Download
| Alert*
oval:org.secpod.oval:def:708005
python3.6: An interactive high-level object-oriented language Details: USN-5767-1 fixed vulnerabilities in Python. This update fixes the problem for Ubuntu 18.04 LTS. Original advisory Several security issues were fixed in Python. oval:org.secpod.oval:def:2107812 Oracle Solaris 11 - ( CVE-2022-37454 ) oval:org.secpod.oval:def:708482 python3.9: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:1701617 In PHP versions prior to 7.4.33, 8.0.25 and 8.2.12, when using imageloadfont function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar function, the read outside allocated buffer will be used. This can lead to crashes or discl ... oval:org.secpod.oval:def:95040 python3.9: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:1701622 In PHP versions prior to 7.4.33, 8.0.25 and 8.2.12, when using imageloadfont function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar function, the read outside allocated buffer will be used. This can lead to crashes or discl ... oval:org.secpod.oval:def:124457 Python 3.7 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.7, see other distributions that support it, such as an older Fedora release. oval:org.secpod.oval:def:124859 PyPy's implementation of Python 3.9, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types . This build of PyPy has JIT-compilation enabled. oval:org.secpod.oval:def:3000153 Nicky Mouha discovered a buffer overflow in "sha3", a Python library for the SHA-3 hashing functions. oval:org.secpod.oval:def:124450 Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release. oval:org.secpod.oval:def:124373 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:87128 The host is installed with PHP versions 7.2.x below 7.4.33, 8.0.x below 8.0.25 or 8.1.x below 8.1.12, or Python 3.6.x through 3.7.16, 3.8.x through 3.8.16, 3.9.x through 3.9.16 or 3.10.x through 3.10.9 sand is prone to an buffer overflow vulnerability. A flaw is present in the application, which fai ... oval:org.secpod.oval:def:124697 Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release. oval:org.secpod.oval:def:124850 PyPy's implementation of Python 3.9, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types . This build of PyPy has JIT-compilation enabled. oval:org.secpod.oval:def:3300754 SUSE Security Update: Security update for php8 oval:org.secpod.oval:def:1601602 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface oval:org.secpod.oval:def:124626 Python 3.7 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.7, see other distributions that support it, such as an older Fedora release. oval:org.secpod.oval:def:89047993 This update for python3 fixes the following issues: - CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_* implementations. - CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera oval:org.secpod.oval:def:89048004 This update for python3 fixes the following issues: - CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_* implementations. - CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera. The following non-security bug was fixed: - Fixed a crash in the garbage co ... oval:org.secpod.oval:def:124385 PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fai ... oval:org.secpod.oval:def:3300960 SUSE Security Update: Security update for python3 oval:org.secpod.oval:def:1701695 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface oval:org.secpod.oval:def:89414 python3.6: An interactive high-level object-oriented language Details: USN-5767-1 fixed vulnerabilities in Python. This update fixes the problem for Linux Mint 19.x LTS. Original advisory Several security issues were fixed in Python. oval:org.secpod.oval:def:86544 python3.10: An interactive high-level object-oriented language - python3.8: An interactive high-level object-oriented language - python2.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:1601595 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface oval:org.secpod.oval:def:124438 Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Co ... oval:org.secpod.oval:def:124557 Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Co ... oval:org.secpod.oval:def:1701087 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface oval:org.secpod.oval:def:3000330 Nicky Mouha discovered a buffer overflow in "_sha3", the SHA-3 hashing function module used by "hashlib" in Python 3.7. While the attacks require a large volume of data, they could potentially result in remote code execution. oval:org.secpod.oval:def:708628 pysha3: SHA-3 hash implementation pysha3 could be made to crash or run programs if it received specially crafted data. oval:org.secpod.oval:def:708629 pypy3: fast alternative implementation of Python 3.x PyPy could be made to crash or run programs if it received specially crafted data. oval:org.secpod.oval:def:125173 PyPy's implementation of Python 3.7, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types . This build of PyPy has JIT-compilation enabled. oval:org.secpod.oval:def:96477 pypy3: fast alternative implementation of Python 3.x PyPy could be made to crash or run programs if it received specially crafted data. oval:org.secpod.oval:def:96476 pysha3: SHA-3 hash implementation pysha3 could be made to crash or run programs if it received specially crafted data. oval:org.secpod.oval:def:124449 Python 3.7 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.7, see other distributions that support it, such as an older Fedora release. oval:org.secpod.oval:def:89047859 This update for python3 fixes the following issues: - CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_* implementations. - CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera oval:org.secpod.oval:def:610232 Nicky Mouha discovered a buffer overflow in "sha3", a Python library for the SHA-3 hashing functions. oval:org.secpod.oval:def:124843 PyPy's implementation of Python 3.8, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types . This build of PyPy has JIT-compilation enabled. oval:org.secpod.oval:def:124446 Python 3.8 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, see other distributions that support it, such as an older Fedora release. oval:org.secpod.oval:def:85957 Nicky Mouha discovered a buffer overflow in the sha3 module of PyPy, a fast, compliant alternative implementation of the Python language. oval:org.secpod.oval:def:610235 Nicky Mouha discovered a buffer overflow in the sha3 module of PyPy, a fast, compliant alternative implementation of the Python language. oval:org.secpod.oval:def:89048500 This update for python39 fixes the following issues: * CVE-2023-24329: Fixed blocklists bypass via the urllib.parse component when supplying a URL that starts with blank characters . Update to 3.9.16: \- python -m http.server no longer allows terminal control characters sent within a garbage request ... oval:org.secpod.oval:def:124440 Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Co ... oval:org.secpod.oval:def:124840 PyPy's implementation of Python 3.8, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types . This build of PyPy has JIT-compilation enabled. oval:org.secpod.oval:def:707847 python3.10: An interactive high-level object-oriented language - python3.8: An interactive high-level object-oriented language - python2.7: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language Several security issues were fixed in Python. oval:org.secpod.oval:def:88424 Nicky Mouha discovered a buffer overflow in "sha3", a Python library for the SHA-3 hashing functions. oval:org.secpod.oval:def:707798 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:507745 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a "__Hos ... oval:org.secpod.oval:def:19500117 A vulnerability was found in php. This issue occurs due to memory corruption in the finfo_buffer function and a bad patch of the libmagic library. This flaw allows an attacker or malicious actor to execute a heap buffer overflow successfully, causing a memory crash. In PHP versions before 7.4.31, 8. ... oval:org.secpod.oval:def:89047906 This update for php7 fixes the following issues: - Version update to 7.2.34 [jsc#SLE-23639] - CVE-2022-37454: Fixed SHA-3 buffer overflow . - Fix integer overflow in PHP_SHA3##bits . oval:org.secpod.oval:def:507555 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:89047905 This update for php7 fixes the following issues: - Version update to 7.4.33: - CVE-2022-31630: Fixed out-of-bounds read due to insufficient input validation in imageloadfont . - CVE-2022-37454: Fixed buffer overflow in hash_update on long parameter . - Version update to 7.4.32 - CVE-2022-31628: Fix ... oval:org.secpod.oval:def:610253 Multiple security issues were discovered in PHP, a widely-used open source general purpose scripting language which could result an denial of service, information disclosure, insecure cooking handling or potentially the execution of arbitrary code. oval:org.secpod.oval:def:1506435 php [8.0.27-1] - rebase to 8.0.27 oval:org.secpod.oval:def:3300882 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:1506755 libzip [1.6.1-1] - update to 1.6.1 - enable lzma support [1.5.2-1] - update to 1.5.2 - add all explicit cmake options to ensure openssl is used even in local build with other lilbraries available [1.5.1-1] - update to 1.5.1 - drop dependency on zlib-devel and bzip2-devel no more referenced in libzip ... oval:org.secpod.oval:def:3000280 Multiple security issues were discovered in PHP, a widely-used open source general purpose scripting language which could result in denial of service, information disclosure, insecure cooking handling or potentially the execution of arbitrary code. oval:org.secpod.oval:def:86622 php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter - php7.2: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:4501183 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:2600157 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:3300866 SUSE Security Update: Security update for php7 oval:org.secpod.oval:def:5800160 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:1506642 php-pecl-apcu [5.1.21-1] - update to 5.1.21 for PHP 8.1 #2070040 php-pecl-rrd [2.0.3-4] - build for PHP 8.1 #2070040 php-pecl-xdebug3 [3.1.4-1] - update to 3.1.4 for PHP 8.1 #2070040 php-pecl-zip [1.20.1-1] - update to 1.20.1 for PHP 8.1 #2070040 php [8.1.14-1] - rebase to 8.1.14 [8.1.8-1] - update ... oval:org.secpod.oval:def:1506447 [8.0.27-1] - rebase to 8.0.27 oval:org.secpod.oval:def:86611 Multiple security issues were discovered in PHP, a widely-used open source general purpose scripting language which could result an denial of service, information disclosure, insecure cooking handling or potentially the execution of arbitrary code. oval:org.secpod.oval:def:2600242 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:507653 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a "__Hos ... oval:org.secpod.oval:def:2501078 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:507536 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: php . Security Fix: * XKCP: buffer overflow in the SHA-3 reference implementation * php: standard insecure cookie could be treated as a `__Ho ... oval:org.secpod.oval:def:2500941 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. oval:org.secpod.oval:def:3300388 SUSE Security Update: Security update for php7 |