Aggregator

USN-7973-1: cJSON vulnerabilities

Ubuntu Security Advisories
1 week 3 days ago
It was discovered that cJSON incorrectly handled parsing large numbers. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-26819) It was discovered that cJSON may perform out-of-bounds read when processing specially crafted JSON files using parse_object. An attacker could possibly use this issue to expose sensitive information or crash the program. (CVE-2023-53154) It was discovered that cJSON incorrectly validated array indices in JSON pointers, which could result in an out-of-bounds memory access. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-57052)

bind-9.18.44-1.fc42 bind-dyndb-ldap-11.11-9.fc42

Fedora Security Advisories
1 week 3 days ago
FEDORA-2026-34c921d252 Packages in this update:
  • bind-9.18.44-1.fc42
  • bind-dyndb-ldap-11.11-9.fc42
Update description: Update to 9.18.44 (rhbz#2431609) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
Bug Fixes:
  • Allow glue in delegations with QTYPE=ANY.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44

bind-9.18.44-1.fc43 bind-dyndb-ldap-11.11-10.fc43

Fedora Security Advisories
1 week 3 days ago
FEDORA-2026-567ff6c687 Packages in this update:
  • bind-9.18.44-1.fc43
  • bind-dyndb-ldap-11.11-10.fc43
Update description: Update to 9.18.44 (rhbz#2431609) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
Bug Fixes:
  • Allow glue in delegations with QTYPE=ANY.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44

bind9-next-9.21.17-1.fc43

Fedora Security Advisories
1 week 3 days ago
FEDORA-2026-b31c8d8e83 Packages in this update:
  • bind9-next-9.21.17-1.fc43
Update description: Update to 9.21.17 (rhbz#2415843) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
New Features:
  • Add support for Extended DNS Error 9 (Missing DNSKEY).
  • Add support for Extended DNS Error 13 (Cached Error).
  • Add support for Generalized DNS Notifications.
Features Changes:
  • Add more information to the rndc recursing output about fetches.
  • Enforce bounds of multiple configuration options.
Bug Fixes:
  • Fix inbound IXFR performance regression.
  • Make DNSSEC key rollovers more robust.
  • Fix a catalog zone issue, where member zones could fail to load.
  • Fix slow speed when signing a large delegation zone with NSEC3 opt-out.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.
  • Fix a possible catalog zone issue during reconfiguration.
  • Fix the charts in the statistics channel.

https://downloads.isc.org/isc/bind9/9.21.17/doc/arm/html/notes.html#notes-for-bind-9-21-17

bind9-next-9.21.17-2.fc42

Fedora Security Advisories
1 week 3 days ago
FEDORA-2026-d8979b7a9c Packages in this update:
  • bind9-next-9.21.17-2.fc42
Update description: Update to 9.21.17 (rhbz#2415843) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
New Features:
  • Add support for Extended DNS Error 9 (Missing DNSKEY).
  • Add support for Extended DNS Error 13 (Cached Error).
  • Add support for Generalized DNS Notifications.
Features Changes:
  • Add more information to the rndc recursing output about fetches.
  • Enforce bounds of multiple configuration options.
Bug Fixes:
  • Fix inbound IXFR performance regression.
  • Make DNSSEC key rollovers more robust.
  • Fix a catalog zone issue, where member zones could fail to load.
  • Fix slow speed when signing a large delegation zone with NSEC3 opt-out.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.
  • Fix a possible catalog zone issue during reconfiguration.
  • Fix the charts in the statistics channel.

https://downloads.isc.org/isc/bind9/9.21.17/doc/arm/html/notes.html#notes-for-bind-9-21-17

bind-9.18.44-1.fc44 bind-dyndb-ldap-11.11-12.fc44

Fedora Security Advisories
1 week 3 days ago
FEDORA-2026-925e7cce85 Packages in this update:
  • bind-9.18.44-1.fc44
  • bind-dyndb-ldap-11.11-12.fc44
Update description: Update to 9.18.44 (rhbz#2431609) Security Fixes:
  • Fix incorrect length checks for BRID and HHIT records. (CVE-2025-13878)
Bug Fixes:
  • Allow glue in delegations with QTYPE=ANY.
  • Reconfiguring an NSEC3 opt-out zone to NSEC caused the zone to be invalid.

https://downloads.isc.org/isc/bind9/9.18.44/doc/arm/html/notes.html#notes-for-bind-9-18-44

USN-7975-1: pyasn1 vulnerability

Ubuntu Security Advisories
1 week 3 days ago
It was discovered that pyasn1 incorrectly handled malformed RELATIVE-OIDs with excessive continuation octets. An attacker could possibly use this issue to cause pyasn1 to consume memory, leading to a denial of service.

USN-7974-1: libxml2 vulnerabilities

Ubuntu Security Advisories
1 week 3 days ago
It was discovered that libxml2 incorrectly handled maliciously crafted SGML catalog files. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. (CVE-2025-8732) It was discovered that libxml2 incorrectly handled recursive include directories with the RelaxNG parser. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. (CVE-2026-0989) Nick Wellnhofer discovered that libxml2 incorrectly parsed catalogs with self-referencing URI delegates. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. (CVE-2026-0990) Nick Wellnhofer discovered that libxml2 inefficiently parsed catalogs linked with repeating nextCatalog elements. An attacker could possibly use this issue to cause libxml2 to use excessive resources, leading to a denial of service. (CVE-2026-0992)