60 matches found
Exploit for Use of Less Trusted Source in Meshtastic Meshtastic_Firmware
Stopping Meshtastic from-field spoof attacks — shape-detecti...
java-25-openjdk security update
1:25.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:25.0.3.0.9-1 - Update to jdk-25.0.3+9 GA - Update release notes to 25.0.3+9 - Update FIPS patch to 57722aab802 version synced with 25.0.3+8 - Drop local libpng patches now JDK-8372534, JDK-8375063 & JDK-8377526 are included upstrea...
CLSA-2026-1771664593 Fix CVE(s): CVE-2026-21925, CVE-2026-21932, CVE-2026-21933, CVE-2026-21945
OpenJDK 8u482 release + CVE-2026-21945: enhance Certificate Checking + CVE-2026-21932: enhance Handling of URIs + CVE-2026-21933: improve HttpServer Request handling + CVE-2026-21925: improve JMX connections - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2026-January/020959.html...
Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: Update to 2.4.17.1 bsc1248806 / PED-14130. Remove many patches, as they've been merged upstream. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
SUSE-SU-2025:4532-1 Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: - Update to 2.4.17.1 bsc1248806 / PED-14130. - Remove many patches, as they've been merged upstream...
Oracle Linux 8 : abrt (ELSA-2025-22760)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22760 advisory. 2.10.9-25.0.1 - Replaces sosreport to sos report in sosreport-event.conf Orabug: 38590929 - abrt-dump-oops-Fix-vmcore-call-trace-parsing-arm Orabug: 34184473 -...
CLSA-2025-1764692266 buildah: Fix of 4 CVEs
Update buildah to 1.39.6 - CVE-2025-52881: fix runc vulnerability by updating to runc v1.2.8 - Update golang dependency to 1.22.9.tuxcare.els1 - Remove patches for fixes included in upstream CVE-2024-9341, CVE-2024-9407, CVE-2025-27144...
Fedora: Security Advisory (FEDORA-2024-55a5adeec4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : cobbler (openSUSE-SU-2024:0382-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0382-1 advisory. Update to 3.3.7: Security: Fix issue that allowed anyone to connect to the API as admin CVE-2024-47533, boo1231332 bind - Fix bug that prevents cname...
libsoup security update
2.72.0-8.el95.2 - Backport upstream patch for CVE-2024-52532 - infinite loop while reading websocket data - Resolves: RHEL-67068 2.72.0-8.el95.1 - Backport upstream patch for CVE-2024-52530 - HTTP request smuggling via stripping null bytes from the ends of header names - Resolves: RHEL-67080...
CLSA-2023-1675985852 java-1.8.0-openjdk: Fix of 2 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs: - CVE-2023-21830: Improper restrictions in CORBA deserialization Serialization, 8285021 - CVE-2023-21843: Soundbank URL remote loading Sound, 8293742 - Update tzdata requirement to 2022g to match JDK-8297804 -...
CLSA-2023-1675984558 java-1.8.0-openjdk: Fix of 2 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u362-b09. That fixes following CVEs: - CVE-2023-21830: Improper restrictions in CORBA deserialization Serialization, 8285021 - CVE-2023-21843: Soundbank URL remote loading Sound, 8293742 - Update tzdata requirement to 2022g to match JDK-8297804 -...
Mageia: Security Advisory (MGASA-2014-0319)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2021-1640271821 Fix CVE(s): CVE-2020-28024, CVE-2020-28025, CVE-2020-28026, CVE-2020-28020, CVE-2020-28021, CVE-2020-28022, CVE-2020-28011, CVE-2020-28013, CVE-2020-28012, CVE-2020-28015, CVE-2020-28007, CVE-2020-28017, CVE-2021-27216, CVE-2020-28008, CVE-2020-28009, CVE-2020-28014
SECURITY UPDATE: Multiple security issues - debian/patches/CVE-2020-28007.patch - debian/patches/CVE-2020-28008.patch - debian/patches/CVE-2020-28009.patch - debian/patches/CVE-2020-28011.patch - debian/patches/CVE-2020-28012.patch - debian/patches/CVE-2020-28013.patch -...
OPENSUSE-SU-2021:1601-1 Security update for log4j
This update for log4j fixes the following issue: - Previously published fixes for log4jshell turned out to be incomplete. Upstream has followed up on the original patch for CVE-2021-44228 with several additional changes LOG4J2-3198, LOG4J2-3201, LOG4J2-3208, and LOG4J2-3211 that are included in...
Security fix for the ALT Linux 8 package bind version 9.10.8.P1-alt3
9.10.8.P1-alt3 built Aug. 24, 2020 Stanislav Levin in task 256547 Aug. 21, 2020 Stanislav Levin - Applied upstream patches fixes: CVE-2020-8622, CVE-2020-8623, CVE-2020-8624...
Security fix for the ALT Linux 8 package bind version 9.10.8.P1-alt2
9.10.8.P1-alt2 built May 26, 2020 Stanislav Levin in task 251959 May 19, 2020 Stanislav Levin - Applied upstream patches fixes: CVE-2020-8616, CVE-2020-8617...
systemd security, bug fix, and enhancement update
239-18.0.1 - fix netdev is missing for iscsi entry in /etc/fstab [email protected] Orabug: 25897792 - set 'RemoveIPC=no' in logind.conf as default for OL7.2 Orabug: 22224874 - allow dm remove ioctl to co-operate with UEK3 Vaughan Cao Orabug: 18467469 - add hv dynamic memory support Jerry...
SUSE-SU-2019:2810-1 Security update for runc
This update for runc fixes the following issues: Security issue fixed: - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. bsc1152308 Non-security issues fixed: - Includes upstreamed patches for regressions bsc1131314 bsc1131553...
SUSE SLES11 Security Update : kvm (SUSE-SU-2018:2615-1) (Spectre)
This update for kvm fixes the following security issues : CVE-2018-12617: qmpguestfileread had an integer overflow that could have been exploited by sending a crafted QMP command including guest-file-read with a large count value to the agent via the listening socket causing DoS bsc1098735...