expat: Fix of CVE-2026-24515

CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the failure to copy user data for unknown encoding handlers...

kernel: Fix of 12 CVEs

ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic CVE-2025-21993 - media: uvcvideo: Fix double free in error path CVE-2024-57980 - jffs2: Prevent rtime decompress memory corruption CVE-2024-57850 - wifi: iwlegacy:...

squid34: Fix of CVE-2024-25617

CVE-2024-25617: Improve handling of expanding HTTP header values to prevent DoS...

kernel: Fix of 6 CVEs

hwmon: ibmpex Fix possible UAF when ibmpexregisterbmc fails CVE-2022-49029 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - ext4: no need to continue when the number of entries is 1 CVE-2024-49967 - net/packet: fix slab-out-of-bounds access in packetrecvmsg CVE-2022-20368 - packet: in...

bind: Fix of CVE-2026-1519

CVE-2026-1519: Limit NSEC3 iterations when validating referrals to unsigned delegations to avoid excessive CPU consumption...

postfix: Fix of CVE-2026-43964

makedefs: support Linux kernel = 3 on build hosts - CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...

vim: Fix of CVE-2026-26269

CVE-2026-26269: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server...

kernel: Fix of 39 CVEs

Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times CVE-2022-50419 - firewire: net: fix use after free in fwnetfinishincomingpacket CVE-2023-53432 - wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstartxmit CVE-2022-50408 - wifi: brcmfmac: slab-out-of-bounds read in...

httpd: Fix of 2 CVEs

CVE-2017-15710: modauthnzldap out-of-bounds write when accept-language header value is shorter than two characters - CVE-2017-15715: regex anchor in / can match before an embedded newline, allowing .htaccess bypass of trailing-extension filters...

php: Fix of 3 CVEs

CVE-2018-5711: Fix infinite loop in gdImageCreateFromGifCtx libgd when reading crafted GIF - CVE-2018-17082: Fix XSS via Transfer-Encoding: chunked in apache2 SAPI - CVE-2018-10545: Do not set PRSETDUMPABLE by default in php-fpm child...

exim: Fix of CVE-2026-40687

CVE-2026-40687: fix uninitialized buffer and out-of-bounds writes in SPA authenticator...

openldap: Fix of 14 CVEs

Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...

kernel: Fix of 6 CVEs

fix: virtio-net: Add validation for used length CVE-2021-47352 - xen/netfront: don't use gnttabqueryforeignaccess for mapped status CVE-2022-23037 - net/sched: schqfq: Fix race condition on qfqaggregate CVE-2025-38477 - net: fix information leakage in /proc/net/ptype CVE-2022-48757 - net: atm:...

clamav: Fix of 8 CVEs

Update to 1.0.9 LTS version - CVE-2025-20260: Fixed a possible buffer overflow write bug in the PDF file parser - CVE-2025-20128: Fixed a possible buffer overflow read bug in the OLE2 file parser - CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems...

ntp: Fix of CVE-2020-13817

CVE-2020-13817: randomize transmit timestamp in client requests...

Update of bind-devel, bind-chroot, bind-libs, bind, bind-libs, bind-utils, bind-devel, bind-sdb

...

nginx: Fix of CVE-2026-9256

CVE-2026-9256: fix heap buffer overflow with overlapping captures in ngxhttprewritemodule...

nginx: Fix of CVE-2026-42945

CVE-2026-42945: fix heap buffer overflow in ngxhttprewritemodule...

subversion: Fix of CVE-2018-11782

CVE-2018-11782: fix svnserve DoS via well-formed read-only get-deleted-rev request...

libssh2: Fix of CVE-2026-7598

CVE-2026-7598: add usernamelen/passwordlen bounds checks in userauthlist and userauthpassword to prevent integer overflow when allocating the SSH USERAUTHREQUEST packet buffer...

openssh: Fix of CVE-2026-35414

CVE-2026-35414: fix authorizedkeys principals option mishandling with comma-containing CA principals...

quagga: Fix of CVE-2018-5381

CVE-2018-5381: bgpd capability parser can enter an infinite loop on invalid OPEN messages whose Multi-Protocol capability has an unrecognized AFI/SAFI, causing a denial of service...

openssh: Fix of CVE-2026-35385

CVE-2026-35385: fix scp legacy protocol receiver to clear setuid/setgid bits from downloaded files when -p preserve mode is not set...

cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job...

php: Fix of 4 CVEs

CVE-2018-14883: fix integer overflow leading to heap buffer overflow in exifthumbnailextract - CVE-2019-19246: fix heap buffer overflow in oniguruma strlowercasematch - CVE-2018-19518: disable imap rsh/ssh by default to prevent argument injection imap.enableinsecurersh INI added - CVE-2018-20783:...

nginx: Fix of 5 CVEs

CVE-2017-7529: fix integer overflow in range filter - CVE-2018-16843: fix excessive memory consumption in HTTP/2 - CVE-2018-16844: fix excessive CPU usage in HTTP/2 - CVE-2019-9511: fix excessive memory growth via HTTP/2 DATA frame manipulation - CVE-2019-9513: fix excessive CPU usage via HTTP/2...

kernel: Fix of 5 CVEs

net/sched: schhfsc: upgrade 'rt' to 'sc' when it becomes a inner curve CVE-2023-4623 - net/sched: Enforce that teql can only be used as root qdisc CVE-2026-23074 - ALSA: usb-audio: Fix use-after-free in sndusbmixerfree CVE-2026-23089 - atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol...

tomcat6: Fix of CVE-2025-24813

CVE-2025-24813: enhance lifecycle of temporary files used by partial PUT...

php: Fix of CVE-2025-1220

CVE-2025-1220: fix null byte termination in hostnames...

binutils: Fix of CVE-2025-0840

CVE-2025-0840: fix stack-buffer-overflow at objdump disassemblebytes...

Update of ca-certificates

update to CKBI 2.69 from NSS 3.103 - updated certificates: - Certificate "GLOBALTRUST 2020" - Certificate "OISTE WISeKey Global Root GC CA" - removed certificates: - Certificate "Security Communication Root CA" - Certificate "Camerfirma Chambers of Commerce Root" - Certificate "Chambers of...

perl: Fix of CVE-2026-8376

CVE-2026-8376: fix heap buffer overflow in Sstudychunk when compiling regular expressions with a repeated fixed string on 32-bit builds mincount l overflow...

rsync: Fix of 2 CVEs

CVE-2026-43618: fix integer overflow in compressed-token decoding that could leak rsync process memory contents over the wire - CVE-2026-29518: fix TOCTOU race on parent path components in non-chroot daemon by routing receiver/sender opens, chmod, and chdir through per- component ONOFOLLOW secure...

httpd: Fix of 5 CVEs

CVE-2026-28780: modproxyajp 4-byte heap buffer overflow when contacting a malicious AJP backend off-by-AJPHEADERLEN check in ajpmsgcheckheader - CVE-2026-34059: modproxyajp heap over-read in ajpparsedata on short AJP replies - CVE-2026-33006: modauthdigest used non-constant-time strcmp for...

openssh: Fix of CVE-2026-35386

CVE-2026-35386: fix client-side command execution via control characters in usernames by adding iscntrl rejection to validruser...

bzip2: Fix of CVE-2019-12900

CVE-2019-12900: fix out-of-bounds write in BZ2decompress many selectors...

cups: Fix of CVE-2026-27447

CVE-2026-27447: fix authorization bypass via case-insensitive username comparison in scheduler...

vim: Fix of CVE-2026-39881

CVE-2026-39881: fix command injection in netbeans interface by validating defineAnnoType typeName/fg/bg and specialKeys tokens against an allowlist of safe characters before interpolating them into Ex commands...

perl: Fix of CVE-2018-12015

CVE-2018-12015: Archive::Tar path traversal — remove existing block-device or out-of-CWD symlink targets before overwriting during extraction...

binutils: Fix of 4 CVEs

CVE-2025-5244: fix NULL pointer dereference in elfgcsweep for empty section groups - CVE-2025-5245: fix memory corruption in debugtypesamep incorrect NULL check - CVE-2026-3441: fix out-of-bounds read in xcofflinkaddsymbols xscnlen bounds check - CVE-2026-3442: fix out-of-bounds read in...

java-1.8.0-openjdk: Fix of 5 CVEs

Upgrade to openjdk-shenandoah-jdk8u-shenandoah-jdk8u482-b08. That fixes following CVEs: - CVE-2025-53057: Security: enforce proper access control in certificate handling to prevent data tampering - CVE-2025-53066: JAXP: restrict data access in Path Factory processing to prevent information...

rsync: Fix of CVE-2024-12087

CVE-2024-12087: fix path traversal vulnerability by adding a proper symlink verification and deduplication checks on a per-file-list basis...

bind: Fix of CVE-2024-11187

CVE-2024-11187: Limit the additional processing for large RDATA sets...

Update of nss

update to CKBI 2.69 from NSS 3.103 - updated certificates: - Certificate "OISTE WISeKey Global Root GC CA" - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed certificates: - Certificate "Security Communication Root CA" - Certificate "Camerfirma Chambers of...

rsync: Fix of CVE-2026-41035

CVE-2026-41035: fix use-after-free in receivexattr by using tempxattr.count instead of the stale count in qsort...

samba: Fix of 2 CVEs

CVE-2019-3880: Refuse winreg SaveKey/RestoreKey RPCs to prevent writing registry hive files outside intended share boundaries via symlink races - CVE-2019-10218: Reject server-supplied filenames containing path separators in SMB1 directory listings to protect libsmbclient consumers from path...

php: Fix of CVE-2026-6735

CVE-2026-6735: fix XSS within FPM status endpoint...

dovecot: Fix of 2 CVEs

CVE-2026-42006: lib-imap: fix listcountlimit to actually count open '' instead of close '', preventing an imap-login memory-exhaustion DoS that bypassed the CVE-2026-27857 fix...

vim: Fix of CVE-2026-42307

CVE-2026-42307: fix OS command injection in netrw plugin via crafted sftp:// URLs by hardening the tempfile suffix regex and escaping the tempfile argument before passing it to the sftp command...

php: Fix of 2 CVEs

CVE-2026-6722: Use-after-free in SOAP ext via stale refmap pointer - CVE-2026-7261: Use-after-free in SOAP after header parse failure with SOAPPERSISTENCESESSION...