Debian dsa-6328 : libtomcat10-embed-java - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6328 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6328-1 [email protected]...

CLSA-2026-1780132159 Fix of 7 CVEs

CVE-2026-23193 - scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount CVE-2026-23193 CVE-2025-71093 - e1000: fix OOB in e1000tbishouldaccept CVE-2025-71093 CVE-2025-71116 - libceph: make decodepool more resilient against corrupted osdmaps CVE-2025-71116 CVE-2025-71136 - media:...

CLSA-2026-1778261301 Update of alt-php

Miscellaneous upstream changes - xfrm: esp: avoid in-place decrypt on shared skb frags...

CLSA-2026-1777636990 Fix of 9 CVEs

CVE-2026-31431 - crypto: scatterwalk - Backport memcpysglist CVE-2026-31431 - crypto: algifaead - use memcpysglist instead of null skcipher CVE-2026-31431 - crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 - crypto: algifaead - snapshot IV for async AEAD requests CVE-2026-31431...

bind security update

9.16.23-34.0.1.el97.2 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-34.2 - Prevent Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 32:9.16.23-34.1 - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Replace downstream fixes...

Oracle Linux 9 : tar (ELSA-2026-0067)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-0067 advisory. 2:1.34-9 - Fix the last patch to solve a regression with -x and --xattrs: RHEL-136277 also, fix another tiny mistake in the patch w/o visible consequences...

USN-7851-2: runC regression

USN-7851-1 fixed vulnerabilities in runC. The introduction of a new upstream release has caused regressions in runc-app and runc-stable. This update fixes the problem. Original advisory details: Lei Wang and Li Fubang discovered that runC incorrectly handled masked paths. An attacker could possib...

bind security update

9.16.23-31.0.1 - Fix warning when changing device file permissions Orabug: 36518580 32:9.16.23-31.2 - Replace downstream fixes with upstream changes 32:9.16.23-31.1 - Prevent cache poisoning due to weak PRNG CVE-2025-40780 - Address various spoofing attacks CVE-2025-40778...

CLSA-2025-1749548218 Fix of 6 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free CVE-url: https://ubuntu.com/security/CVE-2021-47211 - ALSA: usb-audi...

Fedora: Security Advisory (FEDORA-2025-6ddb790d26)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:4054-1 Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop

This update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop fixes the following issues: xmlgraphics-fop was updated from version 2.8 to 2.10: - Security issues fixed: CVE-2024-28168: Fixed improper restriction of XML External Entity XXE reference bsc1231428 -...

CLSA-2024-1724870873 Fix CVE(s): CVE-2023-52629, CVE-2023-52760, CVE-2024-39484, CVE-2024-39487

CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bondoptionarpiptargetsset CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2qddealloc CVE-url: https://ubuntu.com/security/CVE-2023-52629 - sh: push-switch: Reorder...

CLSA-2024-1724754216 Fix CVE(s): CVE-2023-52760, CVE-2024-35835, CVE-2024-39484, CVE-2024-39487

CVE-url: https://ubuntu.com/security/CVE-2024-39487 - bonding: Fix out-of-bounds read in bondoptionarpiptargetsset CVE-url: https://ubuntu.com/security/CVE-2023-52760 - gfs2: Fix slab-use-after-free in gfs2qddealloc CVE-url: https://ubuntu.com/security/CVE-2024-39484 - mmc: davinci: Don't strip...

SUSE-FU-2024:2078-1 Feature update for rabbitmq-server313, erlang26, elixir115

This update for rabbitmq-server313, erlang26, elixir115 fixes the following issues: rabbitmq-server was implemented with a parallel versioned RPM package at version 3.13.1 jscPED-8414: - Security issues fixed: CVE-2021-22116: Fixed improper input validation that may lead to Denial of Sercice DoS...

Updated webkit2 packages fix security vulnerabilities

Due to issues in our build system this package is very outdated, now that the issues are fixed we are publishing the current upstream version. Lot of CVEs are fixed and a lot of changes were made by upstream, see the links...

MGASA-2024-0148 Updated webkit2 packages fix security vulnerabilities

Due to issues in our build system this package is very outdated, now that the issues are fixed we are publishing the current upstream version. Lot of CVEs are fixed and a lot of changes were made by upstream, see the links...

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.6 and fixes at least the following security issues: A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose handler could happen if removing device that is not common to remove video card physically without power-off,...

USN-4441-2 mysql-8.0 regression

USN-4441-1 fixed vulnerabilities in MySQL. The new upstream version changed compiler options and caused a regression in certain scenarios. This update fixes the problem. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versio...

openSUSE Security Update : calamares (openSUSE-2019-2628)

This update for calamares fixes the following issues : - Launch with 'pkexec calamares' in openSUSE Tumbleweed, but launch with 'xdg-su -c calamares' in openSUSE Leap 15. Update to Calamares 3.2.15 : - 'displaymanager' module now treats 'sysconfig' as a regular entry in the 'displaymanagers' list...

OPENSUSE-SU-2017:2984-1 Security update for redis

This update for redis to version 4.0.2 fixes the following issues: - CVE-2016-8339: CONFIG SET client-output-buffer-limit Code Execution Vulnerability boo1002351 The following upstream changes are included: - SLOWLOG now logs the offending client name and address - The modules native data types R...