java-17-openjdk security update

1:17.0.19.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.19.0.10-1 - Update to jdk-17.0.19+10 GA - Add to .gitignore openjdk-17.0.19+10.tar.xz - Set updatever to 19 - Set buildver to 10 - Set rpmrelease to 1 - Update sources to openjdk-17.0.19+10.tar.xz - This tarball is embargoed...

MetaCPAN HarfBuzz::Shaper security vulnerability

MetaCPAN HarfBuzz::Shaper is an interface extension module of the MetaCPAN Foundation. Versions of MetaCPAN HarfBuzz::Shaper prior to 0.032 contained a security vulnerability. This vulnerability stemmed from null pointer dereferencing in the bundled libraries, which could lead to null pointer...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openjpeg (SUSE-SU-2025:3946-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3946-1 advisory. - CVE-2023-39327: Fixed that malicious files can cause a large loop that continuously prints warning...

Security update for openjpeg

This update for openjpeg fixes the following issues: CVE-2023-39327: Fixed that malicious files can cause a large loop that continuously prints warning messages on the terminal bsc1227410. Other bug fixes: Ensure no bundled libraries are used bsc1250467. Patch Instructions: To install this SUSE...

SUSE-SU-2025:3946-1 Security update for openjpeg

This update for openjpeg fixes the following issues: - CVE-2023-39327: Fixed that malicious files can cause a large loop that continuously prints warning messages on the terminal bsc1227410. Other bug fixes: - Ensure no bundled libraries are used bsc1250467...

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

Security Bulletin: Multiple vulnerabilities have been identified in bundled libraries of IBM Tivoli Netcool/OMNIbus Common Integration Libraries (CVE-2019-12086, CVE-2019-0201)

Summary FasterXML Jackson library is a dependency component shipped with the IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library and Transformer for Message Bus Integration. Information about security vulnerabilities affecting FasterXML Jackson library has been published...

Fedora 24 : netpbm (2017-fa4e441e03)

Security fix for CVE-2017-2586, CVE-2017-2587 and CVE-2017-5849, ---- Add license information file copyrightsummary ---- New version of netpbm is available 10.77.00 ---- add missing directives about bundled libraries jasper and jbigkit ---- New version of netpbm is available 10.76.00 Note that...

Mageia: Security Advisory (MGASA-2015-0339)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated freeimage packages fix security vulnerabilities

Updated freeimage packages fix security vulnerability: FreeImage is vulnerable to an integer overflow in PluginPCX.cpp, making the PCX loader vulnerable to malicious images with a bad window specification CVE-2015-0852. Moreover, FreeImage was built in Mageia against a number of bundled libraries...

MGASA-2015-0339 Updated freeimage packages fix security vulnerabilities

Updated freeimage packages fix security vulnerability: FreeImage is vulnerable to an integer overflow in PluginPCX.cpp, making the PCX loader vulnerable to malicious images with a bad window specification CVE-2015-0852. Moreover, FreeImage was built in Mageia against a number of bundled libraries...

Updated avidemux packages fix security vulnerabilities

Updated avidemux packages fix security vulnerabilities: The mjpegdecodeapp function in libavcodec/mjpegdec.c in FFMpeg before 1.2.11 allows remote attackers to cause a denial of service out-of-bounds heap access and possibly have other unspecified impact via vectors related to LJIF tags in an MJP...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

Fedora 16 : ghostscript-9.05-2.fc16 (2012-13839)

This update removes some bundled libraries, notably icclib. This avoids security issue CVE-2012-4405. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Fedora 17 : ghostscript-9.05-4.fc17 (2012-13846)

This update removes some bundled libraries, notably icclib. This avoids security issue CVE-2012-4405. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...