524 matches found
git: Fix of CVE-2025-46835
CVE-2025-46835: fix vulnerability where Git GUI can create and overwrite arbitrary writable files...
git: Fix of CVE-2025-27613
CVE-2025-27613: fix vulnerability where Gitk can write and truncate arbitrary writable files...
libxml2: Fix of 2 CVEs
CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file...
git: Fix of CVE-2025-48384
CVE-2025-48384: config: quote values containing CR character...
Update of microcode_ctl
Update Intel CPU microcode to 20250211: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c0003e0; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000620; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
python: Fix of CVE-2026-7210
CVE-2026-7210: when hash randomization is enabled, seed libexpat's hash-flooding protection in pyexpat with a full 16 bytes of entropy via XMLSetHashSalt16Bytes, detected at runtime through a weak symbol so it activates once the system libexpat exposes it, instead of the 4-8 byte XMLSetHashSalt...
libssh2: Fix of 2 CVEs
CVE-2019-3860: bounds-check SFTP packet sizes in sftppacketrequire/v and sftpbin2attr - CVE-2019-3861: bounds-check paddinglength in libssh2transportread...
spamassassin: Fix of CVE-2018-11805
CVE-2018-11805: require --reallyallowplugins for sa-update --allowplugins to mitigate plugin injection from updates...
file: Fix of CVE-2019-18218
CVE-2019-18218: fix heap-based buffer overflow in cdfreadpropertyinfo...
squid34: Fix of 12 CVEs
CVE-2019-12525: fix heap buffer over-read in Digest auth parameter parsing - CVE-2018-1000027: fix NULL pointer dereference in X-Forwarded-For logging for internal transactions - CVE-2018-19131: escape certificate field injection via %D in ERRSECURECONNECTFAIL page - CVE-2018-19132: fix memory...
squid: Fix of 13 CVEs
CVE-2018-1000027: fix NULL pointer dereference in clientFollowXForwardedForCheck for transactions without a client connection - CVE-2018-19131: fix XSS via X.509 certificate fields rendered unescaped in SSL error pages - CVE-2019-12520: prevent cache poisoning by suppressing URL userinfo from...
haproxy: Fix of CVE-2019-18277
CVE-2019-18277: reject messages where "chunked" is missing from transfer-encoding...
binutils: Fix of CVE-2025-11082
CVE-2025-11082: fix heap-based buffer overflow in bfdelfparseehframe...
ImageMagick: Fix of 3 CVEs
CVE-2025-66628: fix integer overflow in TIM parser - CVE-2026-28494: fix stack buffer overflow in morphology kernel parsing - CVE-2026-28693: fix integer overflow in DIB coder...
binutils: Fix of 3 CVEs
CVE-2025-66862: fix heap-buffer-overflow in gnuspecial in cplus-dem.c - CVE-2025-66863: fix SEGV in ddiscriminator in cp-demangle.c - CVE-2025-66865: fix stack overflow in dprintcomp in cp-demangle.c...
squid: Fix of 3 CVEs
CVE-2026-33526: fix heap Use-After-Free in ICP traffic handling causing DoS - CVE-2026-33515: fix out-of-bounds read in ICP message handling leaking sensitive information - CVE-2026-32748: fix HttpRequest lifetime in ICP v3 queries preventing Use-After-Free DoS...
glib2: Fix of CVE-2025-14087
CVE-2025-14087: Fix integer overflow in GVariant parser leading to heap corruption via buffer underflow when processing malicious input strings...
Update of nss
update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...
openssl: Fix of CVE-2018-0734
CVE-2018-0734: fix timing side channel attack in DSA signature algorithm...
samba: Fix of CVE-2020-25717
CVE-2020-25717: Adapt CVE's patch to Centos 6 based systems where regular user id starts from 500, so change the default value of the new config parameters added: "min domain uid" to 500...
cups: Fix of CVE-2023-4504
CVE-2023-4504: check for null terminator after a backslash...
spamassassin: Fix of 2 CVEs
CVE-2020-1930: fix command-execution vulnerability in SpamAssassin .cf parsing - CVE-2020-1931: fix command-execution vulnerability in SpamAssassin .cf parsing...
glib2: Fix of CVE-2020-35457
CVE-2020-35457: fix integer overflow in goptiongroupaddentries to prevent potential out-of-bounds write - Bug775510: avoid calling Standard C string/array functions with NULL arguments...
java-1.8.0-openjdk: Fix of 4 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u462-b08. That fixes following CVEs: - CVE-2025-30749: better Glyph drawing - CVE-2025-30754: enhance TLS protocol support - CVE-2025-30761: improve scripting supports - CVE-2025-50106: glyph out-of-memory access and crash...
Update of nss
update to CKBI 2.74 from NSS 3.110 - updated certificates: - Certificate "certSIGN ROOT CA" - Certificate "ACCVRAIZ1" - Certificate "Entrust Root Certification Authority - G4" - Certificate "Security Communication ECC RootCA1" - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root...
rsync: Fix of CVE-2024-12088
CVE-2024-12088: fix improper verification of symbolic link destinations to prevent path traversal vulnerability...
Update of tzdata
Upgrade to tzdata-2025b - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V...
kernel: Fix of 4 CVEs
media: pvrusb2: fix array-index-out-of-bounds in pvr2i2ccoreinit CVE-2022-49478 - x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 - cifs: fix potential double free during failed mount CVE-2022-49541 - drm/amd/pm: fix double free in siparsepowertable CVE-2022-49530...
libxml2: Fix of CVE-2025-27113
CVE-2025-27113: fix compilation of explicit child axis...
expat: Fix of CVE-2026-41080
CVE-2026-41080: backport SipHash-based hash-flooding protection with a full 16 bytes of salt entropy and add the XMLSetHashSalt16Bytes API...
mysql: Fix of CVE-2018-2755
CVE-2018-2755: harden binlog event decoding against corrupt binary log files BUG24365972...
php: Fix of 5 CVEs
CVE-2019-9023: mbstring oniguruma: fix heap overflow in utf32bembctocode and related mbctocode encoders bug 77418; completes CVE-2019-9023 coverage alongside existing php-5.3.29-bug773707737177381773827738577394.patch - CVE-2019-11034: exif: fix heap-buffer-overflow in phpifdget32s bug 77753 -...
kernel: Fix of 10 CVEs
ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer CVE-2023-53395 - net: ppp: Add bound checking for skb data on pppsynctxmung CVE-2025-37749 - ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS CVE-2022-50315 - ext2: Check block size validity during mount CVE-2023-53569 - gfs2: Fix possible data races...
python: Fix of 2 CVEs
CVE-2018-1060: fix catastrophic backtracking in APOP method, prevent denial of service, add input validation and enforce backtracking limits - CVE-2018-1061: fix catastrophic backtracking in the difflib.ISLINEJUNK method...
squid: Fix of CVE-2025-62168
CVE-2025-62168: Fix failure to redact HTTP authentication credentials in error handling to prevent information disclosure...
libxml2: Fix of CVE-2022-49043
CVE-2022-49043: fix use-after-free in xmlXIncludeAddNode, free URI after reporting the error to avoid use-after-free...
binutils: Fix of CVE-2017-9042
CVE-2017-9042: readelf.c fix a possible application crash known as the "cannot be represented in type long" issue...
nss: Fix of CVE-2020-25648
CVE-2020-25648: fix DoS in case of receiving multiple CCS messages - extended tests...
libxml2: Fix of CVE-2025-6021
CVE-2025-6021: fix integer overflows in buffer size calculations...
glibc: Fix of CVE-2020-1752
CVE-2020-1752: fix use-after-free vulnerability in glob...
dovecot: Fix of CVE-2020-12673
CVE-2020-12673: fix reading past buffer...
libwebp: Fix of CVE-2020-36328
CVE-2020-36328: fix a heap-based buffer overflow in WebPDecodeInto functions...
httpd: Fix of 2 CVEs
CVE-2024-47252: escape characters are now properly handled in modssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to mitigate HTTP desynchronisation attack...
kernel: Fix of 3 CVEs
posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - schqfq: make qfqqlennotify idempotent CVE-2025-38177 - schhfsc: make hfscqlennotify idempotent CVE-2025-38177 - schdrr: make drrqlennotify idempotent CVE-2025-38177 - schhtb: make htbqlennotify...
glibc: Fix of CVE-2019-9169
CVE-2019-9169: fix heap-based buffer over-read in proceednextnode in posix/regexec.c...
squid34: Fix of CVE-2025-54574
CVE-2025-54574: fix buffer overflow in URN handling...
wget: Fix of CVE-2024-38428
CVE-2024-38428: fix mishandle semicolons in userinfo subcomponent of URI to prevent insecure behavior...
sqlite: Fix of CVE-2025-6965
CVE-2025-6965: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns...
perl: Fix of CVE-2018-18311
CVE-2018-18311: fix buffer overflow...
libxml2: Fix of CVE-2025-32415
CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables...