Security update for openCryptoki (moderate)

openSUSE security update: security update for opencryptoki ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20699-1 Rating: moderate References: bsc1262283 bsc1263819 Cross-References: CVE-2026-40253 Affected Products: openSUSE Leap 16.0...

OPENSUSE-SU-2026:20699-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...

SUSE-SU-2026:21593-1 Security update for openCryptoki

This update for openCryptoki fixes the following issues Security issue: - CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects bsc1262283. Non security issue: - Refactored .spec file to fully support transactional and immutable operating systems jscPED-14609: Migrated user...

nginx:1.26 security update

2:1.26.3-2.0.1.1 - Require oracle-indexhtml 2:1.26.3-6 - Resolves: RHEL-157887 - CVE-2026-32647 nginx:1.26/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files 2:1.26.3-5 - Resolves: RHEL-159446 - CVE-2026-27651 nginx:1.26/nginx: NGINX: Denial of Service via undisclos...

EUVD-2021-27274

Malware in sbrugna...

Fedora 37 : grafana (2022-8f60426b65)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-8f60426b65 advisory. Automatic update for grafana-9.0.2-2.fc37. Changelog Wed Jul 13 2022 Andreas Gerstmayr 9.0.2-2 - use systemd-sysusers to create the Grafana user and group...

grafana security and enhancement update

9.2.10-7 - resolve RHEL-12649 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch 9.2.10-6 - Add /usr/share/grafana to systemd-sysusers --replace 9.2.10-5 - resolve CVE-2023-3128 grafana:...

dhcp security and enhancement update

12:4.4.2-18.b1 - Fix for CVE-2022-2928 - Fix for CVE-2022-2929 - Use systemd-sysusers for dhcp user and group 2095396...

SUSE-SU-2023:0795-1 Security update for docker

This update for docker fixes the following issues: Docker was updated to 20.10.23-ce. See upstream changelog at https://docs.docker.com/engine/release-notes/201023 Docker was updated to 20.10.21-ce bsc1206065 See upstream changelog at https://docs.docker.com/engine/release-notes/201021 Security...

frr security, bug fix, and enhancement update

Tue Jun 14 2022 Michal Ruprich - 8.2.2-4 - Resolves: 2095404 - frr use systemd-sysusers 8.2.2-3 - Resolves: 2081304 - Enhanced TMT testing for centos-stream 8.2.2-2 - Resolves: 2069571 - the dynamic routing setup does not work any more 8.2.2-1 - Resolves: 2069563 - Rebase frr to version 8.2.2...

Remote Code Execution (RCE)

opensysusers is vulnerable to denial of service. It does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...

CVE-2021-40084

opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...

CVE-2021-40084

opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...

Command injection

opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...

UBUNTU-CVE-2021-40084

opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...

CVE-2021-40084

opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...

opensysusers 代码注入漏洞

opensysusers is an open source package. It is an alternative implementation of systemd-sysusers that can be run on systems with or without systemd installed. A code injection vulnerability exists in versions of opensysusers prior to 0.6, which poses a security risk primarily due to the use of...