CLSA-2025:1759937401 TuxCare License Agreement 0 * Move gpg key and repo installation from debian/install to postinst * Add support for multiple deb platforms None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Move gpg key and repo installation from debian/install to postinst * Add support for multiple deb platforms

0 tuxcare-debian10-els els-os-release_1.0.0-2_amd64.deb 47238eb136a07fb1b91fe531b6e4ebbd3207a6ab CLSA-2025:1760712981 TuxCare License Agreement 0 * SECURITY UPDATE: path Equivalence leads to Remote Code Execution and/or Information disclosure - debian/patches/CVE-2025-24813.patch: Enhance lifecycle of temporary files used by partial PUT - CVE-2025-24813 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: path Equivalence leads to Remote Code Execution and/or Information disclosure - debian/patches/CVE-2025-24813.patch: Enhance lifecycle of temporary files used by partial PUT - CVE-2025-24813

0 tuxcare-debian10-els libtomcat9-embed-java_9.0.31-1~deb10u12+tuxcare.els1_all.deb cbd5aec9b164077d8ada2c0975b75356829b0a90 libtomcat9-java_9.0.31-1~deb10u12+tuxcare.els1_all.deb d1c0ff69c3a2d6e7ba578277f0b8871fdbb13c0e tomcat9_9.0.31-1~deb10u12+tuxcare.els1_all.deb 87314267d62656d14d83f13111b07b3e6c1360a9 tomcat9-admin_9.0.31-1~deb10u12+tuxcare.els1_all.deb a0e9ed1fba473efbfcd86f7aeed09bb4305d915a tomcat9-common_9.0.31-1~deb10u12+tuxcare.els1_all.deb b1483dd1ef7232bdd0db94e429d306f322bf3351 tomcat9-docs_9.0.31-1~deb10u12+tuxcare.els1_all.deb b9d2c0816fa6362ce688e6af9c58ae9e734418c5 tomcat9-examples_9.0.31-1~deb10u12+tuxcare.els1_all.deb 993f598a654edfa326b841c5153ee54dd5406329 tomcat9-user_9.0.31-1~deb10u12+tuxcare.els1_all.deb d916902fc70e7ad366a72db9899d3244e8af6854 CLSA-2025:1760711358 TuxCare License Agreement 0 * SECURITY UPDATE: mod_rewrite proxy handler substitution and prefix_stat vulnerabilities - debian/patches/CVE-2024-38474-38475-*.patch: tighten up prefix_stat and %3f handling, add better question mark tracking to avoid UnsafeAllow3F - CVE-2024-38474, CVE-2024-38475 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mod_rewrite proxy handler substitution and prefix_stat vulnerabilities - debian/patches/CVE-2024-38474-38475-*.patch: tighten up prefix_stat and %3f handling, add better question mark tracking to avoid UnsafeAllow3F - CVE-2024-38474, CVE-2024-38475

0 tuxcare-debian10-els apache2_2.4.59-1~deb10u1+tuxcare.els2_amd64.deb 9c7a74a194ea840337212f7eb84fa4e05f2c80f7 apache2-bin_2.4.59-1~deb10u1+tuxcare.els2_amd64.deb e84170b194839906fd30dd456ecc7839e160137b apache2-data_2.4.59-1~deb10u1+tuxcare.els2_all.deb 2f7a5595bb54c1849dd6d158d73000002ff51db5 apache2-dev_2.4.59-1~deb10u1+tuxcare.els2_amd64.deb 8359ab8a5ec9254275a3235f1212e6673e719e5b apache2-doc_2.4.59-1~deb10u1+tuxcare.els2_all.deb 8cfcde608a7b65f3afe6abe2738ea2e59438c3a4 apache2-ssl-dev_2.4.59-1~deb10u1+tuxcare.els2_amd64.deb 9633ac21eecf085ade3dc9bd9e9e92292d9a95f9 apache2-suexec-custom_2.4.59-1~deb10u1+tuxcare.els2_amd64.deb 91195402df7d51c926d99677eec1c8bff9ad5014 apache2-suexec-pristine_2.4.59-1~deb10u1+tuxcare.els2_amd64.deb 572c412ec85fa1131163bffc3424e08458fbf745 apache2-utils_2.4.59-1~deb10u1+tuxcare.els2_amd64.deb c41bd92bcc8d261a7ae086bcc996ab16ca12b79a libapache2-mod-md_2.4.59-1~deb10u1+tuxcare.els2_amd64.deb 3f180ea79f44acfd5ad1dc7ac3c5bec7b76fc686 libapache2-mod-proxy-uwsgi_2.4.59-1~deb10u1+tuxcare.els2_amd64.deb 9c10a74aaf1a7a86edf725d8176156382df6ff4d CLSA-2025:1760722427 TuxCare License Agreement 0 * SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: HTTP/2 - per-iteration stream handling limit. - CVE-2023-44487 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The HTTP/2 protocol allows a denial of service because request cancellation can reset many streams quickly - debian/patches/CVE-2023-44487.patch: HTTP/2 - per-iteration stream handling limit. - CVE-2023-44487

0 tuxcare-debian10-els libnginx-mod-http-auth-pam_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 0dcc3556afbe7601d3619ceac110e3e7f1301c23 libnginx-mod-http-cache-purge_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb c2baf90fe5d718a55678d21e4f51bec3cae4c990 libnginx-mod-http-dav-ext_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb a54f2c8bd495ad2ee6f9f4e6f444f6ba038a7b17 libnginx-mod-http-echo_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb d7f351231005df843b39f654b00632faa89e0ead libnginx-mod-http-fancyindex_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb ce9b0d6faf8704e10caf18b4c9ebd81bd4fdee1d libnginx-mod-http-geoip_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb fb1a5bc5181df167170b43f4be34d8c3ea3f0f7f libnginx-mod-http-headers-more-filter_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 99fcc513603ad569aea3d35a6f1b22c54096eebe libnginx-mod-http-image-filter_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 6f9e85498aeadd72a677fe65ab15f3f30e7d8f7d libnginx-mod-http-lua_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb efebb484d210724a88c112ff484518087e1ab317 libnginx-mod-http-ndk_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb cd0d3b172e64b419630dacf87036254e605f2dd2 libnginx-mod-http-perl_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb b24476d97e9fcefd5d6cfd64d87f1f5c30c2800e libnginx-mod-http-subs-filter_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 213355ecd5c4fd5eb9ff63e5b13a61e692b06a12 libnginx-mod-http-uploadprogress_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb e7b62d84d52edd764ef3c178e0c9e784448e2935 libnginx-mod-http-upstream-fair_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 432f848199acd2403895250fa9f4f26bb76d5f3a libnginx-mod-http-xslt-filter_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 612b10c491c4168d16628cb7bb5d67755fcd9357 libnginx-mod-mail_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 003dcfbafa044580080dbe79c6484218f681dd40 libnginx-mod-nchan_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 72d3bcd8985f4583e813d36e61983394e1448e95 libnginx-mod-rtmp_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb d412102bc8aa198335e79964fb72e600a8351b58 libnginx-mod-stream_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb dc7226ce9470fcadcd06cdc70b91734ba605ebe5 nginx_1.14.2-2+deb10u5+tuxcare.els1_all.deb 042e1976a921c1cd59b53c1ed27803d04cc327bf nginx-common_1.14.2-2+deb10u5+tuxcare.els1_all.deb c9869a891544e0a6fae23f04ba3a626dc1010bb0 nginx-doc_1.14.2-2+deb10u5+tuxcare.els1_all.deb 3442cb0e0c893f3db28f0bb642abf92204c66ff7 nginx-extras_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb aad6a81cc7a403a9dda5f8acf4644a1f5d4ee7e1 nginx-full_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 3f34044bbe1a6deb21f92f4c86f6b6665b00f4a1 nginx-light_1.14.2-2+deb10u5+tuxcare.els1_amd64.deb 7caaddddb4dec76b75c44fb10bc336be9fa11299 CLSA-2025:1760982550 TuxCare License Agreement 0 * SECURITY_UPDATE: avoid segfault on ${0::0/0~09J} - debian/patches/CVE-2022-48174.patch: Fix shell segfault in malformed arithmetic expressions - CVE-2022-48174 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY_UPDATE: avoid segfault on ${0::0/0~09J} - debian/patches/CVE-2022-48174.patch: Fix shell segfault in malformed arithmetic expressions - CVE-2022-48174

0 tuxcare-debian10-els busybox_1.30.1-4+tuxcare.els1_amd64.deb f80d6afde9c2ea020b595ba1558c5922535effb7 busybox-static_1.30.1-4+tuxcare.els1_amd64.deb 7dc1cf3aa5d7ebb368d790fcc0ffa75790aea6e4 busybox-syslogd_1.30.1-4+tuxcare.els1_all.deb 3631b64bc688fb3a90ff3e8ec3ac091f1126f14f udhcpc_1.30.1-4+tuxcare.els1_amd64.deb b859127a3bd83db5e61afe7e0be4952cdc1dbce3 udhcpd_1.30.1-4+tuxcare.els1_amd64.deb 922610c336cee34df74765dd8f24c8514f9c3504 CLSA-2025:1761082098 TuxCare License Agreement 0 * SECURITY UPDATE: Authentication bypass in external authentication plug-ins with only partially correct credentials - debian/patches/CVE-2022-0547.patch: disallow multiple deferred authentication plug-ins - CVE-2022-0547 * Update sample keys for testing - debian/sample-keys/* - debian/rules - debian/source/include-binaries Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Authentication bypass in external authentication plug-ins with only partially correct credentials - debian/patches/CVE-2022-0547.patch: disallow multiple deferred authentication plug-ins - CVE-2022-0547 * Update sample keys for testing - debian/sample-keys/* - debian/rules - debian/source/include-binaries

0 tuxcare-debian10-els openvpn_2.4.7-1+deb10u1+tuxcare.els1_amd64.deb 00ebbbe453fd52e9eb6e970c8150604a63957cfe CLSA-2025:1761082274 TuxCare License Agreement 0 * SECURITY UPDATE: out-of-bound write - debian/patches/CVE-2024-11236: fix integer overflow causing in an out-of-bounds write ldap_escape() - CVE-2024-11236 * SECURITY UPDATE: incorrect URL truncation - debian/patches/CVE-2025-1861: fix possible incorrect URL truncation and redirecting to a wrong location - CVE-2025-1217 - CVE-2025-1734 - CVE-2025-1861 * SECURITY UPDATE: inadequate validation of user-supplied headers may lead to header misinterpretation - debian/patches/CVE-2025-1736.patch: Fix GHSA-hgf5-96fm-v528: Correct http user header CRLF check - CVE-2025-1736 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out-of-bound write - debian/patches/CVE-2024-11236: fix integer overflow causing in an out-of-bounds write ldap_escape() - CVE-2024-11236 * SECURITY UPDATE: incorrect URL truncation - debian/patches/CVE-2025-1861: fix possible incorrect URL truncation and redirecting to a wrong location - CVE-2025-1217 - CVE-2025-1734 - CVE-2025-1861 * SECURITY UPDATE: inadequate validation of user-supplied headers may lead to header misinterpretation - debian/patches/CVE-2025-1736.patch: Fix GHSA-hgf5-96fm-v528: Correct http user header CRLF check - CVE-2025-1736

0 tuxcare-debian10-els libapache2-mod-php7.3_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 124ff69f882ebb6487fa7763e4efae1881709e8d libphp7.3-embed_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 938b04e28d3ea9d509d7511dca90dd7599f10fb2 php7.3_7.3.31-1~deb10u7+tuxcare.els1_all.deb 1d311b26ae25ae9c6c07a83174ab18d0644c343c php7.3-bcmath_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 9784dd6965f50e10287a1cafdde7c92a58dc900e php7.3-bz2_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb a07db62d32252eeb475745016e6127244067c4c7 php7.3-cgi_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 979bd77b6c599fdc4d8b23d97c71669876d02975 php7.3-cli_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 0c345eaee975420a0450e2cfb2c6a1d310370c05 php7.3-common_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 4f6bd8911eef5bff6d16c63736adefa69c088396 php7.3-curl_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb dcc81d238f97ed521aa0798a13ee71f25951e419 php7.3-dba_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 3619878e37a0d197a23e32f64df800ff9bda4e41 php7.3-dev_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 26d58d2da6b248764e5e3b5e2694985a55a14c5a php7.3-enchant_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 591f55b03761fa8c381bee84bd6f6c53b5e70bd6 php7.3-fpm_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 595c7bf8e8d9e61f81283d0e80cec75166fa283e php7.3-gd_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb eb493a163534a15c6f2ad8e474ec1ad53668517f php7.3-gmp_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 8c5bd228b84f64c31038f2761b1c6e9925014ac0 php7.3-imap_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 6460d70f19d50c952240eb6b6ca257fa341cd3fe php7.3-interbase_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb afcc738fe1dbd5113437fb2e819b6879e1f3fa12 php7.3-intl_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb e01b78d9b0358535787ff365fe411310dd606472 php7.3-json_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 381ae3e4513f496c689d123a286a475417e4bd52 php7.3-ldap_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 813460e38c8cd6114a5384a36c43710569d04505 php7.3-mbstring_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb fa421e2c54394fc9a91d9a58f549dcea3f805a4b php7.3-mysql_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb fb4984854975032b697bf084fab5e94e8d236b53 php7.3-odbc_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 799c53b8a4dc76d0a83058615ed91051db652b77 php7.3-opcache_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 9117ba9c0202f82c2e6c6ddc58000aeec516b0f4 php7.3-pgsql_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 3249e83ff4325053d84766e1b9e6c83ba0295864 php7.3-phpdbg_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 572569a770e6a51c9d54660f40a57f729d688bea php7.3-pspell_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 8590a3f6caf6434a2c13e2ea03e712093f23e5d2 php7.3-readline_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 2bb2a922fa5a4a26e3020ab89df4bb4a2112e597 php7.3-recode_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 8af6c07e34ad6cc3a7b65fef32018db3500b8b3f php7.3-snmp_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 7362ad8cfacfcfc734af7c5ab898f575d593f607 php7.3-soap_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb aa8d605e76c309c274fce1b65ef7608cecde283e php7.3-sqlite3_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 69f8f5dd4299a50b5403c9cdb72051d02386313a php7.3-sybase_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 391855bc7cfe3e987af5f0851e255de5ddfdb2c2 php7.3-tidy_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 5fd47e0e05e3c6b823bf044875b2f3b0e1d1db57 php7.3-xml_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb c3d7462fe117de642fc22acf0bb8d2c7f19db473 php7.3-xmlrpc_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 650200bdc0a0778df15c6d23d04871af538a39f2 php7.3-xsl_7.3.31-1~deb10u7+tuxcare.els1_all.deb 5f0a7ebae86673da60ceffbae2e82eb0e9c3825a php7.3-zip_7.3.31-1~deb10u7+tuxcare.els1_amd64.deb 64ba6a4607bab6420736a5b8593cc0eb71c6405f CLSA-2025:1761082525 TuxCare License Agreement 0 * SECURITY UPDATE: AD DC can be forced to issue rc4-hmac Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix session key selection algorithm for selecting the ticket in strongest-to-weakest order, thus allowing the target server to select better encryption - CVE-2022-45141 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: AD DC can be forced to issue rc4-hmac Kerberos tickets - debian/patches/CVE-2022-45141.patch: fix session key selection algorithm for selecting the ticket in strongest-to-weakest order, thus allowing the target server to select better encryption - CVE-2022-45141

0 tuxcare-debian10-els ctdb_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 4ccab4982d9599a8ecf5718389319396c5a01e96 libnss-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb c3ef500eb998ef581d8b03fa8f9c6770339d88fb libpam-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 37a3e027f90c561d39913604b3c8271611e3a739 libsmbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 7b279f8a03147ccbd0f6ff6cfb287c32a51f56b1 libsmbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 4e81372cbbb57a9e25b9f4c7e7f2c4f43a0da19c libwbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb d528766cbac88aee1cf94cfab923d8664464c6ab libwbclient0_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb b9773c13268057f4d5b2b64ca2398fc60c495c76 python-samba_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 91e2546cf2c2da38eb1e491cde034f7f1530305d registry-tools_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 792e409275d08c28ae619d06e5b29f29aeb23219 samba_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb a0f008095dd3a9cdfbc3786b3535b3f64c49d3af samba-common_4.9.5+dfsg-5+deb10u5+tuxcare.els1_all.deb e7784053f78821dca2a10ddd686f1b3123a69c0e samba-common-bin_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb dd462f838f6659d903ed8590f3c6f28722f659f3 samba-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 9689a808ae608fdaebba3f6f06e9a6a8d59a0147 samba-dsdb-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb cb1bdd39f782e3534646cd26499d020eb2a5d39b samba-libs_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 2b2147eb3107687998c6851823f8a7c3b697dabe samba-testsuite_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 3b407416460521ec48cc2fb7ad39d3f4c77071a0 samba-vfs-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb bf940f6e18cadd3d47a186695261726a90b8244b smbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb ee39fe8a5a140d6d78c6712c5e383b588b29ac47 winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els1_amd64.deb 2643ce335c80b28420a250e8152d89a147fafa1e CLSA-2025:1761141568 TuxCare License Agreement 0 * SECURITY UPDATE: heap-based buffer overflow in function bfd_getl32 in objdump - debian/patches/CVE-2021-46174.patch: Don't read past end of section when concatentating stab strings in read_section_stabs_debugging_info() in rddbg.c - CVE-2021-46174 * SECURITY UPDATE: heap buffer overflow in find_section_in_set() in readelf - debian/patches/CVE-2022-44840.patch: Scan the pool directly - CVE-2022-44840 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap-based buffer overflow in function bfd_getl32 in objdump - debian/patches/CVE-2021-46174.patch: Don't read past end of section when concatentating stab strings in read_section_stabs_debugging_info() in rddbg.c - CVE-2021-46174 * SECURITY UPDATE: heap buffer overflow in find_section_in_set() in readelf - debian/patches/CVE-2022-44840.patch: Scan the pool directly - CVE-2022-44840

0 tuxcare-debian10-els binutils_2.31.1-16+tuxcare.els1_amd64.deb 0f424607a13e19be1f97cd27d1ec31f5bd6319d7 binutils-aarch64-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb b9c6429dbd971e936c175061803ea0516282f3de binutils-alpha-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 5eb545b330dd702645a126c69026338bf44106a1 binutils-arm-linux-gnueabi_2.31.1-16+tuxcare.els1_amd64.deb a686c445ec6f4aadad5205fd3cedf890d35515d8 binutils-arm-linux-gnueabihf_2.31.1-16+tuxcare.els1_amd64.deb 62fac3d5149d8571e9b067bb99eb04f7075147c6 binutils-common_2.31.1-16+tuxcare.els1_amd64.deb a6e2918f445c5214fbf06c9e26caa0b1c916f251 binutils-dev_2.31.1-16+tuxcare.els1_amd64.deb 40c5e2eef0e9758c9f4b0ddb9a901dc442b9e1d8 binutils-doc_2.31.1-16+tuxcare.els1_all.deb f5c05979436561bd8ad03c5b08141b9be7486119 binutils-for-build_2.31.1-16+tuxcare.els1_all.deb 6b060a148e6d395775ee006a9c20179c516f5fca binutils-for-host_2.31.1-16+tuxcare.els1_amd64.deb 0d4c005b392b31f4f1b13839b77e1f23b4fe5df2 binutils-hppa-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb afe8dde4d083cc2ff4e0563e249ed2f07b118f62 binutils-hppa64-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 76141f2f3fb5da7701679dae5facdd2654080c24 binutils-i686-gnu_2.31.1-16+tuxcare.els1_amd64.deb 5108d1cd505516f2739001585d94fef717f9b505 binutils-i686-kfreebsd-gnu_2.31.1-16+tuxcare.els1_amd64.deb a9047c7768a456f4823eae4275760ebd817bc620 binutils-i686-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 0d60ebdd10175eaf63ca190ed2558d58d842cc2d binutils-ia64-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 154bfab9424e71a795d2b4d9d876f424e6eed990 binutils-m68k-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 1eb66a363b4c368250e6c0c0ab38b71cfda37b7a binutils-mips-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 5d9fe95168eccbea3a5d9745dc00dde08da4c478 binutils-mips64el-linux-gnuabi64_2.31.1-16+tuxcare.els1_amd64.deb c3f7c16be5d54e65c66b6f686f1ddb249a2d98c4 binutils-mipsel-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 088b545b95748adc98a3d99b71206d4b763921d5 binutils-multiarch_2.31.1-16+tuxcare.els1_amd64.deb 708c845fa4bc9ba76b96842be4249fe4e2600af6 binutils-multiarch-dev_2.31.1-16+tuxcare.els1_amd64.deb a1ce5a9b555763a24ce9cb307b0d5951b93bad0f binutils-powerpc-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 365242c2b9a05e0d2613152ce3a94a9f54f54e5c binutils-powerpc-linux-gnuspe_2.31.1-16+tuxcare.els1_amd64.deb 3e9194222a805c0bf59b69dac0f3a9002a67bf9a binutils-powerpc64-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb c08abfc65c6cd91fe57ee89a4fdc142a0e52ffc4 binutils-powerpc64le-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb cd931e038afef67c1027afecfff81c64cf5d801e binutils-riscv64-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 2a5730ac400fa7941c0fca594b99d651eec766b8 binutils-s390x-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 1ae34654db857a262ef96a6028343473646be963 binutils-sh4-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb c8881e3690be0565a6d063028f14491a3f4c71c0 binutils-source_2.31.1-16+tuxcare.els1_all.deb 3df691d0e97273ba84fdd585b7faaa865f58f67e binutils-sparc64-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb eb7008c93370a70e8b27d16697548880089838f3 binutils-x86-64-kfreebsd-gnu_2.31.1-16+tuxcare.els1_amd64.deb 6dd57aec86555137e540d19b7b407e46e4b5d068 binutils-x86-64-linux-gnu_2.31.1-16+tuxcare.els1_amd64.deb 22761d64c400f819f065d2334d6f125036f6c529 binutils-x86-64-linux-gnux32_2.31.1-16+tuxcare.els1_amd64.deb 49991512dad7517b855fe9604838ed4a77953be5 libbinutils_2.31.1-16+tuxcare.els1_amd64.deb dfb6cc3503772ea9cc81fb88e7177d9f87796ca5 CLSA-2025:1761261543 TuxCare License Agreement 0 * SECURITY UPDATE: use-after-free vulnerability in XML schema processing - debian/patches/CVE-2024-56171.patch: Fix use-after-free after xmlSchemaItemListAdd in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables - CVE-2024-56171 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: use-after-free vulnerability in XML schema processing - debian/patches/CVE-2024-56171.patch: Fix use-after-free after xmlSchemaItemListAdd in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables - CVE-2024-56171

0 tuxcare-debian10-els libxml2_2.9.4+dfsg1-7+deb10u6+tuxcare.els1_amd64.deb d856ee784d0e5418691329eaca7a2e2b0a334d73 libxml2-dev_2.9.4+dfsg1-7+deb10u6+tuxcare.els1_amd64.deb 18d58e5e54bebd72c636fdaa056c2410ddcc5059 libxml2-doc_2.9.4+dfsg1-7+deb10u6+tuxcare.els1_all.deb 00f206446fc264b7db59d3b50242bce22cfb4caa libxml2-utils_2.9.4+dfsg1-7+deb10u6+tuxcare.els1_amd64.deb ffb0174c1f81bf11ff3e19f0402a7fbf7083e8fe python-libxml2_2.9.4+dfsg1-7+deb10u6+tuxcare.els1_amd64.deb 217028bfa7b7991c2691ec349fe239bb80dfb7ef python3-libxml2_2.9.4+dfsg1-7+deb10u6+tuxcare.els1_amd64.deb 8204e644d1863c3ed236b633278d43c2dc9e3d57 CLSA-2025:1761312327 TuxCare License Agreement 0 * SECURITY UPDATE: uncontrolled recursion leading to stack overflow via crafted XPath expressions - debian/patches/CVE-2025-9714.patch: Make XPath depth check work with recursive invocations to prevent stack overflows - CVE-2025-9714 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: uncontrolled recursion leading to stack overflow via crafted XPath expressions - debian/patches/CVE-2025-9714.patch: Make XPath depth check work with recursive invocations to prevent stack overflows - CVE-2025-9714

0 tuxcare-debian10-els libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els5_amd64.deb 317bd104d239b122a0a29bf9f70020d870992af0 libxml2-dev_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els5_amd64.deb d1ef5bd1e72e679c4c74a59ad69dd207059f7815 libxml2-doc_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els5_all.deb 140c92602c8e67e187ce8dae5d5f31e98e353ea5 libxml2-utils_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els5_amd64.deb 55f08507432e2e1dcfdaf464848b768891f8cf9e python-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els5_amd64.deb 6d3ff48185210215e9414e1c638bc29756ec149d python3-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els5_amd64.deb de825856ea3a676f20d2083c50c792674bb6aec1 CLSA-2025:1760649409 TuxCare License Agreement 0 * SECURITY UPDATE: excessive aggregate terms potentially leading to memory corruption - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: excessive aggregate terms potentially leading to memory corruption - debian/patches/CVE-2025-6965.patch: fix a potential memory corruption if the number of aggregate terms in a query exceeds the maximum number of columns - CVE-2025-6965

0 tuxcare-debian10-els lemon_3.31.1-4ubuntu0.7+tuxcare.els1_amd64.deb e7ef9078ae0f9875540c3f96aa099d16d5a4243d libsqlite3-0_3.31.1-4ubuntu0.7+tuxcare.els1_amd64.deb 7926aec247b7c064ff7dae0d2f5ebc8a4e3afc08 libsqlite3-dev_3.31.1-4ubuntu0.7+tuxcare.els1_amd64.deb 8686e24186dbf9972a664a403f256e7a21a28cd5 libsqlite3-tcl_3.31.1-4ubuntu0.7+tuxcare.els1_amd64.deb 0d895f5786bddd55ceb2dede32fd2764be00d709 sqlite3_3.31.1-4ubuntu0.7+tuxcare.els1_amd64.deb b19c579edb6025d355ee12f27929eda8182be16e sqlite3-doc_3.31.1-4ubuntu0.7+tuxcare.els1_all.deb a132efc62705e0eb683956feae88211ac3675931 CLSA-2025:1761323691 TuxCare License Agreement 0 * SECURITY UPDATE: stack-based buffer overflow in disassemble_bytes function - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow by restricting size of insn_width buffer - CVE-2025-0840 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack-based buffer overflow in disassemble_bytes function - debian/patches/CVE-2025-0840.patch: Fix stack-buffer-overflow by restricting size of insn_width buffer - CVE-2025-0840

0 tuxcare-debian10-els binutils_2.31.1-16+tuxcare.els2_amd64.deb 10d61e45d8ce9d5a604c7a2fb66acfb202b646a4 binutils-aarch64-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb a2f9df0ac31bf4fd0f1438260713099bc67c16cd binutils-alpha-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 9b2953d555cd1c2c3bf93659cd3178789212c1e8 binutils-arm-linux-gnueabi_2.31.1-16+tuxcare.els2_amd64.deb 9e18343881aa6f6a2f8e65ca4f869237fa975bff binutils-arm-linux-gnueabihf_2.31.1-16+tuxcare.els2_amd64.deb 509cca3ea3d3afba537fded1f1d51d8e757e425b binutils-common_2.31.1-16+tuxcare.els2_amd64.deb e4cb4c14c914a72afc7d9735c636d215de01fc5a binutils-dev_2.31.1-16+tuxcare.els2_amd64.deb c28d5780b68962ac7cbbc83a1901406e42191a11 binutils-doc_2.31.1-16+tuxcare.els2_all.deb 5dce8da58cfc10efe1e8eb1e372ea90aae05e6e1 binutils-for-build_2.31.1-16+tuxcare.els2_all.deb 82090105f21bd0bd9926ffbd2ac02d96778171f1 binutils-for-host_2.31.1-16+tuxcare.els2_amd64.deb f1c7478350a18d8a04ef93302d8c3e8aad084836 binutils-hppa-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb c04eef795892e0edfbb47eb21e0237dae8952abc binutils-hppa64-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 3d6214a97b4797f714e2159ea9e1880a48701325 binutils-i686-gnu_2.31.1-16+tuxcare.els2_amd64.deb cd1f87ce4f1a18e14894ce7ed10d90718649ad9a binutils-i686-kfreebsd-gnu_2.31.1-16+tuxcare.els2_amd64.deb a68d38e65de4755d39bb7c3b96a14dda9d6e0598 binutils-i686-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 2081b6e7dc47f34243f1a8afa16a2cbb064737b4 binutils-ia64-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 55745a353c8618df893ff22f37769d73df264597 binutils-m68k-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb d84b19862bfa94fd08602690016e2f6ea2d7586c binutils-mips-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb b011b4b7a347c2211fae2ca4945bb58f103b5979 binutils-mips64el-linux-gnuabi64_2.31.1-16+tuxcare.els2_amd64.deb ebfd3e756aa2a93a13317dfa5f6a1dcb4cf08b08 binutils-mipsel-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 4054ad107553ec30ab9507fbc8c9e1f400175119 binutils-multiarch_2.31.1-16+tuxcare.els2_amd64.deb 4a704bb65efd46388862a6d524711b7fa652216a binutils-multiarch-dev_2.31.1-16+tuxcare.els2_amd64.deb 596fc7acffc0b2e786b8482ed3092f0b933a679a binutils-powerpc-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 1d55ea307f67316e81382b03a16aa4192b1e560b binutils-powerpc-linux-gnuspe_2.31.1-16+tuxcare.els2_amd64.deb dbc2c6090426fb2e2581b0cb05b4605188f35ca9 binutils-powerpc64-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 5571ca6c0c8ad2ce890eb19550e99acbd24aa121 binutils-powerpc64le-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 94cb107ee64e3dc34204a9f4c29bc2ab4f0ffd48 binutils-riscv64-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb dd2759ccbf7cd1fea810233c764c707859b32467 binutils-s390x-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb be7511b4fb84c8eb916f269e2dc814f491eea6dd binutils-sh4-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 2175769114d40f7209815feaaa6386a9f7bfcf39 binutils-source_2.31.1-16+tuxcare.els2_all.deb 95ae0d96f4ed410735f826fd658041312a6ed759 binutils-sparc64-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb a514e9aae2f987cb11c8f57bd34977775dc563d0 binutils-x86-64-kfreebsd-gnu_2.31.1-16+tuxcare.els2_amd64.deb 8c5608078e32d3ef0c783a5dc48701523e716404 binutils-x86-64-linux-gnu_2.31.1-16+tuxcare.els2_amd64.deb 3dc035b71503dbeac506bc6ecf287ba487f4fa1b binutils-x86-64-linux-gnux32_2.31.1-16+tuxcare.els2_amd64.deb 41b91301ee1417ce3a56309d7827151604ba4b49 libbinutils_2.31.1-16+tuxcare.els2_amd64.deb 138684001179f12c447ba61deda6cc8b337a962d CLSA-2025:1761323893 TuxCare License Agreement 0 * SECURITY UPDATE: missing TLS certificate verification - debian/patches/fixes/CVE-2023-31484.patch: enable SSL/TLS cert checking in .../CPAN/HTTP/Client.pm - CVE-2023-31484 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: missing TLS certificate verification - debian/patches/fixes/CVE-2023-31484.patch: enable SSL/TLS cert checking in .../CPAN/HTTP/Client.pm - CVE-2023-31484

0 tuxcare-debian10-els libperl-dev_5.28.1-6+deb10u1+tuxcare.els1_amd64.deb a6249129e36bc6f39594991ec07da4c5ec98e962 libperl5.28_5.28.1-6+deb10u1+tuxcare.els1_amd64.deb e0a40390d42e2ea9f3bdb7f63e03899ee07ebe00 perl_5.28.1-6+deb10u1+tuxcare.els1_amd64.deb fff0018a92c3bcabd01ad70325d347179c2f51d2 perl-base_5.28.1-6+deb10u1+tuxcare.els1_amd64.deb d64e800da2525d19bf018d723f10d725bb1c4091 perl-debug_5.28.1-6+deb10u1+tuxcare.els1_amd64.deb e4d81dff64bd849fc78e3b54c984af8c2627bbc6 perl-doc_5.28.1-6+deb10u1+tuxcare.els1_all.deb ab90013c6c641b879085bc80719d8701e5d4f4d4 perl-modules-5.28_5.28.1-6+deb10u1+tuxcare.els1_all.deb 845f464545febba5adf05946cb6f9ac604fd6847 CLSA-2025:1761325294 TuxCare License Agreement 0 * SECURITY UPDATE: privilege escalation via symlinks - debian/patches/CVE-2021-23240.patch: fix opportunity for local unprivileged user to gain file ownership via symlinks. * SECURITY UPDATE: unauthorized commands execution on unintended hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462 * SECURITY UPDATE: row hammer attack - debian/patches/CVE-2023-42465.patch: make return values resist to single bit flips - CVE-2023-42465 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: privilege escalation via symlinks - debian/patches/CVE-2021-23240.patch: fix opportunity for local unprivileged user to gain file ownership via symlinks. * SECURITY UPDATE: unauthorized commands execution on unintended hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462 * SECURITY UPDATE: row hammer attack - debian/patches/CVE-2023-42465.patch: make return values resist to single bit flips - CVE-2023-42465

0 tuxcare-debian10-els sudo_1.8.27-1+deb10u6+tuxcare.els1_amd64.deb ca25ece51abdcfd50763004df146b24b28ecf303 sudo-ldap_1.8.27-1+deb10u6+tuxcare.els1_amd64.deb 1f5aea49b4a70b516390debe596e7ba4f1153682 CLSA-2025:1761326171 TuxCare License Agreement 0 * SECURITY UPDATE: privilege escalation vulnerability in privileged mode - debian/patches/CVE-2019-18276.patch: fix setuid/setgid handling when bash is running in privileged mode, use setresuid/setresgid over setuid/setgid when available - CVE-2019-18276 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: privilege escalation vulnerability in privileged mode - debian/patches/CVE-2019-18276.patch: fix setuid/setgid handling when bash is running in privileged mode, use setresuid/setresgid over setuid/setgid when available - CVE-2019-18276

0 tuxcare-debian10-els bash_5.0-4+tuxcare.els1_amd64.deb 04afc0d6dd679af3f9d23177f3a0ac92eccaff24 bash-builtins_5.0-4+tuxcare.els1_amd64.deb d1eb3f548e5b0930a54571f75c2f90afa15202f5 bash-doc_5.0-4+tuxcare.els1_all.deb 3a09b35a485f8f3c6de1a1c31874e0f650ce89b4 bash-static_5.0-4+tuxcare.els1_amd64.deb 29641db28dc6d03d6520ab31d44bef645edff7d4 CLSA-2025:1761575970 TuxCare License Agreement 0 * SECURITY UPDATE: potential Denial of Service via TLS connection - debian/patches/CVE-2020-14058.patch: Fix sending of unknown validation errors to cert validator - CVE-2020-14058 * SECURITY UPDATE: improper Validation of Specified Index leads to Denial of Service via TLS Handshake vulnerability - debian/patches/CVE-2023-46724.patch: Fix validation of certificates with CN=* due to Buffer UnderRead in SSL CN Parsing issue (#1523) - CVE-2023-46724 * SECURITY UPDATE: denial of Service vulnerability in HTTP Chunked decoder due to uncontrolled recursion bug - debian/patches/CVE-2024-25111.patch: Fix infinite recursion when parsing HTTP chunks, prevent progress in call chain by stopping HttpStateData recursion - CVE-2024-25111 * SECURITY UPDATE: denial of Service vulnerability in the NTLM authentication credentials parser due to incorrect input validation - debian/patches/CVE-2020-8517.patch: Fix incorrect input validation allowing writing outside of buffer and leading to denial of service - CVE-2020-8517 * SECURITY UPDATE: denial of Service vulnerability against HTTP header parsing due to a Collapse of Data into Unsafe Value - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values to prevent DoS - CVE-2024-25617 * SECURITY UPDATE: denial of Service vulnerability by a trusted server - debian/rules: Disable ESI due to unfixed multiple issues in ESI causing DoS by a trusted server - debian/control: Remove dependencies used by ESI - CVE-2024-45802 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: potential Denial of Service via TLS connection - debian/patches/CVE-2020-14058.patch: Fix sending of unknown validation errors to cert validator - CVE-2020-14058 * SECURITY UPDATE: improper Validation of Specified Index leads to Denial of Service via TLS Handshake vulnerability - debian/patches/CVE-2023-46724.patch: Fix validation of certificates with CN=* due to Buffer UnderRead in SSL CN Parsing issue (#1523) - CVE-2023-46724 * SECURITY UPDATE: denial of Service vulnerability in HTTP Chunked decoder due to uncontrolled recursion bug - debian/patches/CVE-2024-25111.patch: Fix infinite recursion when parsing HTTP chunks, prevent progress in call chain by stopping HttpStateData recursion - CVE-2024-25111 * SECURITY UPDATE: denial of Service vulnerability in the NTLM authentication credentials parser due to incorrect input validation - debian/patches/CVE-2020-8517.patch: Fix incorrect input validation allowing writing outside of buffer and leading to denial of service - CVE-2020-8517 * SECURITY UPDATE: denial of Service vulnerability against HTTP header parsing due to a Collapse of Data into Unsafe Value - debian/patches/CVE-2024-25617.patch: Improve handling of expanding HTTP header values to prevent DoS - CVE-2024-25617 * SECURITY UPDATE: denial of Service vulnerability by a trusted server - debian/rules: Disable ESI due to unfixed multiple issues in ESI causing DoS by a trusted server - debian/control: Remove dependencies used by ESI - CVE-2024-45802

0 tuxcare-debian10-els squid_4.6-1+deb10u10+tuxcare.els1_amd64.deb f6ab2fab6e59af569e63d5523611884b7bbe8138 squid-cgi_4.6-1+deb10u10+tuxcare.els1_amd64.deb 4c594136f4f4c32a86dbf8dd5fa1b433df895857 squid-common_4.6-1+deb10u10+tuxcare.els1_all.deb cb9e61c1b50a63a0bbcce6e89f05e59d7e3b6b47 squid-purge_4.6-1+deb10u10+tuxcare.els1_amd64.deb 66170871d1df3093aa97b4a3ad3375197f64f773 squid3_4.6-1+deb10u10+tuxcare.els1_all.deb f18f61dc50e834ae0e2194a0b67626153e48fc83 squidclient_4.6-1+deb10u10+tuxcare.els1_amd64.deb 27a1964f3383cd999d943c851e49774ca4829fcd CLSA-2025:1761576180 TuxCare License Agreement 0 * SECURITY UPDATE: Bypassing of some rewrite rules by a specially crafted request - debian/patches/CVE-2025-31651.patch: better handling of URLs - CVE-2025-31651 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Bypassing of some rewrite rules by a specially crafted request - debian/patches/CVE-2025-31651.patch: better handling of URLs - CVE-2025-31651

0 tuxcare-debian10-els libtomcat9-embed-java_9.0.31-1~deb10u12+tuxcare.els3_all.deb f11444681888fcd100cff2db2f6753a2fa0bc7f5 libtomcat9-java_9.0.31-1~deb10u12+tuxcare.els3_all.deb 2c6bbd92af923c26715fc1b241c63d21e0e8e6ad tomcat9_9.0.31-1~deb10u12+tuxcare.els3_all.deb b5e935bd2fcd169c9c1f0e312df4a3e038091709 tomcat9-admin_9.0.31-1~deb10u12+tuxcare.els3_all.deb 4653d95a291c4cce814891605a3488c1ef9eb28a tomcat9-common_9.0.31-1~deb10u12+tuxcare.els3_all.deb 3dc7a0bbeb37f515ab6ec145447aa8ab3c4edcd3 tomcat9-docs_9.0.31-1~deb10u12+tuxcare.els3_all.deb 8cae880463599441799cf82e173b0d62d95eaa49 tomcat9-examples_9.0.31-1~deb10u12+tuxcare.els3_all.deb 9031c7a0592ba5fa946aba5d8b648353321c49e8 tomcat9-user_9.0.31-1~deb10u12+tuxcare.els3_all.deb 1fdd665af3fdaf54b1f6339a9e05273f8fb30c2c CLSA-2025:1761576318 TuxCare License Agreement 0 * SECURITY UPDATE: Heap-based Buffer Overflow in visual mode - debian/patches/CVE-2022-3520.patch: check that the column does not become negative - CVE-2022-3520 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap-based Buffer Overflow in visual mode - debian/patches/CVE-2022-3520.patch: check that the column does not become negative - CVE-2022-3520

0 tuxcare-debian10-els vim_8.1.0875-5+deb10u6+tuxcare.els2_amd64.deb a652abe70d57c7a0d8eb12f0a0482181dba761b5 vim-athena_8.1.0875-5+deb10u6+tuxcare.els2_amd64.deb 5161201d4a472d3cb28309352d4d781054b7a839 vim-common_8.1.0875-5+deb10u6+tuxcare.els2_all.deb 661ddcd2de95d674d114c3783ce2330da8f0f276 vim-doc_8.1.0875-5+deb10u6+tuxcare.els2_all.deb db26acd259cef15d92dbfe1a85dc0b7e1d3fac85 vim-gtk_8.1.0875-5+deb10u6+tuxcare.els2_amd64.deb f5c64adfecd25e3df2e877df3ee93cdfe706f30b vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els2_amd64.deb 5c9f0c3a0caf414bbf9c9aadd18d2906acbf6d5e vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els2_all.deb 863d94168ad4fb46c4a20d1c0d4dbfa892f7777a vim-nox_8.1.0875-5+deb10u6+tuxcare.els2_amd64.deb acf01bf56ff18fe3b93fc9707db97a81a2328834 vim-runtime_8.1.0875-5+deb10u6+tuxcare.els2_all.deb d2f532d57ff49053bb1bc21475ca1deb04ea7915 vim-tiny_8.1.0875-5+deb10u6+tuxcare.els2_amd64.deb d5e630002939479f2b0ce1f63cc1b0cb066da7ef xxd_8.1.0875-5+deb10u6+tuxcare.els2_amd64.deb 13a91d3734ef322e167cb57280af8164e72bb879 CLSA-2025:1761577285 TuxCare License Agreement 0 * SECURITY UPDATE: out-of-bounds access - debian/patches/CVE-2017-9118.patch: fix out of bounds access in php_pcre_replace_impl - CVE-2017-9118 * SECURITY UPDATE: improper validation of HTTP_REDIRECT_STATUS variable in CGI binary - debian/patches/CVE-2024-8927.patch: fix Apache server name check; remove references to redirect.so and Netscape; check configuration override first - CVE-2024-8927 * SECURITY UPDATE: buffer overread vulnerability - debian/patches/CVE-2024-11233.patch: move bound check upwards to fix single byte overread with convert.quoted-printable-decode filter - CVE-2024-11233 * SECURITY UPDATE: URI is not properly sanitized - debian/patches/CVE-2024-11234.patch: when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user - CVE-2024-11234 * SECURITY UPDATE: incomplete check in escaping functions - debian/patches/CVE-2025-1735.patch: pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid. - CVE-2025-1735 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out-of-bounds access - debian/patches/CVE-2017-9118.patch: fix out of bounds access in php_pcre_replace_impl - CVE-2017-9118 * SECURITY UPDATE: improper validation of HTTP_REDIRECT_STATUS variable in CGI binary - debian/patches/CVE-2024-8927.patch: fix Apache server name check; remove references to redirect.so and Netscape; check configuration override first - CVE-2024-8927 * SECURITY UPDATE: buffer overread vulnerability - debian/patches/CVE-2024-11233.patch: move bound check upwards to fix single byte overread with convert.quoted-printable-decode filter - CVE-2024-11233 * SECURITY UPDATE: URI is not properly sanitized - debian/patches/CVE-2024-11234.patch: when using streams with configured proxy and "request_fulluri" option, the URI is not properly sanitized which can lead to HTTP request smuggling and allow the attacker to use the proxy to perform arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user - CVE-2024-11234 * SECURITY UPDATE: incomplete check in escaping functions - debian/patches/CVE-2025-1735.patch: pgsql and pdo_pgsql escaping functions do not check if the underlying quoting functions returned errors. This could cause crashes if Postgres server rejects the string as invalid. - CVE-2025-1735

0 tuxcare-debian10-els libapache2-mod-php7.3_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 14af307772a82ccbdf768b811122fdc03cbd8b35 libphp7.3-embed_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 66b09f9e0541beb8b54be0281b71b4757994a2a9 php7.3_7.3.31-1~deb10u7+tuxcare.els2_all.deb 5474a5bf1c7d13d02b4bb34c701cc33824118ced php7.3-bcmath_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb c0395b7c7d5d8332e194d05e43a35beda0576664 php7.3-bz2_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 804323c55677cae40653d513ce48537d6917ec9e php7.3-cgi_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 428ee37b6a5585e3d1e6fa8642a6f5c480aa6306 php7.3-cli_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb cdaf217f13881232c59efe8442d01659572251de php7.3-common_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 005e70f76a41b8af6c56d802d4a39921e61aaa8c php7.3-curl_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 44255e68e38ed0fd7ddc4691da086880ee05ad16 php7.3-dba_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 34e4f4097bd1bfb822a96c2097609208c9b55220 php7.3-dev_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 089300ada7f230e1907881fdf0d03ce5434b460b php7.3-enchant_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 99c0f92d54e07ad6a7726b8fc23e04cfc77225dd php7.3-fpm_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb d3f729d0f9cbac8c30b58508a6c76400e4461b98 php7.3-gd_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 36793ed98efe3766e4cd9b34b8243fb24b77db4d php7.3-gmp_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb e0d6f713334fd8aecc423d5f16dc4865c8ec0543 php7.3-imap_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 3ebb93b5d79541c84be9b6b759eeedd02e5360ca php7.3-interbase_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 4143f3ff430310df20cc2cef846c4646b1edcdf3 php7.3-intl_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 9b52ebac15c76e944db1c46a7854eec9fd4c9be4 php7.3-json_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb fe401b391a511f0dd3fa899d31aea1b4d2447d7f php7.3-ldap_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb f3c42537a0614dbd8eda708594f2f47504f9b5c7 php7.3-mbstring_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb fb6d408012bb7f0488b7b7a8e89c304c9145a6e7 php7.3-mysql_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 8cb26b1e237dafc245bd7895be82990ebe90820f php7.3-odbc_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 81ee827acb397f9de5452727ac3635a1fd8e44d2 php7.3-opcache_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb b651ede498c0c8befca2895cce888f9e5c7ea954 php7.3-pgsql_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 5502f8eb3e17930d6f8cad2273465bf429092a73 php7.3-phpdbg_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 3ffbb7f692ae8e817f5e8f3b0fd461ec9dd628f0 php7.3-pspell_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 1fd64c13cef814dee86466cd636acdc86ec631d6 php7.3-readline_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 8e75cff8205e89f7896a7767d30e6a688b440b92 php7.3-recode_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb bbea46766369f38af79093493b42c5dcb293e3c6 php7.3-snmp_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 519cf311ce183a8fc92d4b9ee598807b50ce94ea php7.3-soap_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 311390e242d53c5bcc51f5ff63954ced42f602ea php7.3-sqlite3_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 0619a1142ef2915973d3742a3872c20d04537b32 php7.3-sybase_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb c48a286e241ae38ffc81683e0befd7f894d1103b php7.3-tidy_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 6efd294c9e6d48ee2d864e2066c4ef08858f0aa4 php7.3-xml_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 0b41c6c0afe376f44f046ebb20c0fa99f5c8bf82 php7.3-xmlrpc_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 75f0420d185015f46111db3c408b876a946eb25d php7.3-xsl_7.3.31-1~deb10u7+tuxcare.els2_all.deb c5d68f8bc5db631cd6c9023446e6b9a3fcbfbe3f php7.3-zip_7.3.31-1~deb10u7+tuxcare.els2_amd64.deb 56d97ff12b7dbee23927329ad2ad8b4bab4c69df CLSA-2025:1761577745 TuxCare License Agreement 0 * SECURITY UPDATE: uninitialized-heap vulnerability in tic4x_print_cond function - debian/patches/CVE-2020-35342.patch: Initialize all elements of the condtable array to fix uninitialized heap memory issue in tic4x_print_cond function - CVE-2020-35342 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: uninitialized-heap vulnerability in tic4x_print_cond function - debian/patches/CVE-2020-35342.patch: Initialize all elements of the condtable array to fix uninitialized heap memory issue in tic4x_print_cond function - CVE-2020-35342

0 tuxcare-debian10-els binutils_2.31.1-16+tuxcare.els4_amd64.deb ddc8c8b30158d4d31d43b5b244809b404a5ebd7c binutils-aarch64-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 491037e9ef6df03a90b728b2a2780fa769d0f840 binutils-alpha-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 08ef744838b05b327b579f80a01c1915695e46bc binutils-arm-linux-gnueabi_2.31.1-16+tuxcare.els4_amd64.deb 0d19fbfcffdee22e02bddb40922845fc15d4dc91 binutils-arm-linux-gnueabihf_2.31.1-16+tuxcare.els4_amd64.deb 564d88d28d811f6a60eeb08dcfca6163df2fa251 binutils-common_2.31.1-16+tuxcare.els4_amd64.deb e28eff71e1f9a22bdecd4bc7f5c2265e28829716 binutils-dev_2.31.1-16+tuxcare.els4_amd64.deb be5f6f5876edeaee6f12f560f2e831f0a2bfe120 binutils-doc_2.31.1-16+tuxcare.els4_all.deb 3d2ef2d57cdb3b18eb446e110b8d8876376ab2a7 binutils-for-build_2.31.1-16+tuxcare.els4_all.deb 1b0d10a33ec8218fbfc3b64dd5250b0760a6ec5c binutils-for-host_2.31.1-16+tuxcare.els4_amd64.deb 7d0ed91177b8b3141474f0a57cf335ad595e4969 binutils-hppa-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 5037c979e376459df7cefed261e1a845ede473e4 binutils-hppa64-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 8567f7f46aae2cef8a247b53d42d367e795cccfb binutils-i686-gnu_2.31.1-16+tuxcare.els4_amd64.deb 04c5d37c7020c44a490b02d4a068407cdf09f3cf binutils-i686-kfreebsd-gnu_2.31.1-16+tuxcare.els4_amd64.deb 662804df901c5966e7cee566b9d63bb215ec29d5 binutils-i686-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb c14f3684102668b1b235a0714c112a127ac81900 binutils-ia64-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 5124ea2bf214a3ab54e2aabfb5fac4b2caac44f9 binutils-m68k-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb ad1463a35af5cf6a49c53eae68e4baff7a9272bf binutils-mips-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb cd31ad87bebdf046250be99a7ac41dd4dc21f7da binutils-mips64el-linux-gnuabi64_2.31.1-16+tuxcare.els4_amd64.deb d3e1b4e6cf8a65ea8fa8679ef9323ee874f02a0d binutils-mipsel-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb f1b63f3d5c0e5f96d7b2e132df482e1d95818888 binutils-multiarch_2.31.1-16+tuxcare.els4_amd64.deb 518f880ecf95a2704f573be46418707ed6fbf331 binutils-multiarch-dev_2.31.1-16+tuxcare.els4_amd64.deb 40bcaa0dafc18cfc0ced9319ccd06b666357c13f binutils-powerpc-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb abfafbf7048d428446afa063758b997b6fde6bba binutils-powerpc-linux-gnuspe_2.31.1-16+tuxcare.els4_amd64.deb ab276c2f54075d0038abbb1578c6b52e249d7573 binutils-powerpc64-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 24a8b6c7c3077e12996255dadd624882dd9f19b4 binutils-powerpc64le-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 91b7c7b7a8813919ab50418444c7c3adc881f9d9 binutils-riscv64-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 03d845a992ec1aab4eb29922cd27ea2980d4ca67 binutils-s390x-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 60fbceb19e37dbe378c517fe125d0d37ca08f344 binutils-sh4-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 1104975ef2a829285b3529dfe1f90a8dfd15c964 binutils-source_2.31.1-16+tuxcare.els4_all.deb 8f2fcc4118568494ca4521c663924d77c2e45e74 binutils-sparc64-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb 00198adb02a218ca276f70ae429807767a6f25cb binutils-x86-64-kfreebsd-gnu_2.31.1-16+tuxcare.els4_amd64.deb ac4a169b2f4f82c9f922cef39a6a24ebcc10f519 binutils-x86-64-linux-gnu_2.31.1-16+tuxcare.els4_amd64.deb e1fb362a6cbe5e55e72ba0fc5c628e5b1524b3b1 binutils-x86-64-linux-gnux32_2.31.1-16+tuxcare.els4_amd64.deb 17b862cad4dcdf83b1d5a45975add76172e10eb0 libbinutils_2.31.1-16+tuxcare.els4_amd64.deb feac8ca92eb10919a95b6fb54ddfbbaa62fbc58e CLSA-2025:1761673667 TuxCare License Agreement 0 * SECURITY UPDATE: insecure privilege dropping vulnerability - debian/patches/CVE-2019-20044-*.patch: improve error handling in setopt command, add OpenSSH-based setresuid/setresgid wrappers, simplify and secure privilege dropping logic, add comprehensive tests for PRIVILEGED option - CVE-2019-20044 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: insecure privilege dropping vulnerability - debian/patches/CVE-2019-20044-*.patch: improve error handling in setopt command, add OpenSSH-based setresuid/setresgid wrappers, simplify and secure privilege dropping logic, add comprehensive tests for PRIVILEGED option - CVE-2019-20044

0 tuxcare-debian10-els zsh_5.7.1-1+deb10u1+tuxcare.els1_amd64.deb bc7022c352b4dfeeaaab2f40872b2c6f57f2a381 zsh-common_5.7.1-1+deb10u1+tuxcare.els1_all.deb 4f20c7a66dd2fde2f36fa38bc9adc03ede4533c6 zsh-dev_5.7.1-1+deb10u1+tuxcare.els1_amd64.deb 27c6bffacec3093ff27abaece2a20c0e486c5bf3 zsh-doc_5.7.1-1+deb10u1+tuxcare.els1_all.deb 128f0a8beeecacb229aca8c806a481754e2738b6 zsh-static_5.7.1-1+deb10u1+tuxcare.els1_amd64.deb d29d9b3c9968d3c0ac03c21af5c27851a9411f21 CLSA-2025:1761744879 TuxCare License Agreement 0 * SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2019-9923.patch: fix a NULL pointer dereference when parsing certain archives that have malformed extended headers in pax_decode_header() in sparse.c - CVE-2019-9923 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2019-9923.patch: fix a NULL pointer dereference when parsing certain archives that have malformed extended headers in pax_decode_header() in sparse.c - CVE-2019-9923

0 tuxcare-debian10-els tar_1.30+dfsg-6+deb10u1+tuxcare.els1_amd64.deb b7ba2b0d3b0300aa921970ed440aa538e7815ca7 tar-scripts_1.30+dfsg-6+deb10u1+tuxcare.els1_amd64.deb 5969dae34a60a03db86fdc96a06356a563a7e607 CLSA-2025:1761744996 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer Over-read because of invalid cursor position after "0;" range - debian/patches/CVE-2022-1927.patch: check the cursor position when it was set by ";" in the range - CVE-2022-1927 * SECURITY UPDATE: Use After Free in spell command - debian/patches/CVE-2022-2042.patch: initialize "attr", check for empty line early - CVE-2022-2042 * SECURITY UPDATE: Out-of-bounds Read when regex pattern starts with illegal byte - debian/patches/CVE-2022-2581.patch: do not match a character with an illegal byte - CVE-2022-2581 * SECURITY UPDATE: Heap-based Buffer Overflow with for loop over NULL string - debian/patches/CVE-2022-2849.patch: make sure mb_ptr2len() consistently returns zero for NUL - CVE-2022-2849 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer Over-read because of invalid cursor position after "0;" range - debian/patches/CVE-2022-1927.patch: check the cursor position when it was set by ";" in the range - CVE-2022-1927 * SECURITY UPDATE: Use After Free in spell command - debian/patches/CVE-2022-2042.patch: initialize "attr", check for empty line early - CVE-2022-2042 * SECURITY UPDATE: Out-of-bounds Read when regex pattern starts with illegal byte - debian/patches/CVE-2022-2581.patch: do not match a character with an illegal byte - CVE-2022-2581 * SECURITY UPDATE: Heap-based Buffer Overflow with for loop over NULL string - debian/patches/CVE-2022-2849.patch: make sure mb_ptr2len() consistently returns zero for NUL - CVE-2022-2849

0 tuxcare-debian10-els vim_8.1.0875-5+deb10u6+tuxcare.els3_amd64.deb 31c38873b108f950becafc12b1445c83acb950b0 vim-athena_8.1.0875-5+deb10u6+tuxcare.els3_amd64.deb 209509ab565e940b5edabf7c2c31a65852430ba6 vim-common_8.1.0875-5+deb10u6+tuxcare.els3_all.deb 7e679dc72ecbc8f9446961bd78ab903176109243 vim-doc_8.1.0875-5+deb10u6+tuxcare.els3_all.deb 5673ccb08f6bbddf9d5aac7f08cbc7a8960fabe6 vim-gtk_8.1.0875-5+deb10u6+tuxcare.els3_amd64.deb f282d4b4f85446a192259dd1c3a291bd1f86eb5e vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els3_amd64.deb 2366cc31225102957182adbf61d8b5e01d42ffe8 vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els3_all.deb 7c5d19ea742e6b5a90059e1d02532bea7528fc0b vim-nox_8.1.0875-5+deb10u6+tuxcare.els3_amd64.deb e8bcb7161d4ff2943b579b2ec2a71093c57a4c41 vim-runtime_8.1.0875-5+deb10u6+tuxcare.els3_all.deb 8bc1b361f38240005fe614b542ed89cc77711fe0 vim-tiny_8.1.0875-5+deb10u6+tuxcare.els3_amd64.deb 3a6d73f74307172e07c8c979a3088c88aa10e7da xxd_8.1.0875-5+deb10u6+tuxcare.els3_amd64.deb ed57cadac2e131f0705a883632dd757939fc3a85 CLSA-2025:1761747106 TuxCare License Agreement 0 * SECURITY UPDATE: null pointer dereference in mod_proxy - debian/patches/CVE-2024-38477.patch: validate hostname in modules/proxy/proxy_util.c. Restart from the original URL on reconnect in modules/http2/mod_proxy_http2.c. - CVE-2024-38477 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: null pointer dereference in mod_proxy - debian/patches/CVE-2024-38477.patch: validate hostname in modules/proxy/proxy_util.c. Restart from the original URL on reconnect in modules/http2/mod_proxy_http2.c. - CVE-2024-38477

0 tuxcare-debian10-els apache2_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb d83e4564fc823504bdeba508d2019eaeba290fb3 apache2-bin_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb 246e02afdd5946df6c2fe12d53051eb5e4a15342 apache2-data_2.4.59-1~deb10u1+tuxcare.els3_all.deb 3ee2d1d74a9695141e75e9545066f859a7a54342 apache2-dev_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb dd87ce92ea3d426433c572e334b4ec6386ea2b9c apache2-doc_2.4.59-1~deb10u1+tuxcare.els3_all.deb 78c4eab1978adec52c7852492151c2637df0050c apache2-ssl-dev_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb cf1694d0862bc5edfb5de855bbe4f6da573ec7a4 apache2-suexec-custom_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb 51d40dc91bc5335bafbff5da74cbd57426aeeba8 apache2-suexec-pristine_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb 541d091b57ed8de95aa8ae8f7c43ec603119d01b apache2-utils_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb f6b89ecf4f9be6078c80ae87062a762c2fa054cf libapache2-mod-md_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb 5507831b6565f403131645702831a2c8186b4389 libapache2-mod-proxy-uwsgi_2.4.59-1~deb10u1+tuxcare.els3_amd64.deb 55fddff6effef7bb7dc3b3b8845f8ba2fe0501e8 CLSA-2025:1761844758 TuxCare License Agreement 0 * SECURITY UPDATE: out-of-bounds stack write flaw in 64-bit architectures - debian/patches/CVE-2024-1013.patch: Fix incompatible pointer-to-integer types causing out-of-bounds stack writes on 64-bit architectures - CVE-2024-1013 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: out-of-bounds stack write flaw in 64-bit architectures - debian/patches/CVE-2024-1013.patch: Fix incompatible pointer-to-integer types causing out-of-bounds stack writes on 64-bit architectures - CVE-2024-1013

0 tuxcare-debian10-els libodbc1_2.3.6-0.1+tuxcare.els1_amd64.deb 68c1064f9a63341da089509dd47234e80f52ffc3 odbcinst_2.3.6-0.1+tuxcare.els1_amd64.deb 08040910fcc60e9ff77afdff8aa76fddb2124783 odbcinst1debian2_2.3.6-0.1+tuxcare.els1_amd64.deb 79b6231f08cca2a94bc2b504c82ab64c6f6ef83d unixodbc_2.3.6-0.1+tuxcare.els1_amd64.deb 85dbd3a4d78a8406301fc6dae693c9e5809f91dc unixodbc-dev_2.3.6-0.1+tuxcare.els1_amd64.deb 9379243fe64165c9a4bff107b98f365ac0a5d9f7 CLSA-2025:1761847256 TuxCare License Agreement 0 * SECURITY UPDATE: multiple vulnerabilities in vms-alpha.c parse_module - debian/patches/CVE-2022-47673_CVE-2023-25584-*.patch: fix null pointer dereference in parse_module by adding return value checking for bfd_zalloc calls, fix potential out of bounds memory access in DST record parsing loop - CVE-2022-47673, CVE-2023-25584 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: multiple vulnerabilities in vms-alpha.c parse_module - debian/patches/CVE-2022-47673_CVE-2023-25584-*.patch: fix null pointer dereference in parse_module by adding return value checking for bfd_zalloc calls, fix potential out of bounds memory access in DST record parsing loop - CVE-2022-47673, CVE-2023-25584

0 tuxcare-debian10-els binutils_2.31.1-16+tuxcare.els5_amd64.deb f6a73cd95969afae0d3d21e417e22a96e2d69e77 binutils-aarch64-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb cb465f93dca7328cdc651274691c170980f44ec7 binutils-alpha-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb b4ea31ac5805feddac60f224631189ca33ef70e8 binutils-arm-linux-gnueabi_2.31.1-16+tuxcare.els5_amd64.deb ea0592912a676156f289b85576f0f47c8949facd binutils-arm-linux-gnueabihf_2.31.1-16+tuxcare.els5_amd64.deb 4c7f1376ceda4d6c5ebc57d8122a77c8d4a211a3 binutils-common_2.31.1-16+tuxcare.els5_amd64.deb c29c7b004bbf03408aed92bfaf02aa7b6a55ac37 binutils-dev_2.31.1-16+tuxcare.els5_amd64.deb d0f0ba274c7d00f388709a42d449b658f9dbfe06 binutils-doc_2.31.1-16+tuxcare.els5_all.deb 35f8a7acb254ffd4281b2bcc3c9d6531171de473 binutils-for-build_2.31.1-16+tuxcare.els5_all.deb 85797276219a5909e3c9c4ed12ca7d76f952466c binutils-for-host_2.31.1-16+tuxcare.els5_amd64.deb 38a72144c8bfce5ef82988bc052bfae91d363e35 binutils-hppa-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 8c52e352894141eaf9e7826783e8ae2458e2bfb1 binutils-hppa64-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 9cd633f16f82c4296761ed4e64736c018094b96a binutils-i686-gnu_2.31.1-16+tuxcare.els5_amd64.deb faf4091383692c402e10ad9763bee8345ea7e02b binutils-i686-kfreebsd-gnu_2.31.1-16+tuxcare.els5_amd64.deb bcbec67a4818ae8c1d0d3c35199401037c454ebe binutils-i686-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 45bf44c04a2611b9fe0340a49da6e9c318673cf0 binutils-ia64-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb f45b20b188baa4f27d9b0edcd9b643882758eb60 binutils-m68k-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 267242036edeca80b8a519ece047fc9beaa42ff8 binutils-mips-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb b52544e1b754ea46b6325e19d0eec4f61cfb1062 binutils-mips64el-linux-gnuabi64_2.31.1-16+tuxcare.els5_amd64.deb 099f2cbafd8435b3fbc13f5aee53df2b522b2e76 binutils-mipsel-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 3c0d152fd8b8bfb4af75d5ac2d960447273e40cd binutils-multiarch_2.31.1-16+tuxcare.els5_amd64.deb 3c6a1bb94cedd5518a8ffbd08a90056bf2dcc59e binutils-multiarch-dev_2.31.1-16+tuxcare.els5_amd64.deb 68c7cd21b21763e37df33a764803dc0e3ce99db6 binutils-powerpc-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 13238e8dc607c400f8a69a17512537ef31502a78 binutils-powerpc-linux-gnuspe_2.31.1-16+tuxcare.els5_amd64.deb 29ab1431b01ffd146cf6d353ebebcad42bb293a1 binutils-powerpc64-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb b010db497eae77080203c95f4b21bb8f9035af1a binutils-powerpc64le-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb d50b97480a08a74dab9736aa3f7f69de767ea654 binutils-riscv64-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 5d58fee744cf5fcac4bc5a107a5c75e99098fde1 binutils-s390x-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 9278c512f96f6fe4fc2f8d149898a3d4721df8d5 binutils-sh4-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 3f8d0823bd803e4e33284297fbdebbdfa820bc22 binutils-source_2.31.1-16+tuxcare.els5_all.deb b164eb7fdae81539f7c9db116c5d8786c324d0e3 binutils-sparc64-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb b31a4f389a7a8b6aa0bf739ed236d9de848b1289 binutils-x86-64-kfreebsd-gnu_2.31.1-16+tuxcare.els5_amd64.deb 90b62d116e6030ff83fa569b78a58781d90bf8db binutils-x86-64-linux-gnu_2.31.1-16+tuxcare.els5_amd64.deb 37fb946ec45e13443439dc3fa6f560951ede5d78 binutils-x86-64-linux-gnux32_2.31.1-16+tuxcare.els5_amd64.deb f7aa47c6b617e83d0880979839f6367b32fc98ea libbinutils_2.31.1-16+tuxcare.els5_amd64.deb 3a0694b14e5bda7dc90505d38febc0ca98f31749 CLSA-2025:1761844638 TuxCare License Agreement 0 * SECURITY UPDATE: excessive cached HTTP response header size causing worker process stall or crash - debian/patches/CVE-2023-5824.patch: Refactor serialized HTTP response header handling to prevent cache flow - CVE-2023-5824 * SECURITY UPDATE: Use-After-Free in the HTTP Collapsed Forwarding Feature - debian/patches/CVE-2023-5824.patch: Removed Use-After-Free during refactor serialized HTTP response header - CVE-2023-49288 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: excessive cached HTTP response header size causing worker process stall or crash - debian/patches/CVE-2023-5824.patch: Refactor serialized HTTP response header handling to prevent cache flow - CVE-2023-5824 * SECURITY UPDATE: Use-After-Free in the HTTP Collapsed Forwarding Feature - debian/patches/CVE-2023-5824.patch: Removed Use-After-Free during refactor serialized HTTP response header - CVE-2023-49288

0 tuxcare-debian10-els squid_4.6-1+deb10u10+tuxcare.els2_amd64.deb 61389a7d8d90e0c2aa552e6af168563d306e8180 squid-cgi_4.6-1+deb10u10+tuxcare.els2_amd64.deb 049bf2f62618327e6af0aafdcd85d199ecaa6530 squid-common_4.6-1+deb10u10+tuxcare.els2_all.deb 77a0b018cd96d82672259c29fcb1ee9991d408e7 squid-purge_4.6-1+deb10u10+tuxcare.els2_amd64.deb 9b7eb9d08a392679a227e4585c489e4486660f06 squid3_4.6-1+deb10u10+tuxcare.els2_all.deb 969e9b17da22c7ad343e60467ae66c757241d70f squidclient_4.6-1+deb10u10+tuxcare.els2_amd64.deb a026e9e0418d7c87ca49311681d3508ce5c5977e CLSA-2025:1761845210 TuxCare License Agreement 0 * SECURITY UPDATE: Heap-based Buffer Overflow - debian/patches/CVE-2022-1733.patch: Check for NUL to prevent reading past end of the line when C-indenting - CVE-2022-1733 * SECURITY UPDATE: Use After Free - debian/patches/CVE-2022-1796.patch: Fix accessing freed memory when line is flushed by making a copy of the search pattern - CVE-2022-1796 * SECURITY UPDATE: Heap-based Buffer Overflow - debian/patches/CVE-2022-1886.patch: Check the length is more than zero to fix access before start of text with a put command - CVE-2022-1886 * SECURITY UPDATE: Use After Free - debian/patches/CVE-2022-3016.patch: Return QF_ABORT when location list changed in autocmd - CVE-2022-3016 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap-based Buffer Overflow - debian/patches/CVE-2022-1733.patch: Check for NUL to prevent reading past end of the line when C-indenting - CVE-2022-1733 * SECURITY UPDATE: Use After Free - debian/patches/CVE-2022-1796.patch: Fix accessing freed memory when line is flushed by making a copy of the search pattern - CVE-2022-1796 * SECURITY UPDATE: Heap-based Buffer Overflow - debian/patches/CVE-2022-1886.patch: Check the length is more than zero to fix access before start of text with a put command - CVE-2022-1886 * SECURITY UPDATE: Use After Free - debian/patches/CVE-2022-3016.patch: Return QF_ABORT when location list changed in autocmd - CVE-2022-3016

0 tuxcare-debian10-els vim_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb c10968f2f1b7dabe40eedbf0de59161e805a4e73 vim-athena_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb fce7d20bf450c4140acb7d9944b3afa45d17f817 vim-common_8.1.0875-5+deb10u6+tuxcare.els5_all.deb 4f4f9ea66a32349a2639c07c1816f371fee1a441 vim-doc_8.1.0875-5+deb10u6+tuxcare.els5_all.deb 352378dd7bad30e6b01f32a44960d3fc53dc5f48 vim-gtk_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb 8157c9b930756f562a98b786bfc228399b14833b vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb 3d1549ce192466a9518e1bbd7a1a8433614bd6f1 vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els5_all.deb 35c0896361ce9ebbfbf6c1ca92df5c5bb96a1d94 vim-nox_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb 6004aaca43fbf2fa55a0b926b2dfc41f17e4ebba vim-runtime_8.1.0875-5+deb10u6+tuxcare.els5_all.deb 33f48e14361be0127e4da02495fa93e358228a2e vim-tiny_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb 472b9e20221f48ac388524440a684e63f5315d39 xxd_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb b511091b79ac5f02d54230f9f24ec7c4ccd58405 CLSA-2025:1761844489 TuxCare License Agreement 0 * SECURITY UPDATE: multiple vulnerabilities in AWK implementation - debian/patches/CVE-2021-423xx-awk.patch: fix issues with argument parsing, delete statement validation, length() parsing, post-increment/decrement on literals, expression handling, regex splitting, use-after-realloc, and maxfields underflow - CVE-2021-42378 - CVE-2021-42379 - CVE-2021-42380 - CVE-2021-42381 - CVE-2021-42382 - CVE-2021-42384 - CVE-2021-42385 - CVE-2021-42386 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: multiple vulnerabilities in AWK implementation - debian/patches/CVE-2021-423xx-awk.patch: fix issues with argument parsing, delete statement validation, length() parsing, post-increment/decrement on literals, expression handling, regex splitting, use-after-realloc, and maxfields underflow - CVE-2021-42378 - CVE-2021-42379 - CVE-2021-42380 - CVE-2021-42381 - CVE-2021-42382 - CVE-2021-42384 - CVE-2021-42385 - CVE-2021-42386

0 tuxcare-debian10-els busybox_1.30.1-4+tuxcare.els2_amd64.deb cebd3f054c0eefa7aa908fde674142980f2da377 busybox-static_1.30.1-4+tuxcare.els2_amd64.deb d3df845c8cd0685742c848387e6fad0bcda2222b busybox-syslogd_1.30.1-4+tuxcare.els2_all.deb ccea7d3441d296c28e5e2caf1e53cd24d0f1f5f0 udhcpc_1.30.1-4+tuxcare.els2_amd64.deb d74ad862be831bd7aa7210d6fccd7dce0b26e69e udhcpd_1.30.1-4+tuxcare.els2_amd64.deb 03720af70c72cc3b8c85c353864aade307bf5375 CLSA-2025:1761849390 TuxCare License Agreement 0 * SECURITY UPDATE: denial of service via bfd_mach_o_get_synthetic_symtab in match-o.c - debian/patches/CVE-2022-47695.patch: Fix segmentation fault in compare_symbols function by excluding section and synthetic symbols before checking symbol flags - CVE-2022-47695 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: denial of service via bfd_mach_o_get_synthetic_symtab in match-o.c - debian/patches/CVE-2022-47695.patch: Fix segmentation fault in compare_symbols function by excluding section and synthetic symbols before checking symbol flags - CVE-2022-47695

0 tuxcare-debian10-els binutils_2.31.1-16+tuxcare.els6_amd64.deb 81fef4985e1339852dff6d4c1d64d569f90b3a35 binutils-aarch64-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb e22bc4757b5643576a5808396da1b7a09894580f binutils-alpha-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 05af9333fdfe16e7df7f787cb43a0f3bfda5cfd5 binutils-arm-linux-gnueabi_2.31.1-16+tuxcare.els6_amd64.deb 1ad5ec7f0e7b766a5df59bc0a0ab122c11ca322d binutils-arm-linux-gnueabihf_2.31.1-16+tuxcare.els6_amd64.deb ecf958e265665ec0050e6c315b70d53d62a495e2 binutils-common_2.31.1-16+tuxcare.els6_amd64.deb 244f8bbf948a8874b42e6a6f5273395bf2e2e98b binutils-dev_2.31.1-16+tuxcare.els6_amd64.deb 4d43fef93dec7a48d233079c71cb98d71a376e39 binutils-doc_2.31.1-16+tuxcare.els6_all.deb b33cbb433ec3a30384c7a5b14dc54d17ab9d295f binutils-for-build_2.31.1-16+tuxcare.els6_all.deb 9479180e2beb43d81149435322b0966701ab2ee1 binutils-for-host_2.31.1-16+tuxcare.els6_amd64.deb dc3d678c93ea5d4cc37cd55f194cb3167d1763b2 binutils-hppa-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 1b8109c7499996c9a1e15911eca3e19a7299ddc5 binutils-hppa64-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb b24bb7b733caeb9a0d79f26812489c8b535e69e5 binutils-i686-gnu_2.31.1-16+tuxcare.els6_amd64.deb 8c6e1deeadd3c465578cc7d70493cd80554c4b1c binutils-i686-kfreebsd-gnu_2.31.1-16+tuxcare.els6_amd64.deb 82981d14c140f61be95591f19885dc49c44ec669 binutils-i686-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 1bd97cd31ce13db8203f132baaf1bd7813c94041 binutils-ia64-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb a4dbf8916d1997d86b2661877aac084765bc5a3c binutils-m68k-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb a8553cdcd04db374d60243b90a88249f46b6b8a9 binutils-mips-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 77f8b55d1bd5529d16c7914dec2ba6bdfffc39cc binutils-mips64el-linux-gnuabi64_2.31.1-16+tuxcare.els6_amd64.deb 30eb011f8fe888787a61500a2839a852b58f1426 binutils-mipsel-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 6616d8d5db38e234b5628bbb405fae25478db2da binutils-multiarch_2.31.1-16+tuxcare.els6_amd64.deb 59b3824d81e31e5d82b7c795ffd57c4dca4dcfef binutils-multiarch-dev_2.31.1-16+tuxcare.els6_amd64.deb d26495e405a4833663ac5f46f42252bfebed279e binutils-powerpc-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 46f82fac2d08297d61779d35458c561f44c58219 binutils-powerpc-linux-gnuspe_2.31.1-16+tuxcare.els6_amd64.deb 515b1672d94a5b8157e684d1082ec6154ec094e1 binutils-powerpc64-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 7736c9ac19ba21054328822c5617fdd6af4ca5e0 binutils-powerpc64le-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb aad9d99966e2d24faec85d67a61be06e05bf8277 binutils-riscv64-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 72a95f5593680866979dcd7301feb9aaa709f4a6 binutils-s390x-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 4587c40292cd1ead917ec7d37ad7f71a0f2fb703 binutils-sh4-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 016c9c7e8704899e0a367f1e2b2c37752f313fa4 binutils-source_2.31.1-16+tuxcare.els6_all.deb 422b4d545228adba535b5dda73582c84880fd13f binutils-sparc64-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb 7d42d22df72fc8325ca9d8103b6ff7b04938245b binutils-x86-64-kfreebsd-gnu_2.31.1-16+tuxcare.els6_amd64.deb ef01587dd37f50f8e4133f6a9cf4a63302ff51fc binutils-x86-64-linux-gnu_2.31.1-16+tuxcare.els6_amd64.deb b653b4a4b718e171b4c87faa6a848755549b10d2 binutils-x86-64-linux-gnux32_2.31.1-16+tuxcare.els6_amd64.deb 39ef8f2e272ddc12b85e6b47b4680d3d8ff8d1c3 libbinutils_2.31.1-16+tuxcare.els6_amd64.deb 04a6045e34dd23366ee4ad6fa91a613bf6e85a70 CLSA-2025:1761901881 TuxCare License Agreement 0 * SECURITY UPDATE: template injection allows code injection through specially crafted files - debian/patches/CVE-2023-5764.patch: avoid evaluate unsafe conditions - debian/patches/CVE-2023-5764-ext-tests.patch: addional tests - CVE-2023-5764 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: template injection allows code injection through specially crafted files - debian/patches/CVE-2023-5764.patch: avoid evaluate unsafe conditions - debian/patches/CVE-2023-5764-ext-tests.patch: addional tests - CVE-2023-5764

0 tuxcare-debian10-els ansible_2.7.7+dfsg-1+deb10u2+tuxcare.els1_all.deb ed3906d28cc0ff2d21aaf707016fdc6f500160ab ansible-doc_2.7.7+dfsg-1+deb10u2+tuxcare.els1_all.deb 092601992ad0beb626940886c6642d9254b548c3 CLSA-2025:1761902260 TuxCare License Agreement 0 * SECURITY UPDATE: Improper restriction of XML External Entity Reference - debian/patches/CVE-2024-45490.patch: Reject negative len for XML_ParseBuffer - CVE-2024-45490 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improper restriction of XML External Entity Reference - debian/patches/CVE-2024-45490.patch: Reject negative len for XML_ParseBuffer - CVE-2024-45490

0 tuxcare-debian10-els expat_2.2.6-2+deb10u7+tuxcare.els1_amd64.deb 4f6f361b7ef530ded217effc9418772f66d6de06 libexpat1_2.2.6-2+deb10u7+tuxcare.els1_amd64.deb d976efa3d746078b0d9c9267cb1eb11c9caccbb8 libexpat1-dev_2.2.6-2+deb10u7+tuxcare.els1_amd64.deb ec4c268c4b883b1ed4a1f5b5005a134ca79ec346 CLSA-2025:1762180511 TuxCare License Agreement 0 * SECURITY UPDATE: fix integer overflow in libbfd - debian/patches/CVE-2025-1000876.patch: Add overflow checks to prevent potential memory allocation issues from integer overflow - CVE-2025-1000876 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix integer overflow in libbfd - debian/patches/CVE-2025-1000876.patch: Add overflow checks to prevent potential memory allocation issues from integer overflow - CVE-2025-1000876

0 tuxcare-debian10-els binutils_2.31.1-16+tuxcare.els8_amd64.deb 194fc09b28e2899d08730e4f8723a4a7d12e0515 binutils-aarch64-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb b74b68b7bc81d147eafcd3b099024b1757a8e15a binutils-alpha-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb f8993fddb93bb041b61a29b9cbe90b4b7e022ba5 binutils-arm-linux-gnueabi_2.31.1-16+tuxcare.els8_amd64.deb 7041a4ed7d27a4ebb492c27eda2083df0563b7e5 binutils-arm-linux-gnueabihf_2.31.1-16+tuxcare.els8_amd64.deb 749c75345985dffdc9ae52278e0f06c22eb9e08c binutils-common_2.31.1-16+tuxcare.els8_amd64.deb 192fc34978512b09d494ed733f9f84aeca98f629 binutils-dev_2.31.1-16+tuxcare.els8_amd64.deb cdb6cd2b1fc822892942ed48d4ea40d69a9db8be binutils-doc_2.31.1-16+tuxcare.els8_all.deb 953e1eef26fd5499f84a4752d1e890f732ed2e82 binutils-for-build_2.31.1-16+tuxcare.els8_all.deb 2ac928c5ca5a94f9b94349c82e6d206057cc9c05 binutils-for-host_2.31.1-16+tuxcare.els8_amd64.deb fe634b6949ed63b93e493fc207c3d3174b5c56ec binutils-hppa-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb adfa57fb15541330967a5dd9a8d6dc11d472a3cc binutils-hppa64-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb a87be92fa1a10c1a1d619dbfe812c43dcd75d221 binutils-i686-gnu_2.31.1-16+tuxcare.els8_amd64.deb 7a29def849471b3c98d10463134a7cec56161489 binutils-i686-kfreebsd-gnu_2.31.1-16+tuxcare.els8_amd64.deb 42f6ca0557d30476627f8cec674dd2f5deefe28c binutils-i686-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb 4b3b56a98634a7d8e81bb091c856d2821bc657a4 binutils-ia64-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb e9ef0be2f6fd0279306a5401530ea860099bf920 binutils-m68k-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb c81461c89a135cd709c7e856e9d6cd207b63833c binutils-mips-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb 45c3146b2f19acc006cf4e6607ea6811d35c55ff binutils-mips64el-linux-gnuabi64_2.31.1-16+tuxcare.els8_amd64.deb ab30f7c19112763763f0cebd495a4b36d8b3b7da binutils-mipsel-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb 6137dd21f224baad879017f21f7a8fe8b2f00fa4 binutils-multiarch_2.31.1-16+tuxcare.els8_amd64.deb da1187cff1abc1c3e31658646f6818144b982215 binutils-multiarch-dev_2.31.1-16+tuxcare.els8_amd64.deb 850fc9a03e287361cfa2c94f2dd85b2011cbfdd7 binutils-powerpc-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb 5e27874d05511b9ccbe163145e943d37674644d2 binutils-powerpc-linux-gnuspe_2.31.1-16+tuxcare.els8_amd64.deb 26b623ae1b670779024de0a409a8c10a1e25dc09 binutils-powerpc64-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb d9eb75f90f92ab2414ab62bcdaf504e0b27662b1 binutils-powerpc64le-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb 9ac0c4f5ea00e381b4c80fc09841a33fdc2737d5 binutils-riscv64-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb 3f6a56f95a602c38d694b2f35909e639d0d862e5 binutils-s390x-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb a27c3b84439c67181982d85d7df2dd34a32c9804 binutils-sh4-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb 93956fd4c0bdba537f63c259c84a106146a0433f binutils-source_2.31.1-16+tuxcare.els8_all.deb 0d85854d10469c07d6f8ef7e6d315503d1b20ea7 binutils-sparc64-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb c59b7f7dfe5824658b96b01839e9abe32ff46b3c binutils-x86-64-kfreebsd-gnu_2.31.1-16+tuxcare.els8_amd64.deb d7b7fb350d86128189f5f3fa93b753403d8874dd binutils-x86-64-linux-gnu_2.31.1-16+tuxcare.els8_amd64.deb 24a176b9c5a825aec2cc4c1dc4cfc465a58ca45f binutils-x86-64-linux-gnux32_2.31.1-16+tuxcare.els8_amd64.deb 006c24eae852ee3e544191321d7531f3fc5209f2 libbinutils_2.31.1-16+tuxcare.els8_amd64.deb 7cfc63e202f603480477c5a5a1c06bb1d6595130 CLSA-2025:1762180717 TuxCare License Agreement 0 * SECURITY UPDATE: Reading past end of completion with a long line and 'infercase' set - debian/patches/CVE-2022-2343.patch: Allocate the string if needed - CVE-2022-2343 * SECURITY UPDATE: Accessing uninitialized memory when completing long line - debian/patches/CVE-2022-2522.patch: Terminate string with NUL. - CVE-2022-2522 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Reading past end of completion with a long line and 'infercase' set - debian/patches/CVE-2022-2343.patch: Allocate the string if needed - CVE-2022-2343 * SECURITY UPDATE: Accessing uninitialized memory when completing long line - debian/patches/CVE-2022-2522.patch: Terminate string with NUL. - CVE-2022-2522

0 tuxcare-debian10-els vim_8.1.0875-5+deb10u6+tuxcare.els9_amd64.deb 62805de622d7b4c9352a43b6f9da0ac255fea2fc vim-athena_8.1.0875-5+deb10u6+tuxcare.els9_amd64.deb a14386745aa39e945d5e2545d65a6ed1c99e8f56 vim-common_8.1.0875-5+deb10u6+tuxcare.els9_all.deb e044e65afef89ba2637fbf8d354122d14a7d59cc vim-doc_8.1.0875-5+deb10u6+tuxcare.els9_all.deb 68f7997aa45e2b5ffe3e452be8f9c5bcaad02418 vim-gtk_8.1.0875-5+deb10u6+tuxcare.els9_amd64.deb 11c97cf73683a403dff8cf26941b1e8e964036cb vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els9_amd64.deb f95c642d5c5b2a23391eec611ea9d54270053965 vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els9_all.deb a912ad97629bcbd85bf430a52b2523d0898120e3 vim-nox_8.1.0875-5+deb10u6+tuxcare.els9_amd64.deb 2569ae6adea94b40812f2b139c2fbfdebf90c30d vim-runtime_8.1.0875-5+deb10u6+tuxcare.els9_all.deb 10a72e9ae4c9d190e7312e1db69e07ff77386ee1 vim-tiny_8.1.0875-5+deb10u6+tuxcare.els9_amd64.deb b26a807cf8a772d2b861090fc73d482ab2b546d9 xxd_8.1.0875-5+deb10u6+tuxcare.els9_amd64.deb b4c8c4c0ab9c4805b9d12cb2adb824d740be6ac3 CLSA-2025:1762269073 TuxCare License Agreement 0 * SECURITY UPDATE: missing SSL certificate validation vulnerability in wget - debian/patches/CVE-2018-1000500-1.patch: implement TLS verification with CENABLE_FEATURE_WGET_OPENSSL - debian/patches/CVE 2018-1000500-2.patch: fix openssl options for cert verification - CVE-2018-1000500 * SECURITY UPDATE: escape sequence injection attack - debian/patches/CVE-2022-28391-1.patch: sockaddr2str: ensure only printable characters are returned for the hostname part - debian/patches/CVE-2022-28391-2.patch: nslookup: sanitize all printed strings - CVE-2022-28391 * SECURITY UPDATE: directory traversal vulnerability in CPIO command - debian/patches/CVE-2023-39810.patch: archival: disallow path traversals - debian/config/pkg/*: regenerate to add the new FEATURE_PATH_TRAVERSAL_PROTECTION option - CVE-2023-39810 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: missing SSL certificate validation vulnerability in wget - debian/patches/CVE-2018-1000500-1.patch: implement TLS verification with CENABLE_FEATURE_WGET_OPENSSL - debian/patches/CVE 2018-1000500-2.patch: fix openssl options for cert verification - CVE-2018-1000500 * SECURITY UPDATE: escape sequence injection attack - debian/patches/CVE-2022-28391-1.patch: sockaddr2str: ensure only printable characters are returned for the hostname part - debian/patches/CVE-2022-28391-2.patch: nslookup: sanitize all printed strings - CVE-2022-28391 * SECURITY UPDATE: directory traversal vulnerability in CPIO command - debian/patches/CVE-2023-39810.patch: archival: disallow path traversals - debian/config/pkg/*: regenerate to add the new FEATURE_PATH_TRAVERSAL_PROTECTION option - CVE-2023-39810

0 tuxcare-debian10-els busybox_1.30.1-4+tuxcare.els3_amd64.deb 21a2ce52c43b99e8c54e0664eb281f404b686d96 busybox-static_1.30.1-4+tuxcare.els3_amd64.deb 78dd776d8c94616d646705a43d2bd66a54fdb77b busybox-syslogd_1.30.1-4+tuxcare.els3_all.deb b285d1fcf1db417003615ff4b836ff3175a3202a udhcpc_1.30.1-4+tuxcare.els3_amd64.deb 5fb6ffe2b094e54743bbcec262c10cbd0b469dc5 udhcpd_1.30.1-4+tuxcare.els3_amd64.deb ebc00a2736308db32cd17044925db8a5a6a0158d CLSA-2025:1762337525 TuxCare License Agreement 0 * SECURITY UPDATE: integer overflow in PAC parsing - debian/patches/CVE-2022-42898.patch: catch overflows that result from adding PAC_INFO_BUFFER_SIZE - CVE-2022-42898 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: integer overflow in PAC parsing - debian/patches/CVE-2022-42898.patch: catch overflows that result from adding PAC_INFO_BUFFER_SIZE - CVE-2022-42898

0 tuxcare-debian10-els ctdb_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb 4453572161441016e2a8bbacc0082401b32f8702 libnss-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb d86eea85d6446fbd950633c1c3fa0a0c2d93235f libpam-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb e096089cb491b2bc0a1eaf84afa1741732ffa648 libsmbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb 18303382c58f16113dfbdc155e2db0305f165d2d libsmbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb ce852c1c1ea2c872a54692505abd12cc4afac753 libwbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb 6867308481add7d79f1dc7a0bcd21e4a8b63c9af libwbclient0_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb d9199c8884e368ebd662ae1e7857e14c33b74365 python-samba_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb ea59e1fd8e98793a8ccb61a474ab02d23de543f6 registry-tools_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb ba39e96d60cff7ab473d88c3fa3f0d18a5e5f548 samba_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb 1b5fde8d3599450da37f0a6622fa7f47278409ad samba-common_4.9.5+dfsg-5+deb10u5+tuxcare.els2_all.deb 2c95bd35994858b1f834ccae21bf5c9a20741e49 samba-common-bin_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb 4366dfc6846b83a9b8614d07d7389405cf4739cf samba-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb bc6ea9f0528b2e36e5bd7b8f475fe69aff5f5809 samba-dsdb-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb f30778b4c3cba818987450d8dc97db9d08a77e21 samba-libs_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb d0295bd0704ea501401315c81795abb51cfbf473 samba-testsuite_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb ffe1be51b2e54d94d13eca42093147d1f6c6fcec samba-vfs-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb 146c11e4012b9a6e658c868aac5d7a9af79c5b5a smbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb 5d84167242d4bb8607d07753ac515a3e94cb9555 winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els2_amd64.deb ba85647bc79d83bbb3b82c131a511e819fbb2b5b CLSA-2025:1762419767 TuxCare License Agreement 0 * SECURITY UPDATE: Stack-based Buffer Overflow with unexpected :finally - debian/patches/CVE-2022-3296.patch: check CSF_TRY can be found - CVE-2022-3296 * Fix Test_terminal_noblock() - debian/patches/fix-flaky-terminal-noblock-test.patch Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Stack-based Buffer Overflow with unexpected :finally - debian/patches/CVE-2022-3296.patch: check CSF_TRY can be found - CVE-2022-3296 * Fix Test_terminal_noblock() - debian/patches/fix-flaky-terminal-noblock-test.patch

0 tuxcare-debian10-els vim_8.1.0875-5+deb10u6+tuxcare.els13_amd64.deb 10eb34ce7f351d5aac2dbbf06a921bb1848d4910 vim-athena_8.1.0875-5+deb10u6+tuxcare.els13_amd64.deb 10d5ccd5d68d66698bca8d1052de3f1ebb5a560e vim-common_8.1.0875-5+deb10u6+tuxcare.els13_all.deb 3fd197a254d075b1c9fc72b5ad73b8d22461d1be vim-doc_8.1.0875-5+deb10u6+tuxcare.els13_all.deb 77f0fd717e4eafa9a73106be0bfbf46b7ec6ed2e vim-gtk_8.1.0875-5+deb10u6+tuxcare.els13_amd64.deb e15a4ab0927719375830788b5d8cd283ce63e9c2 vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els13_amd64.deb e37a962e12f753ffe69ecaed3d0a7ef1cbdc17e1 vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els13_all.deb eddeebc73b8291025f03f1f35c2881f3db843d54 vim-nox_8.1.0875-5+deb10u6+tuxcare.els13_amd64.deb fc3f7d1e9172861fd169a7c93fbdcd9f11985dc5 vim-runtime_8.1.0875-5+deb10u6+tuxcare.els13_all.deb 66b7c359f80af685a915a4d4be8ccc8baea5cf57 vim-tiny_8.1.0875-5+deb10u6+tuxcare.els13_amd64.deb 29f1f403a35cbe6c8a3208220df23691c1c17e4c xxd_8.1.0875-5+deb10u6+tuxcare.els13_amd64.deb 1a88c9784d6422970d449497f5d1ece3c64e7f0f CLSA-2025:1762449077 TuxCare License Agreement 0 * SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Overwrite a local file - debian/patches/CVE-2023-30630.patch: Prevent --dump-bin from overwriting local files to address privilege escalation vulnerability - CVE-2023-30630

0 tuxcare-debian10-els dmidecode_3.2-1+tuxcare.els1_amd64.deb 84898ae8ad5cca40c6603b6dea05ece6fb159aa8 CLSA-2025:1762537520 TuxCare License Agreement 0 * SECURITY UPDATE: The DNS message parsing code in `named` includes a section whose computational complexity is overly high - debian/patches/CVE-2023-4408.patch: refactoring parsing code - debian/patches/CVE-2023-4408-1.patch: fix DNSSEC test suite - debian/libdns1100.symbols: some function declarations were removed according to the CVE-2023-4408.patch - CVE-2023-4408 * Add patch for enabling automated testing Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: The DNS message parsing code in `named` includes a section whose computational complexity is overly high - debian/patches/CVE-2023-4408.patch: refactoring parsing code - debian/patches/CVE-2023-4408-1.patch: fix DNSSEC test suite - debian/libdns1100.symbols: some function declarations were removed according to the CVE-2023-4408.patch - CVE-2023-4408 * Add patch for enabling automated testing

0 tuxcare-debian10-els bind9_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 0fd9141e9737206a7c1b8d87cf5073689656a188 bind9-doc_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_all.deb af56ebc5040a4ae3a47b03c807860b7a589b47b3 bind9-host_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 50368ab48b0b59e4694660800f659cb7eab73738 bind9utils_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 7bc79d1fc034beeb3067a3806477608e2bb02444 dnsutils_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 6e70bc56bb3498227b755355bdddfb69f1f434d2 libbind-dev_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb ec9dcd4fbe8d54a2cf0365f787e0e5ce8f05076e libbind-export-dev_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 475974d613e6b06e66e5a6cfe6fcf98af1e8b131 libbind9-161_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb bbf3ea3db0223365eaa081b98aee811ef1b7b027 libdns-export1104_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 93cbd0ae2e86bc1a76950258113f0e4569ddcc0f libdns1104_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 9fddcfc2a2c819267b9969d57dc72ece39c1af23 libirs-export161_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 010cb6a17e0ef9fd90b8d47478494bc9b5ea06d5 libirs161_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 0be55119f9518a796006b85bcc33cf92163b3a4e libisc-export1100_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb a7e705bfe2ce17dcb5d8c65f48d3816f1b9db776 libisc1100_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 73f6e4ce54a8221546c316b421fd37de01ff1e74 libisccc-export161_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 7d24cd52442f96d1309e8e05edcbe92e444f6329 libisccc161_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 12cfa649cb759463999260a62275c7b1830acac8 libisccfg-export163_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb 9fb29a110d2120fd43a040f5a9ef6464dfbae393 libisccfg163_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb c57846214c7b4bfdb4383600cfdb5d46c6af9c91 liblwres161_9.11.5.P4+dfsg-5.1+deb10u11+tuxcare.els1_amd64.deb c95edae68ad9943e13ffce917323e9c6b343778c CLSA-2025:1762540530 TuxCare License Agreement 0 * SECURITY UPDATE: DNS string buffer overflow - debian/patches/CVE-2020-10745.patch: add input validation to prevent buffer overflows when handling DNS/NBT names with consecutive dots or exceeding RFC 1035 255-byte limit. The fix enforces proper bounds checking and component length validation in ndr_push_dns_string() and ndr_push_nbt_string() functions. - CVE-2020-10745 * SECURITY UPDATE: panic in krb5_pac_parse() - debian/patches/0001-Additional-fix-for-CVE-2022-42898.patch: check pointer for NULL - CVE-2022-42898 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: DNS string buffer overflow - debian/patches/CVE-2020-10745.patch: add input validation to prevent buffer overflows when handling DNS/NBT names with consecutive dots or exceeding RFC 1035 255-byte limit. The fix enforces proper bounds checking and component length validation in ndr_push_dns_string() and ndr_push_nbt_string() functions. - CVE-2020-10745 * SECURITY UPDATE: panic in krb5_pac_parse() - debian/patches/0001-Additional-fix-for-CVE-2022-42898.patch: check pointer for NULL - CVE-2022-42898

0 tuxcare-debian10-els ctdb_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb f001bbada8e562a9f31c30d05aedbc08485925ee libnss-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb d74f0fc9845738de2f6a2f55399ac87af0007702 libpam-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb d9d604a40086b8669961e18a63ef4b74381916cb libsmbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb dec2413c88583f98fc9918474acff01971b6da53 libsmbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb b43bed8471d854be1b2c1395614a55d66ea81bed libwbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 1e537e856113fc669787e7e28bbe07eab140c01a libwbclient0_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 80144999aae3acd623cc00d83eda40382eaa7317 python-samba_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 21dec970918be44289365a24432748c520d1f716 registry-tools_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 6674d7c2fd64e0aabdea27cc118f61b217d88675 samba_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 0bf868b5a8ec1d76af30866eff72f7c7911c8502 samba-common_4.9.5+dfsg-5+deb10u5+tuxcare.els3_all.deb 5b50ee71ea66f73ce8a59278379188e80e0ac445 samba-common-bin_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 3f4e9a98da7ebc7ff77863076ee22b599b1cf2a3 samba-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb e4240310db8b52f3549b4b5516a174a2908f5b6b samba-dsdb-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 4bd5e1c6466a229bd91e449b2fcf2947b46645de samba-libs_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 710a7d1915b71226db35dcf6737b5a98ce4bf9aa samba-testsuite_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 4c9b0fc2ec1242074236a3439af745ddca8c0b66 samba-vfs-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 05b5741e720d8b9145533dca59590fa7af2db05c smbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb 3906ab3dae182ab8a225b4a9b0d59d904040136c winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els3_amd64.deb ddb36176f218cd3a7d3a313187a71ced6e269a21 CLSA-2025:1762783856 TuxCare License Agreement 0 * SECURITY UPDATE: mishandling of semicolons in userinfo - debian/patches/CVE-2024-38428.patch: properly re-implement userinfo parsing in src/url.c. - CVE-2024-38428 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: mishandling of semicolons in userinfo - debian/patches/CVE-2024-38428.patch: properly re-implement userinfo parsing in src/url.c. - CVE-2024-38428

0 tuxcare-debian10-els wget_1.20.1-1.1+tuxcare.els1_amd64.deb 9813bfb854b2b9da2cbf66b5b85589d4852dc9f2 CLSA-2025:1762800667 TuxCare License Agreement 0 * SECURITY UPDATE: Unsafe chown/chmod operations in .service files - debian/patches/CVE-2021-44038.patch: remove chown/chmod commands from the .service files - CVE-2021-44038 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Unsafe chown/chmod operations in .service files - debian/patches/CVE-2021-44038.patch: remove chown/chmod commands from the .service files - CVE-2021-44038

0 tuxcare-debian10-els quagga_1.2.4-3+tuxcare.els1_amd64.deb 9dc8b0e03de5ca6abfcddca7a32db3995c1e51ab quagga-bgpd_1.2.4-3+tuxcare.els1_amd64.deb 4bba6e0587a689acd01aa1bb1ce4f8f843a748e6 quagga-core_1.2.4-3+tuxcare.els1_amd64.deb 90ecf8e3738329953b5845e7458759c62b2ed48f quagga-doc_1.2.4-3+tuxcare.els1_all.deb 050c2250e0c7c004943b44ba8b4a6ba81328ce5f quagga-isisd_1.2.4-3+tuxcare.els1_amd64.deb 348f7885b459beb6cd83bd613bc02191f82303e5 quagga-ospf6d_1.2.4-3+tuxcare.els1_amd64.deb ef25e6387e2ec5f5f9d474191c7f8d147bb9e200 quagga-ospfd_1.2.4-3+tuxcare.els1_amd64.deb 18db80b07e774a685b0ebb62614f6d80b4ab8993 quagga-pimd_1.2.4-3+tuxcare.els1_amd64.deb 56f9fb070c7b563546ffee1402f86030aa8d5200 quagga-ripd_1.2.4-3+tuxcare.els1_amd64.deb d5731ac74341a33c159e1e34f0cc9feef91cf2e5 quagga-ripngd_1.2.4-3+tuxcare.els1_amd64.deb f3bca9015989f63cdafac41bbe75c4d5c40a7970 CLSA-2025:1763023946 TuxCare License Agreement 0 * SECURITY UPDATE: Integer Overflow in g_option_group_add_entries - debian/patches/CVE-2020-35457.patch: goption: add a precondition to avoid GOptionEntry list overflow - CVE-2020-35457 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Integer Overflow in g_option_group_add_entries - debian/patches/CVE-2020-35457.patch: goption: add a precondition to avoid GOptionEntry list overflow - CVE-2020-35457

0 tuxcare-debian10-els libglib2.0-0_2.58.3-2+deb10u6+tuxcare.els1_amd64.deb 191d6bf021f10fefb96ff51711ea6c93d6039d9b libglib2.0-bin_2.58.3-2+deb10u6+tuxcare.els1_amd64.deb 01546448e3206df1d123d8a5fba9d39846a1ea56 libglib2.0-data_2.58.3-2+deb10u6+tuxcare.els1_all.deb 1e5a3f815d76164de7d391e14f2168117f987d8f libglib2.0-dev_2.58.3-2+deb10u6+tuxcare.els1_amd64.deb 07e4cf8af6a0a65bfd288c7fc0b645846af94b06 libglib2.0-dev-bin_2.58.3-2+deb10u6+tuxcare.els1_amd64.deb 7d435571d2b6d71bc0ecbbb87a1c82231c9995e7 libglib2.0-doc_2.58.3-2+deb10u6+tuxcare.els1_all.deb dfb22b7c53a9867a4a7202773ec9f554d385da3b libglib2.0-tests_2.58.3-2+deb10u6+tuxcare.els1_amd64.deb ec045ed241b8c0c683c523160be5e13384dab31c CLSA-2025:1763136711 TuxCare License Agreement 0 * SECURITY UPDATE: malicious remote servers to write arbitrary files inside the directories of connecting peers: - debian/patches/els/0001-CVE-2022-29154.patch: fix insufficient validation of file names. - CVE-2022-29154. * SECURITY UPDATE: path traversal vulnerability. - debian/patches/els/0002-CVE-2024-12087.patch: refuse a duplicate dirlist and range check dir_ndx before use - CVE-2024-12087 * SECURITY UPDATE: rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it: - debian/patches/els/0003-CVE-2024-12088.patch: make --safe-links stricter. - CVE-2024-12088. Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: malicious remote servers to write arbitrary files inside the directories of connecting peers: - debian/patches/els/0001-CVE-2022-29154.patch: fix insufficient validation of file names. - CVE-2022-29154. * SECURITY UPDATE: path traversal vulnerability. - debian/patches/els/0002-CVE-2024-12087.patch: refuse a duplicate dirlist and range check dir_ndx before use - CVE-2024-12087 * SECURITY UPDATE: rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it: - debian/patches/els/0003-CVE-2024-12088.patch: make --safe-links stricter. - CVE-2024-12088.

0 tuxcare-debian10-els rsync_3.1.3-6+tuxcare.els1_amd64.deb ee57d5f92e35c90e1ea8c1bca846f2b20be67419 CLSA-2025:1763418591 TuxCare License Agreement 0 * SECURITY UPDATE: Privilege chaining vulnerability - debian/patches/CVE-2019-3843.patch: introduce functionality for blocking chmod() for suid/sgid files with new unit setting RestrictSUIDSGID= - CVE-2019-3843 * SECURITY UPDATE: Privilege chaining vulnerability - debian/patches/CVE-2019-3844.patch: imply NNP and SUID/SGID restriction for DynamicUser=yes service - CVE-2019-3844 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Privilege chaining vulnerability - debian/patches/CVE-2019-3843.patch: introduce functionality for blocking chmod() for suid/sgid files with new unit setting RestrictSUIDSGID= - CVE-2019-3843 * SECURITY UPDATE: Privilege chaining vulnerability - debian/patches/CVE-2019-3844.patch: imply NNP and SUID/SGID restriction for DynamicUser=yes service - CVE-2019-3844

0 tuxcare-debian10-els libnss-myhostname_241-7~deb10u10+tuxcare.els1_amd64.deb c93e46cd89482d3c53f148a719861a7187dfd1dd libnss-mymachines_241-7~deb10u10+tuxcare.els1_amd64.deb c0ccd484177469975c5ce03d7a93497d5b0573b1 libnss-resolve_241-7~deb10u10+tuxcare.els1_amd64.deb 975b748e22bbe1705eedb8e80ab445be218f5254 libnss-systemd_241-7~deb10u10+tuxcare.els1_amd64.deb 5c00a018c6fffcbf7076b40a49278eb5d6763116 libpam-systemd_241-7~deb10u10+tuxcare.els1_amd64.deb fc5a6842739d0190acaf3db471910746d25c3811 libsystemd-dev_241-7~deb10u10+tuxcare.els1_amd64.deb ff379d8e785baf4718190b94358bc882a427d5af libsystemd0_241-7~deb10u10+tuxcare.els1_amd64.deb a98bfb7981cff195f6f626906897634ec2c5038e libudev-dev_241-7~deb10u10+tuxcare.els1_amd64.deb f370bd0cf41fc303c4d059ecb2246dedb52ff94e libudev1_241-7~deb10u10+tuxcare.els1_amd64.deb ae252555b09f60b5fd30354556a5cf6ba4354926 systemd_241-7~deb10u10+tuxcare.els1_amd64.deb c9e1287f3f72664f0278094822e5ed295a182a11 systemd-container_241-7~deb10u10+tuxcare.els1_amd64.deb e6c312927461ec4c46ef9d6f0b4a2015315648b8 systemd-coredump_241-7~deb10u10+tuxcare.els1_amd64.deb 4feb70e8d3ef2a25585a958674cae86c96336655 systemd-journal-remote_241-7~deb10u10+tuxcare.els1_amd64.deb 76d7f7eb751f67db26a0254c17cc3c6601320c0a systemd-sysv_241-7~deb10u10+tuxcare.els1_amd64.deb 8c343ffc8a3b1cca61e2d6cd265f6a0af6381e30 systemd-tests_241-7~deb10u10+tuxcare.els1_amd64.deb 512e6b6db4a15603c23eac430559779355c8b2c6 udev_241-7~deb10u10+tuxcare.els1_amd64.deb 0cb720ab21ed8146d4c0d4f286cce9055f4d4a50 CLSA-2025:1763490076 TuxCare License Agreement 0 * SECURITY UPDATE: failure to redact HTTP authentication credentials in error handling allows information disclosure - debian/patches/CVE-2025-62168.patch: Fix HttpRequest::pack to mask sensitive information to prevent disclosure - CVE-2025-62168 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: failure to redact HTTP authentication credentials in error handling allows information disclosure - debian/patches/CVE-2025-62168.patch: Fix HttpRequest::pack to mask sensitive information to prevent disclosure - CVE-2025-62168

0 tuxcare-debian10-els squid_4.6-1+deb10u10+tuxcare.els3_amd64.deb b5a0911b2b542c3d767f9002756d4c9637e77e28 squid-cgi_4.6-1+deb10u10+tuxcare.els3_amd64.deb 00a27dd7cfaf115e93964a59db9f0185e3f85bdc squid-common_4.6-1+deb10u10+tuxcare.els3_all.deb aea0564d9da3a9834fb7646c0d2d5dee9d5ca530 squid-purge_4.6-1+deb10u10+tuxcare.els3_amd64.deb d327868274d68cbb924cbb8e32f28c0bfef9d257 squid3_4.6-1+deb10u10+tuxcare.els3_all.deb 608265b7e7a1ca3a2bea52badb0914dd4425d705 squidclient_4.6-1+deb10u10+tuxcare.els3_amd64.deb facc4a36cf121f8e298c20e921355c499cc24d53 CLSA-2025:1764151714 TuxCare License Agreement 0 * SECURITY UPDATE: stack memory exhaustion vulnerability - debian/patches/CVE-2020-10704.patch: fix vulnerability where a deeply nested filter in an unauthenticated LDAP search can exhaust the LDAP server's attack memory causing a SIGSEGV - CVE-2020-10704 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: stack memory exhaustion vulnerability - debian/patches/CVE-2020-10704.patch: fix vulnerability where a deeply nested filter in an unauthenticated LDAP search can exhaust the LDAP server's attack memory causing a SIGSEGV - CVE-2020-10704

0 tuxcare-debian10-els ctdb_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 7bc3b7a0dad8962a4c8c9e91779d4c65ba13f21f libnss-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb ca44359d17df6a659d5d90394d90adb3365b42dd libpam-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 593bbb16c5ca2e41a0d16776c894fbd073ffb08b libsmbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 056edfa7b2a246b71c769fc68678eff0359ce2df libsmbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb ff61cff8e5f7a09f4ed1696c5bf1e7fbb760fc28 libwbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb ee423c7e82922c1a0cb1d27f5eb4b70ef9a64f7b libwbclient0_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 9b20f09e4784fa685ad297059fa5dcf819c05820 python-samba_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 283d61ec03ec9763ccf785dd7e5fbe8bea6423bb registry-tools_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 51253a1bb8eefc8239280849f5e360cbcbec280a samba_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 810c2753d0e4699439cb1cd678a18502517b530d samba-common_4.9.5+dfsg-5+deb10u5+tuxcare.els4_all.deb db3805b2f001bbf510a469ac02d37fe972810e8f samba-common-bin_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb cc6635e5a69429ebc9a311268ade37a19bc4a21e samba-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb fda5bd0d43ab42ffbe019e56a9ddddcb0dbe217a samba-dsdb-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb d362e82d63408bf2a8e1d9e0e93a7a349016c88d samba-libs_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 0869154bd25606f88cafbb0a8b17e5a807f3aaff samba-testsuite_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 3e213062a5e0335d3099987769cd0f64a3960d78 samba-vfs-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 2f02cc64b25d20045bc12bc156b1e9f21a7532f9 smbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb c90bb66fda8499029ef335cdd217b7a32ac92219 winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els4_amd64.deb 521fc9eea913c7d9da4da7afaabe9bf225f6d18e CLSA-2025:1764771100 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer overflow when ELF section size is invalid - debian/patches/CVE-2019-1010180.patch: Skip processing invalid ELF sections - CVE-2019-1010180 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer overflow when ELF section size is invalid - debian/patches/CVE-2019-1010180.patch: Skip processing invalid ELF sections - CVE-2019-1010180

0 tuxcare-debian10-els gdb_8.2.1-2+tuxcare.els1_amd64.deb 2027b788fd46a9cbcf69ac3f0403e2002d402860 gdb-minimal_8.2.1-2+tuxcare.els1_amd64.deb b2a662f937615bdb1698f61e9842d0f21b209ce8 gdb-multiarch_8.2.1-2+tuxcare.els1_amd64.deb 63a78be9c6e1e08ef437e01a4dd89de715116f67 gdb-source_8.2.1-2+tuxcare.els1_all.deb 9bd45c80a7a444a93ec8959ff7f4652de382df3e gdbserver_8.2.1-2+tuxcare.els1_amd64.deb 0c722efc5f87d225c8a322fd5f12bef8e3905bf0 CLSA-2025:1764868292 TuxCare License Agreement 0 * SECURITY UPDATE: improper neutralization of quoting syntax in libpq functions allows SQL injection via psql in certain usage patterns - debian/patches/CVE-2025-1094.patch: Fix handling of invalidly encoded data in escaping functions - CVE-2025-1094 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: improper neutralization of quoting syntax in libpq functions allows SQL injection via psql in certain usage patterns - debian/patches/CVE-2025-1094.patch: Fix handling of invalidly encoded data in escaping functions - CVE-2025-1094

0 tuxcare-debian10-els libecpg-compat3_11.22-0+deb10u2+tuxcare.els1_amd64.deb 12f696279570e0794de2b492cac4baea2e29fe55 libecpg-dev_11.22-0+deb10u2+tuxcare.els1_amd64.deb c513ea3b3414d60d0d1e3b19e80bf7966d76eefd libecpg6_11.22-0+deb10u2+tuxcare.els1_amd64.deb dd4b15c2b23f243cc7e1d993eec302698340fb93 libpgtypes3_11.22-0+deb10u2+tuxcare.els1_amd64.deb 0c3b45a90d1c3e53a926a799eb27bdc641b29257 libpq-dev_11.22-0+deb10u2+tuxcare.els1_amd64.deb e563f53ec36e77a1b18a3bc4ab34e0a349a8dd54 libpq5_11.22-0+deb10u2+tuxcare.els1_amd64.deb 493117f8077758b9f61a5a9dea31090b1aea872f postgresql-11_11.22-0+deb10u2+tuxcare.els1_amd64.deb 7326a97ce2ac68e523362e1b4922af5ea058a607 postgresql-client-11_11.22-0+deb10u2+tuxcare.els1_amd64.deb ca882b7d88e1cb1fa2c41743b35bfea771be90a3 postgresql-doc-11_11.22-0+deb10u2+tuxcare.els1_all.deb 7627151dc79d11a681ba5faac3462eafe09c50a1 postgresql-plperl-11_11.22-0+deb10u2+tuxcare.els1_amd64.deb cc7daa65cc1642d585f33268824a150a9eac63e3 postgresql-plpython-11_11.22-0+deb10u2+tuxcare.els1_amd64.deb 8d69debe71765082b9db7934714d3d6a185a135f postgresql-plpython3-11_11.22-0+deb10u2+tuxcare.els1_amd64.deb 1c6b99ce33631b85fc6486c3779ec10b79d3fab9 postgresql-pltcl-11_11.22-0+deb10u2+tuxcare.els1_amd64.deb 5b7ed2fa1e729a2f55258a0ab4ea428f73518722 postgresql-server-dev-11_11.22-0+deb10u2+tuxcare.els1_amd64.deb a4fa4b0606db2f6986e832c82cd3189bf9c706c7 CLSA-2025:1764321086 TuxCare License Agreement 0 * SECURITY UPDATE: Directory permission cleanup vulnerability leading to DoS - debian/patches/CVE-2025-6297.patch: Fix cleanup for control member with restricted directories - CVE-2025-6297 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Directory permission cleanup vulnerability leading to DoS - debian/patches/CVE-2025-6297.patch: Fix cleanup for control member with restricted directories - CVE-2025-6297

0 tuxcare-debian10-els dpkg_1.19.8+tuxcare.els1_amd64.deb c26b4542ed7b9107141c8d555c35c10b3ee890e5 dpkg-dev_1.19.8+tuxcare.els1_all.deb e6c2d4237229f6e8f851bac68f3dd66821f95654 dselect_1.19.8+tuxcare.els1_amd64.deb a20d8ff9cf4651879d0d486ce49cbf02b2b3a01a libdpkg-dev_1.19.8+tuxcare.els1_amd64.deb b5329bb3c0f7a3d987ae777f7e92bd85b8001f8f libdpkg-perl_1.19.8+tuxcare.els1_all.deb da02c23378a24278ea01f0da8207afc68fee35bf CLSA-2025:1765285897 TuxCare License Agreement 0 * SECURITY UPDATE: use after free in Samba AD DC RPC server - debian/patches/CVE-2021-3738-pre.patch: prepare service routines before fixing CVE-2021-3738 - debian/patches/CVE-2021-3738.patch: avoids a crash caused by use-after-free in Samba AD DC RPC server - CVE-2021-3738.patch Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: use after free in Samba AD DC RPC server - debian/patches/CVE-2021-3738-pre.patch: prepare service routines before fixing CVE-2021-3738 - debian/patches/CVE-2021-3738.patch: avoids a crash caused by use-after-free in Samba AD DC RPC server - CVE-2021-3738.patch

0 tuxcare-debian10-els ctdb_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 60e47cc604c848fdc9a2d3d6a75fe68f3d3e7c91 libnss-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb f8e723110a18e0cf0879934215ad47631c51c66f libpam-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb a98541b46f5e1800cceea983a0a420327ce37a8a libsmbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb e0b5d960ea15d281195744a9be5e4994ac309a4c libsmbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb ac8114548f773646633aa382fd4605d3290edee7 libwbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 53fb41d09c1342dd67f9df97abac82ffdf0e32fd libwbclient0_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 0fd552a897a039be2450254d23a39d40fc36b1fe python-samba_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 127e78d34a16a185fd6d5014831f31057e59a530 registry-tools_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 71723c56ce0bdfd25dd0b75bfbad0538e913fd1f samba_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb f9a3cf847283b8e3e7cc197cea8855487117a13b samba-common_4.9.5+dfsg-5+deb10u5+tuxcare.els5_all.deb 6425005446902119af5fa2a409270fc96ebcd175 samba-common-bin_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 00963eaffefa9d0a6a8a8b3c49c2907731052131 samba-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 47c048e18797cdf6dbc3d16aabb931182723f0f0 samba-dsdb-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 2b4ca214e9321a55d4849812a0ff0a9d54c25a62 samba-libs_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 3bc4d38b09b76ed9fcba3888f7fc65b9498e98b3 samba-testsuite_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 29c33b7e5c4794595b865035b17e8ba6afcb0b67 samba-vfs-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 44ed72602987e3b50183bd43f51d4e615cb69b5d smbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 25e4b254c657cd8ce264f6df2112a2f3d8951f28 winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els5_amd64.deb 79cbca1d1a64a2f7cbc1599eacd98ab1a93f2c36 CLSA-2025:1765286037 TuxCare License Agreement 0 * SECURITY UPDATE: Heap-buffer overflow when switching buffers in visual mode - debian/patches/CVE-2025-22134.patch: fix visual mode heap-buffer-overflow by resetting VIsual mode on :all - CVE-2025-22134 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Heap-buffer overflow when switching buffers in visual mode - debian/patches/CVE-2025-22134.patch: fix visual mode heap-buffer-overflow by resetting VIsual mode on :all - CVE-2025-22134

0 tuxcare-debian10-els vim_8.1.0875-5+deb10u6+tuxcare.els14_amd64.deb 6369f6ae9b8cb3bd6ac547477798bd85f1eadb84 vim-athena_8.1.0875-5+deb10u6+tuxcare.els14_amd64.deb 1f1ef329c0b61d5e14ec7415d69ac13ba753b650 vim-common_8.1.0875-5+deb10u6+tuxcare.els14_all.deb ab06abf2b24bd560823f46290f90d31ab35595e7 vim-doc_8.1.0875-5+deb10u6+tuxcare.els14_all.deb 46bbc207cfa2e32cff9840eb7b0d9bd17e212dfa vim-gtk_8.1.0875-5+deb10u6+tuxcare.els14_amd64.deb 19acb3bfe4fb0eec2097c82cd3e1a06b9818a7f8 vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els14_amd64.deb 25a5e11672ac1add8abe7a2d961896fc29cef825 vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els14_all.deb 3b8ae32220a929f6462ea1adce3d2b2d12bffd4d vim-nox_8.1.0875-5+deb10u6+tuxcare.els14_amd64.deb 4fb07d198e1beb3db12f1c08dd10fbf687f48eb1 vim-runtime_8.1.0875-5+deb10u6+tuxcare.els14_all.deb 95dd2dec147d12441f42a8b579b6b15a83fdf513 vim-tiny_8.1.0875-5+deb10u6+tuxcare.els14_amd64.deb 4f04fc31e9766d06550dc1b594415b5dcc9c4ad7 xxd_8.1.0875-5+deb10u6+tuxcare.els14_amd64.deb e4f43db94a906e224435ada481df6935b5848a89 CLSA-2025:1766136770 TuxCare License Agreement 0 * SECURITY UPDATE: VerifyHostKeyDNS server impersonation - debian/patches/CVE-2025-26465.patch: Fix cases where error codes were not correctly set - CVE-2025-26465 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: VerifyHostKeyDNS server impersonation - debian/patches/CVE-2025-26465.patch: Fix cases where error codes were not correctly set - CVE-2025-26465

0 tuxcare-debian10-els openssh-client_7.9p1-10+deb10u4+tuxcare.els1_amd64.deb d6d3a62ae52c08b84d505c4c32dd8bf1147c31b9 openssh-server_7.9p1-10+deb10u4+tuxcare.els1_amd64.deb 112605b9718c54d8727bfd499672a3c771ba8526 openssh-sftp-server_7.9p1-10+deb10u4+tuxcare.els1_amd64.deb d5500435c1028fb8a18ef6598b61596f77b88265 openssh-tests_7.9p1-10+deb10u4+tuxcare.els1_amd64.deb 92460bf35bb5096eaf92566874f6f6ea4d95a065 ssh_7.9p1-10+deb10u4+tuxcare.els1_all.deb ce2c3c02881de42b1aee90e780190ba2c488b8e9 ssh-askpass-gnome_7.9p1-10+deb10u4+tuxcare.els1_amd64.deb 7bd13c2feb16954cd63c23ddcc6a94b4e88ef0d6 CLSA-2025:1766567499 TuxCare License Agreement 0 * SECURITY UPDATE: elevation of privilege vulnerability - debian/patches/CVE-2020-1472.patch: fix vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC) - CVE-2020-1472 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: elevation of privilege vulnerability - debian/patches/CVE-2020-1472.patch: fix vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC) - CVE-2020-1472

0 tuxcare-debian10-els ctdb_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 1b724b1375beea7ef51ca1b92598265732bf1e0d libnss-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 0570f9ac785c5cf6555a8cfb58f6022f94556f3c libpam-winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb e24c1d8d9103ece96ab906199ea46ebe4b4327d7 libsmbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 2ea7502b207070cca875c0c1d4482d1bbceb225a libsmbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 7a329de8e9f1cbbad85ff7393853750b3a0b1d63 libwbclient-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 144b34dc0bf7b067bbfb2c7750cc04035b37dc43 libwbclient0_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb f6fd52fdefd908b2c20598562c73ac4ebd70ae34 python-samba_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 8f47cebbb075bf2075e749ed88270a5f09d0b348 registry-tools_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 1b3fb01219a1c135d8a63c7d3e07844d2a86d139 samba_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb fe11449cf7c5028375176586b2a224d169382298 samba-common_4.9.5+dfsg-5+deb10u5+tuxcare.els7_all.deb 5e08addf9f518678c0cb252cb81f7c33033b7bb2 samba-common-bin_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 407533701508456c4e769a47547d26ba18200281 samba-dev_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 5baddbdbd73916a93af0ab612d8ad1000c097c49 samba-dsdb-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 0f748c768a1ca67b53df6a19f3478cb66febe815 samba-libs_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb e5e3968806e4b1e6caaac57941d54037e4d752dc samba-testsuite_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 53dcdb123343fb1bf8d77420d0517a87f2d79074 samba-vfs-modules_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 61392270424ecc7cca4b2a5a2498de306f758148 smbclient_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 6a063c41a6d9f6260d8713607f4b4f3883df50aa winbind_4.9.5+dfsg-5+deb10u5+tuxcare.els7_amd64.deb 2ee34d90ce00baf5ea182687438cc2f5491e4bd6 CLSA-2025:1766567686 TuxCare License Agreement 0 * SECURITY UPDATE: DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. - debian/patches/CVE-2025-32728.patch: fix logic error in DisableForwarding option - CVE-2025-32728 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. - debian/patches/CVE-2025-32728.patch: fix logic error in DisableForwarding option - CVE-2025-32728

0 tuxcare-debian10-els openssh-client_7.9p1-10+deb10u4+tuxcare.els2_amd64.deb 5dab2a0d587da068025eb7b918a391e9a37e2804 openssh-server_7.9p1-10+deb10u4+tuxcare.els2_amd64.deb c1f4b35912913a15900c0793bfc13d12d0f3fb24 openssh-sftp-server_7.9p1-10+deb10u4+tuxcare.els2_amd64.deb eac5365fc77f190d90c059b17d23a358bf988b19 openssh-tests_7.9p1-10+deb10u4+tuxcare.els2_amd64.deb d27cc5a10e9323a0556bfb3257937f331b3c5308 ssh_7.9p1-10+deb10u4+tuxcare.els2_all.deb c6f457787455f8f9fc08fbf113cfccd802d18a34 ssh-askpass-gnome_7.9p1-10+deb10u4+tuxcare.els2_amd64.deb 08c681eaed56c620821e7d2399075a13a467e11c CLSA-2026:1767870671 TuxCare License Agreement 0 * SECURITY UPDATE: Carriage Return injection in credential protocol - debian/patches/CVE-2024-52006.patch: fix Carriage Return injection in credential protocol - CVE-2024-52006 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Carriage Return injection in credential protocol - debian/patches/CVE-2024-52006.patch: fix Carriage Return injection in credential protocol - CVE-2024-52006

0 tuxcare-debian10-els git_2.20.1-2+deb10u9+tuxcare.els1_amd64.deb f3e5bfce9f302c5fca26c9740ad6ec31c4bdfc68 git-all_2.20.1-2+deb10u9+tuxcare.els1_all.deb e3f6ae14e84355b2283eb6e870d7b1ce68b5b4ba git-cvs_2.20.1-2+deb10u9+tuxcare.els1_all.deb 3e6265bde9c738290716f4da756811b4fc578748 git-daemon-run_2.20.1-2+deb10u9+tuxcare.els1_all.deb 33ceba492ec56f51223db415590882c30a59e25e git-daemon-sysvinit_2.20.1-2+deb10u9+tuxcare.els1_all.deb 42ec486a1bd4d419f8ad38e8ae97de3284fe0081 git-doc_2.20.1-2+deb10u9+tuxcare.els1_all.deb f5d85641605508b2eede7367150726f36eea15a2 git-el_2.20.1-2+deb10u9+tuxcare.els1_all.deb 5da3e104d59ee8e170165a418dffac3150b1ef33 git-email_2.20.1-2+deb10u9+tuxcare.els1_all.deb 019bc5e73e6da476680ac5cdfe56e7c8fecfdc06 git-gui_2.20.1-2+deb10u9+tuxcare.els1_all.deb 76d82453698bed650548c08d5464c691c4175912 git-man_2.20.1-2+deb10u9+tuxcare.els1_all.deb 132b08cec4248f360305af5b3b96e1e39264783e git-mediawiki_2.20.1-2+deb10u9+tuxcare.els1_all.deb a122373503c43088cf1ae067f45f5e36908767dc git-svn_2.20.1-2+deb10u9+tuxcare.els1_all.deb 58a4da87cb9c17051519dd905c54857bdf6e5c53 gitk_2.20.1-2+deb10u9+tuxcare.els1_all.deb f4a16a7b5693cdd34e3f7e4f8c93223bde5aeb27 gitweb_2.20.1-2+deb10u9+tuxcare.els1_all.deb 2316e1b0ce91b29fdd264e2912c419ba0b08ed10 CLSA-2026:1768299147 TuxCare License Agreement 0 * SECURITY UPDATE: heap buffer overflow in array_merge() - debian/patches/CVE-2025-14178.patch: fix integer overflow in the precomputation of element counts using zend_hash_num_elements() - CVE-2025-14178 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: heap buffer overflow in array_merge() - debian/patches/CVE-2025-14178.patch: fix integer overflow in the precomputation of element counts using zend_hash_num_elements() - CVE-2025-14178

0 tuxcare-debian10-els libapache2-mod-php7.3_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 0fb63a3012370581d9eaa55b7452d2f81a7975ba libphp7.3-embed_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 1bb06842e3894d12014b2a89da18fea7e93614ab php7.3_7.3.31-1~deb10u7+tuxcare.els3_all.deb b13524e4731aa1c3df3258d05411094d6e46e775 php7.3-bcmath_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb a3fe0a64f6d5c0dc0876219ce47065c2c668d7be php7.3-bz2_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 669121128b4543b71511d8ba01a51e2d18c16168 php7.3-cgi_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 0d1eb9c227b71cf8fb9da1a3d9503d4bf4ad95bb php7.3-cli_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 5d4469c9ba28e4c5a32ab0f6ebfb1ce39a578439 php7.3-common_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 515d612755b61d1613aae896e105f664a8e34285 php7.3-curl_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 7c537f44b6e0525bdd1b79b87dc1553ad24de266 php7.3-dba_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 4a96498bf6aa8c4e1b0cf7a372960b2d2ba7bb50 php7.3-dev_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb a83106af62d6b7f4566f8424494792eef1c23065 php7.3-enchant_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 340eef202d1ab9ae5c5bb15194cba970109c7e94 php7.3-fpm_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb d9f703ba6534e43fe228f45ad62318bd69c2f3e7 php7.3-gd_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 8e6a61097eabf84deb40758986489c4b50ac348a php7.3-gmp_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 77c981fdc78729171a5b2a855c063f5cdfa65e6a php7.3-imap_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 6f1faa0ccc50aa92a985166e001732f2d190888e php7.3-interbase_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 1bc36a06e2b5c85ae11435d277b38b3ed2c5fc6d php7.3-intl_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 8d1c46404c42a821ffe90ff3500b921eea3dc438 php7.3-json_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 18a8860162f7c4fb2ccdffe6b954817aa54e5ba3 php7.3-ldap_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb c3ebf1d2303d8df482e41aacd85a2de2f6c1b198 php7.3-mbstring_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 10dcca962ddedbbfbd1ca3020511ee268cfdf0b7 php7.3-mysql_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb e5e16a94fb4fa62560b51aa541b85a67de4410b3 php7.3-odbc_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 2f13a188167f6ab26d26332954b414fbaf9973b9 php7.3-opcache_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 3f334e302ca447d76a3234708a73f059d89b126f php7.3-pgsql_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 47852db4dc5dadaf1194e78cd3d5c948f2397081 php7.3-phpdbg_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 64aea0b774b9bb177eebae8cc6e8077e6ab33e78 php7.3-pspell_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 9cd2721f05c4de83919e71ed7ebdcfbb1e321235 php7.3-readline_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb e5ab5857d3f4dcc0e2938742a3e01def6a0ed09b php7.3-recode_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 8e183ad7c9d50abdad7850f3d9bb7978e54d61e3 php7.3-snmp_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb cd08a04747f0f2e3aab9b5bf12866618d8e54a62 php7.3-soap_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 9a2fdb4a25157d7291c2170cc32de9ecadc2d7ed php7.3-sqlite3_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 78524dabcabcd076ce39d83284807fcd105889e4 php7.3-sybase_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 75064a8e3a8d05b46460707ea44a84434aa115d5 php7.3-tidy_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 16aff3fb911a49a0f270d6df11d13ded13f678eb php7.3-xml_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 020e136299b66cb48263fd9fbf5947ff433cf39a php7.3-xmlrpc_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb 2ad04dd3d5037c93588603fb1151f45f65ce4f8b php7.3-xsl_7.3.31-1~deb10u7+tuxcare.els3_all.deb 99623dc35a3afbf8a0aecfe3082878fa9e8e8728 php7.3-zip_7.3.31-1~deb10u7+tuxcare.els3_amd64.deb b72e9415eb79b42e8ab2f6c338c5fe0299807679 CLSA-2026:1768300368 TuxCare License Agreement 0 * SECURITY UPDATE: fix DoS by a client that connect to cupsd sends slow messages. - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client. - CVE-2025-58436. * Fix test/run-stp-tests.sh - debian/patches/waiting-limit.patch: limit the waiting for a server dunring tests Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix DoS by a client that connect to cupsd sends slow messages. - debian/patches/CVE-2025-58436.patch: fix unresponsive cupsd process caused by a slow client. - CVE-2025-58436. * Fix test/run-stp-tests.sh - debian/patches/waiting-limit.patch: limit the waiting for a server dunring tests

0 tuxcare-debian10-els cups_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb ba1014d103737fd11bcc722f5e8963098963299f cups-bsd_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb f515a7ef22f7b92020202ba8fbbef1260f5b37d8 cups-client_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb 6020c98127617c08792d173d47d8a91b5fabc1ac cups-common_2.2.10-6+deb10u10+tuxcare.els1_all.deb 73ed25b3cada79564ab2370459bab84eaa19ba57 cups-core-drivers_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb f396ad3167af076a941100722374909db4bf3dc9 cups-daemon_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb 74e382bcf2e17ee9b8ead792a132e8af82c1206c cups-ipp-utils_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb 647c5f8232b1d1ab947a283448af07640a46613d cups-ppdc_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb d9870824914895c48e654ac16c60c1a62d6a5625 cups-server-common_2.2.10-6+deb10u10+tuxcare.els1_all.deb 67ea76043c850a9794f90a5012d5a9f24cc61a1b libcups2_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb 4a1553945c9a6e2fa0cad07cace80d0961c5e580 libcups2-dev_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb 97af18f7ff5bb4d177c7ba6c5c36556c66a05389 libcupsimage2_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb 1b99714fc8958a8ba73cdec99dd94670e31b083b libcupsimage2-dev_2.2.10-6+deb10u10+tuxcare.els1_amd64.deb 90af05395dafd7506ece26d28c7c38327bf50d95 CLSA-2026:1768300849 TuxCare License Agreement 0 * SECURITY UPDATE: improper encoding or escaping of credential handling - debian/patches/CVE-2024-50349.patch: fix ANSI escape sequence vulnerability that occurs when asking for credentials interactively - CVE-2024-50349 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: improper encoding or escaping of credential handling - debian/patches/CVE-2024-50349.patch: fix ANSI escape sequence vulnerability that occurs when asking for credentials interactively - CVE-2024-50349

0 tuxcare-debian10-els git_2.20.1-2+deb10u9+tuxcare.els2_amd64.deb 3ddda04d9ec11732a1ec64d973c892c93a2f2cf7 git-all_2.20.1-2+deb10u9+tuxcare.els2_all.deb 2133c1c3f1cf91583441d8318255610008827ebf git-cvs_2.20.1-2+deb10u9+tuxcare.els2_all.deb cdfe00bae70b10bada0b2073983dd4b6694b020b git-daemon-run_2.20.1-2+deb10u9+tuxcare.els2_all.deb f387d34b40b6ebf3db427d7e7cb572caac7972e1 git-daemon-sysvinit_2.20.1-2+deb10u9+tuxcare.els2_all.deb e44a00c33d55549ba4cf2d2c8b91f4f5b1a3ec57 git-doc_2.20.1-2+deb10u9+tuxcare.els2_all.deb 7b5c1c28dc2c9fb1a1584a37ceb4475bcc4f2839 git-el_2.20.1-2+deb10u9+tuxcare.els2_all.deb 10557a8237d8738b046898823b775c8942ab41e9 git-email_2.20.1-2+deb10u9+tuxcare.els2_all.deb 59a3f983b1eb5e488505133b9f6f35341be98048 git-gui_2.20.1-2+deb10u9+tuxcare.els2_all.deb 837d075f8fd5c26cb5ef72e0a1da3835fdab8019 git-man_2.20.1-2+deb10u9+tuxcare.els2_all.deb 36d8371dece680ffd1a49d0e7a053076497d0eae git-mediawiki_2.20.1-2+deb10u9+tuxcare.els2_all.deb 4ef5794067613155af0a182c6586898fd3a7207f git-svn_2.20.1-2+deb10u9+tuxcare.els2_all.deb 095455a4ea49acc82fa728d6100bf27ec9ab38fd gitk_2.20.1-2+deb10u9+tuxcare.els2_all.deb ac2b015a994910c8c7037bf200b95ebae9ec2da4 gitweb_2.20.1-2+deb10u9+tuxcare.els2_all.deb c7b2cbda4f75c94ae79d76664befc34cb8672257 CLSA-2026:1768395600 TuxCare License Agreement 0 * SECURITY UPDATE: Ownership checks for local repositories - debian/patches/CVE-2024-32004.patch: add fix for ownership check in local repositories - CVE-2024-32004 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Ownership checks for local repositories - debian/patches/CVE-2024-32004.patch: add fix for ownership check in local repositories - CVE-2024-32004

0 tuxcare-debian10-els git_2.20.1-2+deb10u9+tuxcare.els3_amd64.deb 27caaa75a2797e923531e03f865bce3556a118c7 git-all_2.20.1-2+deb10u9+tuxcare.els3_all.deb d6eb0812c899270e1fbf317ffed7157888409b13 git-cvs_2.20.1-2+deb10u9+tuxcare.els3_all.deb ce3984418a2307519919929b129cd7a7231bcb8c git-daemon-run_2.20.1-2+deb10u9+tuxcare.els3_all.deb cc221cad0f78d10fba71abb45c9b35f10030f272 git-daemon-sysvinit_2.20.1-2+deb10u9+tuxcare.els3_all.deb 6623338b86321d263cb25aead62634df1c95cb5f git-doc_2.20.1-2+deb10u9+tuxcare.els3_all.deb 1d0b90e91c4601156a98c16ee1021b838d50efe5 git-el_2.20.1-2+deb10u9+tuxcare.els3_all.deb ec594f6beb66bef10dbd7a41af1754f876d8c314 git-email_2.20.1-2+deb10u9+tuxcare.els3_all.deb d1468d685b776f67903d15bb30e7d0257b3d1c1a git-gui_2.20.1-2+deb10u9+tuxcare.els3_all.deb 48faf3c9b9c5ce976330e94308be9463a2b1d75c git-man_2.20.1-2+deb10u9+tuxcare.els3_all.deb 54be7521ce5542fbfc9df6936bafc7f302e83a51 git-mediawiki_2.20.1-2+deb10u9+tuxcare.els3_all.deb 82be2ded1dabcc42098b054c0cea6523fbe519bb git-svn_2.20.1-2+deb10u9+tuxcare.els3_all.deb a21509faca7d06d827d3e683bcf9c13910edf501 gitk_2.20.1-2+deb10u9+tuxcare.els3_all.deb 9f76bd4c7701c69eb4c1e0d68c6dd14d2a29aea0 gitweb_2.20.1-2+deb10u9+tuxcare.els3_all.deb ac516fe351830597adca891c3643cb7fd591334f CLSA-2026:1769524269 TuxCare License Agreement 0 * SECURITY UPDATE: memory corruption in armor parser - debian/patches/CVE-2025-68973.patch: fix faulty double increment. - CVE-2025-68973 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: memory corruption in armor parser - debian/patches/CVE-2025-68973.patch: fix faulty double increment. - CVE-2025-68973

0 tuxcare-debian10-els dirmngr_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb 990c1eb963c9fc0904fe0214842ec14206e2ae01 gnupg_2.2.12-1+deb10u2+tuxcare.els1_all.deb 8b688e87acb083673e76306fd2def06a02e1f8a6 gnupg-agent_2.2.12-1+deb10u2+tuxcare.els1_all.deb 73779d20c5a59ce622127b3df182f90d23f478c0 gnupg-l10n_2.2.12-1+deb10u2+tuxcare.els1_all.deb 41bb43464346773d5161fceea1529c0b9d4c35e2 gnupg-utils_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb caf9baad999eacd6007c2f0a18878eea390dc798 gnupg2_2.2.12-1+deb10u2+tuxcare.els1_all.deb 37f3a078b65914147d46776e30e504cd38634869 gpg_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb d06c5984c1e399cb75c879490d12abcb40a7d479 gpg-agent_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb 8a62ece0f16979f0b44f0cf4a608970bf67c5c29 gpg-wks-client_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb 06036914067dcf2b77a8d55526c238dc63db1639 gpg-wks-server_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb 62908330a05856037ae13968ff2e886ac5ea6c07 gpgconf_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb b3c9831abc9fd00194cd430afdb9854c957c5470 gpgsm_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb e9a4380c421b566669f5cb56cde85e527e7fe23d gpgv_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb a3eab44079db215162c5125b7df9616ab88873fd gpgv-static_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb e29eac9869f00fd5d3fa48896cf2f15db69a0ca0 gpgv-win32_2.2.12-1+deb10u2+tuxcare.els1_all.deb 366253367800bde0445eb219baaeecb132353734 gpgv2_2.2.12-1+deb10u2+tuxcare.els1_all.deb f1a7ac83b61133b2b366b059b8284306ec6b7136 scdaemon_2.2.12-1+deb10u2+tuxcare.els1_amd64.deb 1c83962721f9b1d72cfe0fdd2c061f45519770b8 CLSA-2026:1770325139 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2025-11-11: - New microcodes: sig 0x000606c1, pf_mask 0x10, 2025-03-06, rev 0x10002e0, size 301056 sig 0x000806f4, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f4, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f5, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f5, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f6, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f6, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f7, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f8, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f8, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000a06a4, pf_mask 0xe6, 2025-03-19, rev 0x0025, size 140288 sig 0x000a06d1, pf_mask 0x20, 2025-08-29, rev 0xa000124, size 1642496 sig 0x000a06d1, pf_mask 0x95, 2025-07-23, rev 0x10003f0, size 1670144 sig 0x000a06e1, pf_mask 0x97, 2025-06-27, rev 0x1000273, size 1635328 sig 0x000a06f3, pf_mask 0x01, 2025-07-30, rev 0x3000382, size 1534976 sig 0x000b0650, pf_mask 0x80, 2025-03-18, rev 0x000a, size 136192 sig 0x000b0671, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06d1, pf_mask 0x80, 2025-08-28, rev 0x0125, size 80896 sig 0x000b06e0, pf_mask 0x19, 2025-05-16, rev 0x001e, size 139264 sig 0x000b06f6, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f7, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000c0652, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06f1, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 sig 0x000c06f2, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864 sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032 sig 0x00050657, pf_mask 0xbf, 2024-12-12, rev 0x5003901, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-12-12, rev 0x7002b01, size 30720 sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552 sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264 sig 0x000606a6, pf_mask 0x87, 2025-03-11, rev 0xd000410, size 309248 sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800 sig 0x000706a8, pf_mask 0x01, 2024-12-05, rev 0x0026, size 76800 sig 0x000706e5, pf_mask 0x80, 2025-01-07, rev 0x00ca, size 115712 sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816 sig 0x000806c1, pf_mask 0x80, 2024-12-01, rev 0x00bc, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-12-01, rev 0x003c, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-12-11, rev 0x0056, size 105472 sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472 sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ec, pf_mask 0x94, 2024-11-17, rev 0x0100, size 106496 sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480 sig 0x00090672, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x00090675, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000906a3, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000906a4, pf_mask 0x40, 2025-06-13, rev 0x000b, size 119808 sig 0x000906a4, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480 sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544 sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472 sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496 sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496 sig 0x000906ed, pf_mask 0x22, 2024-11-14, rev 0x0104, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-11-14, rev 0x0100, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-11-14, rev 0x0102, size 98304 sig 0x000a0661, pf_mask 0x80, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-12-01, rev 0x0064, size 108544 sig 0x000b06f2, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f5, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888 None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2025-11-11: - New microcodes: sig 0x000606c1, pf_mask 0x10, 2025-03-06, rev 0x10002e0, size 301056 sig 0x000806f4, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f4, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f5, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f5, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f6, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f6, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f7, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000806f8, pf_mask 0x10, 2025-05-29, rev 0x2c000410, size 625664 sig 0x000806f8, pf_mask 0x87, 2025-05-29, rev 0x2b000650, size 593920 sig 0x000a06a4, pf_mask 0xe6, 2025-03-19, rev 0x0025, size 140288 sig 0x000a06d1, pf_mask 0x20, 2025-08-29, rev 0xa000124, size 1642496 sig 0x000a06d1, pf_mask 0x95, 2025-07-23, rev 0x10003f0, size 1670144 sig 0x000a06e1, pf_mask 0x97, 2025-06-27, rev 0x1000273, size 1635328 sig 0x000a06f3, pf_mask 0x01, 2025-07-30, rev 0x3000382, size 1534976 sig 0x000b0650, pf_mask 0x80, 2025-03-18, rev 0x000a, size 136192 sig 0x000b0671, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b0674, pf_mask 0x32, 2025-10-08, rev 0x0132, size 219136 sig 0x000b06a2, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a3, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06a8, pf_mask 0xe0, 2025-10-08, rev 0x6133, size 224256 sig 0x000b06d1, pf_mask 0x80, 2025-08-28, rev 0x0125, size 80896 sig 0x000b06e0, pf_mask 0x19, 2025-05-16, rev 0x001e, size 139264 sig 0x000b06f6, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f7, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000c0652, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0662, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c0664, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06a2, pf_mask 0x82, 2025-06-30, rev 0x011a, size 90112 sig 0x000c06f1, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 sig 0x000c06f2, pf_mask 0x87, 2025-05-29, rev 0x210002c0, size 564224 - Updated microcodes: sig 0x00050653, pf_mask 0x97, 2023-07-28, rev 0x1000191, size 36864 sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032 sig 0x00050657, pf_mask 0xbf, 2024-12-12, rev 0x5003901, size 39936 sig 0x0005065b, pf_mask 0xbf, 2024-12-12, rev 0x7002b01, size 30720 sig 0x00050665, pf_mask 0x10, 2023-08-03, rev 0xe000015, size 23552 sig 0x000506f1, pf_mask 0x01, 2023-10-05, rev 0x003e, size 11264 sig 0x000606a6, pf_mask 0x87, 2025-03-11, rev 0xd000410, size 309248 sig 0x000706a1, pf_mask 0x01, 2024-04-19, rev 0x0042, size 76800 sig 0x000706a8, pf_mask 0x01, 2024-12-05, rev 0x0026, size 76800 sig 0x000706e5, pf_mask 0x80, 2025-01-07, rev 0x00ca, size 115712 sig 0x000806a1, pf_mask 0x10, 2023-01-13, rev 0x0033, size 34816 sig 0x000806c1, pf_mask 0x80, 2024-12-01, rev 0x00bc, size 112640 sig 0x000806c2, pf_mask 0xc2, 2024-12-01, rev 0x003c, size 99328 sig 0x000806d1, pf_mask 0xc2, 2024-12-11, rev 0x0056, size 105472 sig 0x000806e9, pf_mask 0x10, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806e9, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ea, pf_mask 0xc0, 2024-02-01, rev 0x00f6, size 105472 sig 0x000806eb, pf_mask 0xd0, 2024-02-01, rev 0x00f6, size 106496 sig 0x000806ec, pf_mask 0x94, 2024-11-17, rev 0x0100, size 106496 sig 0x00090661, pf_mask 0x01, 2024-04-05, rev 0x001a, size 20480 sig 0x00090672, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x00090675, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000906a3, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000906a4, pf_mask 0x40, 2025-06-13, rev 0x000b, size 119808 sig 0x000906a4, pf_mask 0x80, 2025-10-12, rev 0x043a, size 224256 sig 0x000906c0, pf_mask 0x01, 2023-09-26, rev 0x24000026, size 20480 sig 0x000906e9, pf_mask 0x2a, 2023-09-28, rev 0x00f8, size 108544 sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472 sig 0x000906eb, pf_mask 0x02, 2024-02-01, rev 0x00f6, size 106496 sig 0x000906ec, pf_mask 0x22, 2024-02-01, rev 0x00f8, size 106496 sig 0x000906ed, pf_mask 0x22, 2024-11-14, rev 0x0104, size 106496 sig 0x000a0652, pf_mask 0x20, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0653, pf_mask 0x22, 2024-11-14, rev 0x0100, size 98304 sig 0x000a0655, pf_mask 0x22, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0660, pf_mask 0x80, 2024-11-14, rev 0x0102, size 98304 sig 0x000a0661, pf_mask 0x80, 2024-11-14, rev 0x0100, size 97280 sig 0x000a0671, pf_mask 0x02, 2024-12-01, rev 0x0064, size 108544 sig 0x000b06f2, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 sig 0x000b06f5, pf_mask 0x07, 2025-10-12, rev 0x003d, size 226304 - Removed microcodes: sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888

0 tuxcare-debian10-els intel-microcode_3.20251111.1~deb10u1+tuxcare.els1_amd64.deb 1df0b8ae50a874caddbda29836cade4fbada56fe CLSA-2026:1770707507 TuxCare License Agreement 0 * SECURITY UPDATE: Make XML_ExternalEntityParserCreate copy unknown encoding handler user data - debian/patches/CVE-2026-24515.patch: copy unknown encoding handler user data and add tests to cover effect - CVE-2026-24515 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Make XML_ExternalEntityParserCreate copy unknown encoding handler user data - debian/patches/CVE-2026-24515.patch: copy unknown encoding handler user data and add tests to cover effect - CVE-2026-24515

0 tuxcare-debian10-els expat_2.2.6-2+deb10u7+tuxcare.els2_amd64.deb fe01a9b5a94d6ae9349e3604e7ac6f9e3e3bfa66 libexpat1_2.2.6-2+deb10u7+tuxcare.els2_amd64.deb 02b1da5b11ab82da85f026a267445ec3fb6f3fea libexpat1-dev_2.2.6-2+deb10u7+tuxcare.els2_amd64.deb 978ca1d77c8b328af12ca9c642ccb4a6a4c96f03 CLSA-2026:1770717529 TuxCare License Agreement 0 * SECURITY UPDATE: check oct argument for NULL in PKCS12_item_decrypt_d2i_e() - debian/patches/CVE-2025-69421.patch: fix a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. - CVE-2025-69421 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: check oct argument for NULL in PKCS12_item_decrypt_d2i_e() - debian/patches/CVE-2025-69421.patch: fix a NULL pointer dereference in the PKCS12_item_decrypt_d2i_ex() function. - CVE-2025-69421

0 tuxcare-debian10-els libssl-dev_1.1.1n-0+deb10u6+tuxcare.els1_amd64.deb 1c5e572a0891b467b09686654306e94057115fc1 libssl-doc_1.1.1n-0+deb10u6+tuxcare.els1_all.deb c60f726831020fc51c91a8abff9deaa17ef89980 libssl1.1_1.1.1n-0+deb10u6+tuxcare.els1_amd64.deb 37f176170462b471d7eceb4dc5c2ced6efe4283e openssl_1.1.1n-0+deb10u6+tuxcare.els1_amd64.deb 3235b017eea076f98c451692dac60874c96b2a80 CLSA-2026:1771112524 TuxCare License Agreement 0 * Update ca-certificates database to 20260129: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: # Certificate "GlobalSign Root CA" # Certificate "Entrust.net Premium 2048 Secure Server CA" # Certificate "Comodo AAA Services root" # Certificate "XRamp Global CA Root" # Certificate "Go Daddy Class 2 CA" # Certificate "Starfield Class 2 CA" # Certificate "OISTE WISeKey Global Root GA CA" # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "Staat der Nederlanden Root CA - G3" # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "emSign Root CA - G1" # Certificate "emSign ECC Root CA - G3" # Certificate "emSign Root CA - C1" # Certificate "emSign ECC Root CA - C3" # Certificate "Hongkong Post Root CA 3" # Certificate "Entrust Root Certification Authority - G4" # Certificate "Microsoft ECC Root Certificate Authority 2017" # Certificate "Microsoft RSA Root Certificate Authority 2017" # Certificate "e-Szigno Root CA 2017" # Certificate "certSIGN Root CA G2" # Certificate "Trustwave Global Certification Authority" # Certificate "Trustwave Global ECC P256 Certification Authority" # Certificate "Trustwave Global ECC P384 Certification Authority" # Certificate "NAVER Global Root Certification Authority" # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" # Certificate "GlobalSign Secure Mail Root R45" # Certificate "GlobalSign Secure Mail Root E45" # Certificate "GlobalSign Root R46" # Certificate "GlobalSign Root E46" # Certificate "GLOBALTRUST 2020" # Certificate "ANF Secure Server Root CA" # Certificate "Certum EC-384 CA" # Certificate "Certum Trusted Root CA" # Certificate "TunTrust Root CA" # Certificate "HARICA TLS RSA Root CA 2021" # Certificate "HARICA TLS ECC Root CA 2021" # Certificate "HARICA Client RSA Root CA 2021" # Certificate "HARICA Client ECC Root CA 2021" # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" # Certificate "vTrus ECC Root CA" # Certificate "vTrus Root CA" # Certificate "ISRG Root X2" # Certificate "HiPKI Root CA - G1" # Certificate "GlobalSign ECC Root CA - R4" # Certificate "GTS Root R1" # Certificate "GTS Root R2" # Certificate "GTS Root R3" # Certificate "GTS Root R4" # Certificate "Telia Root CA v2" # Certificate "D-TRUST BR Root CA 1 2020" # Certificate "D-TRUST EV Root CA 1 2020" # Certificate "DigiCert TLS ECC P384 Root G5" # Certificate "DigiCert TLS RSA4096 Root G5" # Certificate "DigiCert SMIME ECC P384 Root G5" # Certificate "DigiCert SMIME RSA4096 Root G5" # Certificate "Certainly Root R1" # Certificate "Certainly Root E1" # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" # Certificate "D-Trust SBR Root CA 1 2022" # Certificate "D-Trust SBR Root CA 2 2022" # Certificate "Telekom Security SMIME ECC Root 2021" # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security SMIME RSA Root 2023" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" # Certificate "TWCA CYBER Root CA" # Certificate "TWCA Global Root CA G2" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "TrustAsia SMIME ECC Root CA" # Certificate "TrustAsia SMIME RSA Root CA" # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "D-TRUST EV Root CA 2 2023" # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Client Root ECC G1" # Certificate "OISTE Client Root RSA G1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" - The following certificates were removed: # Certificate "GlobalSign Root CA - R2" # Certificate "Baltimore CyberTrust Root" # Certificate "AddTrust Low-Value Services Root" # Certificate "AddTrust External Root" # Certificate "GeoTrust Global CA" # Certificate "QuoVadis Root CA" # Certificate "Security Communication Root CA" # Certificate "Sonera Class 2 Root CA" # Certificate "UTN USERFirst Email Root CA" # Certificate "Camerfirma Chambers of Commerce Root" # Certificate "Camerfirma Global Chambersign Root" # Certificate "Certplus Class 2 Primary CA" # Certificate "DST Root CA X3" # Certificate "Deutsche Telekom Root CA 2" # Certificate "Cybertrust Global Root" # Certificate "Staat der Nederlanden Root CA - G2" # Certificate "Hongkong Post Root CA 1" # Certificate "Chambers of Commerce Root - 2008" # Certificate "Global Chambersign Root - 2008" # Certificate "Trustis FPS Root CA" # Certificate "E-Tugra Certification Authority" # Certificate "Staat der Nederlanden EV Root CA" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "TrustCor ECA-1" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20260129: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: # Certificate "GlobalSign Root CA" # Certificate "Entrust.net Premium 2048 Secure Server CA" # Certificate "Comodo AAA Services root" # Certificate "XRamp Global CA Root" # Certificate "Go Daddy Class 2 CA" # Certificate "Starfield Class 2 CA" # Certificate "OISTE WISeKey Global Root GA CA" # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "Staat der Nederlanden Root CA - G3" # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "emSign Root CA - G1" # Certificate "emSign ECC Root CA - G3" # Certificate "emSign Root CA - C1" # Certificate "emSign ECC Root CA - C3" # Certificate "Hongkong Post Root CA 3" # Certificate "Entrust Root Certification Authority - G4" # Certificate "Microsoft ECC Root Certificate Authority 2017" # Certificate "Microsoft RSA Root Certificate Authority 2017" # Certificate "e-Szigno Root CA 2017" # Certificate "certSIGN Root CA G2" # Certificate "Trustwave Global Certification Authority" # Certificate "Trustwave Global ECC P256 Certification Authority" # Certificate "Trustwave Global ECC P384 Certification Authority" # Certificate "NAVER Global Root Certification Authority" # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" # Certificate "GlobalSign Secure Mail Root R45" # Certificate "GlobalSign Secure Mail Root E45" # Certificate "GlobalSign Root R46" # Certificate "GlobalSign Root E46" # Certificate "GLOBALTRUST 2020" # Certificate "ANF Secure Server Root CA" # Certificate "Certum EC-384 CA" # Certificate "Certum Trusted Root CA" # Certificate "TunTrust Root CA" # Certificate "HARICA TLS RSA Root CA 2021" # Certificate "HARICA TLS ECC Root CA 2021" # Certificate "HARICA Client RSA Root CA 2021" # Certificate "HARICA Client ECC Root CA 2021" # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" # Certificate "vTrus ECC Root CA" # Certificate "vTrus Root CA" # Certificate "ISRG Root X2" # Certificate "HiPKI Root CA - G1" # Certificate "GlobalSign ECC Root CA - R4" # Certificate "GTS Root R1" # Certificate "GTS Root R2" # Certificate "GTS Root R3" # Certificate "GTS Root R4" # Certificate "Telia Root CA v2" # Certificate "D-TRUST BR Root CA 1 2020" # Certificate "D-TRUST EV Root CA 1 2020" # Certificate "DigiCert TLS ECC P384 Root G5" # Certificate "DigiCert TLS RSA4096 Root G5" # Certificate "DigiCert SMIME ECC P384 Root G5" # Certificate "DigiCert SMIME RSA4096 Root G5" # Certificate "Certainly Root R1" # Certificate "Certainly Root E1" # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" # Certificate "LAWtrust Root CA2 (4096)" # Certificate "Sectigo Public Email Protection Root E46" # Certificate "Sectigo Public Email Protection Root R46" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "SSL.com Client ECC Root CA 2022" # Certificate "SSL.com Client RSA Root CA 2022" # Certificate "Atos TrustedRoot Root CA ECC G2 2020" # Certificate "Atos TrustedRoot Root CA RSA G2 2020" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" # Certificate "D-Trust SBR Root CA 1 2022" # Certificate "D-Trust SBR Root CA 2 2022" # Certificate "Telekom Security SMIME ECC Root 2021" # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security SMIME RSA Root 2023" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" # Certificate "TWCA CYBER Root CA" # Certificate "TWCA Global Root CA G2" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "TrustAsia SMIME ECC Root CA" # Certificate "TrustAsia SMIME RSA Root CA" # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "D-TRUST EV Root CA 2 2023" # Certificate "SwissSign RSA SMIME Root CA 2022 - 1" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Client Root ECC G1" # Certificate "OISTE Client Root RSA G1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" - The following certificates were removed: # Certificate "GlobalSign Root CA - R2" # Certificate "Baltimore CyberTrust Root" # Certificate "AddTrust Low-Value Services Root" # Certificate "AddTrust External Root" # Certificate "GeoTrust Global CA" # Certificate "QuoVadis Root CA" # Certificate "Security Communication Root CA" # Certificate "Sonera Class 2 Root CA" # Certificate "UTN USERFirst Email Root CA" # Certificate "Camerfirma Chambers of Commerce Root" # Certificate "Camerfirma Global Chambersign Root" # Certificate "Certplus Class 2 Primary CA" # Certificate "DST Root CA X3" # Certificate "Deutsche Telekom Root CA 2" # Certificate "Cybertrust Global Root" # Certificate "Staat der Nederlanden Root CA - G2" # Certificate "Hongkong Post Root CA 1" # Certificate "Chambers of Commerce Root - 2008" # Certificate "Global Chambersign Root - 2008" # Certificate "Trustis FPS Root CA" # Certificate "E-Tugra Certification Authority" # Certificate "Staat der Nederlanden EV Root CA" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "TrustCor ECA-1"

0 tuxcare-debian10-els libnss3_3.42.1-1+deb10u8+tuxcare.els1_amd64.deb 1bbf7b27a59d9322cf3cb00f360a991e5e1fca14 libnss3-dev_3.42.1-1+deb10u8+tuxcare.els1_amd64.deb 33e84edce8931fb7dde6e54792b1e494a31d2ab1 libnss3-tools_3.42.1-1+deb10u8+tuxcare.els1_amd64.deb 6e021ad5009bbba4f4f8d9e0f0e7995c8842ed1b CLSA-2026:1771237525 TuxCare License Agreement 0 * SECURITY UPDATE: check return code of UTF8_putc - debian/patches/CVE-2025-69419.patch: add missing return code checks for UTF8_putc in a_strex.c and OPENSSL_uni2utf8 in p12_utl.c. - CVE-2025-69419 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: check return code of UTF8_putc - debian/patches/CVE-2025-69419.patch: add missing return code checks for UTF8_putc in a_strex.c and OPENSSL_uni2utf8 in p12_utl.c. - CVE-2025-69419

0 tuxcare-debian10-els libssl-dev_1.1.1n-0+deb10u6+tuxcare.els2_amd64.deb 7af3393f69294912972538f042d3533ea649f0a2 libssl-doc_1.1.1n-0+deb10u6+tuxcare.els2_all.deb d64c4dc722b55e7341b397a3e3682ec5f5d4c380 libssl1.1_1.1.1n-0+deb10u6+tuxcare.els2_amd64.deb f6050967ccbf26cebcbf604cbbd9cf70bd3e3db2 openssl_1.1.1n-0+deb10u6+tuxcare.els2_amd64.deb 52c7e59894c504260e553a1a98c70959fb48c59b CLSA-2026:1771412755 TuxCare License Agreement 0 * Update ca-certificates database to 20260210: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: # Certificate "Entrust Root Certification Authority" # Certificate "ePKI Root Certification Authority" # Certificate "AffirmTrust Commercial" # Certificate "AffirmTrust Networking" # Certificate "AffirmTrust Premium" # Certificate "AffirmTrust Premium ECC" # Certificate "Entrust Root Certification Authority - G2" # Certificate "Entrust Root Certification Authority - EC1" # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "Microsoft ECC Root Certificate Authority 2017" # Certificate "Microsoft RSA Root Certificate Authority 2017" # Certificate "e-Szigno Root CA 2017" # Certificate "certSIGN Root CA G2" # Certificate "Trustwave Global Certification Authority" # Certificate "Trustwave Global ECC P256 Certification Authority" # Certificate "Trustwave Global ECC P384 Certification Authority" # Certificate "NAVER Global Root Certification Authority" # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" # Certificate "GlobalSign Root R46" # Certificate "GlobalSign Root E46" # Certificate "GLOBALTRUST 2020" # Certificate "ANF Secure Server Root CA" # Certificate "Certum EC-384 CA" # Certificate "Certum Trusted Root CA" # Certificate "TunTrust Root CA" # Certificate "HARICA TLS RSA Root CA 2021" # Certificate "HARICA TLS ECC Root CA 2021" # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" # Certificate "vTrus ECC Root CA" # Certificate "vTrus Root CA" # Certificate "ISRG Root X2" # Certificate "HiPKI Root CA - G1" # Certificate "GlobalSign ECC Root CA - R4" # Certificate "GTS Root R1" # Certificate "GTS Root R2" # Certificate "GTS Root R3" # Certificate "GTS Root R4" # Certificate "Telia Root CA v2" # Certificate "D-TRUST BR Root CA 1 2020" # Certificate "D-TRUST EV Root CA 1 2020" # Certificate "DigiCert TLS ECC P384 Root G5" # Certificate "DigiCert TLS RSA4096 Root G5" # Certificate "Certainly Root R1" # Certificate "Certainly Root E1" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" # Certificate "TWCA CYBER Root CA" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "D-TRUST EV Root CA 2 2023" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" - The following certificates were removed: # Certificate "GlobalSign Root CA - R2" # Certificate "Baltimore CyberTrust Root" # Certificate "AddTrust Low-Value Services Root" # Certificate "AddTrust External Root" # Certificate "GeoTrust Global CA" # Certificate "QuoVadis Root CA" # Certificate "Security Communication Root CA" # Certificate "Sonera Class 2 Root CA" # Certificate "Camerfirma Chambers of Commerce Root" # Certificate "Camerfirma Global Chambersign Root" # Certificate "DST Root CA X3" # Certificate "Cybertrust Global Root" # Certificate "Staat der Nederlanden Root CA - G2" # Certificate "Hongkong Post Root CA 1" # Certificate "Chambers of Commerce Root - 2008" # Certificate "Global Chambersign Root - 2008" # Certificate "Trustis FPS Root CA" # Certificate "E-Tugra Certification Authority" # Certificate "Staat der Nederlanden EV Root CA" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "TrustCor ECA-1" None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Update ca-certificates database to 20260210: - mozilla\{certdata.h,nssckbi.h}: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: # Certificate "Entrust Root Certification Authority" # Certificate "ePKI Root Certification Authority" # Certificate "AffirmTrust Commercial" # Certificate "AffirmTrust Networking" # Certificate "AffirmTrust Premium" # Certificate "AffirmTrust Premium ECC" # Certificate "Entrust Root Certification Authority - G2" # Certificate "Entrust Root Certification Authority - EC1" # Certificate "certSIGN ROOT CA" # Certificate "ACCVRAIZ1" # Certificate "OISTE WISeKey Global Root GC CA" - The following certificates were added: # Certificate "Microsoft ECC Root Certificate Authority 2017" # Certificate "Microsoft RSA Root Certificate Authority 2017" # Certificate "e-Szigno Root CA 2017" # Certificate "certSIGN Root CA G2" # Certificate "Trustwave Global Certification Authority" # Certificate "Trustwave Global ECC P256 Certification Authority" # Certificate "Trustwave Global ECC P384 Certification Authority" # Certificate "NAVER Global Root Certification Authority" # Certificate "AC RAIZ FNMT-RCM SERVIDORES SEGUROS" # Certificate "GlobalSign Root R46" # Certificate "GlobalSign Root E46" # Certificate "GLOBALTRUST 2020" # Certificate "ANF Secure Server Root CA" # Certificate "Certum EC-384 CA" # Certificate "Certum Trusted Root CA" # Certificate "TunTrust Root CA" # Certificate "HARICA TLS RSA Root CA 2021" # Certificate "HARICA TLS ECC Root CA 2021" # Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" # Certificate "vTrus ECC Root CA" # Certificate "vTrus Root CA" # Certificate "ISRG Root X2" # Certificate "HiPKI Root CA - G1" # Certificate "GlobalSign ECC Root CA - R4" # Certificate "GTS Root R1" # Certificate "GTS Root R2" # Certificate "GTS Root R3" # Certificate "GTS Root R4" # Certificate "Telia Root CA v2" # Certificate "D-TRUST BR Root CA 1 2020" # Certificate "D-TRUST EV Root CA 1 2020" # Certificate "DigiCert TLS ECC P384 Root G5" # Certificate "DigiCert TLS RSA4096 Root G5" # Certificate "Certainly Root R1" # Certificate "Certainly Root E1" # Certificate "Security Communication ECC RootCA1" # Certificate "BJCA Global Root CA1" # Certificate "BJCA Global Root CA2" # Certificate "Sectigo Public Server Authentication Root E46" # Certificate "Sectigo Public Server Authentication Root R46" # Certificate "SSL.com TLS RSA Root CA 2022" # Certificate "SSL.com TLS ECC Root CA 2022" # Certificate "Atos TrustedRoot Root CA ECC TLS 2021" # Certificate "Atos TrustedRoot Root CA RSA TLS 2021" # Certificate "TrustAsia Global Root CA G3" # Certificate "TrustAsia Global Root CA G4" # Certificate "Telekom Security TLS ECC Root 2020" # Certificate "Telekom Security TLS RSA Root 2023" # Certificate "FIRMAPROFESIONAL CA ROOT-A WEB" # Certificate "TWCA CYBER Root CA" # Certificate "SecureSign Root CA12" # Certificate "SecureSign Root CA14" # Certificate "SecureSign Root CA15" # Certificate "D-TRUST BR Root CA 2 2023" # Certificate "TrustAsia TLS ECC Root CA" # Certificate "TrustAsia TLS RSA Root CA" # Certificate "D-TRUST EV Root CA 2 2023" # Certificate "SwissSign RSA TLS Root CA 2022 - 1" # Certificate "OISTE Server Root ECC G1" # Certificate " OISTE Server Root RSA G1" - The following certificates were removed: # Certificate "GlobalSign Root CA - R2" # Certificate "Baltimore CyberTrust Root" # Certificate "AddTrust Low-Value Services Root" # Certificate "AddTrust External Root" # Certificate "GeoTrust Global CA" # Certificate "QuoVadis Root CA" # Certificate "Security Communication Root CA" # Certificate "Sonera Class 2 Root CA" # Certificate "Camerfirma Chambers of Commerce Root" # Certificate "Camerfirma Global Chambersign Root" # Certificate "DST Root CA X3" # Certificate "Cybertrust Global Root" # Certificate "Staat der Nederlanden Root CA - G2" # Certificate "Hongkong Post Root CA 1" # Certificate "Chambers of Commerce Root - 2008" # Certificate "Global Chambersign Root - 2008" # Certificate "Trustis FPS Root CA" # Certificate "E-Tugra Certification Authority" # Certificate "Staat der Nederlanden EV Root CA" # Certificate "TrustCor RootCert CA-1" # Certificate "TrustCor RootCert CA-2" # Certificate "TrustCor ECA-1"

0 tuxcare-debian10-els ca-certificates_20260210~deb10u2+tuxcare.els1_all.deb 1f432000007d52bfc9f59343cfbea4ff6972e9de CLSA-2026:1771857466 TuxCare License Agreement 0 * SECURITY UPDATE: Buffer underflow / integer overflow in GVariant text format parser - debian/patches/CVE-2025-14087.patch: fix potential integer overflow parsing strings, bytestrings, and child element counts in gvariant-parser.c - CVE-2025-14087 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Buffer underflow / integer overflow in GVariant text format parser - debian/patches/CVE-2025-14087.patch: fix potential integer overflow parsing strings, bytestrings, and child element counts in gvariant-parser.c - CVE-2025-14087

0 tuxcare-debian10-els libglib2.0-0_2.58.3-2+deb10u6+tuxcare.els2_amd64.deb 55f900b3d956134ec6f0234fb76e4b8fdc89adb3 libglib2.0-bin_2.58.3-2+deb10u6+tuxcare.els2_amd64.deb 517c3cd3499d5472d733828c68668be257467f92 libglib2.0-data_2.58.3-2+deb10u6+tuxcare.els2_all.deb 70ff4fa0b8129bf87739e4865cf018d7227f8018 libglib2.0-dev_2.58.3-2+deb10u6+tuxcare.els2_amd64.deb ec528152e575b0345314e3b50d3fcdd6a146a4fb libglib2.0-dev-bin_2.58.3-2+deb10u6+tuxcare.els2_amd64.deb d9d993f9fade496168daa27d3d34d51e9afb23e2 libglib2.0-doc_2.58.3-2+deb10u6+tuxcare.els2_all.deb bb84cb5d5ca1a72ebea91cad80ee6700aee2c617 libglib2.0-tests_2.58.3-2+deb10u6+tuxcare.els2_amd64.deb 4e00a53f5b2a01064240abfa8a6d637c79958669 CLSA-2026:1772443907 TuxCare License Agreement 0 * SECURITY UPDATE: bearer token leakage to IMAP/LDAP/POP3/SMTP hosts via cross-protocol redirects - debian/patches/CVE-2025-14524.patch: Require permission when redirected for bearer use and prevent sending bearer token to other hosts; fix unconditional reuse of oauth bearer during redirects. - CVE-2025-14524 Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: bearer token leakage to IMAP/LDAP/POP3/SMTP hosts via cross-protocol redirects - debian/patches/CVE-2025-14524.patch: Require permission when redirected for bearer use and prevent sending bearer token to other hosts; fix unconditional reuse of oauth bearer during redirects. - CVE-2025-14524

0 tuxcare-debian10-els curl_7.64.0-4+deb10u9+tuxcare.els1_amd64.deb 0a2c933d802e76ba0b6c4af1f375f2bc6e4ca358 libcurl3-gnutls_7.64.0-4+deb10u9+tuxcare.els1_amd64.deb bac9bfd6822852691801680c7c0cab0846ef3b86 libcurl3-nss_7.64.0-4+deb10u9+tuxcare.els1_amd64.deb 98ef3e68f569654b4322fe4cd93bb2caaa91420b libcurl4_7.64.0-4+deb10u9+tuxcare.els1_amd64.deb 7e4b5c5e05056649ef8cac09b25730ddfebc11ab libcurl4-doc_7.64.0-4+deb10u9+tuxcare.els1_all.deb fb3b130b036e80829dab59b7bd9a81c26244bb31 libcurl4-gnutls-dev_7.64.0-4+deb10u9+tuxcare.els1_amd64.deb 96784fd51d7f7b2842b5c1827c107a3f45e88496 libcurl4-nss-dev_7.64.0-4+deb10u9+tuxcare.els1_amd64.deb 912f34a5444d06189d8d521ec9a346ab1777208d libcurl4-openssl-dev_7.64.0-4+deb10u9+tuxcare.els1_amd64.deb 99a93620602bd6c75cab8be60c0ee99cf2919223 CLSA-2026:1773141936 TuxCare License Agreement 0 * SECURITY UPDATE: Stack-Based buffer overflow in Netbeans - debian/patches/CVE-2026-26269.patch: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server - CVE-2026-26269 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Stack-Based buffer overflow in Netbeans - debian/patches/CVE-2026-26269.patch: fix stack-based buffer overflow in NetBeans integration that could lead to a crash or arbitrary code execution via a malicious server - CVE-2026-26269

0 tuxcare-debian10-els vim_8.1.0875-5+deb10u6+tuxcare.els15_amd64.deb abc45121bb12ec6530361653eb685533033303f5 vim-athena_8.1.0875-5+deb10u6+tuxcare.els15_amd64.deb 08fca655f7035e74a035002b74864f5cef7c6b25 vim-common_8.1.0875-5+deb10u6+tuxcare.els15_all.deb f3041c01a10a2dd744b5cec89c40f240cac929e1 vim-doc_8.1.0875-5+deb10u6+tuxcare.els15_all.deb f559d7be92af9714b978577a51980c486c497c2d vim-gtk_8.1.0875-5+deb10u6+tuxcare.els15_amd64.deb dc7551f3f2c5472260291453227925ce16d6cc1c vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els15_amd64.deb e378abf44a2d17393fa54e4478bdee2a3504cefc vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els15_all.deb dba57900bbdcc6d73652c35571850c0453f92653 vim-nox_8.1.0875-5+deb10u6+tuxcare.els15_amd64.deb d8ab148d74999694f58f5e2ce73d93428d78fbe3 vim-runtime_8.1.0875-5+deb10u6+tuxcare.els15_all.deb 934db2259bb0fed5c5d8eec6c76e35c3654fcec8 vim-tiny_8.1.0875-5+deb10u6+tuxcare.els15_amd64.deb 9485549ea1dc81bb095a5e398c579462ecbdf3e9 xxd_8.1.0875-5+deb10u6+tuxcare.els15_amd64.deb b95ae425d80578522050da441a109b9d96a9955c CLSA-2026:1773145958 TuxCare License Agreement 0 * SECURITY UPDATE: Fix vulnerabilities in GSS message token handling - debian/patches/CVE-2024-37370-CVE-2024-37371.patch: Verify Extra Count field in CFX wrap tokens, validate plaintext length in gss_unwrap, and prevent IOV unwrap header buffer overrun - CVE-2024-37370 - CVE-2024-37371 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Fix vulnerabilities in GSS message token handling - debian/patches/CVE-2024-37370-CVE-2024-37371.patch: Verify Extra Count field in CFX wrap tokens, validate plaintext length in gss_unwrap, and prevent IOV unwrap header buffer overrun - CVE-2024-37370 - CVE-2024-37371

0 tuxcare-debian10-els krb5-admin-server_1.17-3+deb10u6+tuxcare.els1_amd64.deb 2e6559065a21cbbff6f46fd7da95ecba1a63c08f krb5-doc_1.17-3+deb10u6+tuxcare.els1_all.deb 698695fed118f914fa9ff9144ef27071bc42b31d krb5-gss-samples_1.17-3+deb10u6+tuxcare.els1_amd64.deb d6adba1f9e6485d6a2db0ca848ccc706f3d0a8e1 krb5-k5tls_1.17-3+deb10u6+tuxcare.els1_amd64.deb 6e0e52f461ba4a23631685d30ce22023c1ec4ca0 krb5-kdc_1.17-3+deb10u6+tuxcare.els1_amd64.deb 41233ea900afdf4b98af51bcaa442aee412f4b4c krb5-kdc-ldap_1.17-3+deb10u6+tuxcare.els1_amd64.deb 540b8b85450fbb198393c595169e3cc6e629de8f krb5-kpropd_1.17-3+deb10u6+tuxcare.els1_amd64.deb e1e3b3e0755cee67f9be44dcf066304d9144a97b krb5-locales_1.17-3+deb10u6+tuxcare.els1_all.deb 6041dbfc369aaa3c8dd67f5faaf11f4414d01290 krb5-multidev_1.17-3+deb10u6+tuxcare.els1_amd64.deb 68cdf064b11df5ab3e5d095bd948eb91f563958f krb5-otp_1.17-3+deb10u6+tuxcare.els1_amd64.deb 8721b5b02d468baad8cecb7663907c1a46a5cd71 krb5-pkinit_1.17-3+deb10u6+tuxcare.els1_amd64.deb fdb331721bd010b882619a969aaf3256186ee918 krb5-user_1.17-3+deb10u6+tuxcare.els1_amd64.deb caceb36b87f2d7c70f3295b5c9cbac4f5a5c8ddd libgssapi-krb5-2_1.17-3+deb10u6+tuxcare.els1_amd64.deb 35663b5cade74614507f1dc0d7dfba08d7145d4b libgssrpc4_1.17-3+deb10u6+tuxcare.els1_amd64.deb d9266cb49260465cded3b3f02a988a4a35920d6c libk5crypto3_1.17-3+deb10u6+tuxcare.els1_amd64.deb 1a2c0024632f3af0fb19d51cbacae74030bcda3b libkadm5clnt-mit11_1.17-3+deb10u6+tuxcare.els1_amd64.deb 6f40a6fab8bb4daa351ea5e77de5911c9bce865c libkadm5srv-mit11_1.17-3+deb10u6+tuxcare.els1_amd64.deb 34c6f62081e403f82b9dcf33b45be8c232341316 libkdb5-9_1.17-3+deb10u6+tuxcare.els1_amd64.deb 07fa1125543b019f96baf6e16e068ccaaa92b088 libkrad-dev_1.17-3+deb10u6+tuxcare.els1_amd64.deb 263dcff0a3c8f21c7d29d6ea3cc0d845cb14672f libkrad0_1.17-3+deb10u6+tuxcare.els1_amd64.deb c6c57482423708d2725547a24b3a24371e385108 libkrb5-3_1.17-3+deb10u6+tuxcare.els1_amd64.deb baa5dbc26f1905ea8eb7841ebaba28eadb6e93cb libkrb5-dev_1.17-3+deb10u6+tuxcare.els1_amd64.deb 42c6f552fece32cd502a46deed68d7f09bcc9fc8 libkrb5support0_1.17-3+deb10u6+tuxcare.els1_amd64.deb fa1232660e9193d792702ab3e0ed754136f713bf CLSA-2026:1773161124 TuxCare License Agreement 0 * SECURITY UPDATE: acceptance of hosts not listed in specified known_hosts file during SSH-based transfers - debian/patches/CVE-2025-15079.patch: Set both knownhosts options to same file and fix surprises caused by libssh exposing separate KNOWNHOSTS and GLOBAL_KNOWNHOSTS options. - CVE-2025-15079 * Regenerate Server-localhost-lastSAN-sv test certificate with SHA-256 - debian/patches/regenerate-lastSAN-cert-sha256.patch: Fix "ca md too weak" error with OpenSSL 1.1.1+ by replacing SHA-1 signed certificate with SHA-256. Also fixes Makefile.am bug for lastSAN target. * Update failed test - debian/patches/26_CVE-2021-22876.patch: Update test to avoid using unsupported commands * Update failed test - debian/patches/fix-test323-errorcode.patch: two valid error codes now * Disable some tests - debian/rules: add option to disable tests marked as flaky, fail the build if any test fails - debian/patches/add-flaky-to-test1592.patch: mark test1592 as flaky - debian/patches/disable-nss-failing-tests.patch: libnsspem.so is not available on Debian 10 * Remove unsupported test: - debian/patches/test8-verify-that-ctrl-byte-cookies-are-ignored.patch: no ctrl-byte-cookies are supported Low Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: acceptance of hosts not listed in specified known_hosts file during SSH-based transfers - debian/patches/CVE-2025-15079.patch: Set both knownhosts options to same file and fix surprises caused by libssh exposing separate KNOWNHOSTS and GLOBAL_KNOWNHOSTS options. - CVE-2025-15079 * Regenerate Server-localhost-lastSAN-sv test certificate with SHA-256 - debian/patches/regenerate-lastSAN-cert-sha256.patch: Fix "ca md too weak" error with OpenSSL 1.1.1+ by replacing SHA-1 signed certificate with SHA-256. Also fixes Makefile.am bug for lastSAN target. * Update failed test - debian/patches/26_CVE-2021-22876.patch: Update test to avoid using unsupported commands * Update failed test - debian/patches/fix-test323-errorcode.patch: two valid error codes now * Disable some tests - debian/rules: add option to disable tests marked as flaky, fail the build if any test fails - debian/patches/add-flaky-to-test1592.patch: mark test1592 as flaky - debian/patches/disable-nss-failing-tests.patch: libnsspem.so is not available on Debian 10 * Remove unsupported test: - debian/patches/test8-verify-that-ctrl-byte-cookies-are-ignored.patch: no ctrl-byte-cookies are supported

0 tuxcare-debian10-els curl_7.64.0-4+deb10u9+tuxcare.els2_amd64.deb 89851431a7d5b5a442403649d2976f1e7d002373 libcurl3-gnutls_7.64.0-4+deb10u9+tuxcare.els2_amd64.deb 8cefbd9cd4ec628b2d29251391d6d07221b6d101 libcurl3-nss_7.64.0-4+deb10u9+tuxcare.els2_amd64.deb d7945a7065efdf890c72280f3c15d03d4dcffd95 libcurl4_7.64.0-4+deb10u9+tuxcare.els2_amd64.deb 6949ad359e25dbce4975d35e2614950b785e1810 libcurl4-doc_7.64.0-4+deb10u9+tuxcare.els2_all.deb 84b3c7382e52bdf7b4238fcebd34e72b6c2edda5 libcurl4-gnutls-dev_7.64.0-4+deb10u9+tuxcare.els2_amd64.deb 500de9ca945078b0fddf08a1cf4b6d8f1265ed9b libcurl4-nss-dev_7.64.0-4+deb10u9+tuxcare.els2_amd64.deb 1facfd0b0c276b9fa5b6f75eec5ff4a04de262a7 libcurl4-openssl-dev_7.64.0-4+deb10u9+tuxcare.els2_amd64.deb e0a7ed926796b4bee43de390ebbe3351458c0bc7 CLSA-2026:1773782865 TuxCare License Agreement 0 * New microcode update packages from upstream up to 2026-02-21: - Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A00F11(ver:0x0A0011D5), cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A00F12(ver:0x0A001247), cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A10F11(ver:0x0A101158), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109), cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211), cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012), cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108), cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008), cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F01(ver:0x0AA00116), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00AA0F02(ver:0x0AA0021C); - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121), cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037), cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108), cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038), cpuid:0x00B70F00(ver:0x0B700037); - Addition AMD CPU microcode for processor family 0x17: cpuid:0x00870F10(ver:0x08701034), cpuid:0x00830F10(ver:0x0830107C), cpuid:0x00860F01(ver:0x0860010D), cpuid:0x008A0F00(ver:0x08A0000A), cpuid:0x00860F81(ver:0x08608108); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00800F82(ver:0x0800820D); None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* New microcode update packages from upstream up to 2026-02-21: - Addition AMD CPU microcode for processor family 0x19: cpuid:0x00A00F10(ver:0x0A00107A), cpuid:0x00A00F11(ver:0x0A0011D5), cpuid:0x00A00F11(ver:0x0A0011DE), cpuid:0x00A00F12(ver:0x0A001238), cpuid:0x00A00F12(ver:0x0A001247), cpuid:0x00A00F82(ver:0x0A00820D), cpuid:0x00A10F11(ver:0x0A101148), cpuid:0x00A10F11(ver:0x0A101158), cpuid:0x00A10F12(ver:0x0A101248), cpuid:0x00A10F12(ver:0x0A101253), cpuid:0x00A10F81(ver:0x0A108109), cpuid:0x00A20F10(ver:0x0A20102E), cpuid:0x00A20F12(ver:0x0A201211), cpuid:0x00A40F41(ver:0x0A404108), cpuid:0x00A50F00(ver:0x0A500012), cpuid:0x00A60F12(ver:0x0A60120A), cpuid:0x00A70F41(ver:0x0A704108), cpuid:0x00A70F52(ver:0x0A705208), cpuid:0x00A70F80(ver:0x0A708008), cpuid:0x00A70FC0(ver:0x0A70C008), cpuid:0x00AA0F01(ver:0x0AA00116), cpuid:0x00AA0F02(ver:0x0AA00215), cpuid:0x00AA0F02(ver:0x0AA0021C); - Addition AMD CPU microcode for processor family 0x1a: cpuid:0x00B00F21(ver:0x0B002161), cpuid:0x00B00F81(ver:0x0B008121), cpuid:0x00B10F10(ver:0x0B101058), cpuid:0x00B20F40(ver:0x0B204037), cpuid:0x00B40F40(ver:0x0B404035), cpuid:0x00B40F41(ver:0x0B404108), cpuid:0x00B60F00(ver:0x0B600037), cpuid:0x00B60F80(ver:0x0B608038), cpuid:0x00B70F00(ver:0x0B700037); - Addition AMD CPU microcode for processor family 0x17: cpuid:0x00870F10(ver:0x08701034), cpuid:0x00830F10(ver:0x0830107C), cpuid:0x00860F01(ver:0x0860010D), cpuid:0x008A0F00(ver:0x08A0000A), cpuid:0x00860F81(ver:0x08608108); - Update AMD CPU microcode for processor family 0x17: cpuid:0x00800F12(ver:0x0800126F), cpuid:0x00800F82(ver:0x0800820D);

0 tuxcare-debian10-els amd64-microcode_3.20260221.1+tuxcare.els1_amd64.deb deafbbd3e02de59d90cf3822719eed0ebb850f52 CLSA-2026:1773784132 TuxCare License Agreement 0 * Port to Debian 10 (buster) with renamed libraries to avoid conflicts with system PostgreSQL packages. * Rename library packages to allow coexistence with other PostgreSQL versions: - libpq5 -> libpq5-9.6 (library: libpq-9.6.so.5) - libpq-dev -> libpq-dev-9.6 - libecpg6 -> libecpg6-9.6 (library: libecpg-9.6.so.6) - libecpg-dev -> libecpg-dev-9.6 - libecpg-compat3 -> libecpg-compat3-9.6 (library: libecpg_compat-9.6.so.3) - libpgtypes3 -> libpgtypes3-9.6 (library: libpgtypes-9.6.so.3) * Add patch rename-libraries-to-avoid-conflicts.patch to change library SONAMEs so they don't conflict with system libraries. * Library packages can be installed alongside Debian 10's PostgreSQL 11 libraries. * Add conflicts with postgresql-11 and postgresql-client-11 to prevent simultaneous installation of server/client with Debian 10's default PostgreSQL (libraries can still coexist). None Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* Port to Debian 10 (buster) with renamed libraries to avoid conflicts with system PostgreSQL packages. * Rename library packages to allow coexistence with other PostgreSQL versions: - libpq5 -> libpq5-9.6 (library: libpq-9.6.so.5) - libpq-dev -> libpq-dev-9.6 - libecpg6 -> libecpg6-9.6 (library: libecpg-9.6.so.6) - libecpg-dev -> libecpg-dev-9.6 - libecpg-compat3 -> libecpg-compat3-9.6 (library: libecpg_compat-9.6.so.3) - libpgtypes3 -> libpgtypes3-9.6 (library: libpgtypes-9.6.so.3) * Add patch rename-libraries-to-avoid-conflicts.patch to change library SONAMEs so they don't conflict with system libraries. * Library packages can be installed alongside Debian 10's PostgreSQL 11 libraries. * Add conflicts with postgresql-11 and postgresql-client-11 to prevent simultaneous installation of server/client with Debian 10's default PostgreSQL (libraries can still coexist).

0 tuxcare-debian10-els libecpg-compat3-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 4d219bd67f3f6294ddb4a82c041e7dd32e7419c1 libecpg-dev-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 2ab528cc14c01b96cacdfb31a1d43896897ef6d3 libecpg6-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 9e36a0b0083d878c026b1f8d75191cf9f8cb6a16 libpgtypes3-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 2a427f199a4f55638a517d374c3a3835571a58ac libpq-dev-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 6647e6cf2ab20d7345394579a70dc4a8aaa362a4 libpq5-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 42a52c0d676e76dfa5febc3c9ab123c1794b1aae postgresql-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb ef27c2f2d9e075497d85c72c79bc7d3061ca3add postgresql-client-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 383eac39927af8ae98986e3f92591a716ec04fad postgresql-contrib-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 90338052bedd31d901f6ba9f133d41e52e344e6a postgresql-doc-9.6_9.6.24-0+deb10u1+tuxcare.els1_all.deb a69bae1a522d76f45f7c531ec906271a03e4df82 postgresql-plperl-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 0ae2496b4cef1432038a4db307048cbcde83aec3 postgresql-plpython-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb f80176dcb5b42767a1b424924c89315541cdb8ff postgresql-plpython3-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 88b2c4ed7dde868726789ccdaccd7e2ba13d193b postgresql-pltcl-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 51f0880b86bbf24888571e700036d3179fbfc28c postgresql-server-dev-9.6_9.6.24-0+deb10u1+tuxcare.els1_amd64.deb 2be46a541d6a2c4534537354ede1e5491a0ed84a CLSA-2026:1774260216 TuxCare License Agreement 0 * SECURITY UPDATE: reuse of connections using HTTP Negotiate - debian/patches/CVE-2026-1965.patch: fix reuse of connections using HTTP Negotiate and fix copy and paste url_match_auth_nego mistake. - CVE-2026-1965 * Bearer token sent without checking auth is allowed - debian/patches/CVE-2026-3783.patch: only send bearer if auth is allowed. - CVE-2026-3783 * Proxy credential reuse across different credentials - debian/patches/CVE-2026-3784.patch: compare proxy credentials in proxy_info_matches to prevent connection reuse with wrong auth. - CVE-2026-3784 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: reuse of connections using HTTP Negotiate - debian/patches/CVE-2026-1965.patch: fix reuse of connections using HTTP Negotiate and fix copy and paste url_match_auth_nego mistake. - CVE-2026-1965 * Bearer token sent without checking auth is allowed - debian/patches/CVE-2026-3783.patch: only send bearer if auth is allowed. - CVE-2026-3783 * Proxy credential reuse across different credentials - debian/patches/CVE-2026-3784.patch: compare proxy credentials in proxy_info_matches to prevent connection reuse with wrong auth. - CVE-2026-3784

0 tuxcare-debian10-els curl_7.64.0-4+deb10u9+tuxcare.els3_amd64.deb 97c75240669e95d5c51397a76d3e6c94446cb506 libcurl3-gnutls_7.64.0-4+deb10u9+tuxcare.els3_amd64.deb 480f4c99d18b018ccae7546164152c4167a7b02c libcurl3-nss_7.64.0-4+deb10u9+tuxcare.els3_amd64.deb 65f8c5835c5ae77542093f1641d180a1c1edf650 libcurl4_7.64.0-4+deb10u9+tuxcare.els3_amd64.deb 908a61c5f54078a4905f70aaf1627064de4905fc libcurl4-doc_7.64.0-4+deb10u9+tuxcare.els3_all.deb d6df046b2689cef25595212e1fadfde9a5a3d519 libcurl4-gnutls-dev_7.64.0-4+deb10u9+tuxcare.els3_amd64.deb 65c397f3bed0fafae637fd0c486770817ce0102a libcurl4-nss-dev_7.64.0-4+deb10u9+tuxcare.els3_amd64.deb 1f9a0532ca196e0e6eb7e09fdee0f7333b4d2172 libcurl4-openssl-dev_7.64.0-4+deb10u9+tuxcare.els3_amd64.deb c37f1956b8bf623c4b9110ebc2876562e523bfd2 CLSA-2026:1774283473 TuxCare License Agreement 0 * SECURITY UPDATE: Improve determination of buffer size bufSize in function doContent - debian/patches/CVE-2026-25210.patch: fix integer overflow in doContent tag buffer reallocation - CVE-2026-25210 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Improve determination of buffer size bufSize in function doContent - debian/patches/CVE-2026-25210.patch: fix integer overflow in doContent tag buffer reallocation - CVE-2026-25210

0 tuxcare-debian10-els expat_2.2.6-2+deb10u7+tuxcare.els3_amd64.deb 122f93bc2cf48ef64bf764d282ff39fbbd3febdb libexpat1_2.2.6-2+deb10u7+tuxcare.els3_amd64.deb 0168f309b34e4a8fdab1a1b2f1d8a5f31786036c libexpat1-dev_2.2.6-2+deb10u7+tuxcare.els3_amd64.deb 61ac939da0cba1ad6361fe9ed6f1922add4e06c3 CLSA-2026:1774426919 TuxCare License Agreement 0 * SECURITY UPDATE: SNI hostname not stored for NIO2 and APR connectors - debian/patches/CVE-2025-66614.patch: store SNI hostname for NIO2 and APR connections so that SNI checks are not bypassed - CVE-2025-66614 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: SNI hostname not stored for NIO2 and APR connectors - debian/patches/CVE-2025-66614.patch: store SNI hostname for NIO2 and APR connections so that SNI checks are not bypassed - CVE-2025-66614

0 tuxcare-debian10-els libtomcat9-embed-java_9.0.31-1~deb10u12+tuxcare.els4_all.deb 9c69548e267d3e151122ec3b278c3e97dcdd4539 libtomcat9-java_9.0.31-1~deb10u12+tuxcare.els4_all.deb ffa0ccd4daea3521924240120e55ff46316a3071 tomcat9_9.0.31-1~deb10u12+tuxcare.els4_all.deb 8d9301a6a36d2009a9dffb48baeca9635316f693 tomcat9-admin_9.0.31-1~deb10u12+tuxcare.els4_all.deb 5b47f54f3c896b3d625e07e94437fa1a6e1cb01e tomcat9-common_9.0.31-1~deb10u12+tuxcare.els4_all.deb 4751bbaaa2386dd977d668a977d6ea378e7db9f0 tomcat9-docs_9.0.31-1~deb10u12+tuxcare.els4_all.deb 79fdc8f6a238edc1b67b7cddf5bb173fa6c57399 tomcat9-examples_9.0.31-1~deb10u12+tuxcare.els4_all.deb 840388ba182195ff827b2fe525046162cbd869c7 tomcat9-user_9.0.31-1~deb10u12+tuxcare.els4_all.deb b9ad502bc1572491f7c2816d4c2d3b691216ba9a CLSA-2026:1774526052 TuxCare License Agreement 0 * SECURITY UPDATE: Crash when recovering a corrupted swap file - debian/patches/CVE-2026-28421.patch: add bounds checks in swap file recovery to prevent heap-buffer-overflow and SEGV from crafted swap files - CVE-2026-28421 * SECURITY UPDATE: Command injection via crafted netrw URIs - debian/patches/CVE-2026-28417.patch: fix command injection in netrw via crafted scp:// URIs by adding strict hostname validation and shellescape() - CVE-2026-28417 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Crash when recovering a corrupted swap file - debian/patches/CVE-2026-28421.patch: add bounds checks in swap file recovery to prevent heap-buffer-overflow and SEGV from crafted swap files - CVE-2026-28421 * SECURITY UPDATE: Command injection via crafted netrw URIs - debian/patches/CVE-2026-28417.patch: fix command injection in netrw via crafted scp:// URIs by adding strict hostname validation and shellescape() - CVE-2026-28417

0 tuxcare-debian10-els vim_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb e288e204fa1e269dbf7abcf090ed5d9bcdec30f0 vim-athena_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb 656267ab7270fa293a8b3f97a4f03483a6218de6 vim-common_8.1.0875-5+deb10u6+tuxcare.els16_all.deb ed90cd2ca4f5c784c1c7342f6d7d72535107c3b1 vim-doc_8.1.0875-5+deb10u6+tuxcare.els16_all.deb 4113966a9d8f7725f71d92ac69a053d8cfa0eda6 vim-gtk_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb 1dddc1c860405a7ffe713fb1853355a19ba6c670 vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb f3f77b58aedbec873260d9d629c2eaf5f969174f vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els16_all.deb 0557127776d7694f6207b1abf87ef9fbdc23c87c vim-nox_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb 738b2d5cfbed2d59d12a763076d5f8a7889679ac vim-runtime_8.1.0875-5+deb10u6+tuxcare.els16_all.deb a70c8295818fdb0ed4ffe376e73ac6a9f669c98b vim-tiny_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb 5b4043c5a47679e889bea4b2ed82b319f843c494 xxd_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb 27675dd5097ea0c62004e7bd41786e32af7076b2 CLSA-2026:1774947465 TuxCare License Agreement 0 * SECURITY UPDATE: Denial of Service in ICP request handling via double rfc1738_escape() call causing heap use-after-free - debian/patches/CVE-2026-33526.patch: Remove redundant rfc1738_escape() call in icpGetRequest() - CVE-2026-33526 * SECURITY UPDATE: Denial of Service in ICP v3 query handling via use-after-free of HttpRequest object - debian/patches/CVE-2026-32748.patch: Add proper HTTPMSGLOCK/HTTPMSGUNLOCK to doV3Query() to match doV2Query() locking pattern - CVE-2026-32748 * SECURITY UPDATE: Out-of-bounds read in ICP message handling allows information disclosure - debian/patches/CVE-2026-33515.patch: Add icpGetUrl() validation function to check packet bounds and NUL-termination of URLs in ICP messages - CVE-2026-33515 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: Denial of Service in ICP request handling via double rfc1738_escape() call causing heap use-after-free - debian/patches/CVE-2026-33526.patch: Remove redundant rfc1738_escape() call in icpGetRequest() - CVE-2026-33526 * SECURITY UPDATE: Denial of Service in ICP v3 query handling via use-after-free of HttpRequest object - debian/patches/CVE-2026-32748.patch: Add proper HTTPMSGLOCK/HTTPMSGUNLOCK to doV3Query() to match doV2Query() locking pattern - CVE-2026-32748 * SECURITY UPDATE: Out-of-bounds read in ICP message handling allows information disclosure - debian/patches/CVE-2026-33515.patch: Add icpGetUrl() validation function to check packet bounds and NUL-termination of URLs in ICP messages - CVE-2026-33515

0 tuxcare-debian10-els squid_4.6-1+deb10u10+tuxcare.els4_amd64.deb fbd8bd2f199de7fc49df2d9b7a46cc28f1568b5d squid-cgi_4.6-1+deb10u10+tuxcare.els4_amd64.deb 466108633c86276ff1af9d42559f1b8800f354be squid-common_4.6-1+deb10u10+tuxcare.els4_all.deb 06315839150619eef4f57a8eb74c0df074ca1afd squid-purge_4.6-1+deb10u10+tuxcare.els4_amd64.deb fde27d9a1be6144bc323ba03c0609e44c1f41466 squid3_4.6-1+deb10u10+tuxcare.els4_all.deb 10d8ca8573e9e47986ca387775224c19e07b52d4 squidclient_4.6-1+deb10u10+tuxcare.els4_amd64.deb 2e9dde0eeb6f9e3288c77543ae6b9ad3ca9ae803 CLSA-2026:1776159098 TuxCare License Agreement 0 * SECURITY UPDATE: signature verification DoS via malicious subkey - debian/patches/CVE-2025-30258.patch: require signing usage when looking up public key for signature verification, filtering out subkeys without valid backsig. Include upstream regression fixes to preserve verification of signatures from expired/revoked keys. Widen pubkey_usage and req_usage fields from byte to u16 to prevent PUBKEY_USAGE_VERIFY (16384) from being truncated on GnuPG 2.2.x. Add primary-key-only lookup during import to prevent malicious subkey attack at import time. Fix double-free in check_signature_over_key_or_uid when signer is caller-owned. - CVE-2025-30258 Moderate Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: signature verification DoS via malicious subkey - debian/patches/CVE-2025-30258.patch: require signing usage when looking up public key for signature verification, filtering out subkeys without valid backsig. Include upstream regression fixes to preserve verification of signatures from expired/revoked keys. Widen pubkey_usage and req_usage fields from byte to u16 to prevent PUBKEY_USAGE_VERIFY (16384) from being truncated on GnuPG 2.2.x. Add primary-key-only lookup during import to prevent malicious subkey attack at import time. Fix double-free in check_signature_over_key_or_uid when signer is caller-owned. - CVE-2025-30258

0 tuxcare-debian10-els dirmngr_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb 9f7193778db5aea55707c09aeb4c45ada0291514 gnupg_2.2.12-1+deb10u2+tuxcare.els2_all.deb 199cde1d738f0f72527836865b2c3ec01ef1098e gnupg-agent_2.2.12-1+deb10u2+tuxcare.els2_all.deb 5d2c1e812bfbb228f149b6e4fb6e015d391f320c gnupg-l10n_2.2.12-1+deb10u2+tuxcare.els2_all.deb 6d2444c4a6da540317e070c268b18a10fdbff00a gnupg-utils_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb d966e6e453f49d407900bb48758c64f0ff89b84c gnupg2_2.2.12-1+deb10u2+tuxcare.els2_all.deb b48eca80f9fd6995d77568f631d64481c660a685 gpg_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb 0b14ddbcc0d4ca970e5f3056f829f58e97fdee50 gpg-agent_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb b6a5576de42822d15f885afcb05c831392d09903 gpg-wks-client_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb 485341eb249c8fe33fa5eed69a719a9f3f823ac4 gpg-wks-server_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb 03c50b85002c0f22284e97a68884e9ab6e87e27d gpgconf_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb c53d1c771077f6689253f039fb78604659a75d4c gpgsm_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb 1359d1dcecc93faee4ae5660d5ef2a2b5807591a gpgv_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb 816ff192f1af1f5a039ed16b6bd9ba770f153f05 gpgv-static_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb 2d8fa840178d76bd3028b33bf0b34c386b3b5f00 gpgv-win32_2.2.12-1+deb10u2+tuxcare.els2_all.deb 8f6f33895dda0655c8551b02a92efc9d19d5b074 gpgv2_2.2.12-1+deb10u2+tuxcare.els2_all.deb 6bce4709acd3ec991ab57a98491f198bf29215c1 scdaemon_2.2.12-1+deb10u2+tuxcare.els2_amd64.deb 04b54c4dbe52e856d6a2037a753e3e975f8a2a98 CLSA-2026:1776177493 TuxCare License Agreement 0 * SECURITY UPDATE: fix heap-based buffer overflow in _bfd_elf_parse_eh_frame - debian/patches/CVE-2025-11082.patch: add bounds check before reading buf[1] in the legacy "eh" CIE path - CVE-2025-11082 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix heap-based buffer overflow in _bfd_elf_parse_eh_frame - debian/patches/CVE-2025-11082.patch: add bounds check before reading buf[1] in the legacy "eh" CIE path - CVE-2025-11082

0 tuxcare-debian10-els binutils_2.31.1-16+tuxcare.els10_amd64.deb 0aba913c14fe4ca890ef317cbc9f48c631a99b40 binutils-aarch64-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 498ae58bf5e5a74f789fa22e4e2713c13772d683 binutils-alpha-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb d13c2cfef369531fb3fb87d9a7297eefc79187c4 binutils-arm-linux-gnueabi_2.31.1-16+tuxcare.els10_amd64.deb 3a66077765355cf087871b54225c495999a1bb9e binutils-arm-linux-gnueabihf_2.31.1-16+tuxcare.els10_amd64.deb 0a8768d3960944469a7d2b6daf10c1ddbb19c522 binutils-common_2.31.1-16+tuxcare.els10_amd64.deb a21019f0af74c3430783222c5f0781a3b8169697 binutils-dev_2.31.1-16+tuxcare.els10_amd64.deb 19784bf09722c263d7b8330f9ad3a1a746e91cd5 binutils-doc_2.31.1-16+tuxcare.els10_all.deb e3df8253190ef35dc159cb44cd921ac791daa011 binutils-for-build_2.31.1-16+tuxcare.els10_all.deb 8605229f7ca206c3eabf390d13bedbb109a7845f binutils-for-host_2.31.1-16+tuxcare.els10_amd64.deb 3b0418148e29ae191c5b773ce039eb03e3dbb764 binutils-hppa-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 64f69ed3cf2ae9ae835892728041445bdfbbbec4 binutils-hppa64-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 7f8a61d57c3fdd8e7b2283f56e2dacbcd5e73a1e binutils-i686-gnu_2.31.1-16+tuxcare.els10_amd64.deb 6ee187dafb5765c1f1041d65aebd2ddb12c22337 binutils-i686-kfreebsd-gnu_2.31.1-16+tuxcare.els10_amd64.deb 0b2c0b4dd132cb526262df8ec7e7df97a7d83fc2 binutils-i686-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 537254f3983d7acc1af8540d5ae133d37e674a2f binutils-ia64-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb f32a465caa0bfa62ea8d78f6e755b04cfe41f258 binutils-m68k-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 4866a9ca64d99ba207ef3913e78f7fd9b1ffd458 binutils-mips-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 7c7246976ff3adf5d312abcf52fed4da868c4730 binutils-mips64el-linux-gnuabi64_2.31.1-16+tuxcare.els10_amd64.deb af3521c3a884e3f8fa466a78b776cd0ca0eb7f40 binutils-mipsel-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb fe6abaa9d4deb6c87d7feea384e891c0945b994b binutils-multiarch_2.31.1-16+tuxcare.els10_amd64.deb e1ab7d3287ab730c143c1506be29bbe6b3adce33 binutils-multiarch-dev_2.31.1-16+tuxcare.els10_amd64.deb 02fe354213c59ebc9890be8f7129901d072c2b10 binutils-powerpc-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 858e4300b886091c0cd74466d37edc99f28bf55b binutils-powerpc-linux-gnuspe_2.31.1-16+tuxcare.els10_amd64.deb dc8465fce5377b74b05f1dc8e30ea6a339e7c6fe binutils-powerpc64-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 69ae33aa95c57f3976f71e0ba3ed7746feb83bba binutils-powerpc64le-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb d944da8cb0fa16674518dfd862ab46b36d6baeb7 binutils-riscv64-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 8f6c5565b6f6b4334e3a57017b1df9c7948e961a binutils-s390x-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb c5e23541b11b222fa380852fed24a89fead9afc1 binutils-sh4-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb df954725723863af3543817ab9ef653b85dd2c19 binutils-source_2.31.1-16+tuxcare.els10_all.deb 76cbc04c8698a05f38697dbedc4bb8958c2e8e39 binutils-sparc64-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb cbc67e713e4045bf6a713276b80b205ec8652e35 binutils-x86-64-kfreebsd-gnu_2.31.1-16+tuxcare.els10_amd64.deb bcbf15132b30164176a515ad6b21e60f71ff7018 binutils-x86-64-linux-gnu_2.31.1-16+tuxcare.els10_amd64.deb 27d43a551d43f17a60ff86bd168fc8296fdb30d0 binutils-x86-64-linux-gnux32_2.31.1-16+tuxcare.els10_amd64.deb 651c2e4c17b6cd430498abf78a2b0a16558ff860 libbinutils_2.31.1-16+tuxcare.els10_amd64.deb 566e5fed399bf004331dd1804c92d2d0bd1cb990 CLSA-2026:1776178825 TuxCare License Agreement 0 * SECURITY UPDATE: fix vulnerability in stream handling - debian/patches/CVE-2025-53019.patch: fix vulnerability in stream handling - CVE-2025-53019 * SECURITY UPDATE: fix integer overflow in resize - debian/patches/CVE-2025-55212.patch: fix integer overflow in resize - CVE-2025-55212 * SECURITY UPDATE: fix heap-based buffer overflow in image processing - debian/patches/CVE-2025-55298.patch: fix heap-based buffer overflow in image processing - CVE-2025-55298 * SECURITY UPDATE: fix buffer overflow in BMP coder - debian/patches/CVE-2025-57803.patch: fix buffer overflow in BMP coder - CVE-2025-57803 * SECURITY UPDATE: fix vulnerability in PNG coder - debian/patches/CVE-2025-55154.patch: fix vulnerability in PNG coder - CVE-2025-55154 * SECURITY UPDATE: fix buffer overflow in BMP coder on 32-bit systems - debian/patches/CVE-2025-62171.patch: fix buffer overflow in BMP coder on 32-bit systems - CVE-2025-62171 * SECURITY UPDATE: fix stack overflow via infinite recursion in MSL and SVG coders - debian/patches/CVE-2025-68618.patch: fix stack overflow via infinite recursion in MSL and SVG coders - CVE-2025-68618 * SECURITY UPDATE: fix denial of service in SVG coder - debian/patches/CVE-2025-69204.patch: fix denial of service in SVG coder - CVE-2025-69204 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix vulnerability in stream handling - debian/patches/CVE-2025-53019.patch: fix vulnerability in stream handling - CVE-2025-53019 * SECURITY UPDATE: fix integer overflow in resize - debian/patches/CVE-2025-55212.patch: fix integer overflow in resize - CVE-2025-55212 * SECURITY UPDATE: fix heap-based buffer overflow in image processing - debian/patches/CVE-2025-55298.patch: fix heap-based buffer overflow in image processing - CVE-2025-55298 * SECURITY UPDATE: fix buffer overflow in BMP coder - debian/patches/CVE-2025-57803.patch: fix buffer overflow in BMP coder - CVE-2025-57803 * SECURITY UPDATE: fix vulnerability in PNG coder - debian/patches/CVE-2025-55154.patch: fix vulnerability in PNG coder - CVE-2025-55154 * SECURITY UPDATE: fix buffer overflow in BMP coder on 32-bit systems - debian/patches/CVE-2025-62171.patch: fix buffer overflow in BMP coder on 32-bit systems - CVE-2025-62171 * SECURITY UPDATE: fix stack overflow via infinite recursion in MSL and SVG coders - debian/patches/CVE-2025-68618.patch: fix stack overflow via infinite recursion in MSL and SVG coders - CVE-2025-68618 * SECURITY UPDATE: fix denial of service in SVG coder - debian/patches/CVE-2025-69204.patch: fix denial of service in SVG coder - CVE-2025-69204

0 tuxcare-debian10-els imagemagick_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb bc11d6cbd76458b24059f9c18f5d80a4a5fc13d6 imagemagick-6-common_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb 69135e92e6774c76d020534570452b6b539b20a5 imagemagick-6-doc_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb 565283cba4898c4454d6a4a0e0492d851c25accf imagemagick-6.q16_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 51122accdb3024bbd61e0598ae3cf83d51978190 imagemagick-6.q16hdri_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb b6acb0653ff07bd796a1b235757104a87f247450 imagemagick-common_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb 246ac87a238634c75219c218b08673b46f13383a imagemagick-doc_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb 45d3c9a1c1df9ecd9e20acc8c1609ad1db611291 libimage-magick-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb eb35ec30be6f00954f3eb392b11e731d1a2f0a20 libimage-magick-q16-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 3332bc805e852a124942820d39a123101d9185fd libimage-magick-q16hdri-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 49590a79eda6ea44bceef1ce4a9c81a1fc557a3f libmagick++-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb 1d287d966e1fe144d6e97d804d50a0347f55f099 libmagick++-6.q16-8_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 87e6cd232405a8c1b669bab56446d3e8e83baefe libmagick++-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 9bd78eadf52ebc6b4c5001b68a510eb54604f3be libmagick++-6.q16hdri-8_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 9295d9d744869297b5be24c5d8804b8abaf64349 libmagick++-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb c3587917667017653a610fc0829fcbcb1858ba59 libmagick++-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb 31e73cbfefbe0f996d2b40bc705ee29407a653fb libmagickcore-6-arch-config_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 7460d5984d6f06e37706da8943ac4997e01a832f libmagickcore-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb e92bccbf1bf1f99e9280b543a62daa49bdca7cc5 libmagickcore-6.q16-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb a94d68551cb65ebc5be2ba23a1f3977126a1b493 libmagickcore-6.q16-6-extra_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 438c809f075feb40fda35583b64a85eff04daa02 libmagickcore-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb d75b816b090dc10c88b63ff8546d522dec5487f4 libmagickcore-6.q16hdri-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 4c346ffa84bf5b7601d8e98b13e8c22620f0a10f libmagickcore-6.q16hdri-6-extra_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb e4441950e813f605375c56ce656fd3f15257601a libmagickcore-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 80b94a239be97baa91f5292efdad1c57ab3973da libmagickcore-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb 38a02e467a6ac9179e5c29fad2abf817e404e8bc libmagickwand-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb 03ebbc53793eb68cd36066c14a36d7c1ce7ea6ee libmagickwand-6.q16-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb cb0df94de2ad2fca1e19bd35063cb1bae0b7786f libmagickwand-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb 8fd077a47f3b28b993bb5976073ae3bf92eb370d libmagickwand-6.q16hdri-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb a639d8a9caff19d19e93cb2648e43920f9fe2d28 libmagickwand-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_amd64.deb df53cd9cbac8b31ab2a9aa202c84b6b3be15584e libmagickwand-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb ab72e34b88eed67082c695e4f4164e724c6563a0 perlmagick_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els2_all.deb e55680e72ea0c2b3e4a131d6ca8eef7f7087845a CLSA-2026:1776179155 TuxCare License Agreement 0 * SECURITY UPDATE: fix division by zero in YUV coder - debian/patches/CVE-2026-25799.patch: fix division by zero in YUV coder - CVE-2026-25799 * SECURITY UPDATE: fix NULL pointer dereference in SFW coder - debian/patches/CVE-2026-25795.patch: fix NULL pointer dereference in SFW coder - CVE-2026-25795 * SECURITY UPDATE: fix infinite loop in META coder - debian/patches/CVE-2026-26066.patch: fix infinite loop in META coder - CVE-2026-26066 * SECURITY UPDATE: fix vulnerability in JPEG coder - debian/patches/CVE-2026-26283.patch: fix vulnerability in JPEG coder - CVE-2026-26283 * SECURITY UPDATE: fix NULL pointer dereference in cache handling - debian/patches/CVE-2026-25798.patch: fix NULL pointer dereference in cache handling - CVE-2026-25798 * SECURITY UPDATE: fix vulnerability in PSD coder - debian/patches/CVE-2026-24481.patch: fix vulnerability in PSD coder - CVE-2026-24481 * SECURITY UPDATE: fix vulnerability in stegano coder - debian/patches/CVE-2026-25796.patch: fix vulnerability in stegano coder - CVE-2026-25796 * SECURITY UPDATE: fix vulnerability in FX processing - debian/patches/CVE-2026-27798.patch: fix vulnerability in FX processing - CVE-2026-27798 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix division by zero in YUV coder - debian/patches/CVE-2026-25799.patch: fix division by zero in YUV coder - CVE-2026-25799 * SECURITY UPDATE: fix NULL pointer dereference in SFW coder - debian/patches/CVE-2026-25795.patch: fix NULL pointer dereference in SFW coder - CVE-2026-25795 * SECURITY UPDATE: fix infinite loop in META coder - debian/patches/CVE-2026-26066.patch: fix infinite loop in META coder - CVE-2026-26066 * SECURITY UPDATE: fix vulnerability in JPEG coder - debian/patches/CVE-2026-26283.patch: fix vulnerability in JPEG coder - CVE-2026-26283 * SECURITY UPDATE: fix NULL pointer dereference in cache handling - debian/patches/CVE-2026-25798.patch: fix NULL pointer dereference in cache handling - CVE-2026-25798 * SECURITY UPDATE: fix vulnerability in PSD coder - debian/patches/CVE-2026-24481.patch: fix vulnerability in PSD coder - CVE-2026-24481 * SECURITY UPDATE: fix vulnerability in stegano coder - debian/patches/CVE-2026-25796.patch: fix vulnerability in stegano coder - CVE-2026-25796 * SECURITY UPDATE: fix vulnerability in FX processing - debian/patches/CVE-2026-27798.patch: fix vulnerability in FX processing - CVE-2026-27798

0 tuxcare-debian10-els imagemagick_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb d36a42d5837a6eb565427a794148e1c12ba08b3f imagemagick-6-common_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb b8362d7ab3d4c5b12d445f2ff0843e874f3b34a9 imagemagick-6-doc_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb 015a6342845ea155e46dbadd7785edf242a9048b imagemagick-6.q16_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb f29d0e89e61f70fde13ffee4a4ad4aa24cfd2cc5 imagemagick-6.q16hdri_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb fc8630daadfc5036d31f49b11360a095fcae74d1 imagemagick-common_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb 68c793b3de8aef4f94a137002b5daf4c063f2825 imagemagick-doc_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb d0bd18c879edbd6ceef1b46740f6bc340fa75a4e libimage-magick-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb d46eaf7345a5a1fbcc85ce5ef490101c5b8e7918 libimage-magick-q16-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 27681cef324d8ce41bc1c9b48021b9ae0955aa38 libimage-magick-q16hdri-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 7aee80296099695ff9e3c7f1530a1ccf0a83a656 libmagick++-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb 0b1ad83f17b422ef0eb0772d8a9d3075e902e5f0 libmagick++-6.q16-8_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 5b84b3b7205f8b852c8f8916cf923cee13597e9b libmagick++-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 088ab24c1dd296bfc59d12f29ff65464043410b0 libmagick++-6.q16hdri-8_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb a2f1a3e262137c8460443e4f11fd357e37e3db33 libmagick++-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 40032108c7ec1172e23a78c86a4670b6fec48024 libmagick++-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb 0a1b3be0c757a3b190c1782e78bc17bc015cc429 libmagickcore-6-arch-config_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 55688c9499b81d1ba2f762147866ff9b971be330 libmagickcore-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb 15c31d59079f25d1638e3d8767c5090444077bfa libmagickcore-6.q16-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 508a2959e6095ef1de4af02ca025399636755936 libmagickcore-6.q16-6-extra_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 3b738b4aa94af2c2a4ec278cdfa778bc099fe115 libmagickcore-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 05eef9e01014d668300eb3a6bebb9491af5ef7c2 libmagickcore-6.q16hdri-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 617876b27db25f0ca055a2644886160eed9516d9 libmagickcore-6.q16hdri-6-extra_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 3e7f43a85f5450060c8d17ed3fd7778a0c2e4e24 libmagickcore-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 0c92a833a879187909b9ee2ae54427c9c6e10551 libmagickcore-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb c0a21175844b5f73b1ba46825155dee7f568e8de libmagickwand-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb 586c9a50585835a5abb94ada06ef2c06c53830a4 libmagickwand-6.q16-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 3c19889f78bbdc26a5a62b9a180456e23e5c5893 libmagickwand-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb b70693bf4c98f1f705cb1fa8692d0053fe66caf5 libmagickwand-6.q16hdri-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 3cdffba77a7b93786fd3684c209428d4e8e41789 libmagickwand-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_amd64.deb 4fde1441d2136c2d79431fb7da0d18828f32ca24 libmagickwand-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb 76ed97c5f581e28308c6c90aef1ba37a67b8f49d perlmagick_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els3_all.deb b3823c6f9d516edc660fc8f6e6c3bd3560c7c7d2 CLSA-2026:1776179858 TuxCare License Agreement 0 * SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25988.patch: fix vulnerability in MSL coder - CVE-2026-25988 * SECURITY UPDATE: fix path traversal via policy bypass - debian/patches/CVE-2026-25965.patch: fix path traversal via policy bypass - CVE-2026-25965 * SECURITY UPDATE: fix vulnerability in PNG coder - debian/patches/CVE-2026-30883.patch: fix vulnerability in PNG coder - CVE-2026-30883 * SECURITY UPDATE: fix NULL pointer dereference in MSL parser - debian/patches/CVE-2026-23952.patch: fix NULL pointer dereference in MSL parser - CVE-2026-23952 * SECURITY UPDATE: fix vulnerability in sixel coder - debian/patches/CVE-2026-25970.patch: fix vulnerability in sixel coder - CVE-2026-25970 Important Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25988.patch: fix vulnerability in MSL coder - CVE-2026-25988 * SECURITY UPDATE: fix path traversal via policy bypass - debian/patches/CVE-2026-25965.patch: fix path traversal via policy bypass - CVE-2026-25965 * SECURITY UPDATE: fix vulnerability in PNG coder - debian/patches/CVE-2026-30883.patch: fix vulnerability in PNG coder - CVE-2026-30883 * SECURITY UPDATE: fix NULL pointer dereference in MSL parser - debian/patches/CVE-2026-23952.patch: fix NULL pointer dereference in MSL parser - CVE-2026-23952 * SECURITY UPDATE: fix vulnerability in sixel coder - debian/patches/CVE-2026-25970.patch: fix vulnerability in sixel coder - CVE-2026-25970

0 tuxcare-debian10-els imagemagick_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb b2d4de062f13d4cedb680c3dc749929f84ebbfba imagemagick-6-common_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb 0186f235afad0b7104044af969be0ef0b5d37522 imagemagick-6-doc_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb f6e2121dea6f13aaaa7c5c39de1f7bb44ea868b9 imagemagick-6.q16_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 38d4c9e253e4f35f8455a8b3619da5a47d02f9e5 imagemagick-6.q16hdri_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 8806f61d10dc7ae975d0cd54d55eee4c797f79a8 imagemagick-common_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb 6cb97fe996c5a6d9010c6cd0cf29c8770be0c109 imagemagick-doc_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb 13a7f5040418bfc030a9e7ecc598551b3a76b149 libimage-magick-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb e6714d18ac19579436e97fbaa99ae7d90f475ddc libimage-magick-q16-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb cf04f3d47c7bc17320b488ec8cbb9696f075cd1f libimage-magick-q16hdri-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 927eead59a135943fd4114d2267872732da2db75 libmagick++-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb c5a29bd533ca8ca607a76d5f4919925d8e798c8e libmagick++-6.q16-8_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb aa73c7d261792d70c8a4a8e055562c6e2b7b134e libmagick++-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 23e75cbe6d1c20b47e9a3b829e27d83146f5b9de libmagick++-6.q16hdri-8_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 9a3349daac1171cf892c21ba1dc663cbddcc44b0 libmagick++-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 3286b1e0d4798b8cad667bcb3a80731621e5a856 libmagick++-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb e078c5d646930ab4760be91a5bba5d946edf5af9 libmagickcore-6-arch-config_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 3e554c3ecc93e04b6bf0e2428df6c6276c4d01fc libmagickcore-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb 4e85f50c55a46a429b767479db7ea50d29a5b30f libmagickcore-6.q16-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 3548c32efeba6ede5fc623a252b505064e5c50e6 libmagickcore-6.q16-6-extra_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 4cddab54fd7aef79729df8fe4ac827d7dfa783e4 libmagickcore-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 793ca913afd7a5b02bbf77cd82b002962f134930 libmagickcore-6.q16hdri-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 6f4b4d0e86e4550afeabc2651b93b89deea8a10f libmagickcore-6.q16hdri-6-extra_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 4e51cc130c9b6df7e5b77c57642b0313d3f68e42 libmagickcore-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 04e54abbf7035dc45193c900c454d357e1269f72 libmagickcore-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb 764bdd4ee4b92185092758f7128ae26065daa9e3 libmagickwand-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb e74ccfb2d5b97abc3cd2d320d8d8e5eda5d20081 libmagickwand-6.q16-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb f1c96e48eead510ce8ff20ca2237ffb64b5cefe6 libmagickwand-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb b90ef1923bb418e64a127d24945af76f96de8c28 libmagickwand-6.q16hdri-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb 65569d86a33e8f663174c3233969ea8fc954029a libmagickwand-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_amd64.deb e2b1eb7ed7168095db8d501b4e7bbfdf9c3c75fb libmagickwand-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb 9ea70c6352a237bb9a3b93136eaaf96638004391 perlmagick_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els4_all.deb 48144a0ee7d5b97acb9d38953fada41d0db4a141 CLSA-2026:1776180138 TuxCare License Agreement 0 * SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53101.patch: fix vulnerability in image handling - CVE-2025-53101 * SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53014.patch: fix vulnerability in image handling - CVE-2025-53014 * SECURITY UPDATE: fix heap-based buffer overflow in blob handling - debian/patches/CVE-2025-57807.patch: fix heap-based buffer overflow in blob handling - CVE-2025-57807 * SECURITY UPDATE: fix heap-based buffer overflow in XBM coder - debian/patches/CVE-2026-23876.patch: fix heap-based buffer overflow in XBM coder - CVE-2026-23876 * SECURITY UPDATE: fix buffer overflow in SUN coder - debian/patches/CVE-2026-25897.patch: fix buffer overflow in SUN coder - CVE-2026-25897 * SECURITY UPDATE: fix buffer overflow in PCD coder - debian/patches/CVE-2026-26284.patch: fix buffer overflow in PCD coder - CVE-2026-26284 * SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25968.patch: fix vulnerability in MSL coder - CVE-2026-25968 * SECURITY UPDATE: fix buffer overflow in YUV coder - debian/patches/CVE-2026-25986.patch: fix buffer overflow in YUV coder - CVE-2026-25986 * SECURITY UPDATE: fix buffer overflow in MAP coder - debian/patches/CVE-2026-25987.patch: fix buffer overflow in MAP coder - CVE-2026-25987 * SECURITY UPDATE: fix buffer overflow in UIL and XPM coders - debian/patches/CVE-2026-25898.patch: fix buffer overflow in UIL and XPM coders - CVE-2026-25898 * SECURITY UPDATE: fix heap-use-after-free in MSL coder - debian/patches/CVE-2026-25983.patch: fix heap-use-after-free in MSL coder - CVE-2026-25983 * SECURITY UPDATE: fix stack overflow via infinite recursion in MSL, SVG, and draw handling - debian/patches/CVE-2026-25971.patch: fix stack overflow via infinite recursion in MSL, SVG, and draw handling - CVE-2026-25971 Critical Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.

* SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53101.patch: fix vulnerability in image handling - CVE-2025-53101 * SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53014.patch: fix vulnerability in image handling - CVE-2025-53014 * SECURITY UPDATE: fix heap-based buffer overflow in blob handling - debian/patches/CVE-2025-57807.patch: fix heap-based buffer overflow in blob handling - CVE-2025-57807 * SECURITY UPDATE: fix heap-based buffer overflow in XBM coder - debian/patches/CVE-2026-23876.patch: fix heap-based buffer overflow in XBM coder - CVE-2026-23876 * SECURITY UPDATE: fix buffer overflow in SUN coder - debian/patches/CVE-2026-25897.patch: fix buffer overflow in SUN coder - CVE-2026-25897 * SECURITY UPDATE: fix buffer overflow in PCD coder - debian/patches/CVE-2026-26284.patch: fix buffer overflow in PCD coder - CVE-2026-26284 * SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25968.patch: fix vulnerability in MSL coder - CVE-2026-25968 * SECURITY UPDATE: fix buffer overflow in YUV coder - debian/patches/CVE-2026-25986.patch: fix buffer overflow in YUV coder - CVE-2026-25986 * SECURITY UPDATE: fix buffer overflow in MAP coder - debian/patches/CVE-2026-25987.patch: fix buffer overflow in MAP coder - CVE-2026-25987 * SECURITY UPDATE: fix buffer overflow in UIL and XPM coders - debian/patches/CVE-2026-25898.patch: fix buffer overflow in UIL and XPM coders - CVE-2026-25898 * SECURITY UPDATE: fix heap-use-after-free in MSL coder - debian/patches/CVE-2026-25983.patch: fix heap-use-after-free in MSL coder - CVE-2026-25983 * SECURITY UPDATE: fix stack overflow via infinite recursion in MSL, SVG, and draw handling - debian/patches/CVE-2026-25971.patch: fix stack overflow via infinite recursion in MSL, SVG, and draw handling - CVE-2026-25971

0 tuxcare-debian10-els imagemagick_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb f39c6ada77de4a2d4df7fa85ba59c07cdf5ebfe8 imagemagick-6-common_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb 8443c9b971c21be1b020bd19325b9229c05008a2 imagemagick-6-doc_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb 8ccca8f94d9a5567b41d17f0fdde85c1cbf30989 imagemagick-6.q16_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb 946d931692681156d77f3f3d29b59dc7ffbf592f imagemagick-6.q16hdri_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb 1ef6e6070093ac5fde678d2c9057286fa9de045b imagemagick-common_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb 90e1d3cb78e8654d0ce06f83020ce3ca52274336 imagemagick-doc_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb 1d3e890e715e41613271d4d411c7f00f9f628513 libimage-magick-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb b465ac6b26261d3ca0946f3af30130dccd340671 libimage-magick-q16-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb f6c910be6572187160e4a14ac4133e15af828960 libimage-magick-q16hdri-perl_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb a5d5765a9e61648ff2532dd6d56341f08c9ec74a libmagick++-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb 592c3ef948d57b1fcb68b17d5f401882918ee566 libmagick++-6.q16-8_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb 4af44805884c4245d17a89fc5f8ec478ff11413e libmagick++-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb dc810f35747e27e248eefe93ea41172c046176b4 libmagick++-6.q16hdri-8_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb e526b32f6db3b31828da3e61becdeea4fe07f5db libmagick++-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb cc853c9f34385e1cec09324a9a0bb6802690cb8a libmagick++-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb 4f66ff41a5f727dd461331d2eca5d646f5f800b0 libmagickcore-6-arch-config_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb 06c0d6e4e37cc08d8a81b889a1abda533d216f9c libmagickcore-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb 3e9a86680bb7bf374013bf114e8fdfeeceb3b524 libmagickcore-6.q16-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb 7d3b63b7cf1c124a838c836a44c0ff7a6bcc6c09 libmagickcore-6.q16-6-extra_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb f77ba1af663cb5d6880627ee037cab02e39985bc libmagickcore-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb 4e815b833a8afbd74e697844fc9d0a7d934f382b libmagickcore-6.q16hdri-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb e09c3e9539a0bec0d9647ca197f3581fce29e265 libmagickcore-6.q16hdri-6-extra_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb 67e094201d15fc25b655ad42366e3017c56e5274 libmagickcore-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb 63498adac8ef58e037f89634ab3a5e44e39d3dee libmagickcore-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb e70b9f52ee47d939e4c44406abd7367158d18acb libmagickwand-6-headers_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb c6e24cecf43063823681cde6222fe0c505460b1e libmagickwand-6.q16-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb f5b7db21c0ac60644cf67dc178262c84a91792ac libmagickwand-6.q16-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb b691aca167bc87d611c6ef31b063c32301b9742e libmagickwand-6.q16hdri-6_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb a0a8f22a433c6ef488d2b8e3bbcfda4e90158258 libmagickwand-6.q16hdri-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_amd64.deb 1cbcca598adac98430d013c0b9f83f4c2eaad914 libmagickwand-dev_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb ba414c72a665a3a9401aa1eb118add092bb67d55 perlmagick_6.9.10.23+dfsg-2.1+deb10u7+tuxcare.els1_all.deb 0562faa37f3374e849de888c3a73c6a947da2dec