3547 matches found
SUSE-SU-2025:4274-1 Security update for buildah
This update for buildah fixes the following issues: - CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598...
Security update for buildah
This update for buildah fixes the following issues: CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598 Patch Instructions: To install this SUSE update use the SUSE recommended...
CVE-2025-66017
CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. In versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24, presignatures can be used in the way that significantly reduces...
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
Overview Affected versions of this package are vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator PRNG due to a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. An attacker can predict or brute force...
CVE-2025-59390
Apache Druid’s Kerberos authenticator uses a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. In this case, the secret is generated using ThreadLocalRandom, which is not a crypto-graphically secure random number generator...
Security update for buildah
This update for buildah fixes the following issues: CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598 Patch Instructions: To install this SUSE update use the SUSE recommended...
SUSE-SU-2025:4245-1 Security update for buildah
This update for buildah fixes the following issues: - CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598...
Security update for amazon-ssm-agent
This update for amazon-ssm-agent fixes the following issues: CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598 Patch Instructions: To install this SUSE update use the SUSE recommended...
SUSE-SU-2025:4244-1 Security update for amazon-ssm-agent
This update for amazon-ssm-agent fixes the following issues: - CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598...
SUSE SLES15 Security Update : buildah (SUSE-SU-2025:4229-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:4229-1 advisory. - CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or...
kernel security update
5.14.0-611.7.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 248176...
GHSA-8FRV-Q972-9RQ5 cggmp24 and cggmp21 are vulnerable to signature forgery through altered presignatures
Impact This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously users could generate a presignature, and then choose a HD derivation path while issuing a partial signature via...
CVE-2025-66017 CGGMP21 presignatures can be used in the way that significantly reduces security
CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. In versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24, presignatures can be used in the way that significantly reduces...
EUVD-2025-199640
CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. In versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24, presignatures can be used in the way that significantly reduces...
CVE-2025-66017
CVE-2025-66017 affects the CGGMP family (CGGMP21 and CGGMP24). The vulnerability arises from improper use of presignatures in specific configurations, allowing signature forgery or reduced security. Affected details indicate that in CGGMP21 <= 0.6.3 and CGGMP24
CVE-2025-66016 CGGMP24 is missing a check in the ZK proof used in CGGMP21
CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. Prior to version 0.6.3, there is a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full...
EUVD-2025-199643
CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. Prior to version 0.6.3, there is a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full...
CVE-2025-66016 CGGMP24 is missing a check in the ZK proof used in CGGMP21
CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. Prior to version 0.6.3, there is a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full...
CVE-2025-66016 CGGMP24 is missing a check in the ZK proof used in CGGMP21
CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing requires 3 preprocessing rounds, identifiable abort, and a key refresh protocol. Prior to version 0.6.3, there is a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full...
Security update for buildah
This update for buildah fixes the following issues: CVE-2025-47913: Fixed a bug in the client process termination when receiving an unexpected message type in response to a key listing or signing request. bsc1253598 Patch Instructions: To install this SUSE update use the SUSE recommended...