514 matches found
git: Fix of CVE-2025-27613
CVE-2025-27613: fix vulnerability where Gitk can write and truncate arbitrary writable files...
libxml2: Fix of 2 CVEs
CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file...
perl: Fix of CVE-2018-18311
CVE-2018-18311: fix buffer overflow...
git: Fix of CVE-2025-48384
CVE-2025-48384: config: quote values containing CR character...
rsync: Fix of CVE-2024-12088
CVE-2024-12088: fix improper verification of symbolic link destinations to prevent path traversal vulnerability...
kernel: Fix of 4 CVEs
media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit CVE-2022-49478 - x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 - cifs: fix potential double free during failed mount CVE-2022-49541 - drm/amd/pm: fix double free in siparsepowertable CVE-2022-49530...
Update of microcode_ctl
Update Intel CPU microcode to 20250211: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c0003e0; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000620; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
libssh2: Fix of 2 CVEs
CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...
curl: Fix of 2 CVEs
CVE-2018-1000120: fix buffer overflow exists in the FTP URL handling - CVE-2018-1000007: fix leak authentication data to third parties in HTTP requests...
spamassassin: Fix of CVE-2018-11805
CVE-2018-11805: require --reallyallowplugins for sa-update --allowplugins to mitigate plugin injection from updates...
glusterfs: Fix of 2 CVEs
CVE-2018-10923: posix: disable open/read/write on special files - CVE-2018-14651: server: don't allow '/' in basename...
expat: Fix of 3 CVEs
CVE-2017-9233: Fix external entity infinite loop bug - CVE-2018-20843: Fix extraction of namespace prefix from XML name - CVE-2019-15903: Deny internal entities closing the doctype heap overread...
vim: Fix of CVE-2026-33412
CVE-2026-33412: fix command injection via newline character in glob on Unix-like systems by escaping '\n' in SHELLSPECIAL...
python: Fix of CVE-2019-9948
CVE-2019-9948: fix urllib localfile:// URL scheme bypass that allowed file reads when localfile handler was defined...
busybox: Fix of 4 CVEs
CVE-2018-1000517: fix heap buffer overflow in wget chunked decoding - CVE-2017-16544: reject terminal control sequences in shell tab completion - CVE-2018-20679: reject zero-length DHCP options and validate 4-byte option lengths - CVE-2019-5747: validate DHCPSUBNET option length before decoding...
mysql: Fix of CVE-2019-2627
CVE-2019-2627: fix crash when mysql.user table has missing password column...
php: Fix of 5 CVEs
CVE-2019-9023: mbstring oniguruma: fix heap overflow in utf32bembctocode and related mbctocode encoders bug 77418; completes CVE-2019-9023 coverage alongside existing php-5.3.29-bug773707737177381773827738577394.patch - CVE-2019-11034: exif: fix heap-buffer-overflow in phpifdget32s bug 77753 -...
glib2: Fix of 2 CVEs
CVE-2019-12450: fix insecure file permissions during copy operations - CVE-2019-13012: fix insecure directory and file permissions in keyfile settings backend...
binutils: Fix of CVE-2025-11082
CVE-2025-11082: fix heap-based buffer overflow in bfdelfparseehframe...
vim: Fix of 2 CVEs
CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp:// - CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file...
glib2: Fix of CVE-2025-14087
CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...
gnupg2: Fix of CVE-2025-68973
CVE-2025-68973: fix possible memory corruption in the armor parser that could lead to out-of-bounds write for crafted input...
squid: Fix of CVE-2025-62168
CVE-2025-62168: Fix failure to redact HTTP authentication credentials in error handling to prevent information disclosure...
squid34: Fix of CVE-2025-62168
CVE-2025-62168: Redact HTTP authentication credentials in error handling to prevent information disclosure...
libxml2: Fix of 2 CVEs
CVE-2024-56171: fix use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c - CVE-2025-24928: fix stack-based buffer overflow in xmlSnprintfElements in valid.c...
openssl: Fix of CVE-2018-0734
CVE-2018-0734: fix timing side channel attack in DSA signature algorithm...
libxml2: Fix of CVE-2025-6021
CVE-2025-6021: fix integer overflows in buffer size calculations...
glib2: Fix of CVE-2020-35457
CVE-2020-35457: fix integer overflow in goptiongroupaddentries to prevent potential out-of-bounds write - Bug775510: avoid calling Standard C string/array functions with NULL arguments...
kernel: Fix of 3 CVEs
posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - schqfq: make qfqqlennotify idempotent CVE-2025-38177 - schhfsc: make hfscqlennotify idempotent CVE-2025-38177 - schdrr: make drrqlennotify idempotent CVE-2025-38177 - schhtb: make htbqlennotify...
python: Fix of CVE-2016-5636
CVE-2016-5636: fix heap-based buffer overflow in zipimport.c...
libxml2: Fix of CVE-2025-32415
CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables...
python: Fix of CVE-2026-7210
CVE-2026-7210: when hash randomization is enabled, seed libexpat's hash-flooding protection in pyexpat with a full 16 bytes of entropy via XMLSetHashSalt16Bytes, detected at runtime through a weak symbol so it activates once the system libexpat exposes it, instead of the 4-8 byte XMLSetHashSalt...
bind: Fix of CVE-2025-40778
CVE-2025-40778: Tighten restrictions on caching NS RRsets in the authority section require the NS owner name to be an ancestor of the queried name to prevent cache poisoning via spoofed records...
mysql: Fix of 3 CVEs
CVE-2018-2562: fix DoS / data corruption in partitioned MEMORY tables Server: Partition - CVE-2018-2773: warn when --pid-file is in a world-writable location BUG26585560 - CVE-2018-3174: stop server as the mysql user in mysql.init so an attacker who controls the pid file cannot trick init into...
ansible: Fix of CVE-2019-14904
CVE-2019-14904: validate solariszone name to prevent command injection...
file: Fix of CVE-2019-18218
CVE-2019-18218: fix heap-based buffer overflow in cdfreadpropertyinfo...
squid34: Fix of 12 CVEs
CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...
mysql: Fix of CVE-2018-2755
CVE-2018-2755: harden binlog event decoding against corrupt binary log files BUG24365972...
squid: Fix of 3 CVEs
CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...
subversion: Fix of CVE-2017-9800
CVE-2017-9800: fix arbitrary code execution via crafted svn+ssh:// URLs by validating the decoded hostinfo and adding an end-of-options guard to the default svn+ssh and example rsh tunnel commands...
squid: Fix of 13 CVEs
CVE-2018-1000027: fix NULL pointer dereference in clientFollowXForwardedForCheck for transactions without a client connection - CVE-2018-19131: fix XSS via X.509 certificate fields rendered unescaped in SSL error pages - CVE-2019-12520: prevent cache poisoning by suppressing URL userinfo from...
zsh: Fix of 3 CVEs
CVE-2018-1071: check bounds when copying path in hashcmd - CVE-2018-7549: avoid crash copying empty hash table - CVE-2018-13259: fix shebang line truncation in zexecve...
libxml2: Fix of CVE-2022-49043
CVE-2022-49043: fix use-after-free in xmlXIncludeAddNode, free URI after reporting the error to avoid use-after-free...
openvpn: Fix of CVE-2020-15078
CVE-2020-15078: fix authentication bypass and access to control channel data on servers configured with deferred authentication...
samba: Fix of CVE-2020-25717
CVE-2020-25717: Adapt CVE's patch to Centos 6 based systems where regular user id starts from 500, so change the default value of the new config parameters added: "min domain uid" to 500...
dovecot: Fix of CVE-2020-12673
CVE-2020-12673: fix reading past buffer...
libwebp: Fix of CVE-2020-36328
CVE-2020-36328: fix a heap-based buffer overflow in WebPDecodeInto functions...
httpd: Fix of 2 CVEs
CVE-2024-47252: escape characters are now properly handled in modssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP desynchronisation attack...
squid: Fix of CVE-2025-54574
CVE-2025-54574: fix buffer overflow in URN handling...
squid34: Fix of CVE-2025-54574
CVE-2025-54574: fix buffer overflow in URN handling...