15 matches found
RLSA-2026:22937 Important: image-builder security update
A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls CVE-2025-68121...
Important: Red Hat Security Advisory: osbuild-composer security update
An update for osbuild-composer is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
Security update for gnutls
This update for gnutls fixes the following issues CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. CVE-2026-33845: buffers: switch from endoffset over to fraglength...
RHEL 9 : golang (RHSA-2026:19181)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19181 advisory. The golang packages provide the Go programming language compiler. Security Fixes: crypto/x509: Incorrect enforcement of email constraints i...
RHEL 10 : rhc-worker-playbook (RHSA-2026:10929)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:10929 advisory. A worker for yggdrasil that receives Ansible playbooks and executes them against the local host. Security Fixes: crypto/x509: Incorrect...
SUSE-SU-2026:0993-1 Security update for go1.26-openssl
This update for go1.26-openssl fixes the following issues: Update to go 1.26.1 bsc1255111, jscSLE-18320: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. - CVE-2026-27138:...
SUSE-SU-2026:0976-1 Security update for go1.26-openssl
This update for go1.26-openssl fixes the following issues: Update to go 1.26.1 bsc1255111, jscSLE-18320: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. - CVE-2026-27138:...
Security update for go1.24-openssl
This update for go1.24-openssl fixes the following issues: Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68119: cmd/go: unexpected code execution...
SUSE-SU-2026:0789-1 Security update for go1.24-openssl
This update for go1.24-openssl fixes the following issues: Update to version 1.24.13 jscSLE-18320, bsc1236217. Security issues fixed: - CVE-2025-61732: cmd/cgo: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68119: cmd/go: unexpected code...
SUSE-SU-2026:20428-1 Security update for go1.25
This update for go1.25 fixes the following issues: Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session...
Security update for go1.25
This update for go1.25 fixes the following issues: Update to version 1.25.7. Security issues fixed: CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session tick...
SUSE CVE-2021-41581
x509constraintsparsemailbox in lib/libcrypto/x509/x509constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAINPARTMAXLEN, the buffer lacks '\0' termination...
Stack overflow
x509constraintsparsemailbox in lib/libcrypto/x509/x509constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAINPARTMAXLEN, the buffer lacks '\0' termination...
LibreSSL 缓冲区错误漏洞
LibreSSL is an open source implementation of the Secure Sockets Layer SSL and Transport Layer Security TLS protocols. x509constraintsparsemailbox in lib/libcrypto/x509/x509constraints.c in LibreSSL 3.4.0 and earlier versions has a stack buffer overflow vulnerability. No detailed vulnerability...
PT-2021-23347 · Openssl +1 · Libressl +1
Name of the Vulnerable Software and Affected Versions: LibreSSL versions through 3.4.0 Description: The issue is related to a stack-based buffer over-read in the x509 constraints parse mailbox function in lib/libcrypto/x509/x509 constraints.c. This occurs when the input exceeds DOMAIN PART MAX LE...