virt:ol and virt-devel:ol security and bug fix update

hivex libguestfs 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 1:1.44.0-8 -...

python39:3.9 security update

modwsgi numpy python39 3.9.25-2 - Add explicit BR: libxcrypt-devel - Properly apply exported CFLAGS for dtrace/systemtap builds - Update to Python 3.9.25 - Move sysconfigdatadlinux.py to the debug subpackage - Fedora contributions by: Bjorn Esser Charalampos Stratakis Karolina Surma Tomas Orsava...

Oracle Linux 9 : python3.9 (ELSA-2025-23342)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23342 advisory. 3.9.25-2.0.1 - Remove upstream URL reference 3.9.25-2 - Move sysconfigdatadlinux.py to the debug subpackage 3.9.25-1 - Update to Python 3.9.25 3.9.24-...

python3.9 security update

3.9.25-2.0.1 - Remove upstream URL reference 3.9.25-2 - Move sysconfigdatadlinux.py to the debug subpackage 3.9.25-1 - Update to Python 3.9.25 3.9.24-1 - Update to Python 3.9.24...

go-toolset:rhel8 security update

delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related: RHEL-121223 golang 1.25.3-1 - Update to Go 1.25.3 sync from CentOS Stream 9 - Build go-toolset as a subpackage - Preserve GOAMD64=v1 for RHEL 8 -...

MAL-2025-188890 Malicious code in proteomics-supernova-subduction-nightwatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcc3669407f31f9abb8cfe0cb205c8684e375a293f5e45b6db130c04b4ee1a0c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584...

Security update for busybox, busybox-links

This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...

python-requests security update

2.20.0-5 - Security fix for CVE-2024-35195 Resolves: RHEL-37605 2.20.0-4 - Bump release to fix upgrade path from 2.20.0-2.1.el81 via 2.20.0-3.el88 to 2.20.0-4.el8 Related: rhbz2209469...

Security update for go1.21-openssl

This update for go1.21-openssl fixes the following issues: CVE-2024-24791: Fixed denial of service due to improper 100-continue handling bsc1227314 CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip bsc1225973 CVE-2024-24790: Fixed unexpected behavior from Is...

SUSE-SU-2024:3755-1 Security update for go1.21-openssl

This update for go1.21-openssl fixes the following issues: - CVE-2024-24791: Fixed denial of service due to improper 100-continue handling bsc1227314 - CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip bsc1225973 - CVE-2024-24790: Fixed unexpected behavior from ...

[SECURITY] Fedora 39 Update: rust-zram-generator-1.1.2-11.fc39

This is a systemd unit generator that enables swap on zram. With zram, there is no physical swap device. Part of the available RAM is used to store compressed pages, essentially trading CPU cycles for memory. To activate, install zram-generator-defaults subpackage...

Oracle Linux 8 : python27:2.7 (ELSA-2024-2987)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2987 advisory. - Fix CVE-2021-20095 Resolves: rhbz1955615 - Fix CVE-2019-6446 - Fix CVE-2014-1858, CVE-2014-1859: 1062009, 1062359 - Security fix for CVE-2022-48560...

[SECURITY] Fedora 40 Update: rust-zram-generator-1.1.2-11.fc40

This is a systemd unit generator that enables swap on zram. With zram, there is no physical swap device. Part of the available RAM is used to store compressed pages, essentially trading CPU cycles for memory. To activate, install zram-generator-defaults subpackage...

[SECURITY] Fedora 40 Update: sssd-2.9.4-7.fc40

Provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides an NSS and PAM interface toward the system and a pluggable back end system to connect to multiple different account sources. It is also the basis to provide client auditing and policy...

WALinuxAgent bug fix update

An update is available for WALinuxAgent. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Windows Azure Linux Agent supports provisioning and running Linux...

SUSE-SU-2023:2571-1 Security update for Salt

This update for salt fixes the following issues: salt: - Update to Salt release version 3006.0 jscPED-4361 See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html - Add missing patch after rebase to fix collections Mapping issues - Add python3-looseversion as new...

SUSE-SU-2023:2312-1 Security update for go1.18-openssl

This update for go1.18-openssl fixes the following issues: - Add subpackage go1.x-libstd compiled shared object libstd.so jscPED-1962 Main go1.x package included libstd.so in previous versions Split libstd.so into subpackage that can be installed standalone Continues the slimming down of main go1...

libwebp security update

1.2.0-6 - Fix tools subpackage dependency 1.2.0-4 - Added fix for mzbz1819244...

[SECURITY] Fedora 38 Update: indi-3rdparty-libraries-2.0.0-1.fc38

This is a metapackage for installing all INDI 3rdparty libraries at once. You probably don't want to install everything, but just pick the libraries you need from the appropriate subpackage. We currently ship the following libraries: - indi-3rdparty-libapogee - indi-3rdparty-libfli...