CVE-2026-3219

pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as installing "incorrect" files according to the filename of the archive. New behavior only proceeds wit...

python3.12-packaging bug fix and enhancement update

An update is available for python3.12-packaging. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Roc...

Debian DLA-2163-1 : tinyproxy security update

A minor security issue and a severe packaging bug have been fixed in tinyproxy, a lightweight http proxy daemon. CVE-2017-11747 main.c in Tinyproxy created a /var/run/tinyproxy/tinyproxy.pid file after dropping privileges to a non-root account, which might have allowed local users to kill arbitra...

Debian: Security Advisory (DLA-2163-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2163-1] tinyproxy security update

Package : tinyproxy Version : 1.8.3-3+deb8u1 CVE ID : CVE-2017-11747 Debian Bug : 870307 948283 A minor security issue and a severe packaging bug have been fixed in tinyproxy, a lightweight http proxy daemon. CVE-2017-11747 main.c in Tinyproxy created a /var/run/tinyproxy/tinyproxy.pid file after...

openSUSE Security Update : libunwind (openSUSE-2019-61)

This update for libunwind fixes one minor security issue and one bug. The following security issue was fixed : - CVE-2015-3239: off-by-one error that could be triggered when reading untrusted binaries boo936786 The following packaging bug was fixed : - boo1122012: The 32 bit were not generated on...

openSUSE: Security Advisory for libunwind (openSUSE-SU-2019:0061-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for libunwind (low)

openSUSE Security Update: Security update for libunwind Announcement ID: openSUSE-SU-2019:0061-1 Rating: low References: 1122012 936786 Cross-References: CVE-2015-3239 Affected Products: openSUSE Leap 42.3 An update that solves one vulnerability and has one errata is now available. Description:...

Security update for Chromium (important)

This update for Chromium to version 66.0.3359.181 fixes the following issues: - CVE-2018-6118: Use after free in Media Cache bsc1091288 - CVE-2018-6085: Use after free in Disk Cache - CVE-2018-6086: Use after free in Disk Cache - CVE-2018-6087: Use after free in WebAssembly - CVE-2018-6088: Use...

Fedora 18 : rubygems-1.8.25-8.fc18 (2013-17649)

Previously a security flow was found on rubygems for validating versions with a regular expression which is vulnerable to denial of service due to backtracking. Although this was thought to be fixed in the previous rubygems, the fix was found imcomplete and the imcompleteness is now assigned as...

Fedora 19 : rubygems-2.0.10-106.fc19 (2013-17662)

Previously a security flow was found on rubygems for validating versions with a regular expression which is vulnerable to denial of service due to backtracking. Although this was thought to be fixed in the previous rubygems, the fix was found imcomplete and the imcompleteness is now assigned as...

Fedora 20 : rubygems-2.0.10-106.fc20 (2013-17603)

Previously a security flow was found on rubygems for validating versions with a regular expression which is vulnerable to denial of service due to backtracking. Although this was thought to be fixed in the previous rubygems, the fix was found imcomplete and the imcompleteness is now assigned as...

Mandriva Update for mozilla-thunderbird MDVSA-2011:080 (mozilla-thunderbird)

Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVSA-2011:080 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2011:080)

Security issues were identified and fixed in mozilla-thunderbird : Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on...

MDVA-2008:092 : python-sip

The python-sip package in Mandriva Linux 2008.0 release contained a packaging bug, making it fail to obsolete old package names. That would lead to an upgrade failure, and python-devel would not install due to unsatisfied dependencies. This update fixes that issue. %NASLMINLEVEL 70300 @DEPRECATED...

MDVA-2008:093-1 : kdesdk

kdesdk packages in Mandriva Linux 2008 and 2008 Spring had packaging bugs which led to the subversion ioslave to not build and thus not be provided. The updated packages fixed the bugs and provide the subversion access ioslave. Update: The previous kdesdk update placed subversion-related files in...

Mandriva Update for python-sip MDVA-2008:092 (python-sip)

Check for the Version of python-sip OpenVAS Vulnerability Test Mandriva Update for python-sip MDVA-2008:092 python-sip Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

Mandriva Update for pdksh MDVA-2008:037 (pdksh)

Check for the Version of pdksh OpenVAS Vulnerability Test Mandriva Update for pdksh MDVA-2008:037 pdksh Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for pdksh MDVA-2008:037 (pdksh)

Check for the Version of pdksh OpenVAS Vulnerability Test Mandriva Update for pdksh MDVA-2008:037 pdksh Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Mandriva Update for python-sip MDVA-2008:092 (python-sip)

Check for the Version of python-sip OpenVAS Vulnerability Test Mandriva Update for python-sip MDVA-2008:092 python-sip Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...