CLSA-2026-1777946894 Fix CVE(s): CVE-2022-0391, CVE-2022-45061, CVE-2024-7592, CVE-2026-4519

SECURITY UPDATE: URL parsing accepts ASCII tab/CR/LF URL smuggling - debian/patches/CVE-2022-0391.patch: sanitise tab, CR, LF anywhere in URL/scheme inside urlsplit before cache lookup, plus regression test in Lib/urlparse.py, Lib/test/testurlparse.py. - CVE-2022-0391 SECURITY UPDATE: Quadratic...

SUSE-SU-2026:0620-1 Security update for snpguest

This update for snpguest fixes the following issues: Update to version 0.10.0. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257927. - CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch...

SUSE-SU-2025:20716-1 Security update for sevctl

This update for sevctl fixes the following issues: - CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch bsc1242618 - CVE-2024-12224: idna: Fixed Punycode labels not producing any non-ASCII when decode bsc1243860...

SUSE-SU-2025:02809-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...

CLSA-2023-1697739734 python: Fix of 2 CVEs

CVE-2022-45061: fix quadratic time idna decoding - CVE-2021-3737: fix http client infinite line reading DoS after a HTTP 100 Continue...

CLSA-2023-1697739575 python3: Fix of 4 CVEs

CVE-2021-3737: Fix http client infinite line reading DoS after a HTTP 100 Continue - CVE-2021-28861: Fix an open redirection vulnerability in http.server - CVE-2022-0391: Make urllib.parse sanitize urls containing ASCII newline and tabs - CVE-2022-45061: Fix quadratic time idna decoding...

CLSA-2022-1669241475 Fix CVE(s): CVE-2022-45061

SECURITY UPDATE: Uncontrolled resource consumption - debian/patches/CVE-2022-45061.patch: Fix quadratic time idna decoding - CVE-2022-45061 Fix the tests: Certificates were expired - debian/patches/update-test-certs-and-keys.patch: Update test certs and keys...

CLSA-2022-1669240479 python: Fix of CVE-2022-45061

CVE-2022-45061: Fix quadratic time idna decoding - fix tests to be compatible with expat 2.0.1-tuxcare.els...

CLSA-2022-1669238752 python2: Fix of CVE-2022-45061

CVE-2022-45061: Fix quadratic time idna decoding - fix tests to be compatible with expat 2.2.5...

CLSA-2022-1669238513 python3: Fix of CVE-2022-45061

CVE-2022-45061: Fix quadratic time idna decoding...

CLSA-2022-1669237532 python3: Fix of CVE-2022-45061

CVE-2022-45061: Fix quadratic time idna decoding...

CLSA-2022-1669236630 python: Fix of CVE-2022-45061

CVE-2022-45061: Fix quadratic time idna decoding - fix tests to be compatible with expat 2.0.1-tuxcare.els...

python: Fix of CVE-2022-45061

CVE-2022-45061: Fix quadratic time idna decoding - fix tests to be compatible with expat 2.0.1-tuxcare.els...

SUSE: Security Advisory (SUSE-SU-2022:4071-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:4071-1 Security update for python39

This update for python39 fixes the following issues: Security fixes: - CVE-2022-42919: Fixed local privilege escalation via the multiprocessing forkserver start method bsc1204886. - CVE-2022-45061: Fixed a quadratic IDNA decoding time bsc1205244. Other fixes: - Allow building of documentation wit...

SUSE-SU-2022:4004-1 Security update for python310

This update for python310 fixes the following issues: Security fixes: - CVE-2022-42919: Fixed local privilege escalation via the multiprocessing forkserver start method bsc1204886. - CVE-2022-45061: Fixed a quadratic IDNA decoding time bsc1205244. Other fixes: - allow building of documentation wi...