OPENSUSE-SU-2026:10845-1 mcphost-0.34.0-5.1 on GA media

These are all security issues fixed in the mcphost-0.34.0-5.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10841-1 chromedriver-148.0.7778.178-1.1 on GA media

These are all security issues fixed in the chromedriver-148.0.7778.178-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10833-1 haveged-1.9.21-1.1 on GA media

These are all security issues fixed in the haveged-1.9.21-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10840-1 libsystemd0-260.1-2.1 on GA media

These are all security issues fixed in the libsystemd0-260.1-2.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-42809

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.4 Description In the Kerberos authentication method, the GET handler or the use of an Authorization: Negotiate header causes the response to include a logical.Auth object alongside an error message. This leads to...

OPENSUSE-SU-2026:10838-1 python311-urllib3_1-1.26.20-6.1 on GA media

These are all security issues fixed in the python311-urllib31-1.26.20-6.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10832-1 freerdp-3.26.0-1.1 on GA media

These are all security issues fixed in the freerdp-3.26.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10831-1 flux2-cli-2.8.8-1.1 on GA media

These are all security issues fixed in the flux2-cli-2.8.8-1.1 package on the GA media of openSUSE Tumbleweed...

Astra Linux - уязвимость в edk2

EDK2’s Network Package is vulnerable to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of availability...

Astra Linux - уязвимость в imagemagick

A flaw was discovered in ImageMagick’s coders, specifically in the webp.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, including division by zero in mathematics. The most significant threat of this vulnerability is the impact on system...

Astra Linux - уязвимость в openjpeg2

A flaw was discovered in OpenJPEG’s encoder, specifically in the opjdwtcalcexplicitstepsizes function. This flaw allows an attacker who can provide crafted inputs for the decomposition levels to cause a buffer overflow. The greatest threat of this vulnerability is to system availability...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: s390/cio: Verify the availability of the driver for the pathevent call. If no driver is attached to a device, or if the driver does not provide the pathevent function, an FCES path-event on this device could result in a...

Astra Linux - уязвимость в openexr

A flaw was discovered in OpenEXR’s B44Compressor. This flaw allows an attacker who can submit a crafted file to have it processed by OpenEXR, thereby exhausting all memory available to the application. The greatest threat of this vulnerability is to system availability...

Astra Linux - уязвимость в linux

A flaw was discovered in the Nosy driver within the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, resulting in a “use-after-free” condition when one of these devices is removed. The most significant threat posed by this vulnerability relates to...

Astra Linux - уязвимость в openexr

There is a flaw in OpenEXR in versions before 3.0.0-beta. A carefully crafted input file processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to issues with the application’s functionality...

Astra Linux - уязвимость в xorg-server

A flaw was discovered in xorg-x11-server in versions prior to 21.1.2 and prior to 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The greatest threat posed by this vulnerability is related to data confidentiality and integrity, as well as system availability...

Astra Linux - уязвимость в tar

A flaw was discovered in the src/list.c file of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The greatest threat posed by this vulnerability is to system availability...

Astra Linux - уязвимость в nettle

A flaw was discovered in Nettle versions prior to 3.7.2. In these versions, several Nettle signature verification functions—GOST DSA, EDDSA, and ECDSA—result in the Elliptic Curve Cryptography point ECC’s multiply function being called with out-of-range scalers. This may lead to incorrect results...

Astra Linux - уязвимость в imagemagick

A flaw was discovered in ImageMagick in versions prior to 7.0.11 and prior to 6.9.12. In these versions, a division by zero in the WaveImage function of MagickCore/visual-effects.c could lead to undefined behavior when a malicious image file was submitted to an application that used ImageMagick...

Astra Linux - уязвимость в openldap

A flaw was discovered in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, thereby triggering an assertion failure. The greatest threat of this vulnerability is to system availability...