SUSE-SU-2026:21145-1 Security update for perl-Authen-SASL

This update for perl-Authen-SASL fixes the following issues: Changes in perl-Authen-SASL: - CVE-2025-40918: use Crypt:URandom for generating nonces bsc1246623...

Medium: perl-Authen-SASL

Issue Overview: Authen::SASL::Perl::DIGESTMD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce client nonce is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time m...

Fedora: Security Advisory (FEDORA-2025-fddaaaf9f0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-65541 CVE-2025-40918 affecting package perl-Authen-SASL 2.16-21

Authen::SASL::Perl::DIGESTMD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce client nonce is generated from an MD5 hash of the PID, the epoch time and the built-in rand function. The PID will come from a small set of numbers, and the epoch time may be guessed, i...

org.apache.pulsar:pulsar-server-distribution (=3.1.0) potentially affected by CVE-2023-51437 via org.apache.pulsar:pulsar-broker-auth-sasl (=3.1.0)

org.apache.pulsar:pulsar-broker-auth-sasl MAVEN version =3.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-broker-auth-sasl and may be impacted: - org.apache.pulsar:pulsar-server-distribution =3.1.0 Source cves:...

[ASA-201803-7] dovecot: multiple issues

Arch Linux Security Advisory ASA-201803-7 ========================================= Severity: High Date : 2018-03-06 CVE-ID : CVE-2017-14461 CVE-2017-15130 CVE-2017-15132 Package : dovecot Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-645 Summary ======= The packag...