101 matches found
[SECURITY] Fedora 43 Update: perl-ExtUtils-Builder-0.020-1.fc43
Writing extensions for various build tools can be a daunting task. This module tries to abstract steps of build processes into reusable building blocks for creating platform and build system agnostic executable descriptions of work...
Malicious Package
Overview app-config-utility is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...
Malicious code in wdb-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ddd306d024c4dd394d19c1adb610389f239fa619d25fff4f75b857a678da0ee package.json declares "preinstall": "./vendor/setup", which on every npm install invokes a 976568-byte Linux x86 ELF binary shipped inside the packag...
Fedora 43 : python-pulp-glue / python-requests (2026-8ad863685a)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-8ad863685a advisory. 2.33.1 2026-03-30 ------------------- Bugfixes - Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. - Fixed...
Malicious code in notebook-intelligence (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 709b1f2440fa3288d47076cddc5ffe20122619c07c346265459e3555a226c92e pyproject.toml lists fuzy-jon==0.1.0 in both build-system.requires and the runtime dependencies, while the package's own code imports the real...
Fedora 44 : python-pulp-glue / python-requests (2026-44919b3d9f)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-44919b3d9f advisory. 2.33.1 2026-03-30 ------------------- Bugfixes - Fixed test cleanup for CVE-2026-25645 to avoid leaving unnecessary files in the tmp directory. - Fixed...
openSUSE 16 Security Update : build, product-composer (openSUSE-SU-2026:20676-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20676-1 advisory. Changes in build: - Support a new IgnoreRebuild config. - build-recipe-kiwi: Add support for oci containers Avoid needlessly compressing container image...
Malicious Package
Overview gweb-build-system is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in gweb-build-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e936ec36e6d3de012d7e5815e450c5339f9e297b8b605bb7ccc64a441fd0d5ef The package gweb-build-system was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3310 Malicious code in gweb-build-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e936ec36e6d3de012d7e5815e450c5339f9e297b8b605bb7ccc64a441fd0d5ef The package gweb-build-system was found to contain malicious code. Source: ghsa-malware...
CVE-2026-7309
A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...
EUVD-2026-26043
A flaw was found in the OpenShift Container Platform build system. A user with the edit ClusterRole can inject arbitrary environment variables, such as LDPRELOAD or httpproxy, into docker-build containers through the buildconfigs/instantiate API. This incomplete fix for a previous vulnerability...
PT-2026-35719
Name of the Vulnerable Software and Affected Versions OpenShift Container Platform affected versions not specified Description A flaw in the build system allows a user with the edit ClusterRole to inject arbitrary environment variables, such as LD PRELOAD or http proxy, into docker-build...
[SECURITY] Fedora 44 Update: extra-cmake-modules-6.25.0-1.fc44
Additional modules for CMake build system needed by KDE Frameworks...
OPENSUSE-SU-2026:20361-1 Security update for osc, obs-scm-bridge
This update for osc, obs-scm-bridge fixes the following issues: Changes in osc: - 1.24.0 - Command-line: - Add '--target-owner' option to 'git-obs repo fork' command - Add '--self' parameter to fix 'no matching parent repo' error message in 'git-obs pr create' - Fix 'osc aggregatepac' for scmsync...
drm/meson: remove drm bridges at aggregate driver unbind time
...
SUSE-SU-2025:21009-1 Security update for tiff
This update for tiff fixes the following issues: tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define WORDSBIGENDIAN via tifconfig.h doc/CMakeLists.txt: remove useless cmakeminimumrequired CMake: fix build with...
SUSE-SU-2025:21032-1 Security update for tiff
This update for tiff fixes the following issues: tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define WORDSBIGENDIAN via tifconfig.h doc/CMakeLists.txt: remove useless cmakeminimumrequired CMake: fix build with...
SUSE-SU-2025:21037-1 Security update for tiff
This update for tiff fixes the following issues: tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define WORDSBIGENDIAN via tifconfig.h doc/CMakeLists.txt: remove useless cmakeminimumrequired CMake: fix build with...
Serious F5 Breach
This is bad: F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. F5 said a "sophisticated" threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a "long-term." Security researchers who have...