webkit2gtk3 security update

2.48.1-1 - Update to 2.48.1 2.48.0-1 - Update to 2.48.0...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-128.10.2esr-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For...

CVE-2025-37965

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix invalid context error in dml helper Why "BUG: sleeping function called from invalid context" error. after: "drm/amd/display: Protect FPU in dml2validate/dml21validate" The populatedmlplanecfgfromplanestate us...

Effects of the Cyber Resilience Act (CRA) on Industrial Equipment Manufacturing Companies

The Cyber Resilience Act CRA is a new European Union EU regulation aimed at enhancing the security of digital products and services by ensuring they meet stringent cybersecurity requirements. This paper investigates the challenges that industrial equipment manufacturing companies anticipate while...

Security update for sqlite3

This update for sqlite3 fixes the following issues: Update to release 3.49.1: Improve portability of makefiles and configure scripts. CVE-2025-29087, bsc1241020: Fix a bug in the concatws function, introduced in version 3.44.0, that could lead to a memory error if the separator string is very lar...

May 16, 2025—Hotpatch KB5061258 (OS Build 26100.3983) Out-of-band

May 16, 2025—Hotpatch KB5061258 OS Build 26100.3983 Out-of-band For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview, see the update history for Windows 11, version 24H2, and the release notes for hotpatch on...

May 13, 2025—KB5058449 (Monthly Rollup)

May 13, 2025—KB5058449 Monthly Rollup End of support information Support for Windows Server 2008 has ended Windows Server 2008 Premium Assurance ended on January 13, 2026.Windows Server 2008 Extended Security Updates ESU ended on January 10, 2023. Additionally, Extended Security Updates on Azure...

Multiparty Selective Disclosure Using Attribute-Based Encryption

This study proposes a mechanism for encrypting SD-JWT Selective Disclosure JSON Web Token Disclosures using Attribute-Based Encryption ABE to enable flexible access control on the basis of the Verifier's attributes. By integrating Ciphertext-Policy ABE CP-ABE into the existing SD-JWT framework, t...

KB5058530: Servicing stack update for Windows Server 2012: May 13, 2025

KB5058530: Servicing stack update for Windows Server 2012: May 13, 2025 End of support information Support for Windows Server 2012 will end in October 2026 Windows Server 2012 reached the end of support EOS on October 10, 2023. Extended Security Updates ESUs are available for purchase and will...

KB5058524: Servicing stack update for Windows 10, version 1607 and Server 2016: May 13, 2025

KB5058524: Servicing stack update for Windows 10, version 1607 and Server 2016: May 13, 2025 Support for Windows 10 has ended on October 14, 2025 After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows...

CVE-2025-31253

This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. Muting the microphone during a FaceTime call may not result in audio being silenced...

About the security content of iPadOS 17.7.7

About the security content of iPadOS 17.7.7 This document describes the security content of iPadOS 17.7.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

About the security content of tvOS 18.5

About the security content of tvOS 18.5 This document describes the security content of tvOS 18.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of visionOS 2.5

About the security content of visionOS 2.5 This document describes the security content of visionOS 2.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are availabl...

Unbreakable Enterprise kernel security update

5.4.17-2136.343.5.1 - nvme: fix deadlock between reset and scan Bitao Hu Orabug: 37920457 5.4.17-2136.343.5 - sctp: sysctl: authenable: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 37846673 - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 3784666...

libsoup security update

2.62.3-8 - Backport patches for various CVEs, plus test improvements Resolves: RHEL-85887 Resolves: RHEL-85900 Resolves: RHEL-85901 Resolves: RHEL-87039 Resolves: RHEL-87094 Resolves: RHEL-87114 Resolves: RHEL-88348 Resolves: RHEL-88351...

CVE-2022-49899 fscrypt: stop using keyrings subsystem for fscrypt_master_key

In the Linux kernel, the following vulnerability has been resolved: fscrypt: stop using keyrings subsystem for fscryptmasterkey The approach of fs/crypto/ internally managing the fscryptmasterkey structs as the payloads of "struct key" objects contained in a "struct key" keyring has outlived its...

Confidential Serverless Computing

Although serverless computing offers compelling cost and deployment simplicity advantages, a significant challenge remains in securely managing sensitive data as it flows through the network of ephemeral function executions in serverless computing environments within untrusted clouds. While...

SUSE-SU-2025:1399-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 + CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

Security update for elemental-toolkit

This update for elemental-toolkit fixes the following issues: Updated to version 2.1.3: Simplify podman calls in CI steup Switched GHA runners to Ubuntu 24.04 Updated year in headers Updated to go1.23, required by the new x/crypto module CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs...