Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 515
Alerts This Week
Warning Icon 1 515

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 38 articles for you...
100

SUSE Linux Enterprise 12 SP5: SUSE-SU-2024:0434-1 Moderate: netpbm OOB

* bsc#1022790 * bsc#1022791 Cross-References: * CVE-2017-5849 . # Security update for netpbm Announcement ID: SUSE-SU-2024:0434-1 Rating: moderate References: * bsc#1022790 * bsc#1022791 Cross-References: * CVE-2017-5849 CVSS scores: * CVE-2017-5849 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2017-5849 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for netpbm fixes the following issues: * CVE-2017-5849: Fixed out-of-bound read and write issue that can occur in function putgreytile() and put1bitbwtile() (bsc#1022790, bsc#1022791). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-434=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-434=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-434=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-434=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * netpbm-10.66.3-8.10.1 * libnetpbm11-10.66.3-8.10.1 * netpbm-debugsource-10.66.3-8.10.1 * libnetpbm11-debuginfo-10.66.3-8.10.1 * netpbm-debuginfo-10.66.3-8.10.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libnetpbm11-32bit-10.66.3-8.10.1 *libnetpbm11-debuginfo-32bit-10.66.3-8.10.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * netpbm-10.66.3-8.10.1 * libnetpbm11-10.66.3-8.10.1 * netpbm-debugsource-10.66.3-8.10.1 * libnetpbm11-debuginfo-10.66.3-8.10.1 * netpbm-debuginfo-10.66.3-8.10.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libnetpbm11-32bit-10.66.3-8.10.1 * libnetpbm11-debuginfo-32bit-10.66.3-8.10.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * netpbm-10.66.3-8.10.1 * libnetpbm11-10.66.3-8.10.1 * netpbm-debugsource-10.66.3-8.10.1 * libnetpbm11-debuginfo-10.66.3-8.10.1 * netpbm-debuginfo-10.66.3-8.10.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libnetpbm11-32bit-10.66.3-8.10.1 * libnetpbm11-debuginfo-32bit-10.66.3-8.10.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * netpbm-debugsource-10.66.3-8.10.1 * netpbm-debuginfo-10.66.3-8.10.1 * libnetpbm-devel-10.66.3-8.10.1 ## References: * https://www.suse.com/security/cve/CVE-2017-5849.html * https://bugzilla.suse.com/show_bug.cgi?id=1022790 * https://bugzilla.suse.com/show_bug.cgi?id=1022791 . An update for netpbm rectifies a significant security vulnerability. The impacted SUSE offerings encompass both HPC and Server variants.. Netpbm Update, SUSE Security, Out-Of-Bounds Fix, Linux Security. . LinuxSecurity.com Team

Calendar%202 Feb 08, 2024 SuSE
202

openSUSE Leap 15.5: SUSE-SU-2024:0435-1 Moderate: Netpbm Buffer Overflow

This update for netpbm fixes the following issues: CVE-2017-5849: Fixed out-of-bound read and write issue that can occur in function putgreytile() and put1bitbwtile() (bsc#1022790, bsc#1022791).. # Security update for netpbm Announcement ID: SUSE-SU-2024:0435-1 Rating: moderate References: * bsc#1022790 * bsc#1022791 Cross-References: * CVE-2017-5849 CVSS scores: * CVE-2017-5849 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2017-5849 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for netpbm fixes the following issues: * CVE-2017-5849: Fixed out-of-bound read and write issue that can occur in function putgreytile() and put1bitbwtile() (bsc#1022790, bsc#1022791). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-435=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-435=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-435=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * netpbm-10.80.1-150000.3.14.1 * netpbm-debugsource-10.80.1-150000.3.14.1 * libnetpbm11-10.80.1-150000.3.14.1 * libnetpbm11-debuginfo-10.80.1-150000.3.14.1 * libnetpbm-devel-10.80.1-150000.3.14.1 *netpbm-vulnerable-debuginfo-10.80.1-150000.3.14.1 * netpbm-debuginfo-10.80.1-150000.3.14.1 * netpbm-vulnerable-10.80.1-150000.3.14.1 * openSUSE Leap 15.5 (x86_64) * libnetpbm11-32bit-10.80.1-150000.3.14.1 * libnetpbm11-32bit-debuginfo-10.80.1-150000.3.14.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * netpbm-10.80.1-150000.3.14.1 * netpbm-debugsource-10.80.1-150000.3.14.1 * libnetpbm11-10.80.1-150000.3.14.1 * libnetpbm11-debuginfo-10.80.1-150000.3.14.1 * netpbm-debuginfo-10.80.1-150000.3.14.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * netpbm-debugsource-10.80.1-150000.3.14.1 * netpbm-debuginfo-10.80.1-150000.3.14.1 * libnetpbm-devel-10.80.1-150000.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2017-5849.html * https://bugzilla.suse.com/show_bug.cgi?id=1022790 * https://bugzilla.suse.com/show_bug.cgi?id=1022791 . Critical patch release for netpbm tackles vulnerabilities linked to out-of-bounds access as well as notable risks in openSUSE. Apply updates immediately!. openSUSE, netpbm, security patch, out-of-bound, software update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 08, 2024 Important OpenSUSE
100

SUSE: 2024:0435-1 Moderate Advisory: Netpbm Out-of-Bounds Correction

* bsc#1022790 * bsc#1022791 Cross-References: * CVE-2017-5849 . # Security update for netpbm Announcement ID: SUSE-SU-2024:0435-1 Rating: moderate References: * bsc#1022790 * bsc#1022791 Cross-References: * CVE-2017-5849 CVSS scores: * CVE-2017-5849 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2017-5849 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for netpbm fixes the following issues: * CVE-2017-5849: Fixed out-of-bound read and write issue that can occur in function putgreytile() and put1bitbwtile() (bsc#1022790, bsc#1022791). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-435=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-435=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-435=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * netpbm-10.80.1-150000.3.14.1 * netpbm-debugsource-10.80.1-150000.3.14.1 * libnetpbm11-10.80.1-150000.3.14.1 * libnetpbm11-debuginfo-10.80.1-150000.3.14.1 * libnetpbm-devel-10.80.1-150000.3.14.1 * netpbm-vulnerable-debuginfo-10.80.1-150000.3.14.1 * netpbm-debuginfo-10.80.1-150000.3.14.1 * netpbm-vulnerable-10.80.1-150000.3.14.1 * openSUSELeap 15.5 (x86_64) * libnetpbm11-32bit-10.80.1-150000.3.14.1 * libnetpbm11-32bit-debuginfo-10.80.1-150000.3.14.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * netpbm-10.80.1-150000.3.14.1 * netpbm-debugsource-10.80.1-150000.3.14.1 * libnetpbm11-10.80.1-150000.3.14.1 * libnetpbm11-debuginfo-10.80.1-150000.3.14.1 * netpbm-debuginfo-10.80.1-150000.3.14.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * netpbm-debugsource-10.80.1-150000.3.14.1 * netpbm-debuginfo-10.80.1-150000.3.14.1 * libnetpbm-devel-10.80.1-150000.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2017-5849.html * https://bugzilla.suse.com/show_bug.cgi?id=1022790 * https://bugzilla.suse.com/show_bug.cgi?id=1022791 . Uncover the most recent security patch for netpbm, highlighting the severity levels and guidance for remediation on SUSE Linux platforms.. SUSE Netpbm Update, Moderate Security Fix, Out-of-Bounds Issues. . LinuxSecurity.com Team

Calendar%202 Feb 08, 2024 SuSE
89

Fedora 32: 2021-f62099fe51 Critical: Netpbm Heap Buffer Overflow

New upstream version 10.94.00. Introduced new script pamhomography.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-f62099fe51 2021-02-04 01:56:45.207227 --------------------------------------------------------------------------------Name : netpbm Product : Fedora 32 Version : 10.93.00 Release : 1.fc32 URL : Summary : A library for handling different graphics file formats Description : The netpbm package contains a library of functions which support programs for handling various graphics file formats, including .pbm (portable bitmaps), .pgm (portable graymaps), .pnm (portable anymaps), .ppm (portable pixmaps) and others. --------------------------------------------------------------------------------Update Information: New upstream version 10.94.00. Introduced new script pamhomography. --------------------------------------------------------------------------------ChangeLog: * Mon Jan 25 2021 Josef Ridky - 10.93.00-1 - New upstream release 10.93.00 (#1911159) --------------------------------------------------------------------------------References: [ 1 ] Bug #1561207 - CVE-2018-8975 netpbm: heap-buffer-overflow in pm_mallocarray2 function in lib/util/mallocvar.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1561207 [ 2 ] Bug #1911159 - netpbm-10.93.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=1911159 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-f62099fe51' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Unveiling netpbm 10.94.00 in Fedora 32 featuring an innovative script pamhomography alongside essential security enhancements.. Fedora Package Update, Netpbm Security Advisory, Graphics File Formats. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Feb 03, 2021 Critical Fedora
89

Fedora: 34 Important OpenSSL Denial of Service Advisory

New upstream version 10.94.00. Introduced new script pamhomography.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-df9ede6a02 2021-01-31 01:21:54.388516 --------------------------------------------------------------------------------Name : netpbm Product : Fedora 33 Version : 10.93.00 Release : 1.fc33 URL : Summary : A library for handling different graphics file formats Description : The netpbm package contains a library of functions which support programs for handling various graphics file formats, including .pbm (portable bitmaps), .pgm (portable graymaps), .pnm (portable anymaps), .ppm (portable pixmaps) and others. --------------------------------------------------------------------------------Update Information: New upstream version 10.94.00. Introduced new script pamhomography. --------------------------------------------------------------------------------ChangeLog: * Mon Jan 25 2021 Josef Ridky - 10.93.00-1 - New upstream release 10.93.00 (#1911159) --------------------------------------------------------------------------------References: [ 1 ] Bug #1561207 - CVE-2018-8975 netpbm: heap-buffer-overflow in pm_mallocarray2 function in lib/util/mallocvar.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1561207 [ 2 ] Bug #1911159 - netpbm-10.93.00 is available https://bugzilla.redhat.com/show_bug.cgi?id=1911159 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-df9ede6a02' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Latest Fedora upgrade for netpbm version 10.94.00 addresses security flaws and enhances protective functionalities.. Fedora Update, Netpbm Patch, System Security, Software Upgrade. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jan 30, 2021 Important Fedora
202

openSUSE: 2019:1605-1 Moderate: Netpbm Out-Of-Bounds Fix

An update that solves two vulnerabilities and has one errata is now available.. openSUSE Security Update: Security update for netpbm ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1605-1 Rating: moderate References: #1024288 #1024291 #1136936 Cross-References: CVE-2017-2579 CVE-2017-2580 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for netpbm fixes the following issues: Security issues fixed: - CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack() (bsc#1024288). - CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster() function (bsc#1024291). - create netpbm-vulnerable subpackage and move pstopnm there, as ghostscript is used to convert (bsc#1136936) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-1605=1 - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1605=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): libnetpbm-devel-10.80.1-lp151.4.3.1 libnetpbm11-10.80.1-lp151.4.3.1 libnetpbm11-debuginfo-10.80.1-lp151.4.3.1 netpbm-10.80.1-lp151.4.3.1 netpbm-debuginfo-10.80.1-lp151.4.3.1 netpbm-debugsource-10.80.1-lp151.4.3.1 netpbm-vulnerable-10.80.1-lp151.4.3.1 netpbm-vulnerable-debuginfo-10.80.1-lp151.4.3.1 - openSUSE Leap 15.1 (x86_64): libnetpbm11-32bit-10.80.1-lp151.4.3.1 libnetpbm11-32bit-debuginfo-10.80.1-lp151.4.3.1 - openSUSE Leap 15.0 (i586 x86_64): libnetpbm-devel-10.80.1-lp150.2.6.1 libnetpbm11-10.80.1-lp150.2.6.1 libnetpbm11-debuginfo-10.80.1-lp150.2.6.1 netpbm-10.80.1-lp150.2.6.1 netpbm-debuginfo-10.80.1-lp150.2.6.1 netpbm-debugsource-10.80.1-lp150.2.6.1 netpbm-vulnerable-10.80.1-lp150.2.6.1 netpbm-vulnerable-debuginfo-10.80.1-lp150.2.6.1 - openSUSE Leap 15.0 (x86_64): libnetpbm11-32bit-10.80.1-lp150.2.6.1 libnetpbm11-32bit-debuginfo-10.80.1-lp150.2.6.1 References: https://www.suse.com/security/cve/CVE-2017-2579.html https://www.suse.com/security/cve/CVE-2017-2580.html https://bugzilla.suse.com/1024288 https://bugzilla.suse.com/1024291 https://bugzilla.suse.com/1136936 -- . This patch resolves significant vulnerabilities in netpbm for openSUSE Leap 15. Please update immediately to enhance your system's protection.. openSUSE Security Update, netpbm vulnerabilities, security patches. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 24, 2019 Important OpenSUSE
100

SUSE: 2019:1645-1 Moderate: Netpbm Denial of Service Fix

An update that solves three vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for netpbm ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:1645-1 Rating: moderate References: #1024288 #1024291 #1086777 #1136936 Cross-References: CVE-2017-2579 CVE-2017-2580 CVE-2018-8975 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP4 SUSE Linux Enterprise Desktop 12-SP3 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for netpbm fixes the following issues: Security issues fixed: - CVE-2018-8975: The pm_mallocarray2 function allowed remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file (bsc#1086777). - CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack() (bsc#1024288). - CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster() function (bsc#1024291). - create netpbm-vulnerable subpackage and move pstopnm there (bsc#1136936) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-1645=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2019-1645=1 - SUSE Linux Enterprise Server12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-1645=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-1645=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-1645=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2019-1645=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): libnetpbm-devel-10.66.3-8.7.2 netpbm-debuginfo-10.66.3-8.7.2 netpbm-debugsource-10.66.3-8.7.2 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): libnetpbm-devel-10.66.3-8.7.2 netpbm-debuginfo-10.66.3-8.7.2 netpbm-debugsource-10.66.3-8.7.2 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): libnetpbm11-10.66.3-8.7.2 libnetpbm11-debuginfo-10.66.3-8.7.2 netpbm-10.66.3-8.7.2 netpbm-debuginfo-10.66.3-8.7.2 netpbm-debugsource-10.66.3-8.7.2 - SUSE Linux Enterprise Server 12-SP4 (s390x x86_64): libnetpbm11-32bit-10.66.3-8.7.2 libnetpbm11-debuginfo-32bit-10.66.3-8.7.2 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libnetpbm11-10.66.3-8.7.2 libnetpbm11-debuginfo-10.66.3-8.7.2 netpbm-10.66.3-8.7.2 netpbm-debuginfo-10.66.3-8.7.2 netpbm-debugsource-10.66.3-8.7.2 - SUSE Linux Enterprise Server 12-SP3 (s390x x86_64): libnetpbm11-32bit-10.66.3-8.7.2 libnetpbm11-debuginfo-32bit-10.66.3-8.7.2 - SUSE Linux Enterprise Desktop 12-SP4 (x86_64): libnetpbm11-10.66.3-8.7.2 libnetpbm11-32bit-10.66.3-8.7.2 libnetpbm11-debuginfo-10.66.3-8.7.2 libnetpbm11-debuginfo-32bit-10.66.3-8.7.2 netpbm-10.66.3-8.7.2 netpbm-debuginfo-10.66.3-8.7.2 netpbm-debugsource-10.66.3-8.7.2 - SUSE Linux Enterprise Desktop 12-SP3 (x86_64): libnetpbm11-10.66.3-8.7.2 libnetpbm11-32bit-10.66.3-8.7.2 libnetpbm11-debuginfo-10.66.3-8.7.2 libnetpbm11-debuginfo-32bit-10.66.3-8.7.2 netpbm-10.66.3-8.7.2 netpbm-debuginfo-10.66.3-8.7.2 netpbm-debugsource-10.66.3-8.7.2 References: https://www.suse.com/security/cve/CVE-2017-2579.html https://www.suse.com/security/cve/CVE-2017-2580.html https://www.suse.com/security/cve/CVE-2018-8975.html https://bugzilla.suse.com/1024288 https://bugzilla.suse.com/1024291 https://bugzilla.suse.com/1086777 https://bugzilla.suse.com/1136936 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . Debian issues a patch for gnupg to remedy several vulnerabilities, bolstering application security. Keep your systems safe!. SUSE Enterprise, netpbm security, software update, Linux patch. . LinuxSecurity.com Team

Calendar%202 Jun 21, 2019 SuSE
100

SUSE: 2019:14101-1 Moderate: Netpbm Out-Of-Bounds Issues Fix

An update that solves two vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for netpbm ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:14101-1 Rating: moderate References: #1024288 #1024291 #1136936 Cross-References: CVE-2017-2579 CVE-2017-2580 Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for netpbm fixes the following issues: Security issues fixed: - CVE-2017-2579: Fixed out-of-bounds read in expandCodeOntoStack() (bsc#1024288). - CVE-2017-2580: Fixed out-of-bounds write of heap data in addPixelToRaster() function (bsc#1024291). - created a netpbm-vulnerable subpackage and move pstopnm there, as it uses ghostscript for conversion (bsc#1136936) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -t patch slessp4-netpbm-14101=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-netpbm-14101=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-netpbm-14101=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-netpbm-14101=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64): libnetpbm10-10.26.44-101.15.5.2 netpbm-10.26.44-101.15.5.2 - SUSE Linux Enterprise Server 11-SP4-LTSS(ppc64 s390x x86_64): libnetpbm10-32bit-10.26.44-101.15.5.2 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): libnetpbm10-10.26.44-101.15.5.2 netpbm-10.26.44-101.15.5.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64): netpbm-debuginfo-10.26.44-101.15.5.2 netpbm-debugsource-10.26.44-101.15.5.2 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): netpbm-debuginfo-10.26.44-101.15.5.2 netpbm-debugsource-10.26.44-101.15.5.2 References: https://www.suse.com/security/cve/CVE-2017-2579.html https://www.suse.com/security/cve/CVE-2017-2580.html https://bugzilla.suse.com/1024288 https://bugzilla.suse.com/1024291 https://bugzilla.suse.com/1136936 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE has released a security update for netpbm tackling several significant vulnerabilities. It is crucial to apply this patch to your system without delay.. SUSE Security Update, Netpbm Patch, Heap Overflow Fix, Linux Security Issues. . LinuxSecurity.com Team

Calendar%202 Jun 21, 2019 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200