new module: php:8.2

An update is available for module.php-pecl-apcu, php, module.php, libzip, module.php-pear, module.php-pecl-xdebug3, module.php-pecl-zip, php-pecl-rrd, module.php-pecl-rrd, php-pecl-zip, module.libzip, php-pecl-xdebug3, php-pecl-apcu, php-pear. This update affects Rocky Linux 8. A Common...

new module: postgresql:16

An update is available for module.pgaudit, postgresql, pgaudit, module.pgrepack, module.postgres-decoderbufs, pgrepack, module.postgresql, postgres-decoderbufs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

new module: nginx:1.24

An update is available for module.nginx, nginx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rock...

Moderate: Red Hat Bug Fix Advisory: go-toolset:rhel8 bug fix and enhancement update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section...

nginx:1.22 security update

An update is available for module.nginx, nginx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other...

PT-2023-6101 · Ipswitch · Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: WS FTP Server versions 8.7.0 through 8.7.3 WS FTP Server versions 8.8.0 through 8.8.1 Description: A reflected cross-site scripting XSS vulnerability exists in WS FTP Server's Ad Hoc Transfer module. This vulnerability can be leveraged by an...

CVE-2023-3160

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions...

Design/Logic Flaw

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions...

CVE-2023-3160 Local privilege escalation in security products for Windows

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions...

CVE-2023-3160 Local privilege escalation in security products for Windows

The vulnerability potentially allows an attacker to misuse ESET’s file operations during the module update to delete or move files without having proper permissions...

Important: perl

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31486 Affected Packages: perl Issue Correction: Run dnf update perl --releasever 2023.1.20230628 o...

PT-2022-34857 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.215 Description: The issue is related to out-of-bound bugs caused by an unset skb-mac header in the ipvlan module. The actual impact and attack plausibility have not yet been proven. Recommendations: For...

PT-2022-23753 · Huawei · Emui +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The recovery module has a vulnerability that allows bypassing the verification of an update package before use. Successful exploitation of this issue ma...

CVE-2022-26493

Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signatur...

PT-2022-4982 · Linux Pam +2 · Linux-Pam +2

Name of the Vulnerable Software and Affected Versions: Linux-PAM versions prior to 1.5.2-6.1 Description: The issue is related to the pam access.so module of the Linux-PAM package, which does not correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS...

CLSA-2021-1640002354 Fix of CVE: CVE-2021-43527

CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA signatures and RSA-PSS - Update to CKBI 2.50 from NSS 3.67 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "AddTrust Low-Value Services Root" - Certificate "AddTrust...

new module: ruby:3.0

An update is available for rubygem-mysql2, rubygem-pg, rubygem-abrt, ruby. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This enhancement update adds the...

OPENSUSE-SU-2020:2344-1 Security update for PackageKit

This update for PackageKit fixes the following issue: - CVE-2020-16121: Fixed an Information disclosure in InstallFiles, GetFilesLocal and GetDetailsLocal bsc1176930. - Update summary and description of gstreamer-plugin and gtk3-module. bsc1104313 This update was imported from the...

SUSE-SU-2020:3911-1 Security update for PackageKit

This update for PackageKit fixes the following issue: - CVE-2020-16121: Fixed an Information disclosure in InstallFiles, GetFilesLocal and GetDetailsLocal bsc1176930. - Update summary and description of gstreamer-plugin and gtk3-module. bsc1104313...

5.30 metadata for the Rocky Linux 8 module matrix (1/3)

An update is available for perl-DBD-Pg, perl-DBI, perl-DBD-SQLite, perl-YAML, perl-FCGI, perl-DBD-MySQL, perl-String-ShellQuote. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...