RLSA-2026:8456 Important: osbuild-composer security update

A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for local usage, it can also upload images directly to cloud. It is compatible with composer-cli and cockpit-composer clients. Security Fixes: net/url:...

OPENSUSE-SU-2026:20581-1 Security update for nebula

This update for nebula fixes the following issues: Changes in nebula: - Update to version 1.10.3: Fix an issue where blocklist bypass is possible when using curve P256 Any newly issued P256 based certificates will have their signature clamped to the low-s form. Nebula will assert the low-s...

Suricata IDPE 8.0.4

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...

Security update for shim

This update for shim fixes the following issues: shim is updated to version 16.1: shimstartimage: fix guid/handle pairing when uninstalling protocols Fix uncompressed ipv6 netboot fix test segfaults caused by uninitialized memory SbatLevelVariable.txt: minor typo fix. Realloc needs to allocate on...

SUSE-SU-2026:20214-1 Security update for alloy

This update for alloy fixes the following issues: Update to 1.12.2: Security fixes: - CVE-2025-68156: github.com/expr-lang/expr/builtin: Fixed potential DoS via unbounded recursion bsc1255333: - CVE-2025-31133, CVE-2025-52565, CVE-2025-52881: github.com/opencontainers/runc: Fixed container...

Suricata IDPE 8.0.3

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...

openSUSE 16 Security Update : tcpreplay (openSUSE-SU-2025-20119-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20119-1 advisory. - update to 4.5.2: features added since 4.4.4 - fix/recalculate header checksum for ipv6-frag - IPv6 frag checksum support - AFXDP socket suppor...

EUVD-2014-8516

Malware in sbrugna...

EUVD-2004-0150

Malware in sbrugna...

EUVD-2007-3149

Malware in sbrugna...

Suricata IDPE 7.0.12

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...

cloud-init security update

23.4-7.0.2.el810.10 - Fixes regression in cloud-init with module ccwritefilesdeferred Orabug: 37382965 - Update IPv6 IMDS endpoint to ULA and drop NIC identifier Orabug: 35965980 - Enable IPv6 Orabug: 36502414 - Added missing services in rhel/systemd/cloud-init.service Orabug: 32183938 - Increase...

CVE-2024-56646

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid possible NULL deref in modifyprefixroute syzbot found a NULL deref 1 in modifyprefixroute, caused by one fib6info without a fib6table pointer set. This can happen for net-ipv6.fib6nullentry 1 Oops: general protection...

DEBIAN-CVE-2024-36933

In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...

CVE-2021-47572

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled !CONFIGIPV6 we'll hit a NULL pointer dereference1 in the error path of nhcreateipv6 due to calling...

CVE-2023-52698

In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlblcalipsoaddpass If IPv6 support is disabled at boot ipv6.disable=1, the calipsoinit - netlblcalipsoopsregister function isn't called, and the netlblcalipsoopsget function always returns NULL. In...

CVE-2023-52698

In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlblcalipsoaddpass If IPv6 support is disabled at boot ipv6.disable=1, the calipsoinit - netlblcalipsoopsregister function isn't called, and the netlblcalipsoopsget function always returns NULL. In...

Update Rollup 5 for System Center 2019 Data Protection Manager

Update Rollup 5 for System Center 2019 Data Protection Manager Applies to : System Center 2019 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 5 for Microsoft System Center Data Protection Manager 2019. This article also contains the...

K16108: BIND vulnerability CVE-2014-8680

Security Advisory Description The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service assertion failure and named exit via vectors related to 1 the lack of GeoIP databases for both IPv4 and IPv6, or 2 IPv6 support with certain options...

OPENSUSE-SU-2023:0041-1 Security update for EternalTerminal

This update for EternalTerminal fixes the following issues: EternalTerminal was updated to 6.2.4: CVE-2022-48257, CVE-2022-48258 remedied fix readme regarding port forwarding 522 Fix test failures that started appearing in CI 526 Add documentation for the EternalTerminal protocol 523 ssh-et: appl...