CLSA-2026-1777469554 rsync: Fix of 2 CVEs

CVE-2024-12086: prevent server from reading arbitrary client files via path traversal - CVE-2025-10158: fix invalid access to files array in sender - Add upstream stability fix RsyncProject/rsync PR 706: use-after-free in generator - Enable Amazon Linux 2 ELS...

EUVD-2021-34647

Malicious code in bioql PyPI...

EUVD-2022-55076

Malicious code in bioql PyPI...

Virtuozzo Hybrid Infrastructure 7.0 Hotfix 2 (7.0.0-253)

This update provides a stability fix. Vulnerability id: VSTOR-110793 A stability fix for VM live migration...

Virtuozzo Hybrid Infrastructure 7.0 Hotfix 1 (7.0.0-251)

This update provides a stability fix. Vulnerability id: VSTOR-109853 A stability fix for the chunk service...

CVE-2022-50178 wifi: rtw89: 8852a: rfk: fix div 0 exception

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: 8852a: rfk: fix div 0 exception The DPK is a kind of RF calibration whose algorithm is to fine tune parameters and calibrate, and check the result. If the result isn't good enough, it could adjust parameters and try...

CVE-2025-23147 i3c: Add NULL pointer check in i3c_master_queue_ibi()

In the Linux kernel, the following vulnerability has been resolved: i3c: Add NULL pointer check in i3cmasterqueueibi The I3C master driver may receive an IBI from a target device that has not been probed yet. In such cases, the master calls i3cmasterqueueibi to queue an IBI work task, leading to...

CVE-2024-53201 drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check for pipectx-planestate in dcn20programpipe This commit addresses a null pointer dereference issue in dcn20programpipe. Previously, commit 8e4ed3cf1642 "drm/amd/display: Add null check for...

Virtuozzo Hybrid Infrastructure 6.0 Update 1 Hotfix 12 (6.0.1-113)

This update provides a stability fix. Vulnerability id: VSTOR-96085 A stability fix for Backup Gateway...

Virtuozzo Hybrid Infrastructure 6.1 Update 1 Hotfix 10 (6.1.1-65)

This update provides a stability fix. Vulnerability id: VSTOR-96085 A stability fix for Backup Gateway...

[SECURITY] [DSA 5779-1] cups security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5779-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 29, 2024 https://www.debian.org/security/faq -...

kernel: gro: fix ownership transfer

A flaw was found in the Linux kernel's Generic Receive Offload GRO feature, where packets processed with a fragment list are not properly orphaned due to incorrect handling of socket references. This vulnerability can cause system instability or kernel bugs. The issue has been fixed by making sur...

CVE-2021-47202

In the Linux kernel, the following vulnerability has been resolved: thermal: Fix NULL pointer dereferences in ofthermal functions ofparsethermalzones parses the thermal-zones node and registers a thermalzone device for each subnode. However, if a thermal zone is consuming a thermal sensor and tha...

OPENSUSE-SU-2023:0193-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 115.0.5790.102: stability fix Chromium 115.0.5790.98: Security: The Storage, Service Worker, and Communication APIs are now partitioned in third-party contexts to prevent certain types of side-channel cross-site tracking HTTPS:...

Virtuozzo Hybrid Infrastructure 5.0 Update 1.1 (5.0.1-53)

This update provides security and stability fixes. Vulnerability id: VSTOR-51927 A security fix for CVE-2022-0378. Vulnerability id: VSTOR-51506 Fixed a connectivity issue when an Open vSwitch bridge is recreated for VLAN physical networks. Vulnerability id: VSTOR-51357 Entering maintenance may g...

Virtuozzo Hybrid Infrastructure 5.0 (5.0.0-140)

This hotfix update provides important fixes for the storage, Backup Gateway, and object storage services. Vulnerability id: VSTOR-50690 Invalid JSON data is returned for the S3 Usage Object. Vulnerability id: VSTOR-50626 Different storage services may not restart due to a deadlock in the signal...

Virtuozzo Hybrid Infrastructure 4.7 Update 1.3

This update synchronizes the MDS state, which can be unsynchronized due to previous issues, and provides important fixes for the FUSE, object storage, and compute services. Vulnerability id: VSTOR-49963 Synchronize the MDS state during an upgrade. Vulnerability id: VSTOR-50181 Fix the upgrade err...

Virtuozzo Hybrid Infrastructure 4.7 Update 1.2

This update provides a stability fix for the metadata service. Vulnerability id: VSTOR-49572 A stability fix for the metadata service...

Virtuozzo Hybrid Server 7.5 Update 2 Hotfix 2 (7.5.2-464)

The Hotfix 2 for Virtuozzo Hybrid Server 7.5 Update 2 provides stability and usability bug fixes. Vulnerability id: PSBM-136189 QEMU could mark a VM QCOW2 image as corrupt. Vulnerability id: PSBM-136198 QEMU could not be updated. Vulnerability id: PSBM-136407 VCMMD needed to be properly notified ...

Kernel update: Virtuozzo ReadyKernel patch 136.0 for Virtuozzo Hybrid Server 7.0, 7.5

The cumulative Virtuozzo ReadyKernel patch was updated with a stability fix. The patch applies to all supported kernels of Virtuozzo Hybrid Server 7. Vulnerability id: PSBM-134905 3.10.0-1062.12.1.vz7.131.10 to 3.10.0-1160.41.1.vz7.183.5 nfsd: memory corruption and kernel crash in nfsd4lock. It w...