11 matches found
SUSE-SU-2026:21992-1 Security update for libzypp, libsolv
This update for libzypp, libsolv fixes the following issues: libsolv was updated to 0.7.39. - fix solvchksumfree segfault when called with a NULL pointer - made repoaddsolv more robust against corrupt files bsc1265935 CVE-2026-9149 - fix potential buffer overflow when verifying EdDSA signatures...
CVE-2026-22816 Gradle fails to disable repositories which can expose builds to malicious artifacts
Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...
EUVD-2017-6093
Malware in sbrugna...
[SECURITY] Fedora 40 Update: maven-wagon-3.5.3-7.fc40
Maven Wagon is a transport abstraction that is used in Maven's artifact and repository handling code. Currently wagon has the following providers: File HTTP FTP SSH/SCP WebDAV SCM in progress...
USN-5871-2 git regression
USN-5871-1 fixed vulnerabilities in Git. A backport fixing part of the vulnerability in CVE-2023-22490 was required. This update fix this for Ubuntu 18.04 LTS. Original advisory details: It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make...
Denial Of Service (DoS)
helm.sh/helm/v3 is vulnerable to denial of service. The vulnerability exists due to the lack of repo handling for index.go, allowing an attacker to cause an application crash through the null pointer dereference by providing a malicious repository index file...
OPENSUSE-SU-2020:1993-1 Security update for rmt-server
This update for rmt-server fixes the following issues: Update to version 2.6.5: - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. - Add web server settings to /etc/rmt.conf: Now it's...
SUSE-SU-2020:3160-1 Security update for rmt-server
This update for rmt-server fixes the following issues: - Version 2.6.5 - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. - Version 2.6.4 - Add web server settings to /etc/rmt.conf: Now it'...
SUSE-SU-2020:3147-1 Security update for rmt-server
This update for rmt-server fixes the following issues: - Version 2.6.5 - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. - Version 2.6.4 - Add web server settings to /etc/rmt.conf: Now it'...
CVE-2017-14592
Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. From version 1.4.0 of Sourcetree...
Command injection
Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. From version 0.8.4b of...