUSE-RU-2019:2214-1 Rating: moderate References: #1032511 #1127716 #1130122 #1131353 #1131356 #1133866 #1136712 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that has 7 recommended fixes can now be installed. Description: This update for pacemaker fixes the following issues: - scheduler: Wait for probe actions to complete preventing unnecessary restart/re-promote of dependent resources. (bsc#1130122, bsc#1032511) - controller: Confirm cancel of failed monitors. (bsc#1133866) - controller: Improve failed recurring action messages in the logs and improve SAPHanaSR transition efficiency. (bsc#1133866) - libcrmcommon: Return error when applying XML diffs containing unknown operations. (bsc#1127716) - libcrmcommon: Avoid possible use of NULL when applying XML diffs and apply them correctly with multiple move/create changes. (bsc#1127716) - libcrmcommon: Return proper code if testing PID is denied and avoid NULL by returning active process ID. (bsc#1131353, bsc#1131356) - contoller,scheduler: Guarding hash table of deleting. (bsc#1136712) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2214=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): libpacemaker-devel-1.1.18+20180430.b12c320f5-lp150.2.12.1 libpacemaker3-1.1.18+20180430.b12c320f5-lp150.2.12.1 libpacemaker3-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.12.1 pacemaker-1.1.18+20180430.b12c320f5-lp150.2.12.1 pacemaker-cli-1.1.18+20180430.b12c320f5-lp150.2.12.1 pacemaker-cli-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.12.1 pacemaker-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.12.1 pacemaker-debugsource-1.1.18+20180430.b12c320f5-lp150.2.12.1 pacemaker-remote-1.1.18+20180430.b12c320f5-lp150.2.12.1 pacemaker-remote-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.12.1 - openSUSE Leap 15.0 (noarch): pacemaker-cts-1.1.18+20180430.b12c320f5-lp150.2.12.1 References: https://bugzilla.suse.com/1032511 https://bugzilla.suse.com/1127716 https://bugzilla.suse.com/1130122 https://bugzilla.suse.com/1131353 https://bugzilla.suse.com/1131356 https://bugzilla.suse.com/1133866 https://bugzilla.suse.com/1136712

2 years, 7 months

openSUSE-RU-2019:2215-1: moderate: Recommended update for libcdio

by maintenance＠opensuse.org

openSUSE Recommended Update: Recommended update for libcdio ______________________________________________________________________________ Announcement ID: openSUSE-RU-2019:2215-1 Rating: moderate References: #1094761 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for libcdio fixes the following issues: - Fix warning when BigEndian and LittleEndian sizes do not match. (bsc#1094761) - Fix that libcdio doesn't bail out when processing non-compliant ISO files. This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2215=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): libcdio++0-0.94-lp150.5.10.1 libcdio++0-debuginfo-0.94-lp150.5.10.1 libcdio-debugsource-0.94-lp150.5.10.1 libcdio-devel-0.94-lp150.5.10.1 libcdio16-0.94-lp150.5.10.1 libcdio16-debuginfo-0.94-lp150.5.10.1 libiso9660-10-0.94-lp150.5.10.1 libiso9660-10-debuginfo-0.94-lp150.5.10.1 libudf0-0.94-lp150.5.10.1 libudf0-debuginfo-0.94-lp150.5.10.1 - openSUSE Leap 15.0 (x86_64): libcdio++0-32bit-0.94-lp150.5.10.1 libcdio++0-32bit-debuginfo-0.94-lp150.5.10.1 libcdio16-32bit-0.94-lp150.5.10.1 libcdio16-32bit-debuginfo-0.94-lp150.5.10.1 libiso9660-10-32bit-0.94-lp150.5.10.1 libiso9660-10-32bit-debuginfo-0.94-lp150.5.10.1 libudf0-32bit-0.94-lp150.5.10.1 libudf0-32bit-debuginfo-0.94-lp150.5.10.1 References: https://bugzilla.suse.com/1094761

2 years, 7 months

openSUSE-SU-2019:2212-1: moderate: Security update for libopenmpt

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for libopenmpt ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2212-1 Rating: moderate References: #1143578 #1143581 #1143582 #1143584 Cross-References: CVE-2018-20860 CVE-2018-20861 CVE-2019-14382 CVE-2019-14383 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for libopenmpt fixes the following issues: Security issues fixed: - CVE-2018-20861: Fixed crash with certain malformed custom tunings in MPTM files (bsc#1143578). - CVE-2018-20860: Fixed crash with malformed MED files (bsc#1143581). - CVE-2019-14383: Fixed J2B that allows an assertion failure during file parsing with debug STLs (bsc#1143584). - CVE-2019-14382: Fixed DSM that allows an assertion failure during file parsing with debug STLs (bsc#1143582). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2212=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): libmodplug-devel-0.3.17-lp150.7.1 libmodplug1-0.3.17-lp150.7.1 libmodplug1-debuginfo-0.3.17-lp150.7.1 libopenmpt-debugsource-0.3.17-lp150.7.1 libopenmpt-devel-0.3.17-lp150.7.1 libopenmpt0-0.3.17-lp150.7.1 libopenmpt0-debuginfo-0.3.17-lp150.7.1 libopenmpt_modplug1-0.3.17-lp150.7.1 libopenmpt_modplug1-debuginfo-0.3.17-lp150.7.1 openmpt123-0.3.17-lp150.7.1 openmpt123-debuginfo-0.3.17-lp150.7.1 - openSUSE Leap 15.0 (x86_64): libmodplug1-32bit-0.3.17-lp150.7.1 libmodplug1-32bit-debuginfo-0.3.17-lp150.7.1 libopenmpt0-32bit-0.3.17-lp150.7.1 libopenmpt0-32bit-debuginfo-0.3.17-lp150.7.1 libopenmpt_modplug1-32bit-0.3.17-lp150.7.1 libopenmpt_modplug1-32bit-debuginfo-0.3.17-lp150.7.1 References: https://www.suse.com/security/cve/CVE-2018-20860.html https://www.suse.com/security/cve/CVE-2018-20861.html https://www.suse.com/security/cve/CVE-2019-14382.html https://www.suse.com/security/cve/CVE-2019-14383.html https://bugzilla.suse.com/1143578 https://bugzilla.suse.com/1143581 https://bugzilla.suse.com/1143582 https://bugzilla.suse.com/1143584

2 years, 7 months

openSUSE-SU-2019:2213-1: moderate: Security update for libopenmpt

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for libopenmpt ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2213-1 Rating: moderate References: #1143578 #1143581 #1143582 #1143584 Cross-References: CVE-2018-20860 CVE-2018-20861 CVE-2019-14382 CVE-2019-14383 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for libopenmpt fixes the following issues: Security issues fixed: - CVE-2018-20861: Fixed crash with certain malformed custom tunings in MPTM files (bsc#1143578). - CVE-2018-20860: Fixed crash with malformed MED files (bsc#1143581). - CVE-2019-14383: Fixed J2B that allows an assertion failure during file parsing with debug STLs (bsc#1143584). - CVE-2019-14382: Fixed DSM that allows an assertion failure during file parsing with debug STLs (bsc#1143582). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2213=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): libmodplug-devel-0.3.17-lp151.2.3.1 libmodplug1-0.3.17-lp151.2.3.1 libmodplug1-debuginfo-0.3.17-lp151.2.3.1 libopenmpt-debugsource-0.3.17-lp151.2.3.1 libopenmpt-devel-0.3.17-lp151.2.3.1 libopenmpt0-0.3.17-lp151.2.3.1 libopenmpt0-debuginfo-0.3.17-lp151.2.3.1 libopenmpt_modplug1-0.3.17-lp151.2.3.1 libopenmpt_modplug1-debuginfo-0.3.17-lp151.2.3.1 openmpt123-0.3.17-lp151.2.3.1 openmpt123-debuginfo-0.3.17-lp151.2.3.1 - openSUSE Leap 15.1 (x86_64): libmodplug1-32bit-0.3.17-lp151.2.3.1 libmodplug1-32bit-debuginfo-0.3.17-lp151.2.3.1 libopenmpt0-32bit-0.3.17-lp151.2.3.1 libopenmpt0-32bit-debuginfo-0.3.17-lp151.2.3.1 libopenmpt_modplug1-32bit-0.3.17-lp151.2.3.1 libopenmpt_modplug1-32bit-debuginfo-0.3.17-lp151.2.3.1 References: https://www.suse.com/security/cve/CVE-2018-20860.html https://www.suse.com/security/cve/CVE-2018-20861.html https://www.suse.com/security/cve/CVE-2019-14382.html https://www.suse.com/security/cve/CVE-2019-14383.html https://bugzilla.suse.com/1143578 https://bugzilla.suse.com/1143581 https://bugzilla.suse.com/1143582 https://bugzilla.suse.com/1143584

2 years, 7 months

openSUSE-SU-2019:2207-1: important: Security update for webkit2gtk3

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for webkit2gtk3 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2207-1 Rating: important References: #1148931 Cross-References: CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes 24 vulnerabilities is now available. Description: This update for webkit2gtk3 fixes the following issues: Security issues fixed: - CVE-2019-8673, CVE-2019-8678, CVE-2019-8686, CVE-2019-8683, CVE-2019-8671, CVE-2019-8595, CVE-2019-8684, CVE-2019-8681, CVE-2019-8615, CVE-2019-8689, CVE-2019-8680, CVE-2019-8672, CVE-2019-8676, CVE-2019-8666, CVE-2019-8644, CVE-2019-8658, CVE-2019-8690, CVE-2019-8688, CVE-2019-8649, CVE-2019-8679, CVE-2019-8687, CVE-2019-8669, CVE-2019-8677, CVE-2019-8607 (bsc#1148931). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2207=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): libjavascriptcoregtk-4_0-18-2.24.4-lp150.2.25.1 libjavascriptcoregtk-4_0-18-debuginfo-2.24.4-lp150.2.25.1 libwebkit2gtk-4_0-37-2.24.4-lp150.2.25.1 libwebkit2gtk-4_0-37-debuginfo-2.24.4-lp150.2.25.1 typelib-1_0-JavaScriptCore-4_0-2.24.4-lp150.2.25.1 typelib-1_0-WebKit2-4_0-2.24.4-lp150.2.25.1 typelib-1_0-WebKit2WebExtension-4_0-2.24.4-lp150.2.25.1 webkit-jsc-4-2.24.4-lp150.2.25.1 webkit-jsc-4-debuginfo-2.24.4-lp150.2.25.1 webkit2gtk-4_0-injected-bundles-2.24.4-lp150.2.25.1 webkit2gtk-4_0-injected-bundles-debuginfo-2.24.4-lp150.2.25.1 webkit2gtk3-debugsource-2.24.4-lp150.2.25.1 webkit2gtk3-devel-2.24.4-lp150.2.25.1 webkit2gtk3-minibrowser-2.24.4-lp150.2.25.1 webkit2gtk3-minibrowser-debuginfo-2.24.4-lp150.2.25.1 webkit2gtk3-plugin-process-gtk2-2.24.4-lp150.2.25.1 webkit2gtk3-plugin-process-gtk2-debuginfo-2.24.4-lp150.2.25.1 - openSUSE Leap 15.0 (noarch): libwebkit2gtk3-lang-2.24.4-lp150.2.25.1 - openSUSE Leap 15.0 (x86_64): libjavascriptcoregtk-4_0-18-32bit-2.24.4-lp150.2.25.1 libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.24.4-lp150.2.25.1 libwebkit2gtk-4_0-37-32bit-2.24.4-lp150.2.25.1 libwebkit2gtk-4_0-37-32bit-debuginfo-2.24.4-lp150.2.25.1 References: https://www.suse.com/security/cve/CVE-2019-8595.html https://www.suse.com/security/cve/CVE-2019-8607.html https://www.suse.com/security/cve/CVE-2019-8615.html https://www.suse.com/security/cve/CVE-2019-8644.html https://www.suse.com/security/cve/CVE-2019-8649.html https://www.suse.com/security/cve/CVE-2019-8658.html https://www.suse.com/security/cve/CVE-2019-8666.html https://www.suse.com/security/cve/CVE-2019-8669.html https://www.suse.com/security/cve/CVE-2019-8671.html https://www.suse.com/security/cve/CVE-2019-8672.html https://www.suse.com/security/cve/CVE-2019-8673.html https://www.suse.com/security/cve/CVE-2019-8676.html https://www.suse.com/security/cve/CVE-2019-8677.html https://www.suse.com/security/cve/CVE-2019-8678.html https://www.suse.com/security/cve/CVE-2019-8679.html https://www.suse.com/security/cve/CVE-2019-8680.html https://www.suse.com/security/cve/CVE-2019-8681.html https://www.suse.com/security/cve/CVE-2019-8683.html https://www.suse.com/security/cve/CVE-2019-8684.html https://www.suse.com/security/cve/CVE-2019-8686.html https://www.suse.com/security/cve/CVE-2019-8687.html https://www.suse.com/security/cve/CVE-2019-8688.html https://www.suse.com/security/cve/CVE-2019-8689.html https://www.suse.com/security/cve/CVE-2019-8690.html https://bugzilla.suse.com/1148931

2 years, 7 months

openSUSE-SU-2019:2208-1: important: Security update for webkit2gtk3

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for webkit2gtk3 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2208-1 Rating: important References: #1148931 Cross-References: CVE-2019-8595 CVE-2019-8607 CVE-2019-8615 CVE-2019-8644 CVE-2019-8649 CVE-2019-8658 CVE-2019-8666 CVE-2019-8669 CVE-2019-8671 CVE-2019-8672 CVE-2019-8673 CVE-2019-8676 CVE-2019-8677 CVE-2019-8678 CVE-2019-8679 CVE-2019-8680 CVE-2019-8681 CVE-2019-8683 CVE-2019-8684 CVE-2019-8686 CVE-2019-8687 CVE-2019-8688 CVE-2019-8689 CVE-2019-8690 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes 24 vulnerabilities is now available. Description: This update for webkit2gtk3 fixes the following issues: Security issues fixed: - CVE-2019-8673, CVE-2019-8678, CVE-2019-8686, CVE-2019-8683, CVE-2019-8671, CVE-2019-8595, CVE-2019-8684, CVE-2019-8681, CVE-2019-8615, CVE-2019-8689, CVE-2019-8680, CVE-2019-8672, CVE-2019-8676, CVE-2019-8666, CVE-2019-8644, CVE-2019-8658, CVE-2019-8690, CVE-2019-8688, CVE-2019-8649, CVE-2019-8679, CVE-2019-8687, CVE-2019-8669, CVE-2019-8677, CVE-2019-8607 (bsc#1148931). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2208=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): libjavascriptcoregtk-4_0-18-2.24.4-lp151.2.6.1 libjavascriptcoregtk-4_0-18-debuginfo-2.24.4-lp151.2.6.1 libwebkit2gtk-4_0-37-2.24.4-lp151.2.6.1 libwebkit2gtk-4_0-37-debuginfo-2.24.4-lp151.2.6.1 typelib-1_0-JavaScriptCore-4_0-2.24.4-lp151.2.6.1 typelib-1_0-WebKit2-4_0-2.24.4-lp151.2.6.1 typelib-1_0-WebKit2WebExtension-4_0-2.24.4-lp151.2.6.1 webkit-jsc-4-2.24.4-lp151.2.6.1 webkit-jsc-4-debuginfo-2.24.4-lp151.2.6.1 webkit2gtk-4_0-injected-bundles-2.24.4-lp151.2.6.1 webkit2gtk-4_0-injected-bundles-debuginfo-2.24.4-lp151.2.6.1 webkit2gtk3-debugsource-2.24.4-lp151.2.6.1 webkit2gtk3-devel-2.24.4-lp151.2.6.1 webkit2gtk3-minibrowser-2.24.4-lp151.2.6.1 webkit2gtk3-minibrowser-debuginfo-2.24.4-lp151.2.6.1 webkit2gtk3-plugin-process-gtk2-2.24.4-lp151.2.6.1 webkit2gtk3-plugin-process-gtk2-debuginfo-2.24.4-lp151.2.6.1 - openSUSE Leap 15.1 (x86_64): libjavascriptcoregtk-4_0-18-32bit-2.24.4-lp151.2.6.1 libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.24.4-lp151.2.6.1 libwebkit2gtk-4_0-37-32bit-2.24.4-lp151.2.6.1 libwebkit2gtk-4_0-37-32bit-debuginfo-2.24.4-lp151.2.6.1 - openSUSE Leap 15.1 (noarch): libwebkit2gtk3-lang-2.24.4-lp151.2.6.1 References: https://www.suse.com/security/cve/CVE-2019-8595.html https://www.suse.com/security/cve/CVE-2019-8607.html https://www.suse.com/security/cve/CVE-2019-8615.html https://www.suse.com/security/cve/CVE-2019-8644.html https://www.suse.com/security/cve/CVE-2019-8649.html https://www.suse.com/security/cve/CVE-2019-8658.html https://www.suse.com/security/cve/CVE-2019-8666.html https://www.suse.com/security/cve/CVE-2019-8669.html https://www.suse.com/security/cve/CVE-2019-8671.html https://www.suse.com/security/cve/CVE-2019-8672.html https://www.suse.com/security/cve/CVE-2019-8673.html https://www.suse.com/security/cve/CVE-2019-8676.html https://www.suse.com/security/cve/CVE-2019-8677.html https://www.suse.com/security/cve/CVE-2019-8678.html https://www.suse.com/security/cve/CVE-2019-8679.html https://www.suse.com/security/cve/CVE-2019-8680.html https://www.suse.com/security/cve/CVE-2019-8681.html https://www.suse.com/security/cve/CVE-2019-8683.html https://www.suse.com/security/cve/CVE-2019-8684.html https://www.suse.com/security/cve/CVE-2019-8686.html https://www.suse.com/security/cve/CVE-2019-8687.html https://www.suse.com/security/cve/CVE-2019-8688.html https://www.suse.com/security/cve/CVE-2019-8689.html https://www.suse.com/security/cve/CVE-2019-8690.html https://bugzilla.suse.com/1148931

2 years, 7 months

openSUSE-SU-2019:2205-1: moderate: Security update for expat

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for expat ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2205-1 Rating: moderate References: #1149429 Cross-References: CVE-2019-15903 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for expat fixes the following issues: Security issues fixed: - CVE-2019-15903: Fixed heap-based buffer over-read caused by crafted XML input. (bsc#1149429) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-2205=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): expat-2.2.5-lp151.3.6.1 expat-debuginfo-2.2.5-lp151.3.6.1 expat-debugsource-2.2.5-lp151.3.6.1 libexpat-devel-2.2.5-lp151.3.6.1 libexpat1-2.2.5-lp151.3.6.1 libexpat1-debuginfo-2.2.5-lp151.3.6.1 - openSUSE Leap 15.1 (x86_64): expat-32bit-debuginfo-2.2.5-lp151.3.6.1 libexpat-devel-32bit-2.2.5-lp151.3.6.1 libexpat1-32bit-2.2.5-lp151.3.6.1 libexpat1-32bit-debuginfo-2.2.5-lp151.3.6.1 References: https://www.suse.com/security/cve/CVE-2019-15903.html https://bugzilla.suse.com/1149429

2 years, 7 months

openSUSE-SU-2019:2204-1: moderate: Security update for expat

by opensuse-security＠opensuse.org

openSUSE Security Update: Security update for expat ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2204-1 Rating: moderate References: #1149429 Cross-References: CVE-2019-15903 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for expat fixes the following issues: Security issues fixed: - CVE-2019-15903: Fixed heap-based buffer over-read caused by crafted XML input. (bsc#1149429) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2204=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): expat-2.2.5-lp150.2.6.1 expat-debuginfo-2.2.5-lp150.2.6.1 expat-debugsource-2.2.5-lp150.2.6.1 libexpat-devel-2.2.5-lp150.2.6.1 libexpat1-2.2.5-lp150.2.6.1 libexpat1-debuginfo-2.2.5-lp150.2.6.1 - openSUSE Leap 15.0 (x86_64): expat-32bit-debuginfo-2.2.5-lp150.2.6.1 libexpat-devel-32bit-2.2.5-lp150.2.6.1 libexpat1-32bit-2.2.5-lp150.2.6.1 libexpat1-32bit-debuginfo-2.2.5-lp150.2.6.1 References: https://www.suse.com/security/cve/CVE-2019-15903.html https://bugzilla.suse.com/1149429

2 years, 7 months

Jump to page:

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

openSUSE Updates September 2019