CLSA-2026-1778112033 avahi: Fix of CVE-2026-24401

CVE-2026-24401: fix avahi-daemon crash on receipt of unsolicited mDNS responses containing self-referencing CNAME records by detecting CNAME loops in lookuphandlecname to prevent uncontrolled recursion and stack exhaustion; also includes two related DoS fixes in the same lookup path from upstream...

ALSA-2026:1715 Important: golang-github-openprinting-ipp-usb security update

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 For more detai...

Security update for tomcat10

This update for tomcat10 fixes the following issues: Updated to Tomcat 10.1.44: CVE-2025-48989: Fixed "MadeYouReset" DoS in HTTP/2 due to client triggered stream reset bsc1243895 Other fixes: Catalina Fix: Fix bloom filter population for archive indexing when using a packed WAR containing one or...

SUSE SLES15 Security Update : rmt-server (SUSE-SU-2025:02330-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02330-1 advisory. - Update to version 2.23 - CVE-2025-46727: Fixed Unbounded-Parameter DoS in Rack:QueryParser. bsc1242893 - CVE-2025-32441: Fixed a...

ruby:3.3 security update

ruby 3.3.8-4 - Upgrade to Ruby 3.3.8. Resolves: RHEL-68632 - Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 - Fix Denial of Service in CGI::Cookie.parse. CVE-2025-27219 - Fix userinfo leakage in URIjoin, URImerge and URI+. CVE-2025-27221 rubygem-abrt 0.4.0-1 - Updat...

Fedora 41 : python-tornado (2025-db6e9bb7fb)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-db6e9bb7fb advisory. This contains the backported fix for CVE-2024-52804 cookie parsing DoS vuln Tenable has extracted the preceding description block directly from the Fedora...

libsndfile security update

An update is available for libsndfile. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libsndfile is a C library for reading and writing files containing sampled...

ruby:3.1 security update

ruby 3.1.7-146 - Upgrade to Ruby 3.1.7. Resolves: RHEL-55410 - Fix DoS vulnerability in REXML. CVE-2024-39908 Resolves: RHEL-86077...

SUSE-SU-2025:1399-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 + CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

Security update for openssh

This update for openssh fixes the following issues: CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Other bugfixes: Fix ssh client segfault with GSSAPIKeyExchange=yes i...

SUSE-SU-2025:0058-1 Security update for tomcat

This update for tomcat fixes the following issues: Update to Tomcat 9.0.98 - Fixed CVEs: + CVE-2024-54677: DoS in examples web application bsc1234664 + CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation bsc1234663 + CVE-2024-52317: Request/response mix-up with HTTP/2 bsc1233435 - Catalina...

CLSA-2024-1732702046 squid: Fix of CVE-2024-45802

CVE-2024-45802: Fix DoS by a trusted server by disabling ESI...

Moderate: Red Hat Security Advisory: dotnet6.0 security update

An update for dotnet6.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.132 and Runtime 6.0.32...

ALSA-2024:3846 Moderate: python-idna security update

The hsakmt packages include a thunk library for AMD's Heterogeneous System Architecture HSA Linux kernel driver amdkfd. Security Fixes: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.12 security update

Red Hat OpenShift Container Platform release 4.15.12 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

SUSE-SU-2024:1165-1 Security update for kubernetes1.23

This update for kubernetes1.23 fixes the following issues: - Upgrade from v1.25.14 to v1.25.16 - CVE-2024-0793: Fixed a DoS caused via a malformed HPA v1 manifest. bsc1219964...

Moderate: Red Hat Security Advisory: Red Hat OpenShift distributed tracing 3.1.1 operator/operand containers

Red Hat OpenShift distributed tracing 3.1.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Moderate: Red Hat Security Advisory: .NET 7.0 security update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

SUSE-SU-2024:0855-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-6270: Fixed a use-after-free bug in aoecmdcfgpkts bsc1218562. - CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommususpend...