Product:

Leap

(Opensuse)
Repositories https://github.com/phpmyadmin/phpmyadmin
https://github.com/ImageMagick/ImageMagick
https://github.com/torvalds/linux
https://github.com/madler/zlib
https://github.com/libgd/libgd
https://github.com/ceph/ceph
https://github.com/libarchive/libarchive
https://github.com/roundcube/roundcubemail
https://github.com/dosfstools/dosfstools
https://github.com/dbry/WavPack
https://github.com/golang/go
https://github.com/file/file
https://github.com/tats/w3m
https://github.com/atheme/atheme
https://github.com/quassel/quassel
https://github.com/git/git
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/opencontainers/runc
https://github.com/FreeRDP/FreeRDP
https://github.com/esnet/iperf
https://github.com/krb5/krb5
https://github.com/mysql/mysql-server
https://git.kernel.org/pub/scm/git/git.git
https://github.com/heimdal/heimdal
https://github.com/WebKit/webkit
https://github.com/liblouis/liblouis
https://github.com/lavv17/lftp
https://github.com/viewvc/viewvc
https://github.com/moinwiki/moin-1.9
https://github.com/ClusterLabs/pacemaker
https://github.com/curl/curl
https://github.com/vadz/libtiff
https://github.com/uclouvain/openjpeg
https://github.com/libimobiledevice/libimobiledevice
https://github.com/FFmpeg/FFmpeg
https://github.com/fragglet/lhasa
https://github.com/TigerVNC/tigervnc
https://github.com/mm2/Little-CMS
https://github.com/stedolan/jq
https://github.com/Matroska-Org/libmatroska
https://github.com/mdadams/jasper
https://github.com/ntp-project/ntp
https://github.com/the-tcpdump-group/tcpdump
#Vulnerabilities 805
Date ID Summary Products Score Patch
2020-06-18 CVE-2020-14422 Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. Fedora, Leap, Python N/A
2020-08-07 CVE-2020-8026 A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions. Leap, Tumbleweed N/A
2020-08-06 CVE-2020-16845 Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. Go, Leap N/A
2020-06-22 CVE-2020-4032 In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2. Fedora, Freerdp, Leap N/A
2020-06-17 CVE-2020-14402 An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. Debian_linux, Libvncserver, Leap N/A
2020-07-09 CVE-2020-12402 During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78. Fedora, Firefox, Leap N/A
2020-05-15 CVE-2020-11522 libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. Ubuntu_linux, Freerdp, Leap N/A
2020-06-09 CVE-2020-10757 A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. Debian_linux, Fedora, Linux_kernel, Leap, Enterprise_linux, Enterprise_mrg N/A
2020-06-12 CVE-2020-10732 A flaw was found in the Linux kernel's implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data. Linux_kernel, Leap, Enterprise_linux N/A
2020-07-07 CVE-2020-10730 A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability. Fedora, Leap, Storage, Samba N/A