CVE-2025-65111 SpiceDB's LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results

SpiceDB is an open source database system for creating and managing security-critical application permissions. Prior to version 1.47.1, if a schema includes the following characteristics: permission defined in terms of a union + and that union references the same relation on both sides but one si...

[SECURITY] Fedora 35 Update: golang-github-appc-spec-0.8.11-14.fc35

This package contains schema definitions and tools for the App Container app c specification. These include technical details on how an appc image is downloaded over a network, cryptographically verified, and executed on a host. See SPEC.md for details of the specification itself...

[SECURITY] Fedora 36 Update: golang-github-appc-spec-0.8.11-14.fc36

This package contains schema definitions and tools for the App Container app c specification. These include technical details on how an appc image is downloaded over a network, cryptographically verified, and executed on a host. See SPEC.md for details of the specification itself...

GHSA-QFR5-WJPW-Q4C4 Denial of Service in python-ldap

python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service ReDoS flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this...

[SECURITY] Fedora 34 Update: golang-github-appc-spec-0.8.11-13.fc34

This package contains schema definitions and tools for the App Container app c specification. These include technical details on how an appc image is downloaded over a network, cryptographically verified, and executed on a host. See SPEC.md for details of the specification itself...

[SECURITY] Fedora 35 Update: golang-github-appc-spec-0.8.11-13.fc35

This package contains schema definitions and tools for the App Container app c specification. These include technical details on how an appc image is downloaded over a network, cryptographically verified, and executed on a host. See SPEC.md for details of the specification itself...

tomcat6 security update

0:6.0.24-78 - Related: CVE-2013-4590 - remove xml schema names javaee5, - javaeewebservices12, and javaeewebservices12client - from descriptor.DigesterFactory initialization. These - schema definitions are not relevant to 6.0.24 as the version - of their spec did not exist at the time. 0:6.0.24-7...