[SECURITY] Fedora 43 Update: perl-CryptX-0.089-1.fc43

This Perl library provides a cryptography based on LibTomCrypt library...

[SECURITY] Fedora 44 Update: nasm-3.01-3.fc44

NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax...

[SECURITY] Fedora 44 Update: perl-CryptX-0.089-1.fc44

This Perl library provides a cryptography based on LibTomCrypt library...

Weechat -- Multiple vulnerabilities

The Weechat project reports: See links for detail...

CVE-2026-10725

Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb. Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large server memory the "HTTP/2 bomb". The headersdecode method materialises a full key+value copy per indexe...

CVE-2024-52011 vulnerabilities

Vulnerabilities for packages: langfuse, langfuse-fips...

GHSA-C27G-Q93R-2CWF vulnerabilities

Vulnerabilities for packages: langfuse, langfuse-fips...

CVE-2026-48961

A flaw was found in the zipdetails command-line interface CLI tool, bundled with IO::Compress for Perl. When processing a specially crafted Info-ZIP Unix Extra Field with an 8-byte User ID UID or Group ID GID, the zipdetails tool attempts to call an undefined subroutine. This can lead to the tool...

SUSE CVE-2024-44976

In the Linux kernel, the following vulnerability has been resolved: ata: patamacio: Fix DMA table overflow Kolbjørn and Jonáš reported that their 32-bit PowerMacs were crashing in pata-macio since commit 09fe2bfa6b83 "ata: patamacio: Fix maxsegmentsize with PAGESIZE == 64K". For example: kernel B...

SUSE CVE-2026-7774

tarfile.datafilter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. This allowed a malicious tar archive to cause tarfile.extractall to write files outside the...

SUSE CVE-2026-10722

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

SUSE CVE-2026-11053

unknown...

SUSE CVE-2026-11099

unknown...

SUSE CVE-2026-11282

Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

SUSE CVE-2026-49940

Net::CIDR::Set versions through 0.20 for Perl accept non-ASCII IP addresses and netmasks. Unicode digits such as the Arabic-Indic One U+0661 were accepted but not properly parsed as numbers. This could allow network masks to accept larger networks...

SUSE CVE-2026-50142

unknown...

SUSE CVE-2026-50593

Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...

CVE-2026-49975 affecting package nginx for versions less than 1.28.3-5

CVE-2026-49975 affecting package nginx for versions less than 1.28.3-5. A patched version of the package is available...

[SECURITY] Fedora 44 Update: libinput-1.31.3-1.fc44

libinput is a library that handles input devices for display servers and other applications that need to directly deal with input devices. It provides device detection, device handling, input device event processing and abstraction so minimize the amount of custom input code the user of libinput...

CVE-2026-9931 vulnerabilities

Vulnerabilities for packages: chromium...