Updated roundcubemail packages fix security vulnerability

SVG Animate FUNCIRI Attribute Bypass — Remote Image Loading via fill/filter/stroke And some regressions from the last fix are fixed...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : postgresql17 (SUSE-SU-2026:0883-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0883-1 advisory. Update to version 17.9 bsc1258754. Security issues fixed: - CVE-2026-2003: improper validation o...

SUSE-SU-2026:0881-1 Security update for postgresql18

This update for postgresql18 fixes the following issues: Update to version 18.3 bsc1258754. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to...

SUSE SLES15 Security Update : postgresql14 (SUSE-SU-2026:0768-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0768-1 advisory. Update to version 14.22 bsc1258754. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow...

SUSE SLES15 / openSUSE 15 Security Update : postgresql15 (SUSE-SU-2026:0771-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0771-1 advisory. Update to version 15.17 bsc1258754. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' m...

SUSE-SU-2026:0787-1 Security update for postgresql17

This update for postgresql17 fixes the following issue: Update to version 17.9 bsc1258754. Regression fixes: - the substring function raises an error 'invalid byte sequence for encoding' on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. - a...

Security update for postgresql15

This update for postgresql15 fixes the following issues: Update to version 15.17 bsc1258754. Security issues fixed: CVE-2026-2003: improper validation of type "oidvector" may allow disclose a few bytes of server memory bsc1258008. CVE-2026-2004: intarray missing validation of type of input to...

SUSE-SU-2026:0770-1 Security update for postgresql15

This update for postgresql15 fixes the following issues: Update to version 15.17 bsc1258754. Security issues fixed: - CVE-2026-2003: improper validation of type 'oidvector' may allow disclose a few bytes of server memory bsc1258008. - CVE-2026-2004: intarray missing validation of type of input to...

MiracleLinux 8 : httpd:2.4 (AXSA:2021-2541:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2541:01 advisory. httpd: modsession: NULL pointer dereference when parsing Cookie header CVE-2021-26690 httpd: Unexpected URL matching with 'MergeSlashes OFF'...

EUVD-2019-6713

Malware in sbrugna...

USN-7376-2: MariaDB vulnerability

USN-7376-1 fixed vulnerabilities in MariaDB. This update provides the corresponding updates for Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. Original advisory details: A security issue was discovered in MariaDB and this update includes a new upstream MariaDB version to fix the issue. In addition to...

USN-7376-1: MariaDB vulnerability

A security issue was discovered in MariaDB and this update includes a new upstream MariaDB version to fix the issue. In addition to security fixes, the updated packages contain bug and regression fixes, new features, and possibly incompatible changes...

USN-7376-1 mariadb vulnerability

A security issue was discovered in MariaDB and this update includes a new upstream MariaDB version to fix the issue. In addition to security fixes, the updated packages contain bug and regression fixes, new features, and possibly incompatible changes...

Oracle Linux 9 : edk2:20240524 (ELSA-2024-11219)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-11219 advisory. 20240524-6.0.1.el95.3 - edk2-OvmfPkg-Rerun-dispatcher-after-initializing-virtio-r.patch RHEL-58631 - Resolves: RHEL-58631 Regression HTTP Boot fails to work wi...

[SECURITY] [DLA 3957-2] needrestart regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3957-2 [email protected] https://www.debian.org/lts/security/ Salvatore Bonaccorso December 02, 2024 https://wiki.debian.org/LTS -...

SUSE-SU-2024:1260-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length bsc1222309. - CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply bsc1222310. - CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use...

SUSE-SU-2023:3863-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2023-20897: Fixed DOS in minion return. bsc1214796, bsc1213441 - CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. bsc1214797, bsc1193948 Bugs...

OPENSUSE-SU-2022:10007-1 Security update for caddy

This update for caddy fixes the following issues: Update to version 2.5.1: Fixed regression in Unix socket admin endpoints. Fixed regression in caddy trust commands. Hash-based load balancing policies iphash, urihash, header, and cookie use an improved highest-random-weight HRW algorithm for...

Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)

Summary Nokogiri v1.13.2 upgrades two of its packaged dependencies: vendored libxml2 from v2.9.12 to v2.9.13 vendored libxslt from v1.1.34 to v1.1.35 Those library versions address the following upstream CVEs: libxslt: CVE-2021-30560 CVSS 8.8, High severity libxml2: CVE-2022-23308 Unspecified...

SUSE-SU-2020:3243-1 Security update for salt

This update for salt fixes the following issues: - Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string bsc1178485 - Properly validate eauth credentials and tokens on SSH calls made by Salt API bsc1178319, bsc1178362, bsc1178361, CVE-2020-25592, CVE-2020-17490,...