Oracle Linux 8 : .NET / 9.0 (ELSA-2026-25113)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-25113 advisory. 9.0.118-1.0.1 - Add support for Oracle Linux 9.0.118-1 - Update to .NET SDK 9.0.118 and Runtime 9.0.17 - Resolves: RHEL-181550 9.0.116-2 - Update to...

.NET 10.0 security update

10.0.109-1.0.1 - Add support for Oracle Linux 10.0.109-1 - Update to .NET SDK 10.0.109 and Runtime 10.0.9 - Resolves: RHEL-181555 10.0.106-2 - Update to .NET SDK 10.0.106 and Runtime 10.0.6 - Resolves: RHEL-163381 10.0.104-2 - Update to .NET SDK 10.0.104 and Runtime 10.0.4 - Resolves: RHEL-152949...

openssl security update

3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 3.5.1.openela.0.1 - Add OpenELA specific changes 1:3.5.1-7 - Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468...

A 90-Day Action Plan to Turn Resolutions into Results with Wiz

Whether you’re new to Wiz or early in your cloud security journey, start the year strong by turning cloud security resolutions into real impact in your first 90 days with Wiz...

Resolutions, shmesolutions (and what’s actually worked for me)

Welcome to this week's edition of the Threat Source newsletter. I went to bed at 8:30 p.m. on New Year's Eve, and I think that's pretty indicative of how I approach the whole idea of New Year's resolutions. I love to count down to the new year with loved ones as much as the next person, but I hav...

buildah security update

1.41.6-1.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.41.6-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.41 https://github.com/containers/buildah/commit/2ece502 - fixes 'Minor Incident CVE-2025-52881 buildah:...

java-1.8.0-openjdk security update

1.8.0.472.b08-1.0.1 - Update to 8u472-b08 GA Orabug: 38571645 - Update release notes for 8u472-b08. - Drop local JDK-8339414 fix as this is now included upstream - Reset rpmrelease to 1 now there are no other RPM builds on RHEL 8 - Sync the copy of the portable specfile with the latest update -...

Use-After-Free

github.com/envoyproxy/envoy is vulnerable to a Use-After-Free. The vulnerability is due to improper handling of DNS cache operations in the Dynamic Forward Proxy implementation, where a completion callback can trigger new or remove existing DNS resolutions, which allows an attacker to cause...

EUVD-2019-3256

Malware in sbrugna...

kernel security update

4.18.0-553.66.110.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-098 (ALASKERNEL-5.10-2025-098)

The version of kernel installed on the remote host is prior to 5.10.239-236.958. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-098 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: fix stuck flow...

CVE-2025-8283

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

nodejs:22 security update

nodejs 1:22.16.0-2 - Patch fix for sqlite CVE-2025-6965 Resolves: RHEL-103835 1:22.15-1-1 - Update to 22.16.0 Fixes: CVE-2025-23166 - Resolves: RHEL-91596 RHEL-92859 1:22.15.0-1 - Update to 22.15.0 - Drop upstream patches 1:22.13.1-4 - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87300...

podman security update

5.4.0-12.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 5:5.4.0-12 - update to the latest content of...

golang security update

1.24.4-1 - Update to Go 1.24.4 fips-1 - Resolves: RHEL-101074 1.23.10-1 - Update to Go 1.23.10 - Fix for CVE-2025-4673, CVE-2025-0913, and CVE-2025-22874 - Resolves: RHEL-96000...

python3.12 security update

3.12.11-1 - Update to 3.12.11 - Security fixes for CVE-2025-4517, CVE-2025-4330, CVE-2025-4138, CVE-2024-12718, CVE-2025-4435 Resolves: RHEL-98040, RHEL-98010, RHEL-97808, RHEL-98070, RHEL-98213...

Oracle Linux 10 : .NET / 8.0 (ELSA-2025-7599)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7599 advisory. 8.0.117-1.0.1 - Add support for Oracle Linux 8.0.117-1 - Update to .NET SDK 8.0.117 and Runtime 8.0.17 - Resolves: RHEL-94416 8.0.116-2 - Update to .NET SDK...

Fedora 41 : salt (2025-31a7eefb8f)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-31a7eefb8f advisory. - Resolves CVE-2024-38824 RHBZ2372731 - Resolves CVE-2024-38824 RHBZ2372733 - Resolves CVE-2025-22239 RHBZ2372732 - Resolves CVE-2025-22239...

tigervnc security update

1.15.0-7 - Additional fix to CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension Resolves: RHEL-97294 1.15.0-6 - Fix CVE-2025-49175: xorg-x11-server: Out-of-Bounds Read in X Rendering Extension Animated Cursors Resolves: RHEL-97268 - Fix CVE-2025-49176: xorg-x11-server:...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-076)

The version of kernel installed on the remote host is prior to 5.15.182-123.190. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-076 advisory. In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between...