CVE-2023-54250 ksmbd: avoid out of bounds access in decode_preauth_ctxt()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: avoid out of bounds access in decodepreauthctxt Confirm that the accessed pnegctxt-HashAlgorithms address sits within the SMB request boundary; deassemblenegcontexts only checks that the eight byte smb2negcontext header +...

Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.0 cut from the go1.25-fips-release branch at the revision tagged go1.25.0-1-openssl-fips. jscSLE-18320 Rebase to 1.25.0 Fix HKDF-Extract The latest OpenSSL in c9s/c10s requires nil salt to be passed as a hash length...

SUSE CVE-2011-3189

The crypt function in PHP 5.3.7, when the MD5 hash type is used, returns the value of the salt argument instead of the hashed string, which might allow remote attackers to bypass authentication via an arbitrary password, a different vulnerability than CVE-2011-2483...