6 matches found
SUSE SLES15 Security Update : apptainer (SUSE-SU-2026:2609-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2609-1 advisory. This update for apptainer fixes the following issues - CVE-2026-24137: github.com/sigstore/sigstore/pkg/tuf: legacy TUF client allows for...
USN-8447-2 lxd vulnerabilities
USN-8447-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding updates for Go Cryptography code embedded in LXD for CVE-2026-39830, CVE-2026-39833, CVE-2026-39834, and CVE-2026-42508. Original advisory details: It was discovered that Go Cryptography did not properly...
SUSE-SU-2026:22159-1 Security update for distribution
This update for distribution fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265788. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation...
OPENSUSE-SU-2026:21084-1 Security update for distribution
This update for distribution fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265788. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation...
Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent
...
CVE-2026-39832 Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent
When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...