[BSA-134] Security Update for jq

ChangZhuo Chen uploaded new packages for jq which fixed the following security problems: CVE-2026-32316 jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvpstringappend and jvpstringcopyreplacebad functions, where concatenating strings...

CVE-2023-23301

The news MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that string resources are not extending past the end of the expected sections. A malicious CIQ application could craft a string that starts near the end of a section, and whose length extends past its end. Upon...

Proxomitron Proxy Server - GET Remote Denial of Service

Proxomitron Proxy Server - GET Remote Denial of Service source: https://www.securityfocus.com/bid/7954/info It has been reported that Proxomitron does not properly handle some string types. Because of this, an attacker can cause the server to become unstable and crash. GET /../..0%%../ 4504 chars...

xinetd 2.3.0 audit status

Hi, As some of you may know, I've performed an audit of the xinetd 2.3.0 source code for certain classes of vulnerabilities. The audit has resulted in a significant number of fixes many are for non-security issues. The patch was over 100 KB large and got incorporated into xinetd starting with...