Product:

Leap

(Opensuse)
Repositories https://github.com/phpmyadmin/phpmyadmin
https://github.com/ImageMagick/ImageMagick
https://github.com/torvalds/linux
https://github.com/krb5/krb5
https://github.com/madler/zlib
https://github.com/libgd/libgd
https://github.com/php/php-src
https://github.com/ceph/ceph
https://github.com/libarchive/libarchive
https://github.com/roundcube/roundcubemail
https://github.com/tats/w3m
https://github.com/golang/go
https://github.com/dbry/WavPack
https://github.com/git/git
https://github.com/file/file
https://github.com/dosfstools/dosfstools
https://github.com/atheme/atheme
https://github.com/quassel/quassel
https://github.com/apache/httpd
https://github.com/opencontainers/runc
https://github.com/bcgit/bc-java
https://github.com/mm2/Little-CMS
https://github.com/FFmpeg/FFmpeg
https://github.com/uclouvain/openjpeg
https://git.kernel.org/pub/scm/git/git.git
https://github.com/mdadams/jasper
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/rdesktop/rdesktop
https://github.com/ntp-project/ntp
https://github.com/requests/requests
https://github.com/esnet/iperf
https://github.com/lighttpd/lighttpd1.4
https://github.com/heimdal/heimdal
https://github.com/erikd/libsndfile
https://github.com/FreeRDP/FreeRDP
https://github.com/mysql/mysql-server
https://github.com/WebKit/webkit
https://github.com/liblouis/liblouis
https://github.com/lavv17/lftp
https://github.com/viewvc/viewvc
https://github.com/moinwiki/moin-1.9
https://github.com/ClusterLabs/pacemaker
https://github.com/curl/curl
https://github.com/vadz/libtiff
https://github.com/libimobiledevice/libimobiledevice
https://github.com/fragglet/lhasa
https://github.com/TigerVNC/tigervnc
https://github.com/stedolan/jq
https://github.com/Matroska-Org/libmatroska
https://github.com/the-tcpdump-group/tcpdump
#Vulnerabilities 1883
Date Id Summary Products Score Patch Annotated
2016-09-26 CVE-2016-6153 os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files. Fedora, Leap, Sqlite 5.9
2017-02-03 CVE-2016-8568 The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file. Fedora, Libgit2, Leap, Opensuse, Linux_enterprise 5.5
2017-02-03 CVE-2016-8569 The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file. Fedora, Libgit2, Leap, Opensuse, Linux_enterprise 5.5
2017-03-03 CVE-2016-7969 The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization." Fedora, Libass, Leap, Opensuse 7.5
2017-03-03 CVE-2016-7972 The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors. Fedora, Libass, Leap, Opensuse 7.5
2017-03-23 CVE-2016-6225 xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6394. Fedora, Leap, Xtrabackup 5.9
2017-03-23 CVE-2016-9398 The jpc_floorlog2 function in jpc_math.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. Fedora, Jasper, Leap, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit 7.5
2017-03-23 CVE-2016-9399 The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. Fedora, Jasper, Leap 7.5
2017-03-27 CVE-2017-6542 The ssh_agent_channel_data function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overflow. Leap, Leap, Putty 9.8
2017-04-12 CVE-2016-9957 Stack-based buffer overflow in game-music-emu before 0.6.1. Game\-Music\-Emu, Leap, Opensuse, Leap, Linux_enterprise, Linux_enterprise_desktop, Linux_enterprise_software_development_kit, Linux_enterprise_workstation_extension, Suse_linux_enterprise_server 7.8