14 matches found
[slackware-security] rsync
New rsync packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/rsync-3.4.3-i586-1slack15.0.txz: Upgraded. This update fixes security issues: TOCTOU symlink race condition allowing local privilege...
CVE-2026-35362
The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...
CVE-2026-35362 uutils coreutils Missing TOCTOU Protection on Non-Linux Unix Platforms in Safe Traversal Module
The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...
CVE-2026-35362
The CVE-2026-35362 entry concerns the safe_traversal module in uutils coreutils, which is described as failing to provide TOCTOU protections on non-Linux Unix-like systems (e.g., macOS, FreeBSD). The vulnerability, as stated, affects directory traversal operations due to the lack of these protect...
PT-2026-34498
Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The safe traversal module, designed to protect against Time-of-Check to Time-of-Use TOCTOU symlink races—a condition where a file is modified between the time it is checked and the...
[SECURITY] [DLA 4539-1] imagemagick security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4539-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès April 19, 2026 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 6210-1] imagemagick security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6210-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 14, 2026 https://www.debian.org/security/faq -...
EUVD-2019-3176
Malware in sbrugna...
CVE-2025-8941
A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...
CVE-2025-8941 Linux-pam: incomplete fix for cve-2025-6020
A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...
SUSE CVE-2019-11503
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...
UBUNTU-CVE-2019-11503
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...
CVE-2019-11503
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...
CVE-2019-11503
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...