[SECURITY] Fedora 34 Update: rust-similar-asserts-1.2.0-1.fc34

Provides asserteq! like macros with colorized diff output...

[SECURITY] Fedora 34 Update: rust-similar-2.1.0-1.fc34

Diff library for Rust...

Fedora: Security Advisory for rust-similar-asserts (FEDORA-2022-f3b8d958e8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2021-39932

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Using large payloads, the diff feature could be used to trigger high load time for users reviewing co...

PT-2021-22771 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.0 through 14.3.6 GitLab CE/EE versions 14.4 through 14.4.4 GitLab CE/EE versions 14.5 through 14.5.2 Description: An issue has been discovered in GitLab CE/EE where the diff feature could be used to trigger high load...

Security update for git (moderate)

openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2021:2555-1 Rating: moderate References: 1168930 1183026 1183580 SLE-17838 SLE-18152 Cross-References: CVE-2021-21300 CVSS scores: CVE-2021-21300 NVD : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-21300...

Security update for fossil (moderate)

openSUSE Security Update: Security update for fossil Announcement ID: openSUSE-SU-2021:1052-1 Rating: moderate References: 1187988 Affected Products: openSUSE Backports SLE-15-SP1 An update that contains security fixes can now be installed. Description: This update for fossil fixes the following...

PYSEC-2021-85

Plone through 5.2.4 allows XSS via the inlinediff methods in Products.CMFDiffTool...

Plone 跨站脚本漏洞

Plone is the industry's leading open source CMS system for content management, document management and knowledge management. A cross-site scripting vulnerability exists in Plone 5.2.4 and earlier versions. The vulnerability can be exploited to conduct cross-site scripting attacks via the inlinedi...

Homebrew: Broken parsing of Git diff allows an attacker to inject arbitrary Ruby scripts to Casks on official taps

Description Due to improper parsing of Git diff in Homebrew/actions/review-cask-pr, it's possible to confuse parser to ignore additional lines. Which leads injection of malicious Ruby scripts. Root cause review-cask-pr uses the git diff file to check if the pull request is "simple" enough to...

Regular Expression Denial of Service

Overview Affected versions of diff are vulnerable to Regular Expression Denial of Service ReDoS. This can cause an impact of about 10 seconds matching time for data 48K characters long. Recommendation Upgrade to 3.5.0 or later. References - WhiteSource Advisory - Snyk Advisory - GitHub Advisory...

gitea -- multiple vulnerabilities

The Gitea Team reports for release 1.13.1: Hide private participation in Orgs Fix escaping issue in diff...

Virtuozzo 7 : patch (VZLSA-2019-2964)

An update for patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

new module: perl:5.30

An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault associated with a NULL pointer dereference leading to a denial of service in the intuit_diff_type function in pch.c aka a "mangled rename" issue.

...

OS Command Injection

git-diff-apply is vulnerable to OS command injection. Lack of validation of untrusted input allows an attacker to inject arbitrary OS command via the affected parameter that is subsequently used in the diff function as a git command...

Moderate: Red Hat Security Advisory: patch security and bug fix update

An update for patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

patch security and bug fix update

An update is available for patch. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The patch program applies diff files to originals. The diff command is used to...

Moderate: patch security and bug fix update

The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file patching th...

RLSA-2020:1852 Moderate: patch security and bug fix update

The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file patching th...