Security update for rsync

This update for rsync fixes the following issues CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. CVE-2026-41035: Count of entries mismatch can lead to a use-after-free bsc1262223 CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. CVE-2026-43618: Integer Overflow...

SUSE-SU-2026:2038-1 Security update for rsync

This update for rsync fixes the following issues - CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. - CVE-2026-41035: Count of entries mismatch can lead to a use-after-free bsc1262223 - CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. - CVE-2026-43618: Integer...

CVE-2026-44060

A flaw was found in Netatalk. A remote attacker could exploit an integer underflow vulnerability in the dsiwriteinit function by sending a specially crafted request. This could lead to a denial of service DoS, making the service unavailable to legitimate users...

CLSA-2026-1779369649 rsync: Fix of CVE-2026-43618

CVE-2026-43618: fix integer overflow in compressed-token decoder allowing remote memory disclosure via crafted compressed stream...

CLSA-2026-1779369622 rsync: Fix of CVE-2026-43618

CVE-2026-43618: fix integer overflow in compressed-token decoder allowing remote memory disclosure via crafted compressed stream...

CVE-2026-44069

A flaw was found in Netatalk. A local attacker with high privileges could exploit an integer underflow vulnerability in the volxlate function. This flaw may lead to information disclosure, data corruption, or a denial of service due to improper handling of integer values...

CLSA-2026-1779368965 Fix CVE(s): CVE-2026-43618

SECURITY UPDATE: integer overflow in compressed-token decoder - debian/patches/CVE-2026-43618.patch: cap rxtoken at MAXTOKENINDEX and reject over-long simplerecvtoken literal chunks to prevent remote memory disclosure via crafted compressed stream - CVE-2026-43618...

SUSE-SU-2026:2037-1 Security update for php8

This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776. -...

Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues CVE-2026-1188: eclipse: ensure room for separator in omrsysinfogetprocessorfeaturestring bsc1265261. CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated...

SUSE-SU-2026:21739-1 Security update for rsync

This update for rsync fixes the following issues - CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. - CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. - CVE-2026-43618: Integer Overflow Information Disclosure bsc1264512. - CVE-2026-43619: Symlink Race Condition vi...

SUSE-SU-2026:21726-1 Security update for rsync

This update for rsync fixes the following issues Security issues: - CVE-2026-29518: Symlink-Race TOCTOU in Daemon bsc1264511. - CVE-2026-43617: Authorization Bypass via Hostname Resolution bsc1264515. - CVE-2026-43618: Integer Overflow Information Disclosure bsc1264512. - CVE-2026-43619: Symlink...

Rsync < 3.4.3 Integer Overflow Information Disclosure

...

CVE-2026-44069

An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...

CVE-2026-44069

Summary of CVE-2026-44069 (Netatalk) Affected: Netatalk 3.0.0 through 4.4.2.Issue: integer underflow in the volxlate function.Impact: local privileged user may obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input.Mitigation/Reme...

CVE-2026-44069 Integer underflow in volxlate

An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...

CVE-2026-44069 Integer underflow in volxlate

An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a minor service disruption via crafted volume translation input...

CVE-2026-44060

Netatalk 1.5.0–4.4.2 contains an integer underflow in dsi_writeinit() that allows a remote attacker to cause a denial of service via a crafted DSI write request. The issue is fixed in Netatalk 4.4.3. Affected: Netatalk AFP implementation; vulnerable component: dsi_writeinit() function; impact: Do...

CVE-2026-44060

An integer underflow in dsiwriteinit in Netatalk 1.5.0 through 4.4.2 allows a remote unauthenticated attacker to cause a denial of service via a crafted DSI write request...

CVE-2026-44060 Integer underflow in dsi_writeinit() leads to denial of service

An integer underflow in dsiwriteinit in Netatalk 1.5.0 through 4.4.2 allows a remote unauthenticated attacker to cause a denial of service via a crafted DSI write request...

EUVD-2026-31237

An integer underflow in dsiwriteinit in Netatalk 1.5.0 through 4.4.2 allows a remote unauthenticated attacker to cause a denial of service via a crafted DSI write request...