[SECURITY] Fedora 41 Update: mirrorlist-server-3.0.7-7.fc41

The mirrorlist-server uses the data created by MirrorManager2 https://github.com/fedora-infra/mirrormanager2 to answer client request for the "best" mirror. This implementation of the mirrorlist-server is written in Rust. The original version of the mirrorlist-server was part of the MirrorManager...

Fedora 41 : glibc (2025-e489437b3d)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e489437b3d advisory. This update contains the following bug fixes and enhancements: String function register clobbers specific to POWER10 machines CVE-2025-5702,...

SUSE-SU-2025:02096-1 Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing...

June 24, 2025—KB5061087 (OS Build 19045.6036) Preview

June 24, 2025—KB5061087 OS Build 19045.6036 Preview Important Windows updates do not install Microsoft Store application updates. If you are an enterprise user, see Microsoft Store apps - Configuration Manager. If you are a consumer user, see Get updates for apps and games in Microsoft Store. For...

Security update for python311

This update for python311 fixes the following issues: python311 was updated from version 3.11.10 to 3.11.13: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...

Understanding Content Moderation Policies and User Experiences in Generative AI Products

While recent research has focused on developing safeguards for generative AI GAI model-level content safety, little is known about how content moderation to prevent malicious content performs for end-users in real-world GAI products. To bridge this gap, we investigated content moderation policies...

SUSE-SU-2025:02049-1 Security update for python311

This update for python311 fixes the following issues: python311 was updated from version 3.11.10 to 3.11.13: - Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...

SUSE-SU-2025:02048-1 Security update for python312

This update for python312 fixes the following issues: python312 was updated from version 3.12.9 to 3.12.11: - Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...

Security update for python310

This update for python310 fixes the following issues: python310 was updated from version 3.10.16 to 3.10.18: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273 CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fix...

Navigating the Deep: Signature Extraction on Deep Neural Networks

Neural network model extraction has emerged in recent years as an important security concern, as adversaries attempt to recover a network's parameters via black-box queries. A key step in this process is signature extraction, which aims to recover the absolute values of the network's weights laye...

CVE-2022-49944

In the Linux kernel, the following vulnerability has been resolved: Revert "usb: typec: ucsi: add a common function ucsiunregisterconnectors" The recent commit 87d0e2f41b8c "usb: typec: ucsi: add a common function ucsiunregisterconnectors" introduced a regression that caused NULL dereference at...

CVE-2022-49944 Revert "usb: typec: ucsi: add a common function ucsi_unregister_connectors()"

In the Linux kernel, the following vulnerability has been resolved: Revert "usb: typec: ucsi: add a common function ucsiunregisterconnectors" The recent commit 87d0e2f41b8c "usb: typec: ucsi: add a common function ucsiunregisterconnectors" introduced a regression that caused NULL dereference at...

SUSE-SU-2025:01487-2 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 + CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

Fedora: Security Advisory (FEDORA-2025-4fc3431dab)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MINI-3696-QFP3-376V

Bulletin has no description...

SUSE-SU-2025:01889-1 Security update for nbdkit

This update for nbdkit fixes the following issues: Update to version 1.36.5. Security fixes: - CVE-2025-47712: integer overflow in blocksize filter when processing client block status requests larger than 232 will trigger an assertion failure and cause a denial-of-service. bsc1243108. -...

SUSE-SU-2025:20395-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - Update to release 3.49.1: Improve portability of makefiles and configure scripts. CVE-2025-29087: Fixed Integer Overflow in SQLite concat Function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component...

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to release 3.49.1: Improve portability of makefiles and configure scripts. CVE-2025-29087: Fixed Integer Overflow in SQLite concat Function bsc1241020 CVE-2025-29088: Fixed integer overflow through the SQLITEDBCONFIGLOOKASIDE component...

May 13, 2025—KB5058430 (Monthly Rollup)

May 13, 2025—KB5058430 Monthly Rollup End of support information Support for Windows Server 2008 R2 has ended Windows Server 2008 R2 Premium Assurance ended on January 13, 2026.Windows Server 2008 R2 Extended Security Updates ESU ended on January 10, 2023. Additionally, Extended Security Updates ...

May 13, 2025—KB5058403 (Monthly Rollup)

May 13, 2025—KB5058403 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU only a...