Multiple Proposer Transaction Fee Mechanism Design: Robust Incentives against Censorship and Bribery

Censorship resistance is one of the core value proposition of blockchains. A recurring design pattern aimed at providing censorship resistance is enabling multiple proposers to contribute inputs into block construction. Notably, Fork-Choice Enforced Inclusion Lists FOCIL is proposed to be include...

Important: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName...

ALSA-2025:7937 Important: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName...

ALSA-2025:7895 Important: compat-openssl10 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1. Security Fixes: openssl: X.400...

Malicious code in ts-runtime-compat-check (npm)

The npm package ts-runtime-compat-check is a malicious package that functions as a key component in a remote code execution attack chain. This package: 1. Contains a postinstall script that executes lib/install.js 2. The install script makes HTTP requests to a server specified by an environment...

Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: Fixed GCC 15 compile time error bsc1241938 Fix building with containerd 1.7.25+ bsc1237147 Full changelog:...

SUSE-SU-2025:1565-1 Security update for open-vm-tools

This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: - CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: - Fixed GCC 15 compile time error bsc1241938 - Fix building with containerd 1.7.25+ bsc1237147 Full changelog:...

Important: Red Hat Security Advisory: compat-openssl11 security update

An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Security Bulletin: Vulnerability in Webpack and Rspack affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Webpack and Rspack has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

Alibaba Cloud Linux 3 : 0064: compat-exiv2-026 (ALINUX3-SA-2021:0064)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0064 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-31291: REJECT DO NOT USE THIS CANDIDATE...

Alibaba Cloud Linux 3 : 0130: compat-openssl10 (ALINUX3-SA-2022:0130)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0130 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-0778: The BNmodsqrt function, which comput...

CVE-2025-40571

A vulnerability has been identified in Mendix OIDC SSO Mendix 10.12 compatible All versions V4.0.1, Mendix OIDC SSO Mendix 9 compatible All versions V3.3.1, Mendix OIDC SSO V4.2 Mendix 10 compatible All versions V4.2.1, Mendix OIDC SSO V4.3 Mendix 10 compatible All versions. The Mendix OIDC SSO...

kernel: ext4: check stripe size compatibility on remount as well

In the Linux kernel, the following vulnerability has been resolved: ext4: check stripe size compatibility on remount as well We disable stripe size in ext4fillsuper if it is not a multiple of the cluster ratio however this check is missed when trying to remount. This can leave us with cases where...

Important: cuda-compat

Issue Overview: NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

Private LoRA Fine-Tuning of Open-Source LLMs with Homomorphic Encryption

Preserving data confidentiality during the fine-tuning of open-source Large Language Models LLMs is crucial for sensitive applications. This work introduces an interactive protocol adapting the Low-Rank Adaptation LoRA technique for private fine-tuning. Homomorphic Encryption HE protects the...

Kerberos KNOB stopped working

The KNOB “nsapimgr -ys arg1=1 -ys call=nsenablepreferredkrbetype” no longer works after upgrading from 13.1 to 14.1...

google-noto-cjk-fonts bug fix update

An update is available for google-noto-cjk-fonts. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Noto CJK fonts, supporting Simplified Chinese, Traditional...

NetworkManager bug fix and enhancement update

An update is available for NetworkManager. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list NetworkManager is a system network service that manages network device...

thunderbird: Information Disclosure of /tmp directory listing

A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...

CVE-2024-58100

In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changespktdata property of the...