Forgotten User

**Name of the Vulnerable Software and Affected Versions** libzypp versions prior to 20170803 **Description** The issue allows an attacker to retrieve unsigned packages without warning the user, which could lead to a man-in-the-middle attack or malicious servers injecting malicious RPM packages into a user's system. **Recommendations** For versions prior to 20170803, update to a version newer than 20170803 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TigerVNC (affected versions not specified) **Description** The issue allows remote attackers to cause a denial of service by terminating a TLS handshake early, resulting in invalid memory access and a crash. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this issue.