CLSA-2026-1778218633 jasper: Fix of 3 CVEs

Add Amazon Linux 2 ELS support mirrors centos7els branch with .amzn2 dist via / leapfrog over stock 1.900.1-33.amzn2.0.1 - Import CVE-2020-27828 patch from amzn2 stock SRPM out-of-bounds write in jpc encoder; jasper-2.0.14-CVE-2020-27828.patch - Import CVE-2021-3443 patch from amzn2 stock SRPM...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: qt6: qt6-filesystem-6.11.0-1.hum1 aarch64, x8664 qt6-rpm-macros-6.11.0-1.hum1 noarch qt6-srpm-macros-6.11.0-1.hum1 noarch qt6-6.11.0-1.hum1.src src...

Moderate: go-rpm-macros security update

This package provides build-stage rpm automation to simplify the creation of Go language golang packages. It does not need to be included in the default build root: go-srpm-macros will pull it in for Go packages only. Security Fixes: os/exec: Unexpected paths returned from LookPath in os/exec...

Rocky Linux 8 : qt5 (RLSA-2022:7482)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7482 advisory. - In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not...

Oracle Linux 8 : qt5 (ELSA-2022-7482)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7482 advisory. 5.15.3-1 - 5.15.3 Resolves: bz2061377 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

AlmaLinux 8 : qt5 (ALSA-2022:7482)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7482 advisory. - In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not foun...

CentOS 8 : qt5 (CESA-2022:7482)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:7482 advisory. - qt: QProcess could execute a binary from the current working directory when not found in the PATH CVE-2022-25255 Note that Nessus has not tested for this issu...

new packages: rust-srpm-macros

An update is available for rust-srpm-macros. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: perl-srpm-macros

An update is available for perl-srpm-macros. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: openblas-srpm-macros

An update is available for openblas-srpm-macros. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Roc...

new packages: ocaml-srpm-macros

An update is available for ocaml-srpm-macros. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: ghc-srpm-macros

An update is available for ghc-srpm-macros. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: kernel-srpm-macros

An update is available for kernel-srpm-macros. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

[SECURITY] Fedora 34 Update: cabal-rpm-2.0.11-1.fc34

This package provides a RPM packaging tool for Haskell Cabal-based packages. cabal-rpm has commands to generate a RPM spec file and srpm for a package. It can rpmbuild packages, yum/dnf install their dependencies, prep packages, and install them. There are commands to list package dependencies an...

go-srpm-macros bug fix and enhancement update

An update is available for go-srpm-macros. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

srpm-sav.com XSS vulnerability

Open Bug Bounty ID: OBB-601944 Description| Value ---|--- Affected Website:| srpm-sav.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

[SECURITY] Fedora 23 Update: mock-1.2.21-1.fc23

Mock takes an SRPM and builds it in a chroot...

[SECURITY] Fedora 25 Update: mock-1.2.21-1.fc25

Mock takes an SRPM and builds it in a chroot...

[SECURITY] Fedora 24 Update: mock-1.2.21-1.fc24

Mock takes an SRPM and builds it in a chroot...

Fedora 19 : syncevolution-1.4.1-1.fc19 (2014-5236)

Update to 1.4.1 stable release CVE-2014-1639 syncevolution: insecure temporary file usage in installcheck-local.sh It was found 1 that the installcheck-local.sh script of the syncevolution package creates temporary files in an insecure way. A local attacker could use these flaws to perform a...