openSUSE 16 Security Update : tiff (openSUSE-SU-2025-20049-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20049-1 advisory. tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define...

SUSE-SU-2025:21032-1 Security update for tiff

This update for tiff fixes the following issues: tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define WORDSBIGENDIAN via tifconfig.h doc/CMakeLists.txt: remove useless cmakeminimumrequired CMake: fix build with...

DRUPAL-CORE-2025-005

Drupal Core has a rarely used feature, provided by an underlying library, which allows certain attributes of incoming HTTP requests to be overridden. This functionality can be abused in a way that may cause Drupal to cache response data that it should not. This can lead to legitimate requests...

SUSE-SU-2025:21037-1 Security update for tiff

This update for tiff fixes the following issues: tiff was updated to 4.7.1: Software configuration changes: Define HAVEJPEGTURBODUALMODE812 and LERCSTATIC in tifconfig.h. CMake: define WORDSBIGENDIAN via tifconfig.h doc/CMakeLists.txt: remove useless cmakeminimumrequired CMake: fix build with...

CVE-2017-18652

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. SVoice allows arbitrary code execution by changing dynamic libraries. The Samsung ID is SVE-2017-9299 September 2017...

CVE-2024-40635

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as roo...

CLSA-2021-1632261987 Fix of CVE: CVE-2021-33909

ELS-130: netfilter: xtables: add missing tables zeroing - CLKRN-800: CVE-2021-33909: seqfile: disallow extremely large seq buffer allocation...

RUSTSEC-2020-0081 `mio` invalidly assumes the memory layout of std::net::SocketAddr

The mio crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

Debian DSA-4203-1 : vlc - security update

Hans Jerry Illikainen discovered a type conversion vulnerability in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played. This update upgrades VLC in stretch to the new 3.x release series as security fixes couldn't be...

[SECURITY] [DSA 4203-1] vlc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4203-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 17, 2018 https://www.debian.org/security/faq -...