CLSA-2026-1779880647 Fix of 6 CVEs

SECURITY UPDATE: postgresql May-2026 CVE batch - debian/patches/CVE-2026-6473.patch: integer overflow fixes across multiple vulnerable sites: hstoreplperl/hstoreplpython palloc sizing mulsize, arrayagg nitems overflow, intarray/ltxtquery findoprnd left-offset overflow, ltree lquery numvar/totalle...

openSUSE 16 Security Update : java-21-openjdk (openSUSE-SU-2026:20681-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20681-1 advisory. Update to upstream tag jdk-21.0.11+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2026:1703-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1703-1 advisory. Upgrade to upstream tag jdk-11.0.31+11 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon t...

[SECURITY] [DLA 4570-1] libdatetime-timezone-perl new timezone database

------------------------------------------------------------------------- Debian LTS Advisory DLA-4570-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 07, 2026 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 4569-1] tzdata new timezone database

------------------------------------------------------------------------- Debian LTS Advisory DLA-4569-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort May 07, 2026 https://wiki.debian.org/LTS -...

SUSE-SU-2026:1732-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.31+11 April 2026 CPU. Security issues fixed: CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

Debian dla-4570 : libdatetime-timezone-perl - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4570 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4570-1 [email protected] https://www.debian.org/lts/security/...

Debian dla-4569 : tzdata - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4569 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4569-1 [email protected] https://www.debian.org/lts/security/...

SUSE-SU-2026:1705-1 Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.11+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

SUSE-SU-2026:1703-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.31+11 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

OPENSUSE-SU-2026:20680-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

[SECURITY] [DLA 4403-1] tzdata new timezone database

------------------------------------------------------------------------- Debian LTS Advisory DLA-4403-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 12, 2025 https://wiki.debian.org/LTS -...

Debian dla-4403 : tzdata - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4403 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4403-1 [email protected] https://www.debian.org/lts/security/...

java-1.8.0-openjdk security update

1.8.0.472.b08-1.0.1 - Update to 8u472-b08 GA Orabug: 38571645 - Update release notes for 8u472-b08. - Drop local JDK-8339414 fix as this is now included upstream - Reset rpmrelease to 1 now there are no other RPM builds on RHEL 8 - Sync the copy of the portable specfile with the latest update -...

EUVD-2019-18665

Malware in sbrugna...

MAL-2025-37468 Malicious code in tzdata-finance (npm)

The package tzdata-finance was found to contain malicious code...

Malicious code in tzdata-finance (npm)

The package tzdata-finance was found to contain malicious code...

CLSA-2025-1753730595 java-17-openjdk: Fix of 25 CVEs

Update to jdk-17.0.15+6 - Set bundled freetype provide version to 2.13.2 - Set bundled harfbuzz provide version to 8.2.2 - Require tzdata-java 2025a at runtime and for build - CVE-2025-21502: fix Hotspot component vulnerability allowing unauthorized access to resources and exposure of sensitive...

CLSA-2025-1752091182 Update of tzdata

Fix incorrect tzdb.dat by harding links...