Fedora 44 : rsync (2026-75599531db)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-75599531db advisory. Fixing various bugs from Upstream. I did not do a rebase since the Upstream stopped supporting the rsync-patches repo. I accepted this change in Rawhide but ...

Malicious code in rawhide (npm)

The package rawhide was found to contain malicious code...

MAL-2025-31726 Malicious code in rawhide (npm)

The package rawhide was found to contain malicious code...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094-info - https://github.com/lockness-Ko/xz-vulner...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 xz Check Script This repository contains a Bash...

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094-info - CVE-2024-3094 PoC Exploration https://gi...

mingw-gcc security and bug fix update

12.0.1-11.2 - Bump release and rebuild resolves: rhbz2096010 12.0.1-11.1 - Rebase to Fedora Rawhide resolves: rhbz2080170...

Fedora 32 : krb5 (2020-27b577ab23)

Fix CVE-2020-28196 DoS in ASN.1 parsing due to missing recursion depth checks - fc32 + fc33 only: pull-up to rawhide Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...

Fedora 28 : uwsgi (2018-acfce682f4)

Fix building in Rawhide 1556525 Jakub Jelen - Disable tcpwrappers for Fedora 28 and newer Jakub Jelen --- - Modernize and generalize building of Python subpackages : - replace python with python2 - use appropriate macros for when refering to Python 3 - prefix Python-dependent plugins with the...

Fedora 27 : fedpkg / rpkg (2017-9cac2b8b4a)

Update - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg rpkg - Ignore TestModulesCli if openidc-client is unavailable cqi - Port mbs-build to rpkg mprahl - Add .vscode to .gitignore mprahl - Fix TestPatch.testrediff in order to run with old version of mock cqi - Allow t...

openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0777-1)

java-160-openjdk was updated to 1.12.5 bnc817157 - Security fixes - S6657673, CVE-2013-1518: Issues with JAXP - S7200507: Refactor Introspector internals - S8000724, CVE-2013-2417: Improve networking serialization - S8001031, CVE-2013-2419: Better font processing - S8001040, CVE-2013-1537: Rework...

CVE-2012-5536

A certain Red Hat build of the pamsshagentauth module on Red Hat Enterprise Linux RHEL 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive information from process memory or possibly gain privilege...

Code injection

A certain Red Hat build of the pamsshagentauth module on Red Hat Enterprise Linux RHEL 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive information from process memory or possibly gain privilege...

CVE-2012-5536

A certain Red Hat build of the pamsshagentauth module on Red Hat Enterprise Linux RHEL 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive information from process memory or possibly gain privilege...

CVE-2012-5536

CVE-2012-5536 affects OpenSSH via the pam_ssh_agent_auth module on RHEL6 and Fedora Rawhide. The root cause is calling glibc’s error() instead of OpenSSH’s error() within pam_ssh_agent_auth, enabling local users to potentially disclose sensitive process-memory data or gain privileges (demonstrate...

pam_ssh_agent_auth: symbol crash leading to glibc error() called incorrectly

A certain Red Hat build of the pamsshagentauth module on Red Hat Enterprise Linux RHEL 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive information from process memory or possibly gain privilege...

Fedora 11 : xemacs-21.5.29-2.fc11 (2009-8993)

This update fixes multiple buffer overflows when reading large image files, or maliciously created image files whose headers misrepresent the actual image size. The update also addresses multiple font issues, some of which cause warnings on startup. Some warnings remain, however, unless an...

Fedora 9 : rb_libtorrent-0.12.1-2.fc9 (2009-6619)

This release adds an upstream patch to fix a directory traversal vulnerability which would allow a remote attacker to create or overwrite arbitrary files via a '..' dot dot and partial relative pathname in a specially crafted torrent. In addition to this, asio-devel has been added to the...

pidgin security and bug fix update

2.5.2-6 - Automatically detect booleans to enable build features from dist tag - Unify RHEL4 and RHEL5 spec with Fedora to make both easier to maintain 2.5.2-2 - Upstream backports: 100: sametime-redirect-null crash 101: NetworkManager-improvement 102: no-password-in-dialog-if-not-remembering 103...

Security fix for the ALT Linux 8 package freeipa version 1.1.0-3

July 23, 2008 Simo Sorce &[email protected] - 1.1.0-3 - Fix for CVE-2008-3274 - Fix segfault in ipa-kpasswd in case getifaddrs returns a NULL interface - Add fix for bug 453185 - Rebuild against openldap libraries, mozldap ones do not work properly - TurboGears is currently broken in rawhide...