Tag: Security Vulnerabilities

Today, the Google Project Zero team disclosed an additional speculative execution method to obtain data that would otherwise be protected by the CPU. Google, together with CPU, hardware and operating system vendors have worked over the past months to prepare mitigations for this vulnerability, known as Spectre v4. The vulnerability is similar to others in […]

Read More

Yesterday the security community and a number of IT vendors announced the existence of several hardware security vulnerabilities that allow potential exploits across a range of hardware architectures and operating systems including but not limited to Linux. https://meltdownattack.com/ SUSE engineers have been collaborating with our partners and the Linux community on upstream Linux kernel patches. […]

Read More

After our announcement back in January this year, and a transition phase where we scored both version 2 and version 3, we will finally switch entirely to the Common Vulnerability Scoring System (CVSS) version 3.0 for vulnerability assessment with the beginning of 2018. Customers who automatically check our v2 scoring will no longer see any […]

Read More

SUSE CVE Pages SUSE offers various self-service options for getting information on Security Issues. One of these self-service options that are intended for human consumption are our CVE Pages. For every CVE that might be related to our products we provide a webpage with our current status. These pages cover SUSE Enterprise products, and also contain […]

Read More

Staying updated on the latest security vulnerabilities can be daunting which can understandably lead you to ask whether a particular version of SLES is vulnerable. The first thing to note when you get a security notification, for example from https://cve.mitre.org, https://nvd.nist.gov, or even by word of mouth, is the CVE identifier which will look similar to this: CVE-2015-5477 …

Read More