RLSA-2023:0328 Moderate: go-toolset and golang security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputi...

gcc-toolset-12-gcc bug fix update

An update is available for gcc-toolset-12-gcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset 12 is a compiler toolset that provides recent versions...

ALSA-2023:0328 Moderate: go-toolset and golang security and bug fix update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputi...

Incorrect Encoding of Order Hashes

Lines of code Vulnerability details Impact The order hashes are incorrectly encoded during the encodeOrderHashes mechanism, causing functions such as encodeRatifyOrder and encodeValidateOrder to misbehave. Proof of Concept The order hashes encoding mechanism appears to be incorrect as the...

Compilation Error: Undefined function 'shiftl_toFix' in CTokenFiatCollateral Contract

Lines of code Vulnerability details Impact return shiftltoFixrate, shiftLeft; It should be noted that the function "shiftltoFix" is not defined in the contract and not imported from any library, this means that the compiler will throw an error when trying to deploy the contract and this function...

GSD-2023-1000435 ARM: 9256/1: NWFPE: avoid compiler-generated __aeabi_uldivmod

ARM: 9256/1: NWFPE: avoid compiler-generated aeabiuldivmod This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...

[SECURITY] Fedora 36 Update: pypy3.9-7.3.11-1.3.9.fc36

PyPy's implementation of Python 3.9, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

gcc-toolset-12-gcc bug fix update

An update is available for gcc-toolset-12-gcc. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset 12 is a compiler toolset that provides recent versions...

[SECURITY] Fedora 37 Update: pypy3.9-7.3.11-1.3.9.fc37

PyPy's implementation of Python 3.9, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

[SECURITY] Fedora 36 Update: pypy3.8-7.3.11-1.3.8.fc36

PyPy's implementation of Python 3.8, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2023-1221)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2023-1167)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-1163)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gcc (EulerOS-SA-2023-1191)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for pypy3.8 (FEDORA-2023-78b4ce2f23)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Intel(R) oneAPI DPC++/C++ Compiler 安全漏洞

IntelR oneAPI DPC++/ c++ Compiler is a compiler from Intel Corporation USA. A security vulnerability exists in IntelR oneAPI DPC++/ c++ Compiler versions prior to 2022.2.1, which stems from its improper access control on certain IntelR oneAPI Toolkits versions prior to 2022.3.1 that could allow...

Intel(R) oneAPI DPC++/C++ Compiler 代码问题漏洞

IntelR oneAPI DPC++/ c++ Compiler is a compiler from Intel Corporation USA. A code issue vulnerability exists in IntelR oneAPI DPC++/ c++ Compiler versions prior to 2022.2.1, which stems from an uncontrolled search path that allows authenticated users to elevate privileges via local access...

PT-2023-1619 · Intel · Oneapi Toolkits +2

Name of the Vulnerable Software and Affected Versions: IntelR C++ Compiler Classic versions prior to 2021.7.1 IntelR oneAPI Toolkits versions prior to 2022.3.1 Description: The issue is caused by a buffer overflow in the oneAPI DPC++/C++ Compiler, which may allow an attacker to escalate privilege...

PT-2023-1615 · Intel · Intel Oneapi Dpc++/C++ Compiler +2

Name of the Vulnerable Software and Affected Versions: IntelR oneAPI DPC++/C++ Compiler for Windows versions prior to 2022.2.1 IntelR oneAPI Toolkits versions prior to 2022.3.1 Intel Fortran Compiler for Windows versions prior to 2022.2.1 Description: The issue is related to an uncontrolled searc...

Huawei EulerOS: Security Advisory for libsepol (EulerOS-SA-2023-1065)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...