Security update for salt

This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...

SUSE-SU-2026:2256-1 Security update for salt

This update for salt fixes the following issue: Security issues fixed: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 - Harden...

SUSE-SU-2026:2255-1 Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 - CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer...

SUSE-SU-2026:2252-1 Security update for salt

This update for salt fixes the following issue: Security issues fixed: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 - Harden...

SUSE CVE-2025-71298

In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around madvise Acquire and release the GEM object's reservation lock around calls to the object's madvide operation. The tests use drmgemshmemmadviselocked, which led to errors such as show...

UBUNTU-CVE-2025-71298

In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around madvise Acquire and release the GEM object's reservation lock around calls to the object's madvide operation. The tests use drmgemshmemmadviselocked, which led to errors such as show...

PT-2026-38921

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel's DRM tests where the GEM object's reservation lock was not held during the object's purge operation. This lack of synchronization led to errors when...

SUSE-SU-2026:1523-1 Security update 5.1.3 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Backport security patch for Salt vendored tornado bsc1259554: CVE-2026-31958: Add limits on multipart form data parsing - Add x8664v2 as a possible rpm package architecture - Make users with backslash working for salt-ssh bsc1254629 - Fi...

CVE-2020-35711

An issue has been discovered in the arc-swap crate before 0.4.8 and 1.x before 1.1.0 for Rust. Use of arcswap::access::Map with the Constant test helper or with a user-supplied implementation of the Access trait could sometimes lead to dangling references being returned by the map...

@dm3-org/delivery-service (>=1.4.0 <=1.7.1), @dm3-org/dm3-backend (>=1.0.1 <=1.7.1) +18 more potentially affected by unknown CVE via @dm3-org/dm3-lib-shared (>=1.0.6 <=1.7.2)

@dm3-org/dm3-lib-shared NPM version =1.0.6, =1.4.0, =1.0.1, =1.0.5, =1.0.5, =1.0.5, =1.0.5, =1.0.5, =0.0.1-alpha1, =1.0.5, =1.4.0, =1.0.0, =1.0.7 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-3713...

3id-test-helper (>=1.0.0 <=1.0.4), @0xvaibhav/--core (>=1.0.0 <=1.0.4) +226 more potentially affected by CVE-2022-23487 via libp2p (>=0.27.4 <=0.37.3)

libp2p NPM version =0.27.4, =1.0.0, =1.0.0, =0.0.1, =0.9.139, =0.0.2, =0.0.1, =1.0.0, =1.9.40, =1.0.0-rc.3, =0.1.2-beta.2, =0.1.2-beta.2, =0.1.2-beta.2, =0.3.2, =0.5.2, =0.5.3 and more Source cves: CVE-2022-23487 Source advisory: OSV:GHSA-F44Q-634C-JVWV...

DEBIAN-CVE-2020-35711

An issue has been discovered in the arc-swap crate before 0.4.8 and 1.x before 1.1.0 for Rust. Use of arcswap::access::Map with the Constant test helper or with a user-supplied implementation of the Access trait could sometimes lead to dangling references being returned by the map...

CVE-2020-35711

An issue has been discovered in the arc-swap crate before 0.4.8 and 1.x before 1.1.0 for Rust. Use of arcswap::access::Map with the Constant test helper or with a user-supplied implementation of the Access trait could sometimes lead to dangling references being returned by the map...

Information disclosure

An issue has been discovered in the arc-swap crate before 0.4.8 and 1.x before 1.1.0 for Rust. Use of arcswap::access::Map with the Constant test helper or with a user-supplied implementation of the Access trait could sometimes lead to dangling references being returned by the map...

CVE-2020-35711

An issue has been discovered in the arc-swap crate before 0.4.8 and 1.x before 1.1.0 for Rust. Use of arcswap::access::Map with the Constant test helper or with a user-supplied implementation of the Access trait could sometimes lead to dangling references being returned by the map...

RUSTSEC-2020-0091 Dangling reference in `access::Map` with Constant

Using the arcswap::access::Map with the Constant test helper or with user-provided implementation of the Access trait could sometimes lead to the map returning dangling references. Replaced by implementation without unsafe, at the cost of added Clone bound on the closure and small penalty on...

Fedora Update for jetty-test-helper FEDORA-2017-03954b6dc4

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : jetty / jetty-alpn / jetty-test-helper (2017-03954b6dc4)

Update to latest upstream release in order to fix CVE-2017-9735 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...