5 matches found
SUSE-SU-2025:4433-1 Security update for python39
This update for python39 fixes the following issues: Update to 3.9.25: - Security - gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser. - gh-136063: email.message: ensur...
UBUNTU-CVE-2022-49398
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace listforeachentrysafe if using giveback The listforeachentrysafe macro saves the current item n and the item after n+1, so that n can be safely removed without corrupting the list. However, when traversi...
CLSA-2022-1660761395 Fix CVE(s): CVE-2022-29154
SECURITY UPDATE: arbitrary file write vulnerability via malicious rysnc server MITM attack - debian/patches/CVE-2022-29154.patch: add extra file-list safety checks. - CVE-2022-29154 Fix noatime patch to build the testsuite and enable it in debian/rules...
[slackware-security] rsync
New rsync packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/rsync-3.2.5-i586-1slack15.0.txz: Upgraded. Added some file-list safety checking that helps to ensure that a rogue...
MGASA-2018-0025 Updated libplist packages fix security vulnerability
The base64decode function in libplist allowed attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data CVE-2017-5209. The main function in plistutil.c in libimobiledevice libplist allowed attackers to...