Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
100
security advisorymoderate severityopenSUSEopenSUSE 15.3 & 15.4: SUSE-SU-2022:3833-1 Moderate: Podofo Stack Overrun
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for podofo ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3833-1 Rating: moderate References: #1099719 Cross-References: CVE-2018-12983 CVSS scores: CVE-2018-12983 (NVD) : 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-12983 (SUSE): 6.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for podofo fixes the following issues: - CVE-2018-12983: Fixed a stack overrun (bsc#1099719). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3833=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3833=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): libpodofo-devel-0.9.6-150300.3.6.1 libpodofo0_9_6-0.9.6-150300.3.6.1 libpodofo0_9_6-debuginfo-0.9.6-150300.3.6.1 podofo-0.9.6-150300.3.6.1 podofo-debuginfo-0.9.6-150300.3.6.1 podofo-debugsource-0.9.6-150300.3.6.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libpodofo-devel-0.9.6-150300.3.6.1 libpodofo0_9_6-0.9.6-150300.3.6.1 libpodofo0_9_6-debuginfo-0.9.6-150300.3.6.1 podofo-0.9.6-150300.3.6.1 podofo-debuginfo-0.9.6-150300.3.6.1 podofo-debugsource-0.9.6-150300.3.6.1 References: https://www.suse.com/security/cve/CVE-2018-12983.html https://bugzilla.suse.com/1099719 . SUSE Security Advisory:Patches released for podofo addressing significant buffer overflow vulnerability promptly.. openSUSE, Podofo, Stack Overrun, Security Fix, Update. . LinuxSecurity.com Team
Nov 01, 2022
SuSE
89
security advisorycriticalFedoraFedora 26: 2018-742a69ccc3 Critical: Out of Bounds and Stack Fixes
---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-742a69ccc3 2018-05-19 03:06:55.301491 --------------------------------------------------------------------------------Name : LibRaw Product : Fedora 26 Version : 0.18.11 Release : 1.fc26 URL : https://www.libraw.org/ Summary : Library for reading RAW files obtained from digital photo cameras Description : LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future. --------------------------------------------------------------------------------Update Information: ---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser --------------------------------------------------------------------------------ChangeLog: * Thu May 10 2018 Gwyn Ciesla - 0.18.11-1 - 0.18.11. * Thu May 3 2018 Gwyn Ciesla - 0.18.10-1 - 0.18.10. * Wed Apr 25 2018 Gwyn Ciesla - 0.18.9-1 - 0.18.9. * Sat Feb 24 2018 Gwyn Ciesla - 0.18.8-1 - 0.18.8. * Wed Feb 7 2018 Fedora Release Engineering - 0.18.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Fri Feb 2 2018 Gwyn Ciesla - 0.18.7-2 - Patch for updated glibc. * Fri Jan 19 2018 Gwyn Ciesla - 0.18.7-1 - 0.18.7 - Patch for ambiguous function call. * Wed Dec 6 2017 Gwyn Ciesla - 0.18.6-1 - 0.18.6 * Fri Sep 22 2017 Gwyn Ciesla - 0.18.5-1 - 0.18.5 * Fri Sep 15 2017 Gwyn Ciesla - 0.18.4-2 - Patch for CVE-2017-14348. * Tue Sep 12 2017 Gwyn Ciesla - 0.18.4-1 - 0.18.4 * Mon Sep 11 2017 Gwyn Ciesla - 0.18.3-1 - 0.18.3 * Wed Sep 6 2017 Gwyn Ciesla - 0.18.2-5 -Patch for CVE-2017-13735. * Wed Aug 2 2017 Fedora Release Engineering - 0.18.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering - 0.18.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Fri Apr 14 2017 Rex Dieter - 0.18.2-2 - fix rpath, tighten subpkg dependencies, use %license --------------------------------------------------------------------------------References: [ 1 ] Bug #1576801 - LibRaw-0.18.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1576801 [ 2 ] Bug #1574326 - CVE-2018-10529 LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574326 [ 3 ] Bug #1574322 - CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574322 [ 4 ] Bug #1574486 - LibRaw-0.18.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1574486 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-742a69ccc3' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 19, 2018
•Critical
Fedora
89
security advisoryFedoraupdate informationFedora 27: LibRaw Update for Out Of Bounds & Stack Threats
---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-08ea7a5f0b 2018-05-15 19:52:12.739846 --------------------------------------------------------------------------------Name : LibRaw Product : Fedora 27 Version : 0.18.11 Release : 1.fc27 URL : https://www.libraw.org/ Summary : Library for reading RAW files obtained from digital photo cameras Description : LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future. --------------------------------------------------------------------------------Update Information: ---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser --------------------------------------------------------------------------------ChangeLog: * Thu May 10 2018 Gwyn Ciesla - 0.18.11-1 - 0.18.11. * Thu May 3 2018 Gwyn Ciesla - 0.18.10-1 - 0.18.10. * Wed Apr 25 2018 Gwyn Ciesla - 0.18.9-1 - 0.18.9. * Sat Feb 24 2018 Gwyn Ciesla - 0.18.8-1 - 0.18.8. * Wed Feb 7 2018 Fedora Release Engineering - 0.18.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Fri Feb 2 2018 Gwyn Ciesla - 0.18.7-2 - Patch for updated glibc. * Fri Jan 19 2018 Gwyn Ciesla - 0.18.7-1 - 0.18.7 - Patch for ambiguous function call. * Wed Dec 6 2017 Gwyn Ciesla - 0.18.6-1 - 0.18.6 --------------------------------------------------------------------------------References: [ 1 ] Bug #1576801 - LibRaw-0.18.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1576801 [ 2 ] Bug #1574326 - CVE-2018-10529 LibRaw: Out-of-bounds read in X3Fproperty table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574326 [ 3 ] Bug #1574322 - CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574322 [ 4 ] Bug #1574486 - LibRaw-0.18.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1574486 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-08ea7a5f0b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 15, 2018
•Critical
Fedora
89
security advisoryFedoraout of boundsFedora 27: LibRaw Security Advisory for Critical Threats
---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-08ea7a5f0b 2018-05-15 19:52:12.739846 --------------------------------------------------------------------------------Name : LibRaw Product : Fedora 27 Version : 0.18.11 Release : 1.fc27 URL : https://www.libraw.org/ Summary : Library for reading RAW files obtained from digital photo cameras Description : LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future. --------------------------------------------------------------------------------Update Information: ---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser --------------------------------------------------------------------------------ChangeLog: * Thu May 10 2018 Gwyn Ciesla - 0.18.11-1 - 0.18.11. * Thu May 3 2018 Gwyn Ciesla - 0.18.10-1 - 0.18.10. * Wed Apr 25 2018 Gwyn Ciesla - 0.18.9-1 - 0.18.9. * Sat Feb 24 2018 Gwyn Ciesla - 0.18.8-1 - 0.18.8. * Wed Feb 7 2018 Fedora Release Engineering - 0.18.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Fri Feb 2 2018 Gwyn Ciesla - 0.18.7-2 - Patch for updated glibc. * Fri Jan 19 2018 Gwyn Ciesla - 0.18.7-1 - 0.18.7 - Patch for ambiguous function call. * Wed Dec 6 2017 Gwyn Ciesla - 0.18.6-1 - 0.18.6 --------------------------------------------------------------------------------References: [ 1 ] Bug #1576801 - LibRaw-0.18.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1576801 [ 2 ] Bug #1574326 - CVE-2018-10529 LibRaw: Out-of-bounds read in X3Fproperty table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574326 [ 3 ] Bug #1574322 - CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574322 [ 4 ] Bug #1574486 - LibRaw-0.18.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1574486 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-08ea7a5f0b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 15, 2018
•Critical
Fedora
89
security advisorycriticalFedoraFedora 28: LibRaw Update - Critical Stack Overflow Threat
---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-8c4e0b4335 2018-05-13 19:59:19.583151 --------------------------------------------------------------------------------Name : LibRaw Product : Fedora 28 Version : 0.18.11 Release : 1.fc28 URL : https://www.libraw.org/ Summary : Library for reading RAW files obtained from digital photo cameras Description : LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future. --------------------------------------------------------------------------------Update Information: ---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser --------------------------------------------------------------------------------ChangeLog: * Thu May 10 2018 Gwyn Ciesla - 0.18.11-1 - 0.18.11. * Thu May 3 2018 Gwyn Ciesla - 0.18.10-1 - 0.18.10. * Wed Apr 25 2018 Gwyn Ciesla - 0.18.9-1 - 0.18.9. --------------------------------------------------------------------------------References: [ 1 ] Bug #1576801 - LibRaw-0.18.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1576801 [ 2 ] Bug #1574326 - CVE-2018-10529 LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574326 [ 3 ] Bug #1574322 - CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574322 [ 4 ] Bug #1574486 - LibRaw-0.18.10 isavailable https://bugzilla.redhat.com/show_bug.cgi?id=1574486 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-8c4e0b4335' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 13, 2018
•Critical
Fedora
89
security advisorybuffer overflowcriticalFedora 28: FEDORA-2018-8c4e0b4335 Critical: LibRaw Out Of Bounds Fix
---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-8c4e0b4335 2018-05-13 19:59:19.583151 --------------------------------------------------------------------------------Name : LibRaw Product : Fedora 28 Version : 0.18.11 Release : 1.fc28 URL : https://www.libraw.org/ Summary : Library for reading RAW files obtained from digital photo cameras Description : LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future. --------------------------------------------------------------------------------Update Information: ---- CVE-2018-10529 fixed: out of bounds read in X3F parser CVE-2018-10528 fixed: possible stack overrun in X3F parser --------------------------------------------------------------------------------ChangeLog: * Thu May 10 2018 Gwyn Ciesla - 0.18.11-1 - 0.18.11. * Thu May 3 2018 Gwyn Ciesla - 0.18.10-1 - 0.18.10. * Wed Apr 25 2018 Gwyn Ciesla - 0.18.9-1 - 0.18.9. --------------------------------------------------------------------------------References: [ 1 ] Bug #1576801 - LibRaw-0.18.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1576801 [ 2 ] Bug #1574326 - CVE-2018-10529 LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574326 [ 3 ] Bug #1574322 - CVE-2018-10528 LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1574322 [ 4 ] Bug #1574486 - LibRaw-0.18.10 isavailable https://bugzilla.redhat.com/show_bug.cgi?id=1574486 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-8c4e0b4335' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 13, 2018
•Critical
Fedora
100
security advisoryDoSsoftware enhancementSUSE: 2017:2294-1 Important: Quagga DoS And Stack Overrun Issues
An update that solves two vulnerabilities and has one An update that solves two vulnerabilities and has one An update that solves two vulnerabilities and has one errata is now available. errata is now available.. SUSE Security Update: Security update for quagga ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2294-1 Rating: important References: #1005258 #1021669 #1034273 Cross-References: CVE-2016-1245 CVE-2017-5495 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update provides Quagga 1.1.1, which brings several fixes and enhancements. Security issues fixed: - CVE-2017-5495: Telnet 'vty' interface DoS due to unbounded memory allocation. (bsc#1021669) - CVE-2016-1245: Stack overrun in IPv6 RA receive code. (bsc#1005258) Bug fixes: - Do not enable zebra's TCP interface (port 2600) to use default UNIX socket for communication between the daemons. (fate#323170) Between 0.99.22.1 and 1.1.1 the following improvements have been implemented: - Changed the default of 'link-detect' state, controlling whether zebra will respond to link-state events and consider an interface to be down when link is down. To retain the current behavior save your config before updating, otherwise remove the 'link-detect' flag from your config prior to updating. There is also a new global 'default link-detect (on|off)' flag to configure the global default. - Greatly improved nexthop resolution forrecursive routes. - Event driven nexthop resolution for BGP. - Route tags support. - Transport of TE related metrics over OSPF, IS-IS. - IPv6 Multipath for zebra and BGP. - Multicast RIB support has been extended. It still is IPv4 only. - RIP for IPv4 now supports equal-cost multipath (ECMP). - route-maps have a new action "set ipv6 next-hop peer-address". - route-maps have a new action "set as-path prepend last-as". - "next-hop-self all" to override nexthop on iBGP route reflector setups. - New pimd daemon provides IPv4 PIM-SSM multicast routing. - IPv6 address management has been improved regarding tentative addresses. This is visible in that a freshly configured address will not immediately be marked as usable. - Recursive route support has been overhauled. Scripts parsing "show ip route" output may need adaptation. - A large amount of changes has been merged for ospf6d. Careful evaluation prior to deployment is recommended. - Multiprotocol peerings over IPv6 now try to find a more appropriate IPv4 nexthop by looking at the interface. - Relaxed bestpath criteria for multipath and improved display of multipath routes in "show ip bgp". Scripts parsing this output may need to be updated. - Support for iBGP TTL security. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1407=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1407=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1407=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1407=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1407=1 Tobring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): quagga-debuginfo-1.1.1-17.3.3 quagga-debugsource-1.1.1-17.3.3 quagga-devel-1.1.1-17.3.3 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): quagga-debuginfo-1.1.1-17.3.3 quagga-debugsource-1.1.1-17.3.3 quagga-devel-1.1.1-17.3.3 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libfpm_pb0-1.1.1-17.3.3 libfpm_pb0-debuginfo-1.1.1-17.3.3 libospf0-1.1.1-17.3.3 libospf0-debuginfo-1.1.1-17.3.3 libospfapiclient0-1.1.1-17.3.3 libospfapiclient0-debuginfo-1.1.1-17.3.3 libquagga_pb0-1.1.1-17.3.3 libquagga_pb0-debuginfo-1.1.1-17.3.3 libzebra1-1.1.1-17.3.3 libzebra1-debuginfo-1.1.1-17.3.3 quagga-1.1.1-17.3.3 quagga-debuginfo-1.1.1-17.3.3 quagga-debugsource-1.1.1-17.3.3 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libfpm_pb0-1.1.1-17.3.3 libfpm_pb0-debuginfo-1.1.1-17.3.3 libospf0-1.1.1-17.3.3 libospf0-debuginfo-1.1.1-17.3.3 libospfapiclient0-1.1.1-17.3.3 libospfapiclient0-debuginfo-1.1.1-17.3.3 libquagga_pb0-1.1.1-17.3.3 libquagga_pb0-debuginfo-1.1.1-17.3.3 libzebra1-1.1.1-17.3.3 libzebra1-debuginfo-1.1.1-17.3.3 quagga-1.1.1-17.3.3 quagga-debuginfo-1.1.1-17.3.3 quagga-debugsource-1.1.1-17.3.3 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le s390x x86_64): libfpm_pb0-1.1.1-17.3.3 libfpm_pb0-debuginfo-1.1.1-17.3.3 libospf0-1.1.1-17.3.3 libospf0-debuginfo-1.1.1-17.3.3 libospfapiclient0-1.1.1-17.3.3 libospfapiclient0-debuginfo-1.1.1-17.3.3 libquagga_pb0-1.1.1-17.3.3 libquagga_pb0-debuginfo-1.1.1-17.3.3 libzebra1-1.1.1-17.3.3 libzebra1-debuginfo-1.1.1-17.3.3 quagga-1.1.1-17.3.3 quagga-debuginfo-1.1.1-17.3.3 quagga-debugsource-1.1.1-17.3.3 References: https://www.suse.com/security/cve/CVE-2016-1245.html https://www.suse.com/security/cve/CVE-2017-5495.html https://bugzilla.suse.com/1005258 https://bugzilla.suse.com/1021669 https://bugzilla.suse.com/1034273 . SUSE Security Update for OpenSSH tackles critical vulnerabilities. Discover the latest security improvements and patches now available.. SUSE Quagga Update, Quagga Improvements, Security Enhancements. . Severity: Important. LinuxSecurity.com Team
Aug 29, 2017
•Important
SuSE
202
security advisorysecurity updatepatchopenSUSE Leap 42.1: 2016:2646-1 Important: Quagga Stack Overrun Fix
An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for quagga ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:2646-1 Rating: important References: #1005258 Cross-References: CVE-2016-1245 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for quagga fixes the following issue: - CVE-2016-1245: Fix for a zebra stack overrun in IPv6 RA receive code. (bsc#1005258). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1233=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): quagga-0.99.24.1-14.1 quagga-debuginfo-0.99.24.1-14.1 quagga-debugsource-0.99.24.1-14.1 quagga-devel-0.99.24.1-14.1 References: https://www.suse.com/security/cve/CVE-2016-1245.html https://bugzilla.suse.com/1005258 . This crucial Fedora patch addresses a buffer overflow in netd, significantly improving security for its users.. openSUSE Update, Quagga Security, Stack Overrun Fix, Security Patch. . Severity: Important. LinuxSecurity.com Team
Oct 26, 2016
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!