bind9.16 security update

An update is available for bind9.16. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain BIND is an implementation of the Domain Na...

Important Photon OS Security Update - PHSA-2026-5.0-0866

Updates of 'dnsmasq' packages of Photon OS have been released...

CVE-2026-4667

HP System Optimizer might potentially be vulnerable to escalation of privilege. HP is releasing an update to mitigate this potential vulnerability...

OESA-2026-2560 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was detected in Assi...

OESA-2026-2555 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

OESA-2026-2553 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

OESA-2026-2547 htslib security update

HTSlib is an implementation of a unified C library for accessing common file formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data, and is the core library used by samtools and bcftools. HTSlib only depends on zlib. It is known to be compatible with gcc, g++ and clang. HTSl...

OESA-2026-2543 python-pip security update

%changelog Thu May 14 2026 markeryang [email protected] - 23.3.1-11 - Fix CVE-2026-3219 Security Fixes: When following cross-origin redirects for requests made using urllib3's high-level APIs, such as urllib3.request, PoolManager.request, and ProxyManager.request, sensitive headers — Authorization...

Chromium: CVE-2026-11250 Inappropriate implementation in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

[SECURITY] [DLA 4617-1] dovecot security update

Debian LTS Advisory DLA-4617-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin June 05, 2026 https://wiki.debian.org/LTS Package : dovecot Version : 1:2.3.13+dfsg1-2+deb11u4 CVE ID : CVE-2026-33603 CVE-2026-40020 CVE-2026-42006 Debian Bug : 1136444 Multiple...

Security update for libjxl

This update for libjxl fixes the following issues: Security fixes: CVE-2025-70103: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks bsc1266460. Other fixes: Update to version 0.10.5: fix tile dimension in low memory rendering pipeline. fix number of...

Security update for ignition

This update for ignition fixes the following issue CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265751. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

RLSA-2026:22450 Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes: golang:...

RLSA-2026:22145 Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...

image-builder security update

An update is available for image-builder. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A local binary for building customized OS artifacts such as VM images...

RLSA-2026:22711 Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass CVE-2026-35177 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

RLSA-2026:22937 Important: image-builder security update

A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls CVE-2025-68121...

RLSA-2026:23102 Important: delve security update

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out ...

php8.4 security update

An update is available for php8.4. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PHP is an HTML-embedded scripting language. PHP attempts to make it easy for...

expat security update

An update is available for expat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Expat is a C library for parsing XML documents. Security Fixes: libexpat: deni...