MGASA-2024-0333 Updated unbound packages fix security vulnerabilities

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression ...

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying...

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying...

Amazon Linux 2 : unbound (ALAS-2024-2650)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2650 advisory. NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that i...

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying...

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying...

Amazon Linux 2 : unbound (ALASUNBOUND-1.17-2024-003)

The version of unbound installed on the remote host is prior to 1.17.0-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2UNBOUND-1.17-2024-003 advisory. NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large...

Amazon Linux 2 : unbound (ALASUNBOUND-2024-003)

The version of unbound installed on the remote host is prior to 1.13.1-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2UNBOUND-2024-003 advisory. NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets...

Medium: unbound

Issue Overview: NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying...

Fedora: Security Advisory (FEDORA-2024-b9fc60e1f0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: rust-libcramjam0.2-0.2.0-7.fc39

Compression library combining a plethora of algorithms in a similar as possible API...

[SECURITY] Fedora 39 Update: rust-async-compression-0.4.13-1.fc39

Adaptors between compression crates and Rust's modern asynchronous IO types...

[SECURITY] Fedora 39 Update: rust-libcramjam-0.3.0-6.fc39

Compression library combining a plethora of algorithms in a similar as possible API...

[SECURITY] Fedora 39 Update: python-cramjam-2.8.3-8.fc39

Thin Python bindings to de/compression algorithms in Rust...

[SECURITY] Fedora 41 Update: python-cramjam-2.8.3-9.fc41

Thin Python bindings to de/compression algorithms in Rust...

[SECURITY] Fedora 41 Update: rust-brotli-decompressor-4.0.1-1.fc41

A brotli decompressor that with an interface avoiding the rust stdlib. This makes it suitable for embedded devices and kernels. It is designed with a pluggable allocator so that the standard lib's allocator may be employed. The default build also includes a stdlib allocator and stream interface...

Fedora 40 : python-cramjam / rust-async-compression / rust-brotli / etc (2024-b9fc60e1f0)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-b9fc60e1f0 advisory. Update rust-brotli-decompressor to 4.0.1, rust-brotli to 7.0.0, and rust-async-compression to 0.4.13. Patch dependent packages as needed to avoid compat...

Fedora 39 : python-cramjam / rust-async-compression / rust-brotli / etc (2024-8831059030)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-8831059030 advisory. Update rust-brotli-decompressor to 4.0.1, rust-brotli to 7.0.0, and rust-async-compression to 0.4.13. Patch dependent packages as needed to avoid compat...

The vulnerability of the add_ra_bio_pages() function in the file system of the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the addrabiopages function in the fs/btrfs/compression.c file of the btrfs file system in the Linux kernel relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

CVE-2024-8508

...