MGASA-2026-0176 Updated perl-DBIx-Class-EncodedColumn and new perl-Crypt-URandom-Token packages fix security vulnerabilities

The updated perl-DBIx-Class-EncodedColumn and new perl-Crypt-URandom-Token packages fix security issues: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand function for salting password hashes in Digest.pm CVE-2025-27551 DBIx::Class::EncodedColumn until 0.00032 for Perl uses...

SUSE SLED15 / SLES15 Security Update : perl-Crypt-URandom (SUSE-SU-2026:1954-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1954-1 advisory. This update for perl-Crypt-URandom fixes the following issue: - CVE-2026-2474: negative length parameter in the XS...

Security update for perl-Crypt-URandom

This update for perl-Crypt-URandom fixes the following issue: CVE-2026-2474: negative length parameter in the XS function can lead to a heap-based buffer overflow bsc1258266. Changes for perl-Crypt-URandom: updated to 0.550.0 0.55 Fix for sysread/read failures. Thanks to Miha Purg for GH20 Fix fo...

SUSE-SU-2026:1954-1 Security update for perl-Crypt-URandom

This update for perl-Crypt-URandom fixes the following issue: - CVE-2026-2474: negative length parameter in the XS function can lead to a heap-based buffer overflow bsc1258266. Changes for perl-Crypt-URandom: - updated to 0.550.0 0.55 - Fix for sysread/read failures. Thanks to Miha Purg for GH20 ...

CVE-2026-8503

Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids. Apache::Session::Generate::SHA256 generated session ids insecurely. The default session id generator returns a SHA-256 hash of the built-in rand function, the epoch time, and the PID, that is hashed...

CVE-2026-8503

Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids. Apache::Session::Generate::SHA256 generated session ids insecurely. The default session id generator returns a SHA-256 hash of the built-in rand function, the epoch time, and the PID, that is hashed...

PT-2026-33009

Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts. The make salt and make salt bcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simpl...

SUSE-SU-2026:21145-1 Security update for perl-Authen-SASL

This update for perl-Authen-SASL fixes the following issues: Changes in perl-Authen-SASL: - CVE-2025-40918: use Crypt:URandom for generating nonces bsc1246623...

OPENSUSE-SU-2026:20480-1 Security update for perl-Authen-SASL

This update for perl-Authen-SASL fixes the following issues: Changes in perl-Authen-SASL: - CVE-2025-40918: use Crypt:URandom for generating nonces bsc1246623...

SUSE: Security Advisory (SUSE-SU-2026:1170-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : perl-Crypt-URandom (SUSE-SU-2026:1170-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1170-1 advisory. This update for perl-Crypt-URandom fixes the following issue: Update to 0.550.0 0.55: - CVE-2026-2474: heap buffer overflow in the XS function...

Security update for perl-Crypt-URandom

This update for perl-Crypt-URandom fixes the following issue: Update to 0.550.0 0.55: CVE-2026-2474: heap buffer overflow in the XS function crypturandomgetrandom bsc1258266. Changelog: Fix for sysread/read failures. Thanks to Miha Purg for GH20. Fix for test suite failures on STDOUT encoding...

SUSE-SU-2026:1170-1 Security update for perl-Crypt-URandom

This update for perl-Crypt-URandom fixes the following issue: Update to 0.550.0 0.55: - CVE-2026-2474: heap buffer overflow in the XS function crypturandomgetrandom bsc1258266. Changelog: - Fix for sysread/read failures. Thanks to Miha Purg for GH20. - Fix for test suite failures on STDOUT...

CVE-2026-5087 PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely

PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl generates random bytes insecurely. PAGI::Middleware::Session::Store::Cookie attempts to read bytes from the /dev/urandom device directly. If that fails for example, on systems without the device, such as Windows, then it...

Security update for perl-Crypt-URandom (important)

openSUSE Security Update: Security update for perl-Crypt-URandom Announcement ID: openSUSE-SU-2026:0110-1 Rating: important References: 1258266 Cross-References: CVE-2026-2474 CVSS scores: CVE-2026-2474 SUSE: 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products:...

perl-Crypt-URandom-0.550.0-1.1 on GA media (moderate)

perl-Crypt-URandom-0.550.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10414-1 Rating: moderate Cross-References: CVE-2026-2474 CVSS scores: CVE-2026-2474 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-2474 SUSE : 8.2...

OPENSUSE-SU-2026:10414-1 perl-Crypt-URandom-0.550.0-1.1 on GA media

These are all security issues fixed in the perl-Crypt-URandom-0.550.0-1.1 package on the GA media of openSUSE Tumbleweed...

[SECURITY] Fedora 44 Update: perl-Crypt-URandom-0.55-1.fc44

This Module is intended to provide an interface to the strongest available source of non-blocking randomness on the current platform...

Fedora 44 : perl-Crypt-URandom (2026-eb6b1039eb)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-eb6b1039eb advisory. This release fixes CVE-2026-2474 a heap buffer overflow and handling failed read syscalls. Tenable has extracted the preceding description block directly fro...

Fedora 43 : perl-Crypt-URandom (2026-88f1155b8b)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-88f1155b8b advisory. This release fixes CVE-2026-2474 a heap buffer overflow and handling failed read syscalls. Tenable has extracted the preceding description block...