Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

CLSA-2026-1778979189 Fix CVE(s): CVE-2024-6232, CVE-2024-7592, CVE-2024-9287

SECURITY UPDATE: ReDoS in tarfile PAX header parsing - debian/patches/CVE-2024-6232.patch: rewrite Lib/tarfile.py PAX-record parser to scan length-prefixed records via a bounded regex headerlengthprefixre plus direct slicing, eliminating quadratic backtracking in three pre-existing regexes. Adapt...

Malicious code in venv-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9af11c23295a9a592b6fd62d62490669a752ab6dc6c0b755ebd068ec6371375f Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

MAL-2026-3803 Malicious code in venv-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9af11c23295a9a592b6fd62d62490669a752ab6dc6c0b755ebd068ec6371375f Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

Astra Linux - уязвимость в python3.11, python3.7

A vulnerability has been identified in the CPython venv module and CLI. This vulnerability arises from improper quoting of path names when creating a virtual environment. As a result, attackers can inject commands into the virtual environment “activation” scripts e.g., using “source...

Security update 5.1.3 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: Security patch for Salt vendored tornado: Added limits on multipart form data parsing bsc1259554 Added x8664v2 as a possible rpm package architecture Make users with backslash working for salt-ssh...

Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Internal changes to fix build issues with no impact for customers spacecmd: Version 5.1.13-0 Updated translation strings uyuni-tools: Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key file...

Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.1.13-0 Updated translation strings uyuni-tools: Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key file can miss if CA password is blank bsc1254154 mgrpxy ssh tuning should happens before crypto policies...

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: mgr-push: Version 5.2.3-0 Disable build for SLES 16 rhnlib: Version 5.2.4-0 Disable build for SLES 16 spacecmd: Version 5.2.6-0 Update translation strings spacewalk-client-tools: Version 5.2.4-0 Disable build for SLES 16 uyuni-common-libs: Version 5.2.3-0...

SUSE-SU-2026:1146-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: mgr-push: - Version 5.2.3-0 Disable build for SLES 16 rhnlib: - Version 5.2.4-0 Disable build for SLES 16 spacecmd: - Version 5.2.6-0 Update translation strings spacewalk-client-tools: - Version 5.2.4-0 Disable build for SLES 16 uyuni-common-libs: - Version...

Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.2.6-0 Update translation strings uyuni-tools: Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after operation...

SUSE-SU-2026:1142-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: mgr-push: - Version 5.2.3-0 Disable build for SLES 16 rhnlib: - Version 5.2.4-0 Disable build for SLES 16 spacecmd: - Version 5.2.6-0 Update translation strings spacewalk-client-tools: - Version 5.2.4-0 Disable build for SLES 16 uyuni-common-libs: - Version...

SUSE-SU-2026:1140-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: - Version 5.2.6-0 Update translation strings uyuni-tools: - Version 5.2.5-0 Remove migrate command Remove template script from mgradm: use the one in the image Split the TFTP server into a separate container Explicitly start proxy pods after...

SUSE-SU-2026:1026-1 Security update 5.0.7 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fixed HTTP header parameter parsing algorithm bsc1254904...

Security update 5.0.7 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

Security update 5.0.7 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

Security update 5.0.7 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

Security update 5.0.7 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

SUSE-SU-2026:1014-1 Security update 5.0.7 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

Security update 5.1.2 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization around source building golang-github-lusitaniae-apacheexporter: Build without apparmor for openSUSE Leap 16, SLES 16 or newer Require Go 1.23 for building Update to version 1.0.1...