AZL-79265 CVE-2026-3381 affecting package clucene 2.3.3.4-40

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

AZL-79242 CVE-2026-3381 affecting package clucene 2.3.3.4-38

Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib. Compress::Raw::Zlib includes a copy of the zlib library. Compress::Raw::Zlib version 2.220 includes zlib 1.3.2, which addresses findings fron the 7ASecurity audit of zlib. The includes fixs for...

AZL-77990 CVE-2026-27171 affecting package clucene 2.3.3.4-38

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

AZL-77988 CVE-2026-27171 affecting package clucene 2.3.3.4-40

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libreoffice (SUSE-SU-2024:3577-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3577-1 advisory. libreoffice was updated to version 24.8.1.2 jscPED-10362: - Release notes:...

Security update for libreoffice

This update for libreoffice fixes the following issues: libreoffice was updated to version 24.8.1.2 jscPED-10362: Release notes: https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and...

AZL-45096 CVE-2022-37434 affecting package clucene 2.3.3.4-40

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

new packages: clucene

An update is available for clucene. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

AZL-43675 CVE-2018-25032 affecting package clucene 2.3.3.4-38

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

AZL-44181 CVE-2018-25032 affecting package clucene 2.3.3.4-40

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches...

AZL-44832 CVE-2015-2158 affecting package clucene 2.3.3.4-40

Off-by-one error in the pngcrushmeasureidat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file...

AZL-44008 CVE-2015-2158 affecting package clucene 2.3.3.4-38

Off-by-one error in the pngcrushmeasureidat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file...