Fedora: Security Advisory for pypy (FEDORA-2024-797928fed3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Tomcat 9.0.0.M1 < 9.0.0.M10 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 9.0.0.M10. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat9.0.0.m10security-9 advisory. - The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4,...

Apache Tomcat 8.0.0.RC1 < 8.0.37 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 8.0.37. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat8.5.5and8.0.37security-8 advisory. - The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4,...

Apache Tomcat 7.0.0 < 7.0.72 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 7.0.72. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat7.0.72security-7 advisory. - The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC...

[SECURITY] Fedora 39 Update: pypy-7.3.15-3.fc39

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

SUSE-SU-2024:1452-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup JDK-8315708,bsc1222987 -...

SUSE-SU-2024:1451-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: - CVE-2024-21011: Fixed denial of service due to long Exception message logging JDK-8319851,bsc1222979 - CVE-2024-21068: Fixed integer overflow in C1 compiler address generation JDK-8322122,bsc1222983 - CVE-2024-21085: Fixed Pack200...

CVE-2024-26823 irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Restore quirk probing for ACPI-based systems While refactoring the way the ITSs are probed, the handling of quirks applicable to ACPI-based platforms was lost. As a result, systems such as HIP07 lose their GIC...

CVE-2024-2169 Implementations of UDP application protocols are susceptible to network loops and denial of service

Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service DOS and/or abuse of resources...

Fedora: Security Advisory for apache-commons-io (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: jsr-305-3.0.2-15.fc40

This package contains reference implementations, test cases, and other documents for Java Specification Request 305: Annotations for Software Defect Detection...

[SECURITY] Fedora 40 Update: ed25519-java-0.3.0-21.fc40

This is an implementation of EdDSA in Java. Structurally, it is based on the ref10 implementation in SUPERCOP see http://ed25519.cr.yp.to/software.html. There are two internal implementations: A port of the radix-2^51 operations in ref10 - fast and constant-time, but only useful for Ed25519. A...

[SECURITY] Fedora 40 Update: apache-commons-pool-1.6-37.fc40

The goal of Pool package is it to create and maintain an object instance pooling package to be distributed under the ASF license. The package should support a variety of pool implementations, but encourage support of an interface that makes these implementations interchangeable...

[SECURITY] Fedora 40 Update: apache-commons-collections-3.2.2-36.fc40

The introduction of the Collections API by Sun in JDK 1.2 has been a boon to quick and effective Java programming. Ready access to powerful data structures has accelerated development by reducing the need for custom container classes around each core object. Most Java2 APIs are significantly easi...

[SECURITY] Fedora 40 Update: apache-commons-io-2.13.0-8.fc40

Commons-IO contains utility classes, stream implementations, file filters, and endian classes. It is a library of utilities to assist with developing IO functionality...

[SECURITY] Fedora 39 Update: golang-github-tdewolff-minify-2.20.18-1.fc39

Minify is a minifier package written in Go. It provides HTML5, CSS3, JS, JSON, SVG and XML minifiers and an interface to implement any other minifier. Minification is the process of removing bytes from a file such as whitespace without changing its output and therefore shrinking its size and...

BIT-NODE-2023-39331

A previously disclosed vulnerability CVE-2023-30584 was patched insufficiently in commit 205f1e6. The new path traversal vulnerability arises because the implementation does not protect itself against the application overwriting built-in utility functions with user-defined implementations. Please...

CVE-2024-26327

An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations...

Buffer overflow

An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations...

CVE-2024-26327

An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations...