SUSE-SU-2025:20858-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: - CVE-2025-55159: slab: incorrect bounds check in getdisjointmut function can lead to undefined behavior or potential crash due to out-of-bounds access bsc1248006 - CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in...

USN-7015-7: Python 2.7 regression

USN-7015-4 fixed vulnerabilities in Python. It was discovered that the fix for CVE-2023-27043 for python2.7 was incorrectly applied on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the...

RockyLinux 8 : less (RLSA-2024:4256)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4256 advisory. less: OS command injection CVE-2024-32487 less: missing quoting of shell metacharacters in LESSCLOSE handling CVE-2022-48624 Tenable has extracted the...

Shell expansion in custom commands

Summary Undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. Details I wanted to show the git commit name in my prompt I use bash, so I added a command: custom.gitcommitname comma...

[SECURITY] [DSA 249-1] New w3mmee packages fix cookie information leak

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 249-1 [email protected] http://www.debian.org/security/ Martin Schulze February 11th, 2003 http://www.debian.org/security/faq -...