Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
100
security advisorylow severitySUSE Linux EnterpriseSUSE Linux Enterprise 12 SP5 Advisory 2024:1296-1 Low Texlive Vulnerability
* bsc#1222126 Cross-References: * CVE-2023-46048 . # Security update for texlive Announcement ID: SUSE-SU-2024:1296-1 Rating: low References: * bsc#1222126 Cross-References: * CVE-2023-46048 CVSS scores: * CVE-2023-46048 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for texlive fixes the following issues: * CVE-2023-46048: Fixed null pointer dereference in texk/web2c/pdftexdir/writet1.c (bsc#1222126) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1296=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1296=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1296=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1296=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * texlive-tex4ht-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-dvisvgm-bin-2013.20130620.svn30613-22.11.1 * texlive-makeindex-bin-2013.20130620.svn30088-22.11.1 * texlive-xmltex-bin-2013.20130620.svn3006-22.11.1 * texlive-web-bin-2013.20130620.svn30088-22.11.1 * texlive-dvidvi-bin-debuginfo-2013.20130620.svn30088-22.11.1 *texlive-luatex-bin-2013.20130620.svn30845-22.11.1 * texlive-xdvi-bin-2013.20130620.svn30088-22.11.1 * texlive-luatex-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-xdvi-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-thumbpdf-bin-2013.20130620.svn6898-22.11.1 * texlive-seetexk-bin-2013.20130620.svn30088-22.11.1 * texlive-jadetex-bin-2013.20130620.svn3006-22.11.1 * texlive-texconfig-bin-2013.20130620.svn29741-22.11.1 * texlive-mfware-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-debugsource-2013.20130620-22.11.1 * texlive-dviasm-bin-2013.20130620.svn8329-22.11.1 * texlive-cweb-bin-debuginfo-2013.20130620.svn30088-22.11.1 * libptexenc1-debuginfo-1.3.2dev-22.11.1 * texlive-dvipdfmx-bin-2013.20130620.svn30845-22.11.1 * texlive-metapost-bin-2013.20130620.svn30845-22.11.1 * texlive-pstools-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-dvipng-bin-2013.20130620.svn30845-22.11.1 * texlive-metapost-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-tex-bin-2013.20130620.svn30088-22.11.1 * texlive-dviljk-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-xetex-bin-2013.20130620.svn30845-22.11.1 * texlive-dvipng-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-metafont-bin-2013.20130620.svn30088-22.11.1 * texlive-bin-devel-2013.20130620-22.11.1 * texlive-bibtex-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-mptopdf-bin-2013.20130620.svn18674-22.11.1 * texlive-dvisvgm-bin-debuginfo-2013.20130620.svn30613-22.11.1 * texlive-pdftex-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-tex-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-gsftopk-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-dvidvi-bin-2013.20130620.svn30088-22.11.1 * texlive-luaotfload-bin-2013.20130620.svn30313-22.11.1 * texlive-vlna-bin-2013.20130620.svn30088-22.11.1 * libptexenc1-1.3.2dev-22.11.1 *texlive-tetex-bin-2013.20130620.svn29741-22.11.1 * texlive-metafont-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-web-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-cweb-bin-2013.20130620.svn30088-22.11.1 * texlive-pstools-bin-2013.20130620.svn30088-22.11.1 * texlive-dvips-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-kpathsea-bin-2013.20130620.svn30088-22.11.1 * texlive-splitindex-bin-2013.20130620.svn29688-22.11.1 * texlive-makeindex-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-gsftopk-bin-2013.20130620.svn30088-22.11.1 * texlive-tex4ht-bin-2013.20130620.svn30088-22.11.1 * texlive-lua2dox-bin-2013.20130620.svn29053-22.11.1 * texlive-dvips-bin-2013.20130620.svn30088-22.11.1 * texlive-context-bin-2013.20130620.svn29741-22.11.1 * texlive-vlna-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-kpathsea-devel-6.2.0dev-22.11.1 * texlive-ptexenc-devel-1.3.2dev-22.11.1 * texlive-xetex-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-checkcites-bin-2013.20130620.svn25623-22.11.1 * texlive-latex-bin-bin-2013.20130620.svn14050-22.11.1 * texlive-mfware-bin-2013.20130620.svn30088-22.11.1 * texlive-dviljk-bin-2013.20130620.svn30088-22.11.1 * texlive-lacheck-bin-2013.20130620.svn30088-22.11.1 * texlive-seetexk-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-2013.20130620-22.11.1 * texlive-dvipdfmx-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-pdftex-bin-2013.20130620.svn30845-22.11.1 * texlive-lacheck-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-kpathsea-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-bibtex-bin-2013.20130620.svn30088-22.11.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libkpathsea6-6.2.0dev-22.11.1 * libkpathsea6-debuginfo-6.2.0dev-22.11.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) *libkpathsea6-6.2.0dev-22.11.1 * libkpathsea6-debuginfo-6.2.0dev-22.11.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libkpathsea6-6.2.0dev-22.11.1 * libkpathsea6-debuginfo-6.2.0dev-22.11.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46048.html * https://bugzilla.suse.com/show_bug.cgi?id=1222126 . SUSE releases a minor security update for texlive, tackling a null pointer vulnerability along with detailed patching guidance.. SUSE Linux Enterprise, texlive, security update, low severity advisory. . Severity: Low. LinuxSecurity.com Team
Apr 15, 2024
•Low
SuSE
172
security advisorydenial of servicebuffer overflowUbuntu 20.04 ESM USN-5971-1 Critical: Graphviz Denial Of Service
Several security issues were fixed in graphviz.. =========================================================================Ubuntu Security Notice USN-5971-1 March 24, 2023 graphviz vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 ESM - Ubuntu 18.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in graphviz. Software Description: - graphviz: rich set of graph drawing tools Details: It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-10196) It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. These issues only affected Ubuntu 14.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-11023) It was discovered that graphviz contains a buffer overflow vulnerability. Exploitation via a specially crafted input file can cause a denial of service or possibly allow for arbitrary code execution. These issues only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-18032) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 ESM: graphviz 2.42.2-3ubuntu0.1~esm1 Ubuntu 18.04 ESM: graphviz 2.40.1-2ubuntu0.1~esm1 Ubuntu 14.04 ESM: graphviz 2.36.0-0ubuntu3.2+esm1 The problem can be corrected by updating your system to the following package versions: References: https://ubuntu.com/security/notices/USN-5971-1 CVE-2018-10196, CVE-2019-11023, CVE-2020-18032 . Various flaws addressed in Graphviz for Ubuntu users to mitigate denial of service and security risks.. Graphviz Vulnerabilities, Denial of Service, Software Fixes, Security Update. . Severity: Critical.LinuxSecurity.com Team
Mar 24, 2023
•Critical
Ubuntu
202
security advisorysoftware updatepatchopenSUSE 15.4: 2023:0007-1 Moderate: Null Pointer Issue in ffmpeg
An update that fixes one vulnerability is now available.. SUSE Security Update: Security update for ffmpeg ______________________________________________________________________________ Announcement ID: SUSE-SU-2023:0007-1 Rating: moderate References: #1206442 Cross-References: CVE-2022-3109 CVSS scores: CVE-2022-3109 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-3109 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Desktop Applications 15-SP4 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 SUSE Linux Enterprise Realtime Extension 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Linux Enterprise Workstation Extension 15-SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ffmpeg fixes the following issues: - CVE-2022-3109: Fixed null pointer dereference in vp3_decode_frame() (bsc#1206442). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2023-7=1 - SUSE Linux Enterprise Workstation Extension 15-SP4: zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-7=1 - SUSE Linux EnterpriseRealtime Extension 15-SP3: zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-7=1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4: zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-7=1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-7=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): ffmpeg-3.4.2-150200.11.20.1 ffmpeg-debuginfo-3.4.2-150200.11.20.1 ffmpeg-debugsource-3.4.2-150200.11.20.1 ffmpeg-private-devel-3.4.2-150200.11.20.1 libavcodec-devel-3.4.2-150200.11.20.1 libavcodec57-3.4.2-150200.11.20.1 libavcodec57-debuginfo-3.4.2-150200.11.20.1 libavdevice-devel-3.4.2-150200.11.20.1 libavdevice57-3.4.2-150200.11.20.1 libavdevice57-debuginfo-3.4.2-150200.11.20.1 libavfilter-devel-3.4.2-150200.11.20.1 libavfilter6-3.4.2-150200.11.20.1 libavfilter6-debuginfo-3.4.2-150200.11.20.1 libavformat-devel-3.4.2-150200.11.20.1 libavformat57-3.4.2-150200.11.20.1 libavformat57-debuginfo-3.4.2-150200.11.20.1 libavresample-devel-3.4.2-150200.11.20.1 libavresample3-3.4.2-150200.11.20.1 libavresample3-debuginfo-3.4.2-150200.11.20.1 libavutil-devel-3.4.2-150200.11.20.1 libavutil55-3.4.2-150200.11.20.1 libavutil55-debuginfo-3.4.2-150200.11.20.1 libpostproc-devel-3.4.2-150200.11.20.1 libpostproc54-3.4.2-150200.11.20.1 libpostproc54-debuginfo-3.4.2-150200.11.20.1 libswresample-devel-3.4.2-150200.11.20.1 libswresample2-3.4.2-150200.11.20.1 libswresample2-debuginfo-3.4.2-150200.11.20.1 libswscale-devel-3.4.2-150200.11.20.1 libswscale4-3.4.2-150200.11.20.1 libswscale4-debuginfo-3.4.2-150200.11.20.1 - openSUSE Leap 15.4 (x86_64): libavcodec57-32bit-3.4.2-150200.11.20.1 libavcodec57-32bit-debuginfo-3.4.2-150200.11.20.1 libavdevice57-32bit-3.4.2-150200.11.20.1 libavdevice57-32bit-debuginfo-3.4.2-150200.11.20.1 libavfilter6-32bit-3.4.2-150200.11.20.1 libavfilter6-32bit-debuginfo-3.4.2-150200.11.20.1 libavformat57-32bit-3.4.2-150200.11.20.1 libavformat57-32bit-debuginfo-3.4.2-150200.11.20.1 libavresample3-32bit-3.4.2-150200.11.20.1 libavresample3-32bit-debuginfo-3.4.2-150200.11.20.1 libavutil55-32bit-3.4.2-150200.11.20.1 libavutil55-32bit-debuginfo-3.4.2-150200.11.20.1 libpostproc54-32bit-3.4.2-150200.11.20.1 libpostproc54-32bit-debuginfo-3.4.2-150200.11.20.1 libswresample2-32bit-3.4.2-150200.11.20.1 libswresample2-32bit-debuginfo-3.4.2-150200.11.20.1 libswscale4-32bit-3.4.2-150200.11.20.1 libswscale4-32bit-debuginfo-3.4.2-150200.11.20.1 - SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64): ffmpeg-debuginfo-3.4.2-150200.11.20.1 ffmpeg-debugsource-3.4.2-150200.11.20.1 libavcodec-devel-3.4.2-150200.11.20.1 libavformat-devel-3.4.2-150200.11.20.1 libavformat57-3.4.2-150200.11.20.1 libavformat57-debuginfo-3.4.2-150200.11.20.1 libavresample-devel-3.4.2-150200.11.20.1 libavresample3-3.4.2-150200.11.20.1 libavresample3-debuginfo-3.4.2-150200.11.20.1 - SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64): ffmpeg-debuginfo-3.4.2-150200.11.20.1 ffmpeg-debugsource-3.4.2-150200.11.20.1 libavcodec57-3.4.2-150200.11.20.1 libavcodec57-debuginfo-3.4.2-150200.11.20.1 libavformat57-3.4.2-150200.11.20.1 libavformat57-debuginfo-3.4.2-150200.11.20.1 libavresample-devel-3.4.2-150200.11.20.1 libavresample3-3.4.2-150200.11.20.1 libavresample3-debuginfo-3.4.2-150200.11.20.1 libavutil-devel-3.4.2-150200.11.20.1 libavutil55-3.4.2-150200.11.20.1 libavutil55-debuginfo-3.4.2-150200.11.20.1 libpostproc-devel-3.4.2-150200.11.20.1 libpostproc54-3.4.2-150200.11.20.1 libpostproc54-debuginfo-3.4.2-150200.11.20.1 libswresample-devel-3.4.2-150200.11.20.1 libswresample2-3.4.2-150200.11.20.1 libswresample2-debuginfo-3.4.2-150200.11.20.1 libswscale-devel-3.4.2-150200.11.20.1 libswscale4-3.4.2-150200.11.20.1 libswscale4-debuginfo-3.4.2-150200.11.20.1 - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64): ffmpeg-3.4.2-150200.11.20.1 ffmpeg-debuginfo-3.4.2-150200.11.20.1 ffmpeg-debugsource-3.4.2-150200.11.20.1 libavdevice57-3.4.2-150200.11.20.1 libavdevice57-debuginfo-3.4.2-150200.11.20.1 libavfilter6-3.4.2-150200.11.20.1 libavfilter6-debuginfo-3.4.2-150200.11.20.1 - SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64): ffmpeg-debuginfo-3.4.2-150200.11.20.1 ffmpeg-debugsource-3.4.2-150200.11.20.1 libavcodec57-3.4.2-150200.11.20.1 libavcodec57-debuginfo-3.4.2-150200.11.20.1 libavutil-devel-3.4.2-150200.11.20.1 libavutil55-3.4.2-150200.11.20.1 libavutil55-debuginfo-3.4.2-150200.11.20.1 libpostproc-devel-3.4.2-150200.11.20.1 libpostproc54-3.4.2-150200.11.20.1 libpostproc54-debuginfo-3.4.2-150200.11.20.1 libswresample-devel-3.4.2-150200.11.20.1 libswresample2-3.4.2-150200.11.20.1 libswresample2-debuginfo-3.4.2-150200.11.20.1 libswscale-devel-3.4.2-150200.11.20.1 libswscale4-3.4.2-150200.11.20.1 libswscale4-debuginfo-3.4.2-150200.11.20.1 References: https://www.suse.com/security/cve/CVE-2022-3109.html https://bugzilla.suse.com/1206442 . SUSE Security Patch for libxml2: Urgent fix addressing high-risk CVE-2023-3250 vulnerabilities included in this release.. openSUSE Security, ffmpeg Patch, Software Fixes, Security Updates. . LinuxSecurity.com Team
Jan 02, 2023
OpenSUSE
98
security advisoryRed Hatmoderate severityRed Hat 9: RHSA-2022-7970-01 Moderate: Protobuf Null Pointer Dereference
An update for protobuf is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: protobuf security update Advisory ID: RHSA-2022:7970-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7970 Issue date: 2022-11-15 CVE Names: CVE-2021-22570 ==================================================================== 1. Summary: An update for protobuf is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet extensible format, and provide a flexible, efficient, and automated mechanism for serializing structured data. Security Fix(es): * protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference (CVE-2021-22570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat EnterpriseLinux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2049429 - CVE-2021-22570 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: protobuf-3.14.0-13.el9.src.rpm aarch64: protobuf-3.14.0-13.el9.aarch64.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.aarch64.rpm protobuf-debuginfo-3.14.0-13.el9.aarch64.rpm protobuf-debugsource-3.14.0-13.el9.aarch64.rpm protobuf-lite-3.14.0-13.el9.aarch64.rpm protobuf-lite-debuginfo-3.14.0-13.el9.aarch64.rpm noarch: python3-protobuf-3.14.0-13.el9.noarch.rpm ppc64le: protobuf-3.14.0-13.el9.ppc64le.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.ppc64le.rpm protobuf-debuginfo-3.14.0-13.el9.ppc64le.rpm protobuf-debugsource-3.14.0-13.el9.ppc64le.rpm protobuf-lite-3.14.0-13.el9.ppc64le.rpm protobuf-lite-debuginfo-3.14.0-13.el9.ppc64le.rpm s390x: protobuf-3.14.0-13.el9.s390x.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.s390x.rpm protobuf-debuginfo-3.14.0-13.el9.s390x.rpm protobuf-debugsource-3.14.0-13.el9.s390x.rpm protobuf-lite-3.14.0-13.el9.s390x.rpm protobuf-lite-debuginfo-3.14.0-13.el9.s390x.rpm x86_64: protobuf-3.14.0-13.el9.i686.rpm protobuf-3.14.0-13.el9.x86_64.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.i686.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.x86_64.rpm protobuf-debuginfo-3.14.0-13.el9.i686.rpm protobuf-debuginfo-3.14.0-13.el9.x86_64.rpm protobuf-debugsource-3.14.0-13.el9.i686.rpm protobuf-debugsource-3.14.0-13.el9.x86_64.rpm protobuf-lite-3.14.0-13.el9.i686.rpm protobuf-lite-3.14.0-13.el9.x86_64.rpm protobuf-lite-debuginfo-3.14.0-13.el9.i686.rpm protobuf-lite-debuginfo-3.14.0-13.el9.x86_64.rpm Red Hat CodeReady Linux Builder (v.9): aarch64: protobuf-compiler-3.14.0-13.el9.aarch64.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.aarch64.rpm protobuf-debuginfo-3.14.0-13.el9.aarch64.rpm protobuf-debugsource-3.14.0-13.el9.aarch64.rpm protobuf-devel-3.14.0-13.el9.aarch64.rpm protobuf-lite-debuginfo-3.14.0-13.el9.aarch64.rpm protobuf-lite-devel-3.14.0-13.el9.aarch64.rpm ppc64le: protobuf-compiler-3.14.0-13.el9.ppc64le.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.ppc64le.rpm protobuf-debuginfo-3.14.0-13.el9.ppc64le.rpm protobuf-debugsource-3.14.0-13.el9.ppc64le.rpm protobuf-devel-3.14.0-13.el9.ppc64le.rpm protobuf-lite-debuginfo-3.14.0-13.el9.ppc64le.rpm protobuf-lite-devel-3.14.0-13.el9.ppc64le.rpm s390x: protobuf-compiler-3.14.0-13.el9.s390x.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.s390x.rpm protobuf-debuginfo-3.14.0-13.el9.s390x.rpm protobuf-debugsource-3.14.0-13.el9.s390x.rpm protobuf-devel-3.14.0-13.el9.s390x.rpm protobuf-lite-debuginfo-3.14.0-13.el9.s390x.rpm protobuf-lite-devel-3.14.0-13.el9.s390x.rpm x86_64: protobuf-compiler-3.14.0-13.el9.i686.rpm protobuf-compiler-3.14.0-13.el9.x86_64.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.i686.rpm protobuf-compiler-debuginfo-3.14.0-13.el9.x86_64.rpm protobuf-debuginfo-3.14.0-13.el9.i686.rpm protobuf-debuginfo-3.14.0-13.el9.x86_64.rpm protobuf-debugsource-3.14.0-13.el9.i686.rpm protobuf-debugsource-3.14.0-13.el9.x86_64.rpm protobuf-devel-3.14.0-13.el9.i686.rpm protobuf-devel-3.14.0-13.el9.x86_64.rpm protobuf-lite-debuginfo-3.14.0-13.el9.i686.rpm protobuf-lite-debuginfo-3.14.0-13.el9.x86_64.rpm protobuf-lite-devel-3.14.0-13.el9.i686.rpm protobuf-lite-devel-3.14.0-13.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-22570 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8.Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY3OMf9zjgjWX9erEAQjPrxAAn/Wr7VqkJ14hap/PSkN2C1Ltwp5Jpwms RUgoqJhr0JI19nD6WME9H0sSJNLMAaS/jaMY5iaBEUURv0KTHX+UHdsJDSAMjKtK iqIwky9Db1EJSTAY+oR9DbUkK5A491GsmXL32Su/Bktf+7LCEu7pFoCo1aPIrIGT PUJmj/oxy4OwHN6qATEEHvGV8U2eoACZHjeuHDwF3y+rwzsg7Yk/xci01xq9PVhf vRtMYtJO5J1MFtLLS9Tgq9XqqhZkrJ2Yfbo6QXawZdWLgrB+flbrImZJPfkILe8X FKao9rbZEfJ7EUvIgFevtNsUMBhpb1ZzwmcpjigjqgHWW4HWWFOqgZ4Y7p26TejV 7T42NbJccqFJ0UUQvPAAOeg331CgQfeps/ZUbakXkUzTB3xhfMwFbXmjEkycwCN+ a5y6aQDWabrjANNjP2x78iESf6Ra2/WNWyTETat/KjONKWTmpkBrnJsHSscYnIC+ g3Br7EYXKcRC6Gqrcripv2l2HY9FR/G31uQzG40NipnduzbKzhEeFv3FaVJR6P7c 5T6BcLQLC7gu1LPL/ztgB42KpdtVycCfwQoGcvz2tlih9jlDqH1/RbhayPXrvvR5 KwDlz6Xyov7I1VRWn33oKlSyFsh5WyiLVE1NxcgHA/sV3zQbC+4T+MqUKTYGcG/D iXcioojD/tg=227y -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Nov 15, 2022
•Important
Red Hat
100
security advisorylow severitySUSE LinuxSUSE: 2022:2682-1 Low Severity: Wavpack Null Pointer Issue
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for wavpack ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2682-1 Rating: low References: #1201716 Cross-References: CVE-2022-2476 CVSS scores: CVE-2022-2476 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-2476 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for wavpack fixes the following issues: - CVE-2022-2476: Fixed a Null pointer dereference in wvunpack (bsc#1201716). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-2682=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2682=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): wavpack-4.60.99-5.12.1 wavpack-debuginfo-4.60.99-5.12.1 wavpack-debugsource-4.60.99-5.12.1 wavpack-devel-4.60.99-5.12.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libwavpack1-4.60.99-5.12.1 libwavpack1-debuginfo-4.60.99-5.12.1 wavpack-debuginfo-4.60.99-5.12.1 wavpack-debugsource-4.60.99-5.12.1 References: https://www.suse.com/security/cve/CVE-2022-2476.html https://bugzilla.suse.com/1201716 . SUSE Security Update for libxml2 with Announcement ID: SUSE-SU-2022:3321-1 resolves a medium severity vulnerability.. SUSE Linux, Wavpack Security, Vulnerability Fix, Software Patch. . Severity: Low. LinuxSecurity.com Team
Aug 05, 2022
•Low
SuSE
100
security advisorysoftware patchimportantSUSE: 2020:3762-1 Important: OpenSSL Null Pointer Deference Issue
An update that solves one vulnerability, contains one feature and has 6 fixes is now available. . SUSE Security Update: Security update for openssl-1_0_0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3762-1 Rating: important References: #1155346 #1176029 #1177479 #1177575 #1177673 #1177793 #1179491 SLE-10541 Cross-References: CVE-2020-1971 Affected Products: SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Module for Legacy Software 15-SP3 SUSE Linux Enterprise Module for Legacy Software 15-SP2 SUSE Linux Enterprise Module for Legacy Software 15-SP1 SUSE Enterprise Storage 6 ______________________________________________________________________________ An update that solves one vulnerability, contains one feature and has 6 fixes is now available. Description: This update for openssl-1_0_0 fixes the following issues: - CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491). - Initialized dh-> nid to NID_undef in DH_new_method() (bsc#1177673). - Fixed a test failure in apache_ssl in fips mode (bsc#1177793). - Renamed BN_get_rfc3526_prime_* functions back to get_rfc3526_prime_* (bsc#1177575). - Restored private key check in EC_KEY_check_key (bsc#1177479). - Added shared secret KAT to FIPS DH selftest (bsc#1176029). - Included ECDH/DH Requirements from SP800-56Arev3 (bsc#1176029). - Used SHA-2 in the RSA pairwise consistency check (bsc#1155346) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15: zypper in -t patchSUSE-SLE-Product-SLES_SAP-15-2020-3762=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2020-3762=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2020-3762=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP2: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2020-3762=1 - SUSE Linux Enterprise Module for Legacy Software 15-SP1: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP1-2020-3762=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2020-3762=1 Package List: - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl10-1.0.2p-3.34.1 libopenssl10-debuginfo-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSE Linux Enterprise Module for Legacy Software 15-SP2 (aarch64 ppc64le s390x x86_64): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSELinux Enterprise Module for Legacy Software 15-SP1 (aarch64 ppc64le s390x x86_64): libopenssl-1_0_0-devel-1.0.2p-3.34.1 libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): libopenssl1_0_0-1.0.2p-3.34.1 libopenssl1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debuginfo-1.0.2p-3.34.1 openssl-1_0_0-debugsource-1.0.2p-3.34.1 References: https://www.suse.com/security/cve/CVE-2020-1971.html https://bugzilla.suse.com/1155346 https://bugzilla.suse.com/1176029 https://bugzilla.suse.com/1177479 https://bugzilla.suse.com/1177575 https://bugzilla.suse.com/1177673 https://bugzilla.suse.com/1177793 https://bugzilla.suse.com/1179491 . A critical update from SUSE addresses a flaw in openssl, boosting the overall security and stability of the system.. SUSE Security Update, OpenSSL Fix, System Integrity Update, Linux Security Patch. . Severity: Important. LinuxSecurity.com Team
Dec 11, 2020
•Important
SuSE
202
security advisorymoderate severityntpopenSUSE Leap 15.0: 2019:1143-1 Moderate: NTP Null Pointer Exception
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for ntp ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1143-1 Rating: moderate References: #1128525 Cross-References: CVE-2019-8936 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other issues addressed: - Fixed several bugs in the BANCOMM reclock driver. - Fixed ntp_loopfilter.c snprintf compilation warnings. - Fixed spurious initgroups() error message. - Fixed STA_NANO struct timex units. - Fixed GPS week rollover in libparse. - Fixed incorrect poll interval in packet. - Added a missing check for ENABLE_CMAC. This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1143=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): ntp-4.2.8p13-lp150.8.1 ntp-debuginfo-4.2.8p13-lp150.8.1 ntp-debugsource-4.2.8p13-lp150.8.1 ntp-doc-4.2.8p13-lp150.8.1 References: https://www.suse.com/security/cve/CVE-2019-8936.html https://bugzilla.suse.com/1128525 -- . openSUSE Patch Upgrade for ntp resolves a null pointer anomaly that poses a threat to authenticated attackers, categorized as having medium severity.. openSUSE Security, NTP Update, System Security Fixes. . LinuxSecurity.comTeam
Apr 04, 2019
OpenSUSE
89
security advisoryfedoracriticalFedora 25: 2017-690eedcf41 Critical Poppler Null Pointer Threat
CVE-2017-7511 poppler: Null pointer dereference in pdfunite via crafted documents. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-690eedcf41 2017-06-05 19:34:06.752740 --------------------------------------------------------------------------------Name : poppler Product : Fedora 25 Version : 0.45.0 Release : 3.fc25 URL : http://poppler.freedesktop.org/ Summary : PDF rendering library Description : Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. --------------------------------------------------------------------------------Update Information: CVE-2017-7511 poppler: Null pointer dereference in pdfunite via crafted documents --------------------------------------------------------------------------------References: [ 1 ] Bug #1456828 - CVE-2017-7511 poppler: Null pointer dereference in pdfunite via crafted documents [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1456828 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade poppler' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 06, 2017
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!