23 matches found
EUVD-2026-28896
pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, s...
ROS-20250121-02
A vulnerability in the koji RPM-based build system is related to insufficient cleansing of data provided by the by the user. Exploitation of the vulnerability could allow a remote attacker to perform cross-site scripting XSS attacks. Cross-site scripting XSS attacks...
Unbreakable Enterprise kernel security update
5.4.17-2136.311.6 - Revert 'KVM: x86: Print error code in exception injection tracepoint iff valid' Sherry Yang Orabug: 34535896 5.4.17-2136.311.5 - netfilter: nftables: do not allow RULEID to refer to another chain Thadeu Lima de Souza Cascardo Orabug: 34495567 CVE-2022-2586 - netfilter: nftable...
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2022-1143)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2021-2876)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2021-1992)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3286-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2018-1353)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2019-1466)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 9 package clamav version 0.101.5-alt1
0.101.5-alt1 built Nov. 28, 2019 Sergey Y. Afonin in task 241709 Nov. 26, 2019 Sergey Y. Afonin - 0.101.5 CVE-2019-15961 - fixed tests for libcheck 0.13.0 clamav-0.101.5-libcheck-0.13.0.patch - updated License tag to SPDX syntax needs revision of exceptions - removed rpm-build-licenses from...
Security fix for the ALT Linux 8 package clamav version 0.101.5-alt1
Nov. 26, 2019 Sergey Y. Afonin 0.101.5-alt1 - 0.101.5 CVE-2019-15961 - fixed tests for libcheck 0.13.0 clamav-0.101.5-libcheck-0.13.0.patch - updated License tag to SPDX syntax needs revision of exceptions - removed rpm-build-licenses from BuildRequires...
Fedora 29 : glibc (2018-f6b7df660d)
This update for the glibc package addresses one moderate security vulnerability and a minor defect : - CVE-2018-19591: A file descriptor leak in ifnametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido...
Fedora 28 : glibc (2018-060302dc83)
This update for the glibc package addresses one moderate security vulnerability and several defects. - CVE-2018-19591: A file descriptor leak in ifnametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido...
spamassassin security update
3.4.0-4 - Add missing Requires for perlXSLoader and perlExtUtils::MakeMaker, - which are no longer auto-generated due to a expected change in rpm-build - Related: rhbz1632998 3.4.0-3 - Fix CVE-2018-11781 - Local user code injection in the meta rule syntax - Fix CVE-2017-15705 - Certain unclosed...
openSUSE Security Update : python3-rpm / rpm / rpm-python (openSUSE-SU-2014:1716-1)
This rpm update fixes the following security and non security issues : - honor --noglob in install mode bnc892431 - check for bad invalid name sizes bnc908128 CVE-2014-8118 - create files with mode 0 bnc906803 CVE-2013-6435 This update also includes version updates of rpm-python and python3-rpm...
Oracle Linux 5 : rpm (ELSA-2010-0679)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0679 advisory. - fix CVE-2010-2059, fails to drop SUID/SGID bits on package upgrade 626707 Tenable has extracted the preceding description block directly from the Oracle Linux...
[SECURITY] Fedora 18 Update: rpmdevtools-8.3-1.fc18
This package contains scripts and XEmacs support files to aid in development of RPM packages. rpmdev-setuptree Create RPM build tree within user's home directory rpmdev-diff Diff contents of two archives rpmdev-newspec Creates new .spec from template rpmdev-rmdevelrpms Find and optionally remove...
Mandriva Linux Security Advisory : rpm (MDVSA-2010:180)
A vulnerability has been found and corrected in rpm : lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain...
DEBIAN-CVE-2010-2197
rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ; semicolon tilde sequence in a Name tag...
perl security update
3:5.8.5-52.el4 - build system contains new rpm, which can't create list of header files anymore failure of rpm -ql. Arch specific files contain list of all header files for RHEL-4 or mentioned packages. - Related: rhbz591160 3:5.8.5-50.el4 - CVE-2010-1168 perl Safe: Intended restriction bypass vi...