Aggregator

USN-8349-3: rsync regression

Ubuntu Security Advisories
1 week 1 day ago
USN-8349-1 fixed vulnerabilities in rsync. Unfortunately that update introduced multiple regressions in rsync functionality. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote attacker with read access to an rsync server could possibly use this issue to cause a denial of service. (CVE-2025-10158) Batuhan Sancak, Damien Neil, and Michael Stapelberg discovered that rsync daemons configured without chroot protection were exposed to a race condition on parent path components. A local attacker with write access to a module could possibly use this issue to overwrite files, obtain sensitive information, or escalate privileges. (CVE-2026-29518) It was discovered that rsync did not properly validate a length value while sorting extended attributes. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-41035) It was discovered that rsync performed reverse-DNS lookups after chrooting in some daemon configurations. A remote attacker could possibly use this issue to bypass hostname-based access controls and access network services. (CVE-2026-43617) Omar Elsayed discovered that rsync did not properly check for integer overflows while decoding compressed tokens. A remote attacker could possibly use this issue to obtain sensitive information. (CVE-2026-43618) Andrew Tridgell discovered that rsync did not fully fix a symlink race condition in path-based system calls for daemons configured without chroot protection. A local attacker could possibly use this issue to overwrite files, obtain sensitive information, or escalate privileges. (CVE-2026-43619) Pratham Gupta discovered that rsync did not properly validate an index while processing file lists. A remote attacker could possibly use this issue to cause rsync to crash, resulting in a denial of service. (CVE-2026-43620) Michal Ruprich discovered that rsync contained an off-by-one error while handling HTTP proxy responses. An attacker able to intercept network communications or a malicious proxy server could possibly use this issue to cause a denial of service. (CVE-2026-45232)

7zip-26.01-1.el10_3

Fedora Security Advisories
1 week 1 day ago
FEDORA-EPEL-2026-52d18d8d5a Packages in this update:
  • 7zip-26.01-1.el10_3
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

7zip-26.01-1.el10_2

Fedora Security Advisories
1 week 1 day ago
FEDORA-EPEL-2026-8d909527ba Packages in this update:
  • 7zip-26.01-1.el10_2
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

7zip-26.01-1.fc43

Fedora Security Advisories
1 week 1 day ago
FEDORA-2026-f36864b408 Packages in this update:
  • 7zip-26.01-1.fc43
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

7zip-26.01-1.fc44

Fedora Security Advisories
1 week 1 day ago
FEDORA-2026-4be7569210 Packages in this update:
  • 7zip-26.01-1.fc44
Update description:
  • Fixes CVE-2026-48092: Information disclosure in 32-bit builds
  • Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
  • Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
  • Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF image
  • Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive handler
  • Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive handler
  • Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image parser
  • Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD SYMDEF parser

USN-8431-1: Ruby vulnerabilities

Ubuntu Security Advisories
1 week 1 day ago
It was discovered that Ruby's Net::IMAP library did not properly verify that Transport Layer Security (TLS) encryption was started after issuing a STARTTLS command. A remote attacker could possibly use this issue to perform a machine-in-the-middle attack and silently bypass TLS encryption. (CVE-2026-42246) It was also discovered that Ruby's Net::IMAP library did not validate string arguments passed to certain commands. A remote attacker could possibly use this issue to inject arbitrary IMAP commands. (CVE-2026-42257)

USN-8430-1: ADSys vulnerabilities

Ubuntu Security Advisories
1 week 1 day ago
It was discovered that ADSys did not properly handle certain HTTP/2 frames. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 26.04 LTS. (CVE-2026-27141) It was discovered that ADSys did not properly handle certain HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2026-33814)

buildah-1.44.0-1.fc45 containers-common-0.68.0-1.fc45 podman-6.0.0~rc1-1.fc45 skopeo-1.23.0-1.fc45

Fedora Security Advisories
1 week 1 day ago
FEDORA-2026-2419096432 Packages in this update:
  • buildah-1.44.0-1.fc45
  • containers-common-0.68.0-1.fc45
  • podman-6.0.0~rc1-1.fc45
  • skopeo-1.23.0-1.fc45
Update description:

Automatic update for buildah-1.44.0-1.fc45, podman-6.0.0~rc1-1.fc45, skopeo-1.23.0-1.fc45, containers-common-0.68.0-1.fc45.

Changelog for buildah * Wed May 27 2026 Packit <hello@packit.dev> - 2:1.44.0-1 - Update to 1.44.0 upstream release Changelog for podman * Mon Jun 15 2026 Packit <hello@packit.dev> - 5:6.0.0~rc1-1 - Update to 6.0.0-rc1 upstream release * Fri Jun 12 2026 Yaakov Selkowitz <yselkowi@redhat.com> - 5:5.8.2-2 - Rebuilt for openssl 4.0 Changelog for skopeo * Tue May 26 2026 Packit <hello@packit.dev> - 1:1.23.0-1 - Update to 1.23.0 upstream release Changelog for containers-common * Thu May 21 2026 Packit <hello@packit.dev> - 5:0.68.0-1 - Update to 0.68.0 upstream release

sudo-1.9.17-13.p2.fc45

Fedora Security Advisories
1 week 1 day ago
FEDORA-2026-41453e7fa4 Packages in this update:
  • sudo-1.9.17-13.p2.fc45
Update description:

Automatic update for sudo-1.9.17-13.p2.fc45.

Changelog * Mon Jun 15 2026 Alejandro López <allopez@redhat.com> - 1.9.17-12.p2 - Removed some unneeded build-time dependencies * Mon Jun 15 2026 Alejandro López <allopez@redhat.com> - 1.9.17-11.p2 - Resolves: rhbz#2379016 - don't recommend sudo-python-plugins