524 matches found
Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot
...
Update of bind-sdb, bind-libs, bind-devel, bind, bind-utils, bind-chroot
...
openssh: Fix of CVE-2026-35414
CVE-2026-35414: fix authorizedkeys principals option mishandling with comma-containing CA principals...
python: Fix of 2 CVEs
CVE-2026-4519: reject webbrowser.open URLs with a leading dash to prevent CLI option injection into the spawned browser process - CVE-2026-4786: validate URLs after %action substitution and swap the substitution order in UnixBrowser.open to close a bypass of the CVE-2026-4519 dash-prefix check...
nginx: Fix of 5 CVEs
CVE-2017-7529: fix integer overflow in range filter - CVE-2018-16843: fix excessive memory consumption in HTTP/2 - CVE-2018-16844: fix excessive CPU usage in HTTP/2 - CVE-2019-9511: fix excessive memory growth via HTTP/2 DATA frame manipulation - CVE-2019-9513: fix excessive CPU usage via HTTP/2...
binutils: Fix of 4 CVEs
CVE-2025-5244: fix NULL pointer dereference in elfgcsweep for empty section groups - CVE-2025-5245: fix memory corruption in debugtypesamep incorrect NULL check - CVE-2026-3441: fix out-of-bounds read in xcofflinkaddsymbols xscnlen bounds check - CVE-2026-3442: fix out-of-bounds read in...
Update of nscd, glibc-headers, glibc, glibc-utils, glibc-static, glibc-static, glibc-devel, glibc-devel, glibc, glibc-common
More precise DNS name checks accepting dash-.example.com, among other things...
subversion: Fix of CVE-2018-11782
CVE-2018-11782: fix svnserve DoS via well-formed read-only get-deleted-rev request...
samba: Fix of CVE-2017-15275
CVE-2017-15275: Fix server heap memory information leak by zeroing unused area when messagepushstring grows the talloc buffer...
bzip2: Fix of CVE-2019-12900
CVE-2019-12900: fix out-of-bounds write in BZ2decompress many selectors...
curl: Fix of 2 CVEs
CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...
Update of microcode_ctl
Update AMD CPU microcode to 2023-10-19: - Addition AMD CPU microcode for processor family 19h: sig 0x00a10f12, sig 0x00aa0f02, sig 0x00aa0f01, sig 0x00a10f11; - Update AMD CPU microcode for processor family 17h: sig 0x00830f10...
Update of kernel-firmware, kernel-abi-whitelists, kernel-doc
KB-127: Bump version separete fw build...
nginx: Fix of CVE-2026-9256
CVE-2026-9256: fix heap buffer overflow with overlapping captures in ngxhttprewritemodule...
tomcat6: Fix of CVE-2026-41284
CVE-2026-41284: tomcat6: WebDAV LOCK/PROPFIND unbounded request body DoS...
quagga: Fix of CVE-2018-5380
CVE-2018-5380: fix BGP NOTIFY debug-print msg array over-read...
nginx: Fix of CVE-2026-42945
CVE-2026-42945: fix heap buffer overflow in ngxhttprewritemodule...
libssh2: Fix of CVE-2026-7598
CVE-2026-7598: add usernamelen/passwordlen bounds checks in userauthlist and userauthpassword to prevent integer overflow when allocating the SSH USERAUTHREQUEST packet buffer...
openssh: Fix of CVE-2026-35386
CVE-2026-35386: fix client-side command execution via control characters in usernames by adding iscntrl rejection to validruser...
httpd: Fix of 2 CVEs
CVE-2017-15710: modauthnzldap out-of-bounds write when accept-language header value is shorter than two characters - CVE-2017-15715: regex anchor in / can match before an embedded newline, allowing .htaccess bypass of trailing-extension filters...
openssh: Fix of CVE-2026-35385
CVE-2026-35385: fix scp legacy protocol receiver to clear setuid/setgid bits from downloaded files when -p preserve mode is not set...
shadow-utils: Fix of CVE-2017-12424
CVE-2017-12424: fix heap buffer overflow in commoniosort when an entry has a NULL line...
dovecot: Fix of CVE-2017-15132
CVE-2017-15132: fix memory leak and hash-table use-after-free in authclientrequestabort lib-auth. Squashed upstream commits 1a29ed2f96da and a9b135760aea...
openldap: Fix of 14 CVEs
Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...
glib2: Fix of 2 CVEs
CVE-2019-12450: fix insecure file permissions during copy operations - CVE-2019-13012: fix insecure directory and file permissions in keyfile settings backend...
kernel: Fix of 5 CVEs
net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve CVE-2023-4623 - net/sched: Enforce that teql can only be used as root qdisc CVE-2026-23074 - ALSA: usb-audio: Fix use-after-free in sndusbmixerfree CVE-2026-23089 - atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol...
vim: Fix of CVE-2026-26269
CVE-2026-26269: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server...
kernel: Fix of 13 CVEs
fbdev: Fix vmalloc out-of-bounds write in fastimageblit CVE-2025-38685 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - fbdev: fix potential buffer overflow in doregisterframebuffer CVE-2025-38702 - scsi: ses: Fix slab-out-of-bounds in...
expat: Fix of CVE-2026-24515
CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the failure to copy user data for unknown encoding handlers...
java-1.8.0-openjdk: Fix of 2 CVEs
Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u452-b09. That fixes following CVE: CVE-2025-21587, CVE-2025-30698...
binutils: Fix of CVE-2025-0840
CVE-2025-0840: fix stack-buffer-overflow at objdump disassemblebytes...
squid34: Fix of CVE-2024-25617
CVE-2024-25617: Improve handling of expanding HTTP header values to prevent DoS...
Update of bind-devel, bind-chroot, bind-libs, bind, bind-libs, bind-utils, bind-devel, bind-sdb
...
rsync: Fix of CVE-2026-41035
CVE-2026-41035: fix use-after-free in receivexattr by using tempxattr.count instead of the stale count in qsort...
samba: Fix of 2 CVEs
CVE-2019-3880: Refuse winreg SaveKey/RestoreKey RPCs to prevent writing registry hive files outside intended share boundaries via symlink races - CVE-2019-10218: Reject server-supplied filenames containing path separators in SMB1 directory listings to protect libsmbclient consumers from path...
php: Fix of CVE-2026-6735
CVE-2026-6735: fix XSS within FPM status endpoint...
php: Fix of 3 CVEs
CVE-2018-5711: Fix infinite loop in gdImageCreateFromGifCtx libgd when reading crafted GIF - CVE-2018-17082: Fix XSS via Transfer-Encoding: chunked in apache2 SAPI - CVE-2018-10545: Do not set PRSETDUMPABLE by default in php-fpm child...
curl: Fix of 3 CVEs
CVE-2016-8618: fix double-free in curlmaprintf - CVE-2016-8619: fix double-free in krb5 code - CVE-2019-5482: fix heap buffer overflow in TFTP receive...
cups: Fix of CVE-2026-27447
CVE-2026-27447: fix authorization bypass via case-insensitive username comparison in scheduler...
exim: Fix of CVE-2026-40687
CVE-2026-40687: fix uninitialized buffer and out-of-bounds writes in SPA authenticator...
vim: Fix of CVE-2026-39881
CVE-2026-39881: fix command injection in netbeans interface by validating defineAnnoType typeName/fg/bg and specialKeys tokens against an allowlist of safe characters before interpolating them into Ex commands...
cups: Fix of CVE-2026-34980
CVE-2026-34980: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job...
php: Fix of 4 CVEs
CVE-2018-14883: fix integer overflow leading to heap buffer overflow in exifthumbnailextract - CVE-2019-19246: fix heap buffer overflow in oniguruma strlowercasematch - CVE-2018-19518: disable imap rsh/ssh by default to prevent argument injection imap.enableinsecurersh INI added - CVE-2018-20783:...
ntp: Fix of 2 CVEs
CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...
squid: Fix of 3 CVEs
CVE-2019-12521: fix ESI parser off-by-one heap overflow by enforcing a stack-depth limit and throwing on overflow - CVE-2019-12524 already addressed by the CVE-2019-12520 backport same fix upstream; see Squid advisory SQUID-2019:4...
Update of ca-certificates
update to CKBI 2.82 from NSS 3.120 - updated certificates: - Certificate "GlobalSign Root CA" - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Comodo AAA Services root" - Certificate "XRamp Global CA Root" - Certificate "Go Daddy Class 2 CA" - Certificate "Starfield Class...
kernel: Fix of 39 CVEs
Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...
kernel: Fix of 6 CVEs
fix: virtio-net: Add validation for used length CVE-2021-47352 - xen/netfront: don't use gnttabqueryforeignaccess for mapped status CVE-2022-23037 - net/sched: schqfq: Fix race condition on qfqaggregate CVE-2025-38477 - net: fix information leakage in /proc/net/ptype CVE-2022-48757 - net: atm:...
clamav: Fix of 8 CVEs
Update to 1.0.9 LTS version - CVE-2025-20260: Fixed a possible buffer overflow write bug in the PDF file parser - CVE-2025-20128: Fixed a possible buffer overflow read bug in the OLE2 file parser - CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems...
tomcat6: Fix of CVE-2025-24813
CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT...