Security update for jetty-minimal

This update for jetty-minimal fixes the following issues: CVE-2026-2332: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques bsc1262115. CVE-2026-5795: Fixed JaspiAuthenticator broken access control...

SUSE-SU-2026:0803-1 Security update for util-linux

This update for util-linux fixes the following issues: - CVE-2026-3184: Fix full hostname usage for PAM to ensure correct access control for 'login -h' bsc1258859...

EUVD-2020-20827

Malware in sbrugna...

CVE-2025-49584

CVE-2025-49584 (XWiki) affects XWiki Platform versions 10.9–16.4.6, 16.5.0-rc-1–16.10.2, and 17.0.0-rc-1. The REST API can disclose the titles of pages whose reference is known when an XClass with a page property is accessible, potentially leaking page names. Impact on confidentiality is task-dep...

SUSE-SU-2023:3800-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. bsc1198712 - CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. bsc1193880 - CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue...

SUSE-SU-2023:3721-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. bsc1198712 - CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. bsc1193880 - CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue...

SUSE-SU-2023:0844-1 Security update for openstack-cinder, openstack-glance, openstack-neutron-gbp, openstack-nova, python-oslo.utils

This update for openstack-cinder, openstack-glance, openstack-neutron-gbp, openstack-nova, python-oslo.utils contains the following fixes: Security fixes included on this update: openstack-cinder, openstack-glance, openstack-nova: - CVE-2022-47951: Fixed file access control through custom VMDK fl...

GHSA-G78X-XMV8-23XP Exposure of Sensitive Information to an Unauthorized Actor in Jenkins

The Jenkins 2.73.1 and earlier, 2.83 and earlier remote API at /queue/item/ID/api showed information about tasks in the queue typically builds waiting to start. This included information about tasks that the current user otherwise has no access to, e.g. due to lack of Item/Read permission. This h...

Security update for singularity (moderate)

Singularity was updated to version 2.6.0, bringing features, bugfixes and security fixes. Security issues fixed: - CVE-2018-12021: Fixed access control on systems supporting overlay file system boo1100333. Highlights of 2.6.0: - Allow admin to specify a non-standard location for mksquashfs binary...

SUSE-SU-2018:1291-1 Security update for php5

This update for php5 fixes the following issues: Security issues fixed: - CVE-2018-10545: Fix access controls in FPM child processes bsc1091367. - CVE-2018-10547: Fix Reflected XSS on the PHAR 403 and 404 error pages bsc1091362. - CVE-2018-10546: Fix an infinite loop exists in ext/iconv/iconv.c...