SUSE-SU-2025:4450-1 Security update 5.1.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 - CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

Linux Distros Unpatched Vulnerability : CVE-2022-45061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder,...

Security Vulnerabilities fixed in Firefox 72 — Mozilla

During the initialization of a new content process, a pointer offset can be manipulated leading to memory corruption and a potentially exploitable crash in the parent process. Note: this issue only occurs on Windows. Other operating systems are unaffected. When pasting a Due to a missing case...

Internet Bug Bounty: use of uninitialized variables in operator.methodcaller

I described this vulnerability in detail in a mail to the PSRT. A copy of my email, plus the fix for this issue, can be found here: https://bugs.python.org/issue27783...

Internet Bug Bounty: EIP control using type confusion in json encoding

https://bugs.python.org/issue24683 File 'eip.py' posted on the issue page proves EIP control...

Internet Bug Bounty: tokenizer crash when processing undecodable source code

http://bugs.python.org/issue25388...

Internet Bug Bounty: Multiple type confusions in unicode error handlers

https://bugs.python.org/issue24102...

Internet Bug Bounty: Multiple use after free bugs in json encoding

https://bugs.python.org/issue24094 https://bugs.python.org/issue24095 https://bugs.python.org/issue24105...