63 matches found
Routinator has cache path traversal when processing the module component of rsync URIs
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...
kernel security update
6.12.0-124.52.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
kernel security update
6.12.0-124.49.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
kernel security update
6.12.0-124.47.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...
gnutls security update
3.8.3-10fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35925409 - Update FIPS module name for Oracle Linux Orabug: 35925409 3.8.3-10 - Fix PKCS11 token initialization label overflow CVE-2025-9820 - Fix name constraint processing performance issue...
CVE-2026-24837
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a module friendly name could include scripts that will run during some module operations in the Persona Bar. Versions 9.13....
openssl security update
3.5.1-7.0.1fips - Update additional upstream references - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35824276 - Update FIPS module name Orabug: 35824276 3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable...
CVE-2023-40982
A stored cross-site scripting XSS vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter...
SUSE SLES15 Security Update : kernel (Live Patch 25 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2025:4050-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4050-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.100 fixes various security issues The following security issues were fixed: ...
SUSE SLES12 Security Update : kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2025:4058-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4058-1 advisory. This update for the SUSE Linux Enterprise kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: -...
Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.91 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019...
SUSE-SU-2025:4062-1 Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.116 fixes various security issues The following security issues were fixed: - CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. - CVE-2025-38617: net/packet: fix a race in packetsetring and...
Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.116 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifi...
SUSE-SU-2025:4059-1 Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: - CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. - CVE-2024-53164: net: sched: fix ordering of qlen adjustment...
SUSE-SU-2025:4043-1 Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.83 fixes various security issues The following security issues were fixed: - CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. - CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc124601...
Security update for the Linux Kernel (Live Patch 43 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.173 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifi...
SUSE SLES15 Security Update : kernel (Live Patch 49 for SUSE Linux Enterprise 15 SP3) (SUSE-SU-2025:4016-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4016-1 advisory. This update for the SUSE Linux Enterprise kernel 5.3.18-150300.59.179 fixes various security issues The following security issues were fixed: -...
SUSE-SU-2025:4040-1 Security update for the Linux Kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.170 fixes various security issues The following security issues were fixed: - CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. - CVE-2024-53164: net: sched: fix ordering of qlen adjustment...
Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP4)
This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.144 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019...
Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.110 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019...