524 matches found
Update of openssl-static, openssl-perl, openssl-devel, openssl, openssl-devel, openssl
Always check certificates from local root store first...
Fix of CVE: CVE-2021-27135
CVE-2021-27135: fix crash when processing combining characters...
php: Fix of CVE-2024-11234
CVE-2024-11234: fix stream HTTP fulluri CRLF injection...
Update of ca-certificates
update to CKBI 2.58 from NSS 3.67 - removed old certificates: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "Equifax Secure eBusiness CA 1" - Certificate "Equifax Secure Global eBusiness CA" - Certificate "Explicitly Distrusted DigiNotar...
expat: Fix of CVE-2026-45186
CVE-2026-45186: fix quadratic runtime in attribute collision detection by using a hash table for default attribute names instead of an On^2 loop...
php: Fix of CVE-2024-8925
CVE-2024-8925: Fix data integrity violation while parsing multipart/form-data boundaries larger than the read buffer...
microcode_ctl: Fix of CVE-2023-31315
Update Intel CPU microcode to 20240813: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000390; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b0005c0; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...
java-1.8.0-openjdk: Fix of 6 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u422-b05. That fixes following CVEs: - CVE-2024-21131: UTF8 size overflow - CVE-2024-21138: Infinite loop vunlerability in SymbolTable - CVE-2024-21140: Int overflow/underflow in Range Check Elimination RCE - CVE-2024-21144: Invalid header...
git: Fix of CVE-2024-32004
CVE-2024-32004: integrating ownership checking to detect dubious local repositories during cloning...
Update of microcode_ctl
...
Update of nss
Update to CKBI 2.60 from NSS 3.86 - Removed: - Certificate "Camerfirma Global Chambersign Root" - Certificate "Cybertrust Global Root" - Certificate "DST Root CA X3" - Certificate "EC-ACC" - Certificate "Explicitly Distrusted DigiNotar PKIoverheid G2" - Certificate "GlobalSign Root CA - R2" -...
Update of kernel, kernel-debug-devel, kernel-devel, kernel-debug, kernel-debug-devel, python-perf, perf, kernel-headers
...
curl: Fix of CVE-2026-3784
CVE-2026-3784: fix proxy connection reuse with different credentials - update outdated timestamps in test 046...
php: Fix of CVE-2024-11233
CVE-2024-11233: fix single byte overread with convert.quoted-printable-decode filter...
python: Fix of 2 CVEs
CVE-2024-7592: fix algorithm with quadratic complexity to avoid using excess CPU resources while parsing the cookie value - CVE-2024-6232: fix regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing and was vulnerable to ReDoS via specifically-crafted tar...
Update of kernel, kernel-headers, kernel-debug-devel, kernel-debug, perf, python-perf, kernel-debug-devel, kernel-devel
KB-127: Bump version separete fw build...
bind: Fix of CVE-2026-1519
CVE-2026-1519: Limit NSEC3 iterations when validating referrals to unsigned delegations to avoid excessive CPU consumption...
php: Fix of CVE-2024-8927
CVE-2024-8927: Fix bypass of cgi.forceredirect configuration...
bind: Fix of CVE-2024-1975
CVE-2024-1975: Remove support for SIG0 message verification - Fix tsiggss test...
Update of amanda
Fix bug that leads to amdump and runtar problem due to options recognized as invalid falsely...
Update of ca-certificates
update to CKBI 2.60 from NSS 3.86 - removed old certificates: - Certificate "EC-ACC" - Certificate "GlobalSign ECC Root CA - R4" - Certificate "GTS Root R1" - Certificate "GTS Root R2" - Certificate "GTS Root R3" - Certificate "GTS Root R4" - Certificate "Hellenic Academic and Research...
Update of php 5.3: Fix segfault during graceful Apache restart
ELS-42: Fix segfault during graceful Apache restart...
Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot
...
python: Fix of 4 CVEs
CVE-2019-9740: reject control characters in HTTP URL paths in httplib.HTTPConnection.putrequest to prevent CRLF header injection - CVE-2019-18348: reject control characters in hostnames in httplib.HTTPConnection.init via a new validatehost helper to prevent CRLF header injection the glibc...
libssh2: Fix of 2 CVEs
CVE-2019-13115: add bounds-checked stringbuf helpers and use them in diffiehellmansha1 to prevent out-of-bounds read on malformed KEX reply - CVE-2019-17498: harden bounds checks in SSHMSGDISCONNECT, SSHMSGDEBUG and SSHMSGGLOBALREQUEST handlers to prevent integer overflow / out-of-bounds read...
kernel: Fix of 3 CVEs
NFSv4.0: Fix a use-after-free problem in the asynchronous open CVE-2024-53173 - ALSA: usb-audio: Fix out of bounds reads when finding clock sources CVE-2024-53150 - misc/libmasm/module: Fix two use after free in ibmasminitone CVE-2021-47334...
Update of openssl-static, openssl, openssl-devel, openssl-perl, openssl, openssl-devel
...
Update of perl-Pod-Simple, perl-IO-Compress-Bzip2, perl-Log-Message, perl-CPANPLUS, perl-Parse-CPAN-Meta, perl-Archive-Tar, perl-Locale-Maketext-Simple, perl-Compress-Raw-Zlib, perl-ExtUtils-MakeMaker, perl-version, perl-Params-Check, perl-Module-CoreList, perl-parent, perl-Log-Message-Simple, perl-IO-Compress-Base, perl-Archive-Extract, perl-Test-Harness, perl-Module-Load, perl-Compress-Zlib, perl-Module-Pluggable, perl-Pod-Escapes, perl-Module-Build, perl-Module-Loaded, perl-Test-Simple, perl-Term-UI, perl-Package-Constants, perl-Object-Accessor, perl-Digest-SHA, perl-ExtUtils-ParseXS, perl-File-Fetch, perl-Time-HiRes, perl-Compress-Raw-Bzip2, perl-Time-Piece, perl-CGI, perl-ExtUtils-CBuilder, perl-IO-Zlib, perl-Module-Load-Conditional, perl-IO-Compress-Zlib, perl-ExtUtils-Embed, perl-IPC-Cmd, perl-CPAN
...
exim: Fix of CVE-2026-40685
CVE-2026-40685: fix OOB heap write in dewrap during JSON expansion...
kernel: Fix of 39 CVEs
nfs: fix UAF in direct writes CVE-2024-26958 - NFSD: Fix the behavior of READ near OFFSETMAX CVE-2022-48827 - thermal: core: prevent potential string overflow CVE-2023-52868 - ath5k: fix OOB in ath5keepromreadpcalinfo5111 CVE-2021-47633 - RDMA/cma: Ensure rdmaaddrcancel happens before issuing...
Update of microcode_ctl
Fix silent microcode rejection in some cases - Loading to /dev/null is enabled on VM...
Update of nss
Update to CKBI 2.62 from NSS 3.91 - Added: - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root CA2"...
Update of ca-certificates
update to CKBI 2.62 from NSS 3.91 - added new certificates: - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root CA2"...
Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot
...
java-1.8.0-openjdk: Fix of 7 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u492-b09. That fixes following CVEs: - CVE-2026-22003: hotspot DoS via sandboxed Java Web Start/applets with untrusted code resource exhaustion - CVE-2026-22007: Security component, local high-complexity low-impact info disclosure -...
php: Fix of 2 CVEs
CVE-2026-6722: Use-after-free in SOAP ext via stale refmap pointer - CVE-2026-7261: Use-after-free in SOAP after header parse failure with SOAPPERSISTENCESESSION...
kernel: Fix of 12 CVEs
ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic CVE-2025-21993 - media: uvcvideo: Fix double free in error path CVE-2024-57980 - jffs2: Prevent rtime decompress memory corruption CVE-2024-57850 - wifi: iwlegacy:...
kernel: Fix of 6 CVEs
hwmon: ibmpex Fix possible UAF when ibmpexregisterbmc fails CVE-2022-49029 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - ext4: no need to continue when the number of entries is 1 CVE-2024-49967 - net/packet: fix slab-out-of-bounds access in packetrecvmsg CVE-2022-20368 - packet: in...
squid: Fix of CVE-2024-45802
CVE-2024-45802: disable ESI...
squid34: Fix of CVE-2024-45802
CVE-2024-45802: disable ESI...
ImageMagick: Fix of 3 CVEs
CVE-2020-27751: fix shift exponent that is too large for 64-bit type at magick/quantum-export.c - CVE-2020-27757: fix outside the range of representable values of type 'unsigned long long' bug at magick/quantum-private.h - CVE-2020-27768: fix outside the range of representable values of type...
Update of ca-certificates
update to CKBI 2.64 from NSS 3.95 - updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...
Update of microcode_ctl
Update Intel CPU microcode to microcode-20220207 release: - Fixes in releasenote.md file...
Update of openssl-static, openssl-perl, openssl-devel, openssl, openssl-devel, openssl
Always check certificates from local root store first...
Update of kernel-abi-whitelists, kernel-firmware, kernel-doc
...
postfix: Fix of CVE-2026-43964
makedefs: support Linux kernel = 3 on build hosts - CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...
quagga: Fix of CVE-2018-5381
CVE-2018-5381: bgpd capability parser can enter an infinite loop on invalid OPEN messages whose Multi-Protocol capability has an unrecognized AFI/SAFI, causing a denial of service...
Update of nss
Update to CKBI 2.64 from NSS 3.95 - Removed: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification Authority - G6" - Certificate "Symantec Class 2 Public Primary Certification Authority - G6" -...
Update of els-define
Add OracleLinux support...
rsync: Fix of 2 CVEs
CVE-2026-43618: fix integer overflow in compressed-token decoding that could leak rsync process memory contents over the wire - CVE-2026-29518: fix TOCTOU race on parent path components in non-chroot daemon by routing receiver/sender opens, chmod, and chdir through per- component ONOFOLLOW secure...