1000 matches found
Alibaba Cloud Linux 3 : 0144: osbuild-composer bug fix, enhancement and (ALINUX3-SA-2024:0144)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0144 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-2307: A flaw was found in osbuild-composer...
grub2: command/gpg: Use-after-free due to hooks not being removed on module unload
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...
Ensure That GPG Verification Is Configured for the Yum Repositories
Software packages may be tampered with by attackers during network transmission or local storage. If the integrity verification is not performed on the software packages, software tampered with by attackers may be installed. As a result, the server or even the entire network cluster is attacked. ...
container-tools:ol8 security update
aardvark-dns buildah cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed references Orabug: 33473101 Alex Burmashev - Adjust registries.conf Nikita Gerasimov - remove references to RedHat registry Nikita Gerasimov 2:1-82 - update vendored components -...
SUSE-RU-2025:0800-1 Recommended update for python3-M2Crypto
This update for python3-M2Crypto fixes the following issues: - Fix spelling of BSD-2-Clause license. - Update to 0.44.0: - The real license is BSD 2-Clause, not MIT. - Remove python-M2Crypto.keyring, because PyPI broke GPG support - Build for modern python stack on SLE/Leap - require setuptools -...
SUSE CVE-2025-0622
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...
Security update for grub2
This update for grub2 fixes the following issues: CVE-2024-45781: Fixed strcpy overflow in ufs. bsc1233617 CVE-2024-56737: Fixed a heap-based buffer overflow in hfs. bsc1234958 CVE-2024-45782: Fixed strcpy overflow in hfs. bsc1233615 CVE-2024-45780: Fixed an overflow in tar/cpio. bsc1233614...
CVE-2025-0622
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...
CVE-2025-0622
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...
DEBIAN-CVE-2025-0622
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...
CVE-2025-0622
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...
Oracle Linux 8 : container-tools:ol8 (ELSA-2025-1372)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1372 advisory. aardvark-dns buildah 2:1.33.12-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33...
container-tools:ol8 security update
aardvark-dns buildah 2:1.33.12-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/58af1cd - Resolves: RHEL-67612 cockpit-podman conmon containernetworking-plugins containers-common 1-82.0.1 - Updated removed...
How to upgrade Veeam Backup for Salesforce to version 2.1.1.
Challenge Customers who installed Veeam Backup for Salesforce 2.x on the following distros before April 2024 won't see the upgrade notification in the product due to the expiration of GPG keys and must perform the upgrade manually. CentOS 7 Red Hat Enterprise Linux 7 Oracle Linux 7 Solution...
CVE-2022-4563
A vulnerability was found in Freedom of the Press SecureDrop. It has been rated as critical. Affected by this issue is some unknown functionality of the file gpg-agent.conf. The manipulation leads to symlink following. Local access is required to approach this attack. The name of the patch is...
GHSA-88M4-H43F-WX84 PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext
Summary While rebuilding PMD Designer for Reproducible Builds and digging into issues, I found out that passphrase for gpg.keyname=0xD0BF1D737C9A1C22 is included in jar published to Maven Central. Details See...
SUSE-SU-2024:4006-1 Security update for SUSE Manager Server 4.3
This update fixes the following issues: cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start timeout for cobblerd unit bsc1219450 Provide syncsinglesystem for DHCP modules to improve performance bsc1219450...
Veeam Backup for Salesforce Built-In Updater Not Finding Updates
Challenge In Veeam Backup for Salesforce v1, the Updater displays no updates available despite the fact that newer versions are available. Cause The updater fails to identify new updates as being available because of an expired or incorrect GPG key used to verify package integrity. Without the...
virt:kvm_utils1 security update
hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release 1.3.18 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release 1.3.15...
Security update for libreoffice
This update for libreoffice fixes the following issues: libreoffice was updated to version 24.8.1.2 jscPED-10362: Release notes: https://wiki.documentfoundation.org/Releases/24.8.0/RC1 and https://wiki.documentfoundation.org/Releases/24.8.0/RC2 and...