MAL-2026-2117 Malicious code in tui-ascii-art (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4358458e150317ab394c6dd2d0137a8c395a32bae309cc1bfd829f123dab1393 These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

MAL-2026-2114 Malicious code in indpack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 85f1ca1d5abdcf2139039fc5e8a08068a8c2cacca8a31fed38fbde74f7b8c04d These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Malicious code in nspack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7741f090145e1e4bbd7998edba9c8151bd5dd3380adaa430e8f05cb2c814396f These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-150700713 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc124867...

Fedora 42 : checkpointctl (2025-ba1dacf88c)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-ba1dacf88c advisory. Add python3-click build dependency ---- Update to upstream version 1.4.0 Tenable has extracted the preceding description block directly from the Fedora...

@angular-devkit/build-angular (>=18.1.0 <=18.2.0-rc.0), @angular/build (>=18.1.0 <=18.2.0-rc.0) +46 more potentially affected by CVE-2024-45811 via vite (>=5.3.0 <=5.3.5)

vite NPM version =5.3.0, =18.1.0, =18.1.0, =2.0.0-beta.3, =0.44.0, =5.0.0-alpha.11, =18.1.0, =18.1.0, =1.0.1, =11.17.8, =0.0.1, =14.190.0, =14.190.0, =0.0.1719809477737, =8.1.1, =8.5.5 - @hybrbase-front/cli =1.0.0 and more Source cves: CVE-2024-45811 Source advisory: OSV:GHSA-9CWX-2883-4WFX...

Fedora 40 : tor (2024-3f9eb3c86c)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3f9eb3c86c advisory. Re-add systemd-devel as build dependency so the daemon knows how to notify systemd that it was started - fixes bz2302910 Tenable has extracted the...

OPENSUSE-SU-2020:1969-1 Security update for slurm_18_08

This update for slurm1808 fixes the following issues: - Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user t...

OPENSUSE-SU-2020:1468-1 Security update for slurm_18_08

This update for slurm1808 fixes the following issues: - Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user t...

OPENSUSE-SU-2020:1421-1 Security update for slurm

This update for slurm fixes the following issues: - Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user to...

SUSE-SU-2020:2607-1 Security update for pdsh, slurm_20_02

This update for pdsh, slurm2002 fixes the following issues: Changes in slurm2002: - Add support for openPMIx also for Leap/SLE 15.0/1 bsc1173805. - Do not run %check on SLE-12-SP2: Some incompatibility in tcl makes this fail. - Remove unneeded build dependency to postgresql-devel. - Disable build...

SUSE-SU-2020:2600-1 Security update for slurm_18_08

This update for slurm1808 fixes the following issues: - Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user t...

SUSE-SU-2020:2599-1 Security update for slurm_18_08

This update for slurm1808 fixes the following issues: - Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user t...

SUSE-SU-2020:2598-1 Security update for slurm

This update for slurm fixes the following issues: - Fix Authentication Bypass when Message Aggregation is enabled CVE-2020-12693 This fixes and issue where authentication could be bypassed via an alternate path or channel when message Aggregation was enabled. A race condition allowed a user to...

ALBA-2019:3474 satellite-5-client module update

Satellite 5 client module provides programs and libraries that allow your system to use provisioning, monitoring, and configuration management capabilities provided by AlmaLinux Satellite 5. This update fixes the following bugs: A build dependency on Python 2 gtk-builder-convert has been dropped...

Oracle Linux 7 : tcpdump (ELSA-2017-1871)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2017-1871 advisory. 14:4.9.0-5 - Resolves: 1441597; use bigger capture buffer than in upstream 14:4.9.0-4 - Drop downstream patch drop root privileges - Add libcap-ng as a...

Mandriva Linux Security Advisory : libreoffice (MDVSA-2011:172)

Multiple vulnerabilies has been discovered and corrected in libreoffice : Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary code via a crafted .lwp file CVE-2011-2685. oowriter in OpenOffice.org 3.3.0 and...

Moderate: cyrus-sasl security and bug fix update

2.1.19-14 - Related: bz250732 Fixed a conflict with an earlier test patch 2.1.19-13 - Related: bz250732 Fixed uninitialized stack variable causing segfault 2.1.19-12 - Resolves: bz250732 sasl-sample-server crashes with null realm 2.1.19-11 - Resolves: bz243910 krb5-libs are not thread-safe -...